Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Alles rund um Windows (https://www.trojaner-board.de/alles-rund-um-windows/)
-   -   Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse (https://www.trojaner-board.de/166859-keine-verbindung-benachrichtigungsdienst-systemereignisse.html)

BlueAzure 12.05.2015 18:09
Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse
 
Hallo zusammen!

Ich bin gerade umgezogen und habe, nachdem das Internet dann auch wieder ging, endlich meinen PC angeschlossen.
Ich hatte schon seit längerem das Problem, das der Design-Dienst manchmal nicht funktioniert hat und ich ihn neustarten musste.
Nun habe ich aber ohne Grund einen Bluescreen bekommen und der PC scheint, nachdem der Küchenfritze leider ein paar Mal den Strom abgedreht hat, neugestartet zu sein und jedes Mal diesen CHKDSH-Check oder so gemacht zu haben.

Ich habe allerdings keine Ahnung warum das so ist, wo die Logs gespeichert sind und was sie bedeuten. Auf jeden Fall kommt jetzt auch immer die Meldung, dass keine Verbindung zum Benachrichtigungsdienst für Systemereignisse hergestellt werden konnte und Aero wird nicht angezeigt.
Dazu ist der PC viel zu langsam und hängt dauernd. Wenn ich ein PDF Dokument öffnen will, lädt er jetzt nur kurz und nichts passiert. Vorher hat sich sogar der ganze Explorrer dabei aufgehängt. Der PDF-Reader 'erscheint' im Taskmanager geöffnet, lässt sich aber nicht beenden. Der Taskmanager hängt sich auf, weil ich gleichzeitg was in Firefox drücke oder auf Start drücke. Gefühlsmäßig hängt bei jedem zweitem Klick irgendwas.

Ich habe vor dem Umzug nichts neu installiert oder so.
Ich weiß echt nicht, woran es liegen kann und was ich tun kann

Meine Daten:
Windows 7 Ultimate 32bit
Intel (R) Core i3-3220 CPU @ 3,30GHz (4 CPUs)
4096Mb RAM
Nvidia Geforce GT 630

Habe Avast installiert. Die Startzeit-Prüfung hat PUP: NSIS:Crossrider-EJ im AdwCleaner-Quarantäne-Ordner ergeben und das ganze in den Avast-Quarantäne-Ordner verschoben, was allerdings nichts an der Situation verändert hat.

Ich hoffe ihr könnt mir helfen!

cosinus 12.05.2015 18:26
Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

BlueAzure 12.05.2015 20:53
Hi,

danke für die schnelle Antwort! :)
Nein, andere Scans mit Logs/Funden habe ich nicht gemacht.

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-05-2015
Ran by Flavia (administrator) on FLAVIA-PC on 12-05-2015 21:47:42
Running from C:\Users\Flavia\Downloads
Loaded Profiles: Flavia (Available profiles: Flavia)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Portrait Displays, Inc) C:\Program Files\Portrait Displays\forteManager\dthtml.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Akamai Technologies, Inc.) C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe
(Portrait Displays Inc.) C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe799_old.tmp
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [DT LGE] => C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [81920 2007-10-11] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-22] ()
AppInit_DLLs: ´ê6 => ´ê6 File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-03] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-4132011797-2711336362-2655832662-1000] => http=localhost:8118;https=localhost:8118;ftp=localhost:8118;socks=localhost:9050
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM -> DefaultScope value is missing.
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-10] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2011-11-03] ()
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {52836EB0-631A-47B1-94A6-61F9D9112DAE} -  No File
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
Toolbar: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {60F33B36-3E89-48EF-BE77-ACC23A366C2A} https://wstatic.plaync.co.kr/common/UniUpdate/NCLoader.8.cab
DPF: {640044E9-92A3-4B89-A615-1F65354D3A65} hxxp://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-19] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks)
FF Plugin: @qq.com/TXSSO -> C:\Program Files\Common Files\Tencent\TXSSO\1.2.2.37\Bin\npSSOAxCtrlForPTLogin.dll [2013-12-30] (Tencent)
FF Plugin: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll No File
FF Plugin: @real.com/nprjplug;version=1.0.3.732 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll No File
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File
FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll [2009-10-19] ()
FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks)
FF user.js: detected! => C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\user.js [2014-01-16]
FF Plugin ProgramFiles/Appdata: C:\Users\Flavia\AppData\Roaming\mozilla\plugins\npDXStudioPlugin.DLL [2010-01-26] (Worldweaver Ltd.)
FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-images.xml [2014-12-21]
FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-maps.xml [2014-12-21]
FF Extension: WOT - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: Adblock Plus - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-31]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-21]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-25]
FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [{282BBB71-6301-4E39-9F74-00210BB4E0B3}] - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3}
FF Extension: XULRunner - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3} [2011-04-30]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-23]

Chrome:
=======
CHR Profile: C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-24]
CHR Extension: (Google Search) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-24]
CHR Extension: (avast! WebRep) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-03-08]
CHR Extension: (Plus-HD-2.5) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd [2013-11-17]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-02-24]
CHR Extension: (电脑管家上网防护) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2015-02-26]
CHR Extension: (Gmail) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [Not Found]
CHR HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Flavia\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-11]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-03] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-03] (Avast Software)
R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [65536 2007-10-11] () [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-05-11] (Foxit Software Inc.)
R2 hmpalertsvc; C:\Program Files\HitmanPro.Alert\hmpalert.exe [1876816 2014-12-20] (SurfRight B.V.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [116224 2012-02-09] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S3 npggsvc; C:\Windows\system32\GameMon.des [4573608 2013-05-13] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-03] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2012-06-21] (Overwolf Ltd)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 xsherlock; C:\Windows\system32\xsherlock.xem [670816 2012-07-01] (Wellbia.com Co., Ltd.) [File not signed]
S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
S3 apf003; C:\Windows\system32\apf003.sys [13232 2012-03-16] () [File not signed]
S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-01-08] ()
R1 AsrAppCharger; C:\Windows\System32\DRIVERS\AsrAppCharger.sys [15656 2011-05-10] (Windows (R) Win 7 DDK provider)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-03] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-03] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-03] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-03] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-03] ()
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [75640 2014-12-20] ()
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21952 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21952 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [40936 2013-01-19] ()
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [734208 2009-05-25] (Ralink Technology Corp.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [15920 2006-11-16] (Portrait Displays, Inc.)
S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors)
S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3328472 2011-07-28] (Windows (R) Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-06-17] (Duplex Secure Ltd.)
S3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [834832 2015-03-06] (TENCENT)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-07-28] (Scott)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-03] (Avast Software)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [31680 2015-05-12] ()
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S2 adfs; No ImagePath
S3 catchme; \??\C:\Users\Flavia\AppData\Local\Temp\catchme.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S1 QMUdisk; \??\C:\Program Files\腾讯游戏\QQPCMgr\10.6.15950.224\QMUdisk.sys [X]
S3 StarOpen; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 taphss; system32\DRIVERS\taphss.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 TS888; \??\C:\Program Files\腾讯游戏\QQPCMgr\10.6.15950.224\TS888.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-12 21:47 - 2015-05-12 21:48 - 00025597 _____ () C:\Users\Flavia\Downloads\FRST.txt
2015-05-12 21:47 - 2015-05-12 21:47 - 00000000 ____D () C:\FRST
2015-05-12 21:45 - 2015-05-12 21:45 - 01141248 _____ (Farbar) C:\Users\Flavia\Downloads\FRST.exe
2015-05-12 18:47 - 2015-05-12 18:47 - 00002059 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2015-05-12 18:47 - 2015-05-12 18:47 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-05-12 18:46 - 2015-05-12 18:46 - 00000000 ____D () C:\Program Files\Foxit Software
2015-05-12 16:02 - 2015-05-12 16:02 - 00086976 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-05-12 00:47 - 2015-05-12 00:47 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Real
2015-05-11 19:45 - 2015-05-11 19:45 - 00000000 __SHD () C:\found.000
2015-05-11 18:20 - 2015-04-18 11:03 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-05-11 18:20 - 2015-04-18 11:03 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-05-11 18:20 - 2015-04-18 11:03 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-05-11 18:20 - 2015-04-18 11:03 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-05-08 14:49 - 2015-05-08 14:49 - 00108513 _____ () C:\Users\Flavia\Downloads\Swim Suit v2.package
2015-05-08 14:40 - 2015-05-08 14:40 - 00009928 ____N () C:\bootsqm.dat
2015-05-08 14:25 - 2015-05-08 14:25 - 00412306 _____ () C:\Users\Flavia\Downloads\Sims4Krampus_RandomBathingsuits.package
2015-05-08 14:25 - 2015-05-08 14:25 - 00412243 _____ () C:\Users\Flavia\Downloads\1271248.zip
2015-05-08 14:20 - 2015-05-08 14:20 - 11148041 _____ () C:\Users\Flavia\Downloads\1274607.zip
2015-05-08 14:19 - 2015-05-08 14:19 - 00247066 _____ () C:\Users\Flavia\Downloads\1294924.zip
2015-05-08 14:08 - 2015-05-08 14:18 - 00466431 _____ () C:\Users\Flavia\Downloads\Birba32_fy_BulletSwimsuit.package
2015-05-08 14:05 - 2015-05-08 14:07 - 00530134 _____ () C:\Users\Flavia\Downloads\Birba32_fy_AlphaStringSwimsuit.package
2015-05-08 13:51 - 2015-05-08 13:51 - 00559198 _____ () C:\Users\Flavia\Downloads\Leather vest with tube top [CB].package
2015-05-08 13:51 - 2015-05-08 13:51 - 00326145 _____ () C:\Users\Flavia\Downloads\1Z_outfit_fem_sunny_Otshorts_neu3F.package
2015-05-07 21:35 - 2015-05-07 21:35 - 01135032 _____ () C:\Users\Flavia\Downloads\uktrash_SundaySweaterDress.package
2015-05-07 21:35 - 2015-05-07 21:35 - 00143756 _____ () C:\Users\Flavia\Downloads\Wolfcry_LaceJeansShort.package
2015-05-07 21:31 - 2015-05-07 21:31 - 01485427 _____ () C:\Users\Flavia\Downloads\S4_DelicateLace_Mh75.package
2015-05-07 21:30 - 2015-05-07 21:30 - 00638215 _____ () C:\Users\Flavia\Downloads\Simsimay_2DyBlazer.package
2015-05-07 21:29 - 2015-05-07 21:29 - 00460843 _____ () C:\Users\Flavia\Downloads\uktrash_CropTankTop.package
2015-05-07 21:29 - 2015-05-07 21:29 - 00411079 _____ () C:\Users\Flavia\Downloads\1285044.zip
2015-05-07 21:28 - 2015-05-07 21:28 - 00292353 _____ () C:\Users\Flavia\Downloads\simsoertchen_white top sexy - kawaii -.package
2015-05-07 21:27 - 2015-05-07 21:27 - 00252514 _____ () C:\Users\Flavia\Downloads\Printed Crop tops.package
2015-05-07 21:27 - 2015-05-07 21:27 - 00151527 _____ () C:\Users\Flavia\Downloads\longlivetherecklessandthesims_yfTop_SweaterOffShoulder_AWG.package
2015-05-07 21:24 - 2015-05-07 21:24 - 00646329 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_LaceBodycon (1).package
2015-05-07 21:24 - 2015-05-07 21:24 - 00587743 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_Longsleeve.package
2015-05-07 21:23 - 2015-05-07 21:23 - 01913334 _____ () C:\Users\Flavia\Downloads\uktrash_BasicsLongSleeve.package
2015-05-07 21:23 - 2015-05-07 21:23 - 00923513 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Stripe Print Knitted Dress.package
2015-05-07 21:22 - 2015-05-07 21:22 - 00493988 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Tartan Check Crop Top.package
2015-05-07 21:18 - 2015-05-07 21:18 - 02086542 _____ () C:\Users\Flavia\Downloads\Metens_Serenity.package
2015-05-07 21:17 - 2015-05-07 21:17 - 00210168 _____ () C:\Users\Flavia\Downloads\2.package
2015-05-07 21:07 - 2015-05-07 21:07 - 01212670 _____ () C:\Users\Flavia\Downloads\Birba32_fy_winterbootpastel.package
2015-05-07 21:06 - 2015-05-07 21:06 - 00971151 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 eyecolors 09.package
2015-05-07 21:05 - 2015-05-07 21:05 - 01860807 _____ () C:\Users\Flavia\Downloads\SL_yf_ZuhairMurad_Gown1.package
2015-05-07 21:03 - 2015-05-07 21:03 - 00805049 _____ () C:\Users\Flavia\Downloads\BL_Sequin Blazer.package
2015-05-07 11:44 - 2015-05-07 11:44 - 00321678 _____ () C:\Users\Flavia\Downloads\S4FD_MissLicious_Tanks.package
2015-05-07 11:44 - 2015-05-07 11:44 - 00132781 _____ () C:\Users\Flavia\Downloads\Jeans.package
2015-05-07 11:42 - 2015-05-07 11:42 - 00291721 _____ () C:\Users\Flavia\Downloads\top renda dani's.package
2015-05-07 11:41 - 2015-05-07 11:41 - 00169125 _____ () C:\Users\Flavia\Downloads\cutesims4_gtw top india.package
2015-05-07 11:40 - 2015-05-07 11:40 - 01976727 _____ () C:\Users\Flavia\Downloads\1294014.zip
2015-05-07 11:39 - 2015-05-07 11:39 - 01373730 _____ () C:\Users\Flavia\Downloads\Birba32_fy_LaceCipriaDress.package
2015-05-07 11:39 - 2015-05-07 11:39 - 00345945 _____ () C:\Users\Flavia\Downloads\Cleotopia-MiniShortsRippedColorful.package
2015-05-07 11:38 - 2015-05-07 11:38 - 00504146 _____ () C:\Users\Flavia\Downloads\Spring Dress set.package
2015-05-07 11:37 - 2015-05-07 11:37 - 00668569 _____ () C:\Users\Flavia\Downloads\Milk Lace Dress.package
2015-05-07 11:37 - 2015-05-07 11:37 - 00074451 _____ () C:\Users\Flavia\Downloads\cutesims4_romantic_White_Tube.package
2015-05-07 11:36 - 2015-05-07 11:36 - 00500120 _____ () C:\Users\Flavia\Downloads\Aztec Top by Pinkzombiecupcake.package
2015-05-07 11:36 - 2015-05-07 11:36 - 00451796 _____ () C:\Users\Flavia\Downloads\Blusa Renda Branca.package
2015-05-07 11:33 - 2015-05-07 11:33 - 00090648 _____ () C:\Users\Flavia\Downloads\Leeah_yfShoes_CalfCowboy_SuedeChocolate.package
2015-05-07 11:30 - 2015-05-07 11:30 - 00607019 _____ () C:\Users\Flavia\Downloads\Madlen Scafati Boots.package
2015-05-07 11:30 - 2015-05-07 11:30 - 00403762 _____ () C:\Users\Flavia\Downloads\Madlen Cirino Shoes.package
2015-05-07 11:29 - 2015-05-07 11:29 - 00710251 _____ () C:\Users\Flavia\Downloads\Madlen Tiziano Shoes.package
2015-05-07 11:29 - 2015-05-07 11:29 - 00511975 _____ () C:\Users\Flavia\Downloads\Madlen Umbria Shoes.package
2015-05-07 11:28 - 2015-05-07 11:28 - 00387493 _____ () C:\Users\Flavia\Downloads\Madlen Livia Shoes.package
2015-05-07 11:27 - 2015-05-07 11:28 - 00417972 _____ () C:\Users\Flavia\Downloads\Madlen Eris Boots.package
2015-05-07 11:27 - 2015-05-07 11:27 - 00603820 _____ () C:\Users\Flavia\Downloads\Madlen Ambrogio Shoes.package
2015-05-07 11:26 - 2015-05-07 11:26 - 01278415 _____ () C:\Users\Flavia\Downloads\1294236.zip
2015-05-07 11:26 - 2015-05-07 11:26 - 00704730 _____ () C:\Users\Flavia\Downloads\Madlen Nineveh Shoes.package
2015-05-07 11:25 - 2015-05-07 11:25 - 00497960 _____ () C:\Users\Flavia\Downloads\Madlen Novara Sandals.package
2015-05-07 11:22 - 2015-05-07 11:22 - 00287377 _____ () C:\Users\Flavia\Downloads\Toska.zip
2015-05-07 11:22 - 2015-05-07 11:22 - 00134871 _____ () C:\Users\Flavia\Downloads\ZIP UP BOOTS.package
2015-05-07 11:21 - 2015-05-07 11:21 - 00756084 _____ () C:\Users\Flavia\Downloads\Madlen Neroni Sneakers (Male).package
2015-05-07 11:21 - 2015-05-07 11:21 - 00161515 _____ () C:\Users\Flavia\Downloads\Vans  Classic Slip-On Core (male) by Pinzombiecupcake.package
2015-05-07 11:20 - 2015-05-07 11:20 - 00451295 _____ () C:\Users\Flavia\Downloads\Madlen Orlando Shoes (Male).package
2015-05-07 11:20 - 2015-05-07 11:20 - 00187334 _____ () C:\Users\Flavia\Downloads\THL_NikeShoesSB_M.package
2015-05-07 11:18 - 2015-05-07 11:19 - 00095991 _____ () C:\Users\Flavia\Downloads\Jazminerev.zip
2015-05-07 11:18 - 2015-05-07 11:18 - 00101879 _____ () C:\Users\Flavia\Downloads\TugmeL-S4_Daphne-FYA.zip
2015-05-07 11:17 - 2015-05-07 11:17 - 00102633 _____ () C:\Users\Flavia\Downloads\AlyssaDíazPérezbySimFabulous.zip
2015-05-07 11:17 - 2015-05-07 11:17 - 00091261 _____ () C:\Users\Flavia\Downloads\MsBlue_JasminBlue.zip
2015-05-07 11:16 - 2015-05-07 11:16 - 00089561 _____ () C:\Users\Flavia\Downloads\MK_KendallEdwards.zip
2015-05-07 11:15 - 2015-05-07 11:15 - 00095291 _____ () C:\Users\Flavia\Downloads\Bryant Caliente.zip
2015-05-07 11:14 - 2015-05-07 11:15 - 00090187 _____ () C:\Users\Flavia\Downloads\MaseoUehara-Munter_Bacon2.zip
2015-05-07 11:12 - 2015-05-07 11:12 - 04833426 _____ () C:\Users\Flavia\Downloads\1291079.zip
2015-05-07 11:12 - 2015-05-07 11:12 - 00385291 _____ () C:\Users\Flavia\Downloads\MsBlue_LauraSkin.package
2015-05-07 11:10 - 2015-05-07 11:10 - 00448444 _____ () C:\Users\Flavia\Downloads\curbs_hat4_rosa.package
2015-05-07 11:10 - 2015-05-07 11:10 - 00278001 _____ () C:\Users\Flavia\Downloads\altea127 Visor Hat .package
2015-05-07 11:09 - 2015-05-07 11:09 - 00648473 _____ () C:\Users\Flavia\Downloads\[SrslyBrownie] (S4) Sheer Leggings .package
2015-05-07 11:09 - 2015-05-07 11:09 - 00119657 _____ () C:\Users\Flavia\Downloads\Vault101Hat.package
2015-05-07 11:08 - 2015-05-07 11:08 - 00686972 _____ () C:\Users\Flavia\Downloads\Birba32_fy_SideBandLeggings.package
2015-05-07 11:07 - 2015-05-07 11:07 - 00338585 _____ () C:\Users\Flavia\Downloads\cutesims4_replay skinny jeans - set.package
2015-05-07 11:07 - 2015-05-07 11:07 - 00056175 _____ () C:\Users\Flavia\Downloads\PDsims_SpikedBobbySocks.package
2015-05-07 11:06 - 2015-05-07 11:06 - 02335029 _____ () C:\Users\Flavia\Downloads\[SrslySims] (S4) High Waist PVC Leggings.package
2015-05-07 11:06 - 2015-05-07 11:06 - 00156997 _____ () C:\Users\Flavia\Downloads\TS4 Stockings Cat by Irink@a.package
2015-05-07 11:05 - 2015-05-07 11:05 - 01379143 _____ () C:\Users\Flavia\Downloads\altea127 Sonia Tights.package
2015-05-07 11:05 - 2015-05-07 11:05 - 00049164 _____ () C:\Users\Flavia\Downloads\Metens_Seduction.package
2015-05-07 11:03 - 2015-05-07 11:03 - 00395555 _____ () C:\Users\Flavia\Downloads\[Sintiklia]Eyeshadow 7.package
2015-05-07 11:02 - 2015-05-07 11:02 - 00338242 _____ () C:\Users\Flavia\Downloads\Alin22_NecklaceShapes.package
2015-05-07 11:01 - 2015-05-07 11:02 - 00718560 _____ () C:\Users\Flavia\Downloads\LLSIMS_LayeredNecklace_001.package
2015-05-07 11:01 - 2015-05-07 11:01 - 00810278 _____ () C:\Users\Flavia\Downloads\1269610.zip
2015-05-07 11:00 - 2015-05-07 11:00 - 00252918 _____ () C:\Users\Flavia\Downloads\Mallard Close.zip
2015-05-07 11:00 - 2015-05-07 11:00 - 00032549 _____ () C:\Users\Flavia\Downloads\Wood_Style.package
2015-05-07 10:59 - 2015-05-07 10:59 - 00427598 _____ () C:\Users\Flavia\Downloads\1Z_dress_marine_neu2D.package
2015-05-07 10:58 - 2015-05-07 10:58 - 00166194 _____ () C:\Users\Flavia\Downloads\SV Earrings with round jewel.package
2015-05-07 10:58 - 2015-05-07 10:58 - 00079101 _____ () C:\Users\Flavia\Downloads\NataliS_Spring and crystal earings FT-FA.package
2015-05-07 10:57 - 2015-05-07 10:57 - 00144082 _____ () C:\Users\Flavia\Downloads\NataliS_Crystal drop earrings FT-FA.package
2015-05-07 10:56 - 2015-05-07 10:56 - 00054561 _____ () C:\Users\Flavia\Downloads\MYOBI-zest-eyes.package
2015-05-07 10:55 - 2015-05-07 10:55 - 00089604 _____ () C:\Users\Flavia\Downloads\MYOBI-jelly-eyemask.package
2015-05-07 10:54 - 2015-05-07 10:54 - 00041317 _____ () C:\Users\Flavia\Downloads\EnticingSims_Feather Tattoo.package
2015-05-07 10:53 - 2015-05-07 10:53 - 01851664 _____ () C:\Users\Flavia\Downloads\MILK Jasmine Skintone.zip
2015-05-07 10:53 - 2015-05-07 10:53 - 00003782 _____ () C:\Users\Flavia\Downloads\cateye.package
2015-05-07 10:51 - 2015-05-07 10:51 - 04378955 _____ () C:\Users\Flavia\Downloads\MILK Divine.package
2015-05-07 10:51 - 2015-05-07 10:51 - 00269171 _____ () C:\Users\Flavia\Downloads\Love Frekles by Pinkzombiecupcake.package
2015-05-07 10:50 - 2015-05-07 10:50 - 00042966 _____ () C:\Users\Flavia\Downloads\MYOBI-samantha-facedetail.package
2015-05-07 10:49 - 2015-05-07 10:49 - 00265490 _____ () C:\Users\Flavia\Downloads\MorganeParis_For_Natalis_Nails_02.package
2015-05-07 10:49 - 2015-05-07 10:49 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL(1).package
2015-05-07 10:48 - 2015-05-07 10:48 - 00209148 _____ () C:\Users\Flavia\Downloads\PS Lip 01.package
2015-05-07 10:47 - 2015-05-07 10:47 - 00217924 _____ () C:\Users\Flavia\Downloads\Aveira_LipglossN3.package
2015-05-07 09:48 - 2015-05-07 09:48 - 00000000 ____D () C:\ProgramData\Aeria Games
2015-05-06 10:32 - 2015-05-06 10:32 - 00001608 _____ () C:\Users\Flavia\Desktop\Echo of Soul.lnk
2015-05-06 10:17 - 2015-05-06 10:17 - 00001950 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk
2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\Program Files\Aeria Games
2015-05-06 09:46 - 2015-05-06 10:17 - 00000000 ____D () C:\AeriaGames
2015-05-05 13:00 - 2015-05-05 13:00 - 00268383 _____ () C:\Users\Flavia\Downloads\Cenothera Biennis - by Onyxium.zip
2015-05-05 12:59 - 2015-05-05 12:59 - 00164311 _____ () C:\Users\Flavia\Downloads\MYOBI-opulent-lipcolour.package
2015-05-05 12:58 - 2015-05-05 12:58 - 00772625 _____ () C:\Users\Flavia\Downloads\[EVE62]lipstick1.package
2015-05-05 12:58 - 2015-05-05 12:58 - 00042707 _____ () C:\Users\Flavia\Downloads\Doll Lipstick Nr1. by Baarbiie-GiirL .package
2015-05-05 12:57 - 2015-05-05 12:57 - 00203248 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 Lipstick 09.package
2015-05-05 12:57 - 2015-05-05 12:57 - 00062311 _____ () C:\Users\Flavia\Downloads\Autumn dream lipstick by Pinzombiecupcake.package
2015-05-05 12:56 - 2015-05-05 12:56 - 00252650 _____ () C:\Users\Flavia\Downloads\MYOBI-lilt-lipcolour.package
2015-05-05 12:55 - 2015-05-05 12:55 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL.package
2015-05-05 12:54 - 2015-05-05 12:54 - 00003717 _____ () C:\Users\Flavia\Downloads\Doll Eyeliner.package
2015-05-05 12:53 - 2015-05-05 12:53 - 00135801 _____ () C:\Users\Flavia\Downloads\[GrizzlySimr] Sohlein Classy Eyeshadow.package
2015-05-05 12:52 - 2015-05-05 12:52 - 00122500 _____ () C:\Users\Flavia\Downloads\[simbastic] smokey_glitter_eyeshadow.package
2015-05-05 12:52 - 2015-05-05 12:52 - 00043249 _____ () C:\Users\Flavia\Downloads\mormo_eyeshadow1_AF.package
2015-05-05 12:51 - 2015-05-05 12:51 - 01685607 _____ () C:\Users\Flavia\Downloads\MYOBI-fiona-eyeshadow.package
2015-05-05 12:42 - 2015-05-05 12:42 - 00132889 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows16 M .package
2015-05-05 12:41 - 2015-05-05 12:41 - 00192771 _____ () C:\Users\Flavia\Downloads\MYOBI-nemo-brows.package
2015-05-05 12:40 - 2015-05-05 12:40 - 19387267 _____ () C:\Users\Flavia\Downloads\1265549.zip
2015-05-05 12:40 - 2015-05-05 12:40 - 01063041 _____ () C:\Users\Flavia\Downloads\SV Summer floral dress.package
2015-05-05 12:39 - 2015-05-05 12:39 - 00109478 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows12 F.package
2015-05-05 12:38 - 2015-05-05 12:38 - 04103232 _____ () C:\Users\Flavia\Downloads\Realistic beard By Pinkzombiecupcake.package
2015-05-05 12:38 - 2015-05-05 12:38 - 00025198 _____ () C:\Users\Flavia\Downloads\Eyebrow with 8 colours.package
2015-05-05 12:36 - 2015-05-05 12:37 - 07179080 _____ () C:\Users\Flavia\Downloads\beard nr 2.package
2015-05-05 12:35 - 2015-05-05 12:35 - 08296793 _____ () C:\Users\Flavia\Downloads\Cazy_c119-Nicholas_r.package
2015-05-05 11:18 - 2015-05-05 11:18 - 00494281 _____ () C:\Users\Flavia\Downloads\1268783.zip
2015-05-05 11:17 - 2015-05-05 11:17 - 20023938 _____ () C:\Users\Flavia\Downloads\Stealthic Like Lust (Hair).package
2015-05-05 11:17 - 2015-05-05 11:17 - 00468442 _____ () C:\Users\Flavia\Downloads\1266813.zip
2015-05-05 11:16 - 2015-05-05 11:16 - 23228914 _____ () C:\Users\Flavia\Downloads\Stealthic Haunting (Hair).package
2015-05-05 11:15 - 2015-05-05 11:16 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair)(1).package
2015-05-05 11:14 - 2015-05-05 11:14 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229(1).package
2015-05-05 11:10 - 2015-05-05 11:11 - 24898232 _____ () C:\Users\Flavia\Downloads\Stealthic Sleepwalking (Hair).package
2015-05-05 11:10 - 2015-05-05 11:10 - 05337936 _____ () C:\Users\Flavia\Downloads\Skysims-hair257g.package
2015-05-05 11:09 - 2015-05-05 11:09 - 17935799 _____ () C:\Users\Flavia\Downloads\Stealthic Captivated (Hair).package
2015-05-05 11:08 - 2015-05-05 11:08 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229.package
2015-05-05 11:06 - 2015-05-05 11:06 - 21139442 _____ () C:\Users\Flavia\Downloads\Stealthic Runaway (Hair).package
2015-05-05 11:04 - 2015-05-05 11:04 - 04326482 _____ () C:\Users\Flavia\Downloads\Skysims Hair 208-lok sims4.package
2015-05-05 11:03 - 2015-05-05 11:03 - 21509106 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair)(1).package
2015-05-05 11:02 - 2015-05-05 11:02 - 11803982 _____ () C:\Users\Flavia\Downloads\Cazy_c172-Izzy_t-e_type2_re.package
2015-05-05 11:01 - 2015-05-05 11:01 - 00208048 _____ () C:\Users\Flavia\Downloads\Tantars Estate.zip
2015-05-05 11:00 - 2015-05-05 11:00 - 23136216 _____ () C:\Users\Flavia\Downloads\Stealthic Midsummer Night (Hair and Acc).package
2015-05-05 11:00 - 2015-05-05 11:00 - 05331542 _____ () C:\Users\Flavia\Downloads\Skysims-hair149.package
2015-05-05 10:59 - 2015-05-05 10:59 - 08029586 _____ () C:\Users\Flavia\Downloads\Nightcrawler AF Hair Turn It Up.package
2015-05-05 10:57 - 2015-05-05 10:57 - 21011847 _____ () C:\Users\Flavia\Downloads\Stealthic Amber Lights (Hair).package
2015-05-05 10:56 - 2015-05-05 10:56 - 07481536 _____ () C:\Users\Flavia\Downloads\Alesso_Circus.zip
2015-05-05 10:55 - 2015-05-05 10:55 - 06149100 _____ () C:\Users\Flavia\Downloads\Skysims-Hair-113.package
2015-05-05 10:53 - 2015-05-05 10:53 - 31996596 _____ () C:\Users\Flavia\Downloads\Stealthic Daughter (Hair).package
2015-05-05 10:52 - 2015-05-05 10:53 - 21697048 _____ () C:\Users\Flavia\Downloads\Stealthic Sanctuary (Hair).package
2015-05-05 10:51 - 2015-05-05 10:51 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair).package
2015-05-04 17:59 - 2015-05-04 17:59 - 03451698 _____ () C:\Users\Flavia\Downloads\1427212032d4244028654db8b5795c78.zip
2015-05-04 17:57 - 2015-05-04 17:57 - 02772812 _____ () C:\Users\Flavia\Downloads\141571469380eb3fb6e18314cd5679e3.zip
2015-05-04 17:53 - 2015-05-04 17:53 - 21497179 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair).package
2015-05-03 21:04 - 2015-05-03 21:04 - 00000000 ____D () C:\Program Files\Origin Games
2015-05-03 20:50 - 2015-05-03 20:50 - 00000000 ____D () C:\Users\Flavia\Documents\Electronic Arts
2015-05-03 20:48 - 2015-05-03 21:04 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Origin
2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\Program Files\Origin
2015-05-03 20:45 - 2015-05-03 20:45 - 00000905 _____ () C:\Users\Public\Desktop\Origin.lnk
2015-05-03 20:43 - 2015-05-03 20:43 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-03 20:41 - 2015-05-03 20:41 - 00002051 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2015-05-03 20:41 - 2015-05-03 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2015-05-03 20:34 - 2015-05-03 20:34 - 00000000 ____D () C:\Program Files\The Sims 4
2015-05-03 19:57 - 2015-05-03 21:11 - 00000000 ____D () C:\ProgramData\Origin
2015-05-03 19:51 - 2015-05-03 20:45 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-05-03 12:23 - 2015-05-03 12:23 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-03 12:23 - 2015-05-03 12:23 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-28 10:53 - 2015-04-28 10:53 - 00000000 ____D () C:\Users\Flavia\Downloads\[FS]Day04
2015-04-23 15:32 - 2015-04-23 15:32 - 00000000 __SHD () C:\Users\Flavia\AppData\Local\EmieBrowserModeList
2015-04-23 15:05 - 2015-04-23 15:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-22 11:15 - 2015-05-06 10:31 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-04-19 14:10 - 2015-04-19 14:10 - 00000000 ____D () C:\ProgramData\Ahead
2015-04-19 13:58 - 2015-05-12 21:39 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-19 13:58 - 2015-04-19 13:58 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-19 13:58 - 2015-04-19 13:58 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-18 11:04 - 2015-04-18 11:04 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-04-18 11:03 - 2015-04-18 11:03 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-16 10:50 - 2015-04-18 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-15 09:39 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 09:39 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 09:39 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:38 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 09:38 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 09:38 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 09:38 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:38 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 09:38 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 09:38 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 09:38 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 09:38 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 09:38 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 09:38 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 09:38 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 09:38 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 09:38 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 09:38 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 09:38 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 09:38 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 09:38 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 09:38 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 09:38 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:38 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 09:38 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 09:38 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 09:38 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:38 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:38 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 09:38 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 09:38 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 09:38 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 09:38 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 09:38 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:38 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 09:38 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:38 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 09:38 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:38 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 09:38 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 09:38 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 09:38 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 09:38 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 09:38 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 09:38 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 09:38 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:38 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 09:38 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 09:38 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 09:38 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 09:38 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 09:38 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 09:38 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 09:38 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 09:37 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:37 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-12 21:38 - 2014-12-20 14:36 - 00000000 ____D () C:\Windows\CryptoGuard
2015-05-12 19:05 - 2011-07-09 18:33 - 00000000 ____D () C:\Users\Flavia\AppData\Local\PMB Files
2015-05-12 18:48 - 2013-01-31 14:12 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Foxit Software
2015-05-12 18:47 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2015-05-12 16:14 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-12 16:14 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-12 16:09 - 2009-12-28 01:26 - 01729234 _____ () C:\Windows\WindowsUpdate.log
2015-05-12 16:07 - 2009-12-27 16:44 - 00000000 ____D () C:\Users\Flavia
2015-05-12 16:03 - 2011-09-25 14:34 - 00145038 _____ () C:\Windows\setupact.log
2015-05-12 16:02 - 2012-11-09 19:08 - 00031680 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-05-12 16:02 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-12 16:01 - 2010-01-20 16:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-12 16:00 - 2011-09-25 16:31 - 00576054 _____ () C:\Windows\PFRO.log
2015-05-12 00:45 - 2011-09-15 17:48 - 00000000 ____D () C:\Download
2015-05-12 00:43 - 2014-05-27 12:07 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Samsung
2015-05-12 00:43 - 2009-12-27 18:54 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-05-11 20:55 - 2011-09-25 15:14 - 00000000 ____D () C:\Windows\pss
2015-05-11 20:38 - 2012-12-05 21:15 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Spotify
2015-05-11 20:37 - 2012-12-05 21:14 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Spotify
2015-05-11 18:39 - 2013-08-02 10:35 - 00000992 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-11 18:21 - 2015-01-23 17:12 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-05-11 14:18 - 2014-08-14 11:55 - 00651504 _____ () C:\Windows\system32\perfh01F.dat
2015-05-11 14:18 - 2014-08-14 11:55 - 00140826 _____ () C:\Windows\system32\perfc01F.dat
2015-05-11 14:18 - 2011-05-21 00:31 - 00423246 _____ () C:\Windows\system32\perfh012.dat
2015-05-11 14:18 - 2011-05-21 00:31 - 00121210 _____ () C:\Windows\system32\perfc012.dat
2015-05-11 14:18 - 2010-01-20 16:25 - 00411600 _____ () C:\Windows\system32\perfh011.dat
2015-05-11 14:18 - 2010-01-20 16:25 - 00122926 _____ () C:\Windows\system32\perfc011.dat
2015-05-11 14:18 - 2009-12-27 16:41 - 04400078 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-08 14:46 - 2012-11-09 19:40 - 00000000 ____D () C:\Users\Flavia\AppData\Local\CrashDumps
2015-05-06 10:17 - 2015-02-10 18:17 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2015-05-03 20:05 - 2013-03-16 15:21 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Origin
2015-05-03 12:23 - 2014-05-16 17:00 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-03 12:23 - 2014-01-07 17:20 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-03 12:23 - 2013-03-17 18:59 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-03 12:23 - 2013-03-17 18:59 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-03 12:23 - 2012-02-24 15:33 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-03 12:23 - 2011-09-25 16:52 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-03 12:23 - 2011-09-25 16:51 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-03 12:23 - 2011-09-25 16:51 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-30 16:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-26 19:18 - 2012-04-18 19:53 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Audacity
2015-04-26 19:03 - 2012-07-28 11:45 - 00000000 ____D () C:\Users\Flavia\Downloads\eBooks
2015-04-26 18:49 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-04-25 16:03 - 2013-11-01 15:29 - 00000000 ____D () C:\Users\Flavia\Downloads\Dokumente
2015-04-25 09:54 - 2013-01-19 15:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-22 11:15 - 2013-03-15 12:46 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-04-22 11:15 - 2010-08-06 13:49 - 00000000 ____D () C:\Windows\system32\directx
2015-04-19 14:00 - 2015-01-16 12:23 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Adobe
2015-04-19 13:57 - 2009-12-28 16:55 - 00000000 ____D () C:\Program Files\Adobe
2015-04-19 13:56 - 2009-12-28 16:55 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-18 11:03 - 2013-02-21 13:11 - 00000000 ____D () C:\Program Files\Java
2015-04-16 09:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-15 10:44 - 2014-12-10 19:18 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 10:44 - 2014-05-01 19:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-04-15 10:18 - 2013-07-11 10:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 10:10 - 2009-12-27 17:09 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 10:09 - 2009-12-27 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-13 18:07 - 2015-03-09 17:41 - 00000000 ____D () C:\Users\Flavia\Top Body

==================== Files in the root of some directories =======

2014-01-20 15:12 - 2014-01-27 16:12 - 0000085 _____ () C:\Users\Flavia\AppData\Roaming\WB.CFG
2011-04-29 13:55 - 2011-04-29 13:55 - 0009216 _____ () C:\Users\Flavia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-30 19:59 - 2011-07-22 13:50 - 0000000 _____ () C:\Users\Flavia\AppData\Local\Itiqeyabeguyoya.bin
2011-03-30 19:59 - 2011-07-21 10:02 - 0000120 _____ () C:\Users\Flavia\AppData\Local\Kholohiyesupa.dat
2015-04-10 16:47 - 2015-04-10 16:47 - 0005197 _____ () C:\Users\Flavia\AppData\Local\recently-used.xbel
2012-04-25 22:36 - 2012-07-11 23:50 - 0007597 _____ () C:\Users\Flavia\AppData\Local\resmon.resmoncfg
2011-09-25 10:24 - 2011-09-25 10:24 - 0000000 _____ () C:\Users\Flavia\AppData\Local\{07929EE3-DAD7-4105-8DF8-2CE403B4C7E2}
2015-02-27 18:27 - 2015-03-06 13:11 - 0000040 _____ () C:\ProgramData\DT0001.dat
2015-02-25 22:32 - 2015-03-06 13:11 - 0000040 _____ () C:\ProgramData\DT0006.dat
2010-02-22 15:38 - 2010-02-22 15:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Files to move or delete:
====================
C:\ProgramData\DT0001.dat
C:\ProgramData\DT0006.dat


Some content of TEMP:
====================
C:\Users\Flavia\AppData\Local\temp\dxwebsetup.exe
C:\Users\Flavia\AppData\Local\temp\FoxitUpdater.exe
C:\Users\Flavia\AppData\Local\temp\jre-8u45-windows-au.exe
C:\Users\Flavia\AppData\Local\temp\uninst.exe
C:\Users\Flavia\AppData\Local\temp\uninstall_complete.exe
C:\Users\Flavia\AppData\Local\temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-05 10:31

==================== End Of Log ============================
--- --- ---

EDIT: Oh Mist, wer lesen kann ist klar im Vorteil, hab die Exe nicht auf dem Desktop gespeichert. Sorry, soll ichs nochmal machen?

BlueAzure 12.05.2015 20:54
Addition
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-05-2015
Ran by Flavia at 2015-05-12 21:48:47
Running from C:\Users\Flavia\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4132011797-2711336362-2655832662-500 - Administrator - Disabled)
Flavia (S-1-5-21-4132011797-2711336362-2655832662-1000 - Administrator - Enabled) => C:\Users\Flavia
Guest (S-1-5-21-4132011797-2711336362-2655832662-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4132011797-2711336362-2655832662-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version:  - )
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-To-Play (HKLM\...\AION Free-To-Play) (Version: v0.1 - Gameforge 4D)
Akamai NetSession Interface (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Audacity 2.0 (HKLM\...\Audacity_is1) (Version:  - Audacity Team)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4600 (Version: 130.0.425.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{249F13C9-889B-405E-8987-F4E6AA90BD8E}) (Version: 0.9.17 - Kovid Goyal)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4329 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
Digitale Bibliothek 4 (HKLM\...\Digitale Bibliothek 4) (Version:  - )
Dropbox (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Echo of Soul (HKLM\...\Echo of Soul) (Version:  - )
EXPERTool v8.6 (HKLM\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.6.0.0 - Gainward Co. Ltd.)
forteManager (HKLM\...\{1883A84D-94AA-432C-9519-FA31B6B118B9}) (Version: 2.80.002 - Portrait Displays, Inc.)
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.4.96.511 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Free Audio Converter version 5.0.46.820 (HKLM\...\Free Audio Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
Free AVI Video Converter version 5.0.18.1005 (HKLM\...\Free AVI Video Converter_is1) (Version: 5.0.18.1005 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.23.320 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free Studio version 5.1.7 (HKLM\...\Free Studio_is1) (Version:  - DVDVideoSoft Ltd.)
Free Video Dub version 2.0.22.925 (HKLM\...\Free Video Dub_is1) (Version: 2.0.22.925 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.23.320 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.33.1005 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.33.1005 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HD Video Plugin (HKLM\...\HD Video Plugin) (Version: 1.28.153.5 - Plugin)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (HKLM\...\{44C81D1A-0520-49BB-B510-98B8DD414EA1}) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x86 (HKLM\...\{175A0271-B6F3-4AB6-ADAD-DC9D17F4A321}) (Version: 2.0.1083.0 - Intel)
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 3.9.5 (HKLM\...\KLiteCodecPack_is1) (Version: 3.9.5 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
MEDION MD86511 (HKLM\...\{1251B5BC-E285-4078-98C9-ED21F61B552A}) (Version: 1.0.0.0 - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{2F750C77-1FEC-44F9-88CC-2CE322EBD61E}) (Version: 1.1.0324 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version:  - NCsoft)
Netzmanager (HKLM\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Overwolf (HKLM\...\{4150D0B5-D203-419B-9C49-9B615AF11BAF}) (Version: 0.33.199 - Overwolf)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.7.0.0 - Pando Networks Inc.)
Pando Media Booster Packages (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Pando Media Booster Packages) (Version:  - ) <==== ATTENTION
PDF24 Creator 6.9.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PS_AIO_05_C4600_Software_Min (Version: 130.0.425.000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SDFormatter (HKLM\...\{5A347920-4AFC-11D5-9FB0-800649886934}) (Version:  - )
SDK (Version: 1.40.002 - Portrait Displays, Inc.) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TERA (HKLM\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 19.04.02.03.hf3 - Gameforge Productions GmbH)
The Sims 4 Version 1.0 u1 (HKLM\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.0 u1 - EA Games)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
Uniblue RegistryBooster 2010 (HKLM\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version:  - Uniblue Systems Ltd)
Unity Web Player (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VisualBee for Microsoft PowerPoint (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com)
Viva Piñata (HKLM\...\InstallShield_{343EFA17-5BC5-44DA-924F-539ECBEFF68C}) (Version: 1.00.0000 - Microsoft Game Studios)
Viva Pinata (Version: 1.00.0000 - Microsoft Game Studios) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.21 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WOT für Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}\InprocServer32 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll ()
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{F12BE2CC-A901-4203-B4F2-ADCB957D1887}\InprocServer32 -> C:\ProgramData\Windows\wsse.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

03-04-2015 11:18:39 Windows Update
05-04-2015 13:08:17 Windows Update
06-04-2015 10:07:45 Windows Backup
06-04-2015 11:49:08 Removed Adobe Shockwave Player 12.0.
06-04-2015 11:53:36 Removed Adobe Shockwave Player 12.0.
06-04-2015 11:54:30 Removed Skype™ 6.11
10-04-2015 12:19:34 Windows Update
10-04-2015 17:34:27 avast! antivirus system restore point
12-04-2015 19:00:08 Windows Backup
15-04-2015 09:37:53 Windows Update
15-04-2015 10:02:58 Windows Update
16-04-2015 10:49:16 Installed Java 7 Update 75
18-04-2015 11:11:22 Windows Update
19-04-2015 14:08:41 Removed Nero 7 Ultra Edition. Available with Windows Installer version 1.2 and later.
20-04-2015 15:59:31 Windows Backup
23-04-2015 16:17:06 Removed Aeria Ignite
25-04-2015 10:07:27 Windows Update
26-04-2015 19:00:12 Windows Backup
29-04-2015 09:27:46 Windows Update
03-05-2015 12:21:03 avast! antivirus system restore point
03-05-2015 19:00:05 Windows Backup
03-05-2015 20:42:40 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
06-05-2015 08:53:50 Windows Update
11-05-2015 14:22:32 Windows Backup
12-05-2015 00:40:46 Removed Samsung Kies

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2013-11-17 14:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {051D9757-8B82-499C-84F3-DAA24A3DE582} - System32\Tasks\939a6e80 => C:\Users\Flavia\AppData\Local\Temp\\setup43644544.exe <==== ATTENTION
Task: {06C689DC-E76C-4A21-8866-20195A7C7D8A} - System32\Tasks\{75581C9E-7CDE-4760-94A5-B7305B0DBEEB} => C:\Program Files\VOX3DPlaner2\Konfigurator\VOX3DPlaner2.exe
Task: {0EA169F2-3396-4693-8141-E0B0BDEAD2D0} - System32\Tasks\{2BA6D508-0A05-49CB-A72A-BAE924AAA86D} => C:\Program Files\FIFA06\fifa06 demo.exe
Task: {0EDCC5B6-3393-4E15-A50F-DAFD2C9832E3} - System32\Tasks\{1C432A36-43A8-4E97-9064-E347447B9584} => pcalua.exe -a "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall\Magical Diary - Horse Hall.exe" -d "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall"
Task: {10330BF6-A675-4800-A815-653A883EA389} - System32\Tasks\{1A0A79E3-33E7-4B14-AEE7-9402B154A87B} => C:\Program Files\Nexon\MabinogiEU\Mabinogi.exe
Task: {118AB896-6545-4634-8DE0-05F08A6DAF5A} - System32\Tasks\{C0B08E39-FC9D-46D1-A7D0-6BFF81B8BFAA} => J:\Setup.exe
Task: {1266A55D-07A0-4E1E-9850-9BAD8D5A9C13} - System32\Tasks\{E4CB1F65-9BC1-413F-BFE8-1E9629412274} => C:\Program Files\Origin Games\The Sims 3\Game\Bin\Sims3Launcher.exe
Task: {135387F8-A0AF-4292-8994-E2BCC2B0EC1F} - System32\Tasks\{0040F31E-F0C2-4718-BE4B-C574915E4BC9} => pcalua.exe -a J:\setup.exe -d J:\
Task: {144C66C0-FD3E-4C35-9168-C4146F8435E6} - System32\Tasks\9d0be300 => C:\Users\Flavia\AppData\Local\Temp\\setup115842944.exe <==== ATTENTION
Task: {15C3D743-59C8-4FFC-86D8-25C055A63066} - System32\Tasks\{FE3A9151-4B9D-490C-902E-5BA73455C78D} => C:\Program Files\FIFA06\AutoRun.exe
Task: {16E8B459-123F-4050-8F2D-CB02F7AD2A7C} - System32\Tasks\{F74CF72E-9781-4504-8186-2857FBB1D1B9} => pcalua.exe -a C:\Users\Flavia\Vampire1CD1\demo32.exe -d C:\Users\Flavia\Vampire1CD1
Task: {19816D70-8705-49B4-B7E3-A7000B629593} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {224F3630-CB78-4C5B-A202-BB60DE1EE253} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {23E365D6-24D8-4700-BEEF-E67496FF5057} - System32\Tasks\{089899D8-646F-4E09-976A-F2857E4AE461} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe
Task: {25FFB239-81CC-410B-B309-9869E3734E7B} - System32\Tasks\NRYP => Rundll32.exe "C:\Windows\system32\TSChannelx.dll",JVTZJMTO
Task: {272C4B3C-B7FF-4E2C-A7D6-AA2CEB799B99} - System32\Tasks\{EF40B049-C1A4-429A-855E-7E736CD595F8} => C:\Users\Flavia\Pandora_Saga_MY_20090826.exe
Task: {276F4387-DDCA-4F09-B462-E5FFED32E870} - System32\Tasks\2e912b80 => C:\Users\Flavia\AppData\Local\Temp\\setup536466048.exe <==== ATTENTION
Task: {27CA32BA-775A-4923-AD8D-F4C8A99E8490} - System32\Tasks\{99960E19-E1E3-4BC0-A7A4-A1F66A43DCFE} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe
Task: {2B3DCFB4-2927-42C4-9870-9EF1FCEB80D2} - System32\Tasks\{23A04515-4009-43ED-8264-0AC9F9844B64} => J:\Setup.exe
Task: {3041F3B3-D300-4F4D-8F4C-DD67AADE7B20} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-03] (Avast Software s.r.o.)
Task: {34A8B566-44A8-456C-8A5C-0AEE57E4D0DD} - System32\Tasks\{E986319D-82CB-45ED-B545-2CD8B296A658} => J:\SETUP.EXE
Task: {35CD2091-3830-43C5-AC08-BAFE84CA8F48} - System32\Tasks\{4B341BDB-DA54-42E7-A1FB-C9CDE0C95496} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe
Task: {39A33003-0331-4A81-A608-D2F23205261C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3D3BB7C7-E5BB-4C86-A2A5-30199569C9CC} - System32\Tasks\{A62C7B66-2F13-417E-A060-23782DDEAF20} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe
Task: {44912348-372A-4DD4-8CB6-6DAC2C4AC1D8} - System32\Tasks\{25267E23-2FF8-4F82-B0AD-2BBE296B0A62} => J:\Setup.exe
Task: {449B9DA7-0B3E-4E1C-8C9D-C6BF9FDF9C89} - System32\Tasks\{5D295678-F417-44D3-9555-C19215CB7C78} => pcalua.exe -a E:\setup.exe -d E:\
Task: {4A4B1380-D7DF-43FA-84D8-5ACA740F4295} - System32\Tasks\{D7160B9E-A401-4BA6-9910-7D3B17F6B085} => C:\Nexon\MabinogiEU\Mabinogi.exe
Task: {4CC5B90C-C451-4CEE-A99D-6419EA202BDD} - System32\Tasks\{3BE569F6-B383-40A1-B2D8-372F5AE2AE37} => C:\Program Files\2K Games\Mafia II\pc\mafia2.exe
Task: {4E565704-159F-4924-B782-8174373FFBC5} - System32\Tasks\750dc200 => C:\Users\Flavia\AppData\Local\Temp\\setup1380827392.exe <==== ATTENTION
Task: {54A5AF44-E789-4BC6-999B-974485D891D7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {54EBCF67-64E5-4ECB-8F5D-5D184E5BB5A1} - System32\Tasks\{2B245C46-ECB2-41C9-9976-CD44CDD321B8} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe
Task: {5C2B861B-1BE5-46E0-9233-649BC50825CB} - System32\Tasks\{C57C0966-A03B-4532-87DD-BCC169B78F59} => C:\Nexon\MabinogiEU\Mabinogi.exe
Task: {64A6AAA7-589E-4B22-B2FF-BE327C2DB015} - System32\Tasks\{9B1B0303-3793-4D0B-81B1-059D5D27551B} => E:\StartCD.exe
Task: {69EBAFD0-8E9D-4507-81C1-914140DD02B7} - System32\Tasks\{7456ADC2-5627-4CD7-81E0-915ACE8069C7} => C:\Program Files\Viva Media\Alter Ego\AlterEgo.exe
Task: {6F8F9112-A4E8-408B-802D-BD5499168F95} - System32\Tasks\{2D7C4757-CBC2-4149-901B-33F4AE95A112} => pcalua.exe -a "C:\Program Files\Vektoris3D25Plus\uninstall.exe"
Task: {711D8645-65A8-4CE5-A3E0-00B3036124CE} - System32\Tasks\fb41c00 => C:\Users\Flavia\AppData\Local\Temp\\setup828756736.exe <==== ATTENTION
Task: {714A1540-2A02-4584-9649-0258C90D64F7} - System32\Tasks\39080f80 => C:\Users\Flavia\AppData\Local\Temp\\setup3143229824.exe <==== ATTENTION
Task: {7425C34A-8E3A-442C-A109-97D19E95760E} - System32\Tasks\{47941BC1-6CC9-42B4-82D9-05A8B357B1FE} => J:\Setup.exe
Task: {75885767-6A67-4842-B477-2CCE374BD762} - System32\Tasks\f4e4a200 => C:\Users\Flavia\AppData\Local\Temp\\setup1919017344.exe <==== ATTENTION
Task: {772E9FA9-B5F1-4CF3-BF28-524E23A07787} - System32\Tasks\{6105EF99-5F22-4B53-A3E1-3FAEF66E868A} => C:\Nexon\MabinogiEU\Mabinogi.exe
Task: {7858E897-E286-44C6-81C1-5E3F359738AB} - System32\Tasks\5eb6d380 => C:\Users\Flavia\AppData\Local\Temp\\setup127876736.exe <==== ATTENTION
Task: {78A23ACE-C365-4389-9782-41C31F76D202} - System32\Tasks\{61557E34-772C-4E2F-BB3E-FE138B65AFD2} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe
Task: {81DC7CF1-D24D-42B2-9105-916784164C94} - System32\Tasks\{EAC62CFA-EA8B-42D0-A599-13AC7CA93F90} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe
Task: {84EA453B-234E-488D-B778-7FF247893378} - System32\Tasks\{49D40749-5F5F-482A-8312-83B9076882C1} => C:\Program Files\Runes of Magic\Runes of Magic.exe
Task: {85A67C56-CEAB-429E-8E4C-7BD04C02DE46} - System32\Tasks\{B477751F-7EC4-47E6-BEFF-AD589581480F} => C:\Program Files\Electronic Arts\Die Sims 3\Game\Bin\TS3.exe
Task: {86996018-097E-4AF9-9D91-76D8029146DB} - System32\Tasks\{94C70D2F-3BFB-44BE-86FD-D65818B82648} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe
Task: {86C28AB1-5C52-46E1-935C-7B74A647D69F} - System32\Tasks\{29709F28-06CA-4E3E-9DC1-1CABD4A8227C} => J:\Setup.exe
Task: {86FB483D-2035-4838-81C7-CEF7B37B4610} - System32\Tasks\{1673BF47-0F92-4B1D-B87E-4EBB27586308} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {8B0E773E-3CCB-4481-AB1B-004E9DCCC22D} - System32\Tasks\a3509c80 => C:\Users\Flavia\AppData\Local\Temp\\setup3791351296.exe <==== ATTENTION
Task: {8B2FBBE3-7C1E-4223-B2FB-9BB9E94C4EED} - System32\Tasks\{46A3F437-83A6-4E51-A907-76A3DA579DED} => C:\Program Files\The Adventure Company\Evany Schlüssel zur Freiheit\Evany.exe
Task: {8BC2271C-234F-4E3C-BFCB-DDCA2B6962BA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8F453FA1-759E-456E-ABB4-CD3E9886462E} - System32\Tasks\{11118169-3789-4C4D-BCAE-8832D80F70FE} => pcalua.exe -a C:\Users\Flavia\Downloads\NetmarbleDBOSetup.exe -d C:\Users\Flavia\Desktop
Task: {91A325AA-8FAB-4A48-9A22-BE79FC121B65} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4132011797-2711336362-2655832662-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {94734BFA-359F-4601-B879-1D63B8A98D08} - System32\Tasks\{42F5F183-C47D-4FC1-80A8-6839E5BA9D93} => pcalua.exe -a J:\Setup.exe -d J:\
Task: {947BCACF-EFEE-4890-9FF5-477553FA0B3B} - System32\Tasks\{601445B5-0494-4034-8562-EC2AD924F5CB} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {967AB9D1-D3BB-45D2-81F0-D5802AB2DFA0} - System32\Tasks\{F250B786-AD66-4FE5-8D5E-7E395764F3B9} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{343EFA17-5BC5-44DA-924F-539ECBEFF68C}\setup.exe" -c -runfromtemp -l0x0407 -removeonly
Task: {96F01EEC-EC2F-4CED-9D40-306115A4C961} - System32\Tasks\{170FF8E8-C96D-40CF-8FCB-7DB4E8976221} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe
Task: {9781BC6D-4495-453E-94FB-262BC14AB1C3} - System32\Tasks\{CF01B6F4-BECB-4298-9FFC-D696BF961AFD} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe
Task: {A014E8EE-56A1-4E84-89C4-09283331A317} - System32\Tasks\{260B4302-4B67-4CA9-B0EC-D07F489E91A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.111/de/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {A6A38923-60C1-4348-AC8F-2908E613B86F} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {ADD8A39D-0D85-4A88-AD46-93E20B277877} - System32\Tasks\{CEB044B5-B67C-4C0F-8D31-E23A9B55BE93} => J:\startup.exe
Task: {B2E8EE57-0899-41A0-AEEA-6E9C81636382} - System32\Tasks\{DD66FA04-B610-4FB0-A6EB-CAF7ADD2926A} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe
Task: {BA219B21-6C51-44A8-9D19-F17E49E1AD43} - System32\Tasks\{FCCF13A5-3AA1-4B1E-83D8-11D706C12D1A} => pcalua.exe -a C:\Users\Flavia\Pandora_Saga_MY_20090826.exe -d C:\Users\Flavia
Task: {BB2A62CA-F06B-49CF-9C75-491D2F4B11CE} - System32\Tasks\{2A771DDE-9262-4EB0-8398-C970CEADF012} => C:\Program Files\Changyou\Zentia\patcher.exe
Task: {BE950A6D-81CB-4DFB-8049-1D76504A23FF} - System32\Tasks\{6586BE00-2E28-44BD-8F0C-A361B71BBD78} => C:\Program Files\Electronic Arts\Harry Potter und der Orden des Phönix\hp.exe
Task: {C01212D2-464F-4D6E-93A6-A9C29CFE2D3F} - System32\Tasks\{162A6AD8-106B-4C19-A4B1-281D64BEEC22} => J:\startup.exe
Task: {C1DE965C-3A58-4214-A83B-CC053BB338A7} - System32\Tasks\{1C77C66B-9114-46D3-B57D-091E235E12C7} => C:\Program Files\EA SPORTS\FIFA 06 Demo\fifa06 demo.exe
Task: {C63A36E3-FC0C-41F7-8401-31E28E135348} - System32\Tasks\72b7df00 => C:\Users\Flavia\AppData\Local\Temp\\setup2246522240.exe <==== ATTENTION
Task: {C7430DF4-E05F-4463-A94B-588BCEE90AC1} - System32\Tasks\84919c00 => C:\Users\Flavia\AppData\Local\Temp\\setup115568128.exe <==== ATTENTION
Task: {C8B95971-0615-4A22-930F-497F1F05C036} - System32\Tasks\{3B337EAA-C525-4D86-98A4-8F4636C9D23A} => C:\Microids\Die Rückkehr zur Geheimnisvollen Insel 2\RTMI2.exe
Task: {CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871} - System32\Tasks\ac67a900 => C:\Users\Flavia\AppData\Local\Temp\\setup2323362176.exe <==== ATTENTION
Task: {CB02E8DD-A292-401A-A47E-8DBA30321AE1} - System32\Tasks\895e7e00 => C:\Users\Flavia\AppData\Local\Temp\\setup196104192.exe <==== ATTENTION
Task: {CB413622-74BC-44E6-985C-5F4F1941433E} - System32\Tasks\{C0F69074-C3C9-43C0-9E62-0883EDB9AD52} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe
Task: {D042EFA4-DB30-481A-B3FC-A5462C3FB398} - System32\Tasks\37afaf80 => C:\Users\Flavia\AppData\Local\Temp\\setup445119232.exe <==== ATTENTION
Task: {D367179D-51C7-4CBF-A496-5C26C25D18C2} - System32\Tasks\{59FC5536-60F1-4046-AE30-521FD21DD8C3} => pcalua.exe -a "C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe" -c RealNetworks|RealPlayer|12.0
Task: {D38E282A-7EF8-4878-A84E-332D25456102} - System32\Tasks\c3793e00 => C:\Users\Flavia\AppData\Local\Temp\\setup522615808.exe <==== ATTENTION
Task: {D83A6590-8B91-4CBB-9154-DF65E0FD162A} - System32\Tasks\{FAFB8A66-A5E8-46D8-AB10-41519A7DD50D} => C:\Program Files\Ubisoft\Abenteuer auf dem Reiterhof 3 - Das Erbe der Gräfin\Reiterhof3.exe
Task: {D91162AA-8064-40C7-9887-1CDA75FF058D} - System32\Tasks\{98341868-9868-4F93-B186-B2EF031C9524} => C:\Program Files\FIFA06\fifa06 demo.exe
Task: {DDF5E073-5C25-4E88-A462-FFBEA129B65F} - System32\Tasks\66f0bd80 => C:\Users\Flavia\AppData\Local\Temp\\setup1887453440.exe <==== ATTENTION
Task: {E1422BD5-0558-4973-9380-2CD169B649A7} - System32\Tasks\{1C483E90-D6C1-4EF8-9BC2-3D2B1B56CCDA} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe
Task: {E2FE5906-3FC0-4CF0-B775-2CF244262600} - System32\Tasks\{C0A21489-2C59-4A15-9D9B-88AA56172945} => C:\Program Files\Skype\Phone\Skype.exe
Task: {E67AC7EA-AAD3-4B74-AE04-B1D18FD743C9} - System32\Tasks\{71B95856-969C-4D1F-A7C7-328F667F7495} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {EA31D609-5550-48F9-9C87-E33A3C459E48} - System32\Tasks\{A1243B8A-A37E-4891-A587-9E295C39B9DC} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {EC4889F0-C3FE-442C-90B7-CE166DB1358C} - System32\Tasks\{6590403D-AF4A-46AF-860B-8EC7EC9D1883} => pcalua.exe -a C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe -c REMOVE=TRUE MODIFY=FALSE
Task: {EC8EA56F-8B14-4D04-A6A1-C8F8FDCB49CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated)
Task: {FA25C835-088B-4B7A-BE70-7E0F6379F28F} - System32\Tasks\{D7D0F476-5A34-473B-92ED-3F56D37F1B8F} => J:\autorun.exe
Task: {FFA49ECB-8D5F-40CA-BB5F-DBEDA81B3D0F} - System32\Tasks\{0547096A-63B8-43D5-8A62-443D81F62B43} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2015-05-03 12:23 - 2015-05-03 12:23 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-03 12:23 - 2015-05-03 12:23 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-12 00:31 - 2015-05-12 00:31 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15051101\algo.dll
2015-05-12 16:05 - 2015-05-12 16:05 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051200\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-12-27 18:54 - 2007-10-11 17:17 - 00065536 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00116224 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00041984 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 17:26 - 2012-02-09 17:26 - 00032768 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2014-10-19 09:06 - 2014-10-19 09:06 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2012-11-09 19:04 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-02-22 12:43 - 2015-02-05 20:27 - 00108864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2009-12-27 18:54 - 2007-10-11 17:17 - 00167936 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\dthook.dll
2009-12-27 18:54 - 2007-10-11 17:16 - 00102400 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2009-12-27 18:54 - 2007-10-11 17:17 - 00077824 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll
2009-12-27 18:55 - 2007-10-04 14:36 - 00065536 _____ () C:\Program Files\Common Files\Portrait Displays\drivers\vista.dll
2015-03-19 13:54 - 2015-03-19 13:54 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7571 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files\CyberLink\YouCam\YouCam.exe" /s

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{E926E57D-011D-4F63-BCC5-FFCFDC28D091}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{CE504808-152F-4073-8BB9-0F8E7C4D30C6}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{AB3FBA72-52C3-4476-9A38-230DBE05659B}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [TCP Query User{B4BE9938-7F72-4A8F-8AFC-59A3E97A8C90}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{CD206E8E-4251-4D41-BBCA-7E1530E9FAA9}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{AF14EA5F-61F8-4FE4-9FE6-C4730BE4F7B6}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FC1627D8-D25B-45AB-A418-F1486F792E83}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{59302FB5-A1E9-480C-8BF4-45AB55DB672B}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{38D62175-A6FB-480E-952F-9FD4FD6D491C}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{BC2A5E90-0AC7-48E6-B570-308A64B0DED9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BEACD746-1789-42A8-B76D-5F42C7882396}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4A26D664-9010-40ED-9DA9-C1EB4EB0038D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D19F2778-75FE-4E14-910A-F664C3ECFF05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{81FB1BFC-6861-4487-9FB6-68FBE4AE9EBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3F3C3C45-80F2-474F-BDB2-256ED4411935}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5D697DC0-C1F0-4F6E-BEC5-E90BAB98E186}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{9EA5A4A1-58A0-45FD-809E-E9A61B40B282}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [{AEFF8D32-76DE-4551-9CA2-45AF568C3EDE}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{6325CFDC-F297-471C-B1F4-54ABC44758FA}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{111361FE-47F8-40CC-88C3-94E4EE48A3CC}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{CD642251-541E-443A-A680-09D382B26332}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{431373F4-9F84-47F1-B308-1ABD4215F20B}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{C18CA305-4CDD-4294-AB64-FEB4D343931C}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{E9868860-8969-4BB3-AAC8-CA0E63B49582}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [TCP Query User{7A64FEF9-033E-4D2E-A005-0CB94B57CFCF}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E9429E86-D119-4158-85AA-2E2A92FFFEA5}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [{C343E5C6-5573-4111-A23F-687E4BFFC92E}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{3285F562-0BFE-47FF-A259-B998E92CF967}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{34D4736F-C193-400D-96FB-C7E94A79A4F2}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe
FirewallRules: [{919CACC1-1EC1-4459-A39D-8F5424015410}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe
FirewallRules: [TCP Query User{02286B40-50D8-44F7-AB96-81E2E97DCD2A}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe
FirewallRules: [UDP Query User{C3A1ED8C-2CD6-40CF-9D7C-93BF0F8C7495}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe
FirewallRules: [TCP Query User{CE27873A-A8D6-489F-B3B7-02849328CD1B}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe
FirewallRules: [UDP Query User{982F5FD8-ADAE-47DC-965B-23FA3695281F}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe
FirewallRules: [TCP Query User{54C7BBEF-C9C4-4B4F-9808-BB1671AC0790}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{DB9CB2CE-9614-4406-B0B4-EB16A5F6F704}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{9B782A49-3613-4A13-B2EC-70AD25A67187}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{8884CA3A-5AC0-4A2C-9F8A-C6B32A2BAB4A}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [{744CA3E2-230F-4452-9700-88113294B2EF}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe
FirewallRules: [{AEB0600D-5966-4DCF-BEC1-A5BE5238AB95}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe
FirewallRules: [TCP Query User{A4757E28-FE18-4884-979F-8C3F6D760841}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe
FirewallRules: [UDP Query User{C36B91E8-7D9D-4596-9E56-65D99E0ED0E3}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe
FirewallRules: [{4AD73C9B-F847-4C03-B5A3-7EE21FFE91BB}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe
FirewallRules: [{3AF77807-C7FF-4EB8-88E7-ECE5146931A8}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe
FirewallRules: [{046170AF-457C-4A2B-B1AE-D8B702AAD290}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe
FirewallRules: [{41CA41D1-E0C9-4917-A3EF-473DD374F9E0}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe
FirewallRules: [{D093AD71-9AF5-45AB-87C5-477A9CF8B594}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe
FirewallRules: [{B14768B3-AC64-4986-A76F-3BBB378D9130}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe
FirewallRules: [TCP Query User{B08B02A2-BE4B-427E-80D0-6CDB1EA3EAD6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [UDP Query User{F90E1670-79F8-4D12-83D9-8A8CC2CCBF5F}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [{5DA0E919-6DB9-4E31-A26D-4C0CD0E40402}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{FA86693F-21CC-4B76-8413-0083D1888F32}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{143D9615-3757-4244-8DA3-83C3DCF53DAD}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe
FirewallRules: [{7AEECADC-8AD9-497B-B5D2-C40983D85B5C}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe
FirewallRules: [TCP Query User{2F7AB098-6778-447C-8919-B37CBD0F75EC}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [UDP Query User{6AA73BC2-CEFC-4975-9B3E-43A37004DE2B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [TCP Query User{84FC3551-BC28-4714-80D4-F863A31A6D38}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe
FirewallRules: [UDP Query User{1E9CDD4F-191A-4823-A463-BB2EC36510E0}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe
FirewallRules: [TCP Query User{1D234196-5AF3-4F68-A2A7-DE37EDD3A0F0}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe
FirewallRules: [UDP Query User{17D5432E-962A-498C-BE67-F2C886F771F8}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe
FirewallRules: [TCP Query User{0981AD7C-0896-4656-A233-345BB7729BB8}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe
FirewallRules: [UDP Query User{70994A97-7B1C-4602-A6A3-2F21241F43CE}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe
FirewallRules: [{D10FF877-1B1E-43CD-9184-2D513B10DACC}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{E0E7CE75-D7B3-4AD2-88B1-D74C712FD192}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{70FD046F-3941-4940-9A17-139AEA801C03}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
FirewallRules: [{8B10610D-077F-4B30-A3DE-964D291220FE}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
FirewallRules: [{28B5638F-F97B-4F6C-AA78-91AB0FD55B17}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DF53A54A-E20F-434A-8401-1F019BC5E9E6}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E85FBBD0-A683-427B-80B1-877FBE19D3DD}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{0B685BCF-B227-4354-BFA9-ACD720ABEBAE}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{8F28D682-FA91-4E20-A799-77A8036FA32D}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{457729AF-2B40-4364-8816-17459E5123DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{533CE4C0-41E3-4AEC-B81E-CBE9D41ADCF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FD04AF46-1FA2-44BC-B930-2AB0450C2562}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3ED7FBAB-6DE3-4637-A750-313E9C679262}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0CC87D7F-CCAA-46EC-8482-D8749468E1F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{36BBA65E-86A3-4A86-9EE9-AC24A313FFF8}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{D0BBB486-E9E9-4FA3-A544-A3E50A1B35D1}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [TCP Query User{1E47A4E1-112A-409D-A98A-D54B12DF1F09}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe
FirewallRules: [UDP Query User{FAD99B3B-107E-415E-A683-134EB320AF42}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe
FirewallRules: [{F825764F-4D73-46DA-B8D8-302A3ECA7E5E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{750FD75E-9811-4432-8D8A-35118F1C5A2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A91CF122-54EE-4FC1-80D1-15127DCDF37A}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe
FirewallRules: [{984E644F-E2E5-415E-B36B-CA92E9B144EE}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe
FirewallRules: [{3415B431-3193-4DD8-9B2C-14384A5F2572}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe
FirewallRules: [{E9642D98-3A70-4862-A144-E5196B4D58E6}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe
FirewallRules: [TCP Query User{00D7FE05-581C-4AB8-AF5E-849DCD1A3F14}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe
FirewallRules: [UDP Query User{BBAD1188-58DB-4EB5-9E1F-D8BE3B9A85AE}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe
FirewallRules: [{4E66913D-358A-403D-A9E8-9B7989A43C39}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe
FirewallRules: [{35804F06-7B2E-435C-B4B8-B6A6EA3D475F}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe
FirewallRules: [TCP Query User{8FD8D9FF-BB5E-40CF-BF24-20C38C313BE3}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe
FirewallRules: [UDP Query User{F6AF6EB6-2BEF-4BF3-9BA0-B87BDA5DFC98}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe
FirewallRules: [{ED5DD1D2-BC2A-489F-976A-50A3EFAC211E}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCmgrInstallGuide.exe
FirewallRules: [{C9BEB083-89A0-4D6A-88A4-26631F103F77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCTray.exe
FirewallRules: [{B1618BF2-1752-4507-9407-C7C4EF22B532}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCMgr.exe
FirewallRules: [{C86646EE-C466-40E2-A2C5-A9F137D75316}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCRTP.exe
FirewallRules: [{71BA372D-5459-412B-A05A-57F83DE50ED0}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\bugreport.exe
FirewallRules: [{BF2D6A2C-DEF3-42C2-AF33-F8DA7ADEC9E1}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCFileOpen.exe
FirewallRules: [{1A8C7C91-64F2-4B76-A8AC-B5CFAB265113}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLeakScan.exe
FirewallRules: [{5F284AB1-6534-439F-B403-8655FA842427}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLoader.exe
FirewallRules: [{2B22D286-39D7-4147-B1D1-BE5F49D8BCA5}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPConfig.exe
FirewallRules: [{3361BE24-27CF-4A1E-8625-1EDB10CC9638}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftMgr.exe
FirewallRules: [{DFD5C668-7F74-41BA-890A-B1ACCA77A73A}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{97F3E152-8725-4AAE-A1A0-A68DF4B009CB}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QDeskSetup.exe
FirewallRules: [{B226C09D-A1DA-46F8-9870-6623B06991A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCBTU.exe
FirewallRules: [{B4CE7C15-4C54-4829-AEF9-C81E3C021302}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCClinic.exe
FirewallRules: [{66AE12AB-39D6-4533-8EAF-FF5D9117D2F8}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLaunch.exe
FirewallRules: [{31BF9B38-8D0B-4391-9804-173F2F4A9229}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{1D012E8E-D8A7-4EA0-ADA3-2818072909A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftGame.exe
FirewallRules: [{EE4F1111-C79A-47DB-ACED-3314CB673F3D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSysOptimize.exe
FirewallRules: [{E6D8510A-3007-49C6-8F1E-2DC45CCDC318}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCUpdateAVLib.exe
FirewallRules: [{11ECB399-C5AF-4833-874E-78A5909206DC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQRepair.exe
FirewallRules: [{C0DBA3BE-781C-4DFC-8E4C-B187744F1ECC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\Uninst.exe
FirewallRules: [{596392A1-F67C-40A7-8BC5-C9A561B74B77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCPatch.exe
FirewallRules: [{1793F45A-E6F6-415C-9216-552366F0E340}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\TpkUpdate.exe
FirewallRules: [{F46F5CC2-5876-4DDB-8200-07592298470D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe
FirewallRules: [{8AEC1FB7-EBBE-4FD7-AF98-44B61A663E39}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe
FirewallRules: [{716E9B56-29A2-4502-B181-D0197CDB1DBC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMAccountProtection.exe
FirewallRules: [{255D8D5D-5762-43C1-9F87-7847136588ED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe
FirewallRules: [{A1CA16EF-E171-445A-9C46-03B26F13A7BE}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe
FirewallRules: [{E7DE9980-8860-490A-A6E6-62DA62D95F78}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe
FirewallRules: [{22FC9814-7E39-44A6-859E-34B43C819DED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe
FirewallRules: [{EF5A7E47-C67A-4B1C-B214-8FB83A1AE6E7}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{56E2A954-8AC1-4B44-9F08-DCC13E871A8B}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{7139256C-55B0-4436-977F-5BE69DD9BDE0}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe
FirewallRules: [{754D4617-8B07-4055-8E8A-9A703A05DDCE}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe
FirewallRules: [{7A0B75BD-6FBA-41E4-B6EB-1A6DA9C446FA}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe
FirewallRules: [{14F7DABA-F1DC-43AC-8A89-EC0586904AE2}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe
FirewallRules: [{073F08B8-6C27-4356-8341-97B2FFC84719}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe
FirewallRules: [{40C6E482-05FC-4C60-AC8A-96F5994347A4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe
FirewallRules: [{5C6DB019-088A-42A8-948D-DF170B6A09FB}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe
FirewallRules: [{41983DCE-17F7-4B9A-BEEF-2CE05401D8C4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe
FirewallRules: [{A7A13C01-D0B0-4ABF-B739-6EC79DFE9F70}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe
FirewallRules: [{7F625C70-A8C4-41D5-BB2B-BF5EF66E33A3}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe
FirewallRules: [TCP Query User{5A15A186-C8EC-4619-BD41-23637DBB5992}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe
FirewallRules: [UDP Query User{4F8F780E-04CD-4C33-8C0F-B8201574E6CF}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe
FirewallRules: [TCP Query User{3A501415-8406-445B-892F-80CF2318BA87}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{F7A04728-96EA-4C29-8174-DF89EAC35E16}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{3D061B38-D7EF-4C10-AA3F-6A58BC1CB4FB}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{F8A8F2D8-E493-4F33-B0B4-5D74E679ED2F}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{C21AAC83-B6E7-4EEA-BDA9-4C8D799DCE3B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{10E9319E-3857-4A0F-9641-912832051A0B}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{A425D2F1-49E5-44BC-8601-CA41AEBA56F3}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{E2F00FF9-7B3D-4FB9-ACE7-07748AE29E46}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{A16F3853-1087-46F5-9DB6-2A553BF193A4}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{1A36DB5C-A112-4BF4-894B-16589671AC88}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{7BB8CD60-887F-4B67-B0F2-6B6515BEF76C}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{3E78078E-6ABE-4910-88E2-ED5676E41D97}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{491770F3-B6F1-43C1-9BC9-A454FC5B64D0}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{3566D56A-628D-456F-8823-EF3B2F358837}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{B4967FE5-063F-47C7-9DD2-DF5894E51C8E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe] => Enabled:NEXON_EU_Downloader_Engine.exe

==================== Faulty Device Manager Devices =============

Name: adfs
Description: adfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adfs
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: USB Device(VID_1f3a_PID_efe8)
Description: USB Device(VID_1f3a_PID_efe8)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: USB Devices
Service: usbUDisc
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: tencent QMUdisk
Description: tencent QMUdisk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: QMUdisk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2015 09:37:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15506

Error: (05/12/2015 09:37:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15506

Error: (05/12/2015 09:37:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/12/2015 04:03:08 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (05/12/2015 04:03:08 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (05/12/2015 04:03:08 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (05/12/2015 04:02:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -550.

Error: (05/12/2015 04:02:58 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (05/12/2015 04:02:58 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::ResetBIOS          Reset SASD failed, error=0

Error: (05/12/2015 04:02:58 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::UpdateSASD          Failed to set the sleep time, error=0


System errors:
=============
Error: (05/12/2015 06:47:24 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Foxit Cloud Safe Update Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/12/2015 04:02:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/12/2015 03:44:07 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (05/12/2015 03:44:06 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (05/12/2015 03:44:05 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (05/12/2015 03:44:03 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (05/12/2015 03:44:02 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (05/12/2015 03:44:01 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (05/12/2015 03:43:08 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (05/12/2015 03:43:07 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.


Microsoft Office Sessions:
=========================
Error: (04/25/2015 04:17:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 267 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (09/23/2011 04:14:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 54 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2015-05-12 21:46:12.422
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 21:40:59.328
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 19:12:05.494
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 18:45:35.565
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 18:35:59.857
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 16:02:41.481
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 12:53:26.964
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 00:44:16.097
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 00:37:16.392
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 00:28:36.241
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 40%
Total physical RAM: 3565.21 MB
Available physical RAM: 2123.98 MB
Total Pagefile: 7128.71 MB
Available Pagefile: 5198.34 MB
Total Virtual: 3071.88 MB
Available Virtual: 2925.04 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:94.34 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:0 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 66916FAD)
Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)

==================== End Of Log ============================

cosinus 12.05.2015 21:21
Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

2. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


BlueAzure 13.05.2015 07:55
So, obwohl der Benachrichtigungsdienst nun nach jedem Neustart nach den Scans wieder von selbst gestartet ist und Aero funktioniert, hängt sich trotzdem alles dauernd auf. Ich kann einen normalen Doppelklick im Explorer machen und er hängt sich so schlimm auf, dass ich den ganzen PC ausmachen muss. Fast genauso schlimm bei Firefox. (obwohl ich heut morgen einen Moment lang das Gefühl hatte, dass es jetzt wieder okay ist; da hab ich mich wohl geirrt) Es hat schon Ewigkeiten und Neustarts gedauert, bis ich den Log vom AdwCleaner aus dem Explorer öffnen konnte....PDFs werden entweder garnicht geöffnet oder nur nach langer Zeit oder alles hängt sich auf...
Ich verstehs echt nicht, was ist denn los? :(

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 12.05.2015
Suchlauf-Zeit: 22:31:42
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.12.07
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Flavia

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 386143
Verstrichene Zeit: 31 Min, 52 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 7
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test (4354).BackgroundHostObject, In Quarantäne, [6f58464cfb8fe74fa9d48f9250b418e8],
PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test (4354).BackgroundHostObject.1, In Quarantäne, [a91eb6dcdcae0d29a0dd7aa77c8858a8],
PUP.Optional.PlusHD.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-2.5, In Quarantäne, [9e292e64afdb58dece0630e4af5527d9],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-2.5, In Quarantäne, [b611f0a2c5c553e3c01427ed18ec1ee2],
PUP.Optional.SearchElf.C, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\APPDATALOW\SOFTWARE\SearchElf_1.2, In Quarantäne, [f1d6632f42483df9eb9f706aa3601ce4],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [e3e4533fa4e63afc2badb070758f857b],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\INSTALLCORE, In Quarantäne, [4780e1b1fe8c9b9b218187af02037987],

Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\INSTALLCORE|tb, 0H1L1J1L1S1R1N, In Quarantäne, [4780e1b1fe8c9b9b218187af02037987]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 17
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\userCode, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\icons, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\icons\actions, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\api, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\popupResource, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.OpenCandy, C:\Users\Flavia\AppData\Roaming\OpenCandy, In Quarantäne, [1ea92e6490fa2c0ada352c744eb5ff01],
PUP.Optional.OpenCandy, C:\Users\Flavia\AppData\Roaming\OpenCandy\DFBD94179E1749C080B69A455ED8CE58, In Quarantäne, [1ea92e6490fa2c0ada352c744eb5ff01],
PUP.Optional.NextLive.A, C:\Users\Flavia\AppData\Roaming\newnext.me, In Quarantäne, [3a8df89a3555e25494fbfca553b0a858],
PUP.Optional.NextLive.A, C:\Users\Flavia\AppData\Roaming\newnext.me\cache, In Quarantäne, [3a8df89a3555e25494fbfca553b0a858],
PUP.Optional.SpeedTest.A, C:\Users\Flavia\AppData\Roaming\speedtest4354, In Quarantäne, [1fa82171d7b371c5e0d1356c1de6dc24],
PUP.Optional.Updater.A, C:\Users\Flavia\AppData\Roaming\FoxTab\UpdateProc, In Quarantäne, [9433197948420f27315b8a2c44bf53ad],

Dateien: 93
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\crossriderManifest.json, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\background.html, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\manifest.json, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\popup.html, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\manifest.xml, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins.json, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\102_dealply_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\103_intext_5_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\104_jollywallet_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\105_corticas_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\108_icm_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\117_coupons_intext_ads_5_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\119_similar_web_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\120_luck_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\123_intext_adv_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\155_ibario_pops_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\159_cortica_rollover_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\171_arcadi2_sourceID_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\175_coolmirage_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\178_revizer_ws_dynamic_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\179_revizer_p_dynamic_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\17_jQuery.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\19_CHAppAPIWrapper.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\1_base.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\21_debug.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\22_resources.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\28_initializer.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\47_resources_background.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\125_arcadi2_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\126_revizer_ws_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\127_revizer_p_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\128_superfish_pricora_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\135_arcadi3_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\138_getdeal_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\13_CrossriderAppUtils.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\141_corticas_ru_m.js.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\142_intext_fa_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\14_CrossriderUtils.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\4_jquery_1_7_1.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\64_appApiMessage.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\72_appApiValidation.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\78_CrossriderInfo.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\7_hooks.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\80_CHPopupAppAPI.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\87_ginyas_wrapper.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\91_monetizationLoader.js.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\93_superfish_no_coupons_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\97_resourceApiWrapper.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\9_search_engine_hook.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\userCode\background.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\userCode\extension.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\icons\icon128.png, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\icons\icon16.png, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\icons\icon48.png, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\icons\actions\1.png, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\background.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\main.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\api\chrome.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\api\cookie.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\api\message.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\api\pageAction.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\api\pageActionBG.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\app_api.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\bg_app_api.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\consts.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\cookie_store.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\crossriderAPI.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\delegate.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\events.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\extensionDataStore.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\installer.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\logFile.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\logging.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\onBGDocumentLoad.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\reports.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\storageWrapper.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\updateManager.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\util.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\xhr.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\popupResource\newPopup.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\popupResource\popup.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b],
PUP.Optional.OpenCandy, C:\Users\Flavia\AppData\Roaming\OpenCandy\DFBD94179E1749C080B69A455ED8CE58\PokkiInstaller.exe, In Quarantäne, [1ea92e6490fa2c0ada352c744eb5ff01],
PUP.Optional.NextLive.A, C:\Users\Flavia\AppData\Roaming\newnext.me\nengine.cookie, In Quarantäne, [3a8df89a3555e25494fbfca553b0a858],
PUP.Optional.NextLive.A, C:\Users\Flavia\AppData\Roaming\newnext.me\cache\spark.bin, In Quarantäne, [3a8df89a3555e25494fbfca553b0a858],
PUP.Optional.SpeedTest.A, C:\Users\Flavia\AppData\Roaming\speedtest4354\install_helper.exe, In Quarantäne, [1fa82171d7b371c5e0d1356c1de6dc24],
PUP.Optional.SpeedTest.A, C:\Users\Flavia\AppData\Roaming\speedtest4354\speedtest4354.crx, In Quarantäne, [1fa82171d7b371c5e0d1356c1de6dc24],
PUP.Optional.SpeedTest.A, C:\Users\Flavia\AppData\Roaming\speedtest4354\speedtest4354DeskTopIcon.ico, In Quarantäne, [1fa82171d7b371c5e0d1356c1de6dc24],
PUP.Optional.Updater.A, C:\Users\Flavia\AppData\Roaming\FoxTab\UpdateProc\config.dat, In Quarantäne, [9433197948420f27315b8a2c44bf53ad],
PUP.Optional.Updater.A, C:\Users\Flavia\AppData\Roaming\FoxTab\UpdateProc\STTL.DAT, In Quarantäne, [9433197948420f27315b8a2c44bf53ad],
PUP.Optional.Updater.A, C:\Users\Flavia\AppData\Roaming\FoxTab\UpdateProc\TTL.DAT, In Quarantäne, [9433197948420f27315b8a2c44bf53ad],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Code:
# AdwCleaner v4.204 - Bericht erstellt 12/05/2015 um 23:33:07
# Aktualisiert 12/05/2015 von Xplode
# Datenbank : 2015-05-12.2 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x86)
# Benutzername : Flavia - FLAVIA-PC
# Gestarted von : C:\Users\Flavia\Desktop\AdwCleaner_4.204.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : TS888
[#] Dienst Gelöscht : QMUdisk

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Flavia\Favorites\StumbleUpon
Ordner Gelöscht : C:\Program Files\Uniblue
Ordner Gelöscht : C:\Program Files\Common Files\tencent
Ordner Gelöscht : C:\Windows\system32\tencent
Ordner Gelöscht : C:\Windows\system32\config\systemprofile\AppData\Roaming\tencent
Ordner Gelöscht : C:\Users\Flavia\AppData\Local\emaze
Ordner Gelöscht : C:\Users\Flavia\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Flavia\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Flavia\AppData\LocalLow\HPAppData
Ordner Gelöscht : C:\Users\Flavia\AppData\Roaming\FoxTab
Ordner Gelöscht : C:\Users\Flavia\AppData\Roaming\KingSoft
Ordner Gelöscht : C:\Users\Flavia\AppData\Roaming\tencent
Ordner Gelöscht : C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
Datei Gelöscht : C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\user.js
Datei Gelöscht : C:\Program Files\Mozilla Firefox\defaults\pref\itms.js

***** [ Geplante Tasks ] *****

Task Gelöscht : RunAsStdUser Task for VeohWebPlayer

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B69509B5-4A90-4433-A2DE-BE439F6581F2}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Driver-Soft
Schlüssel Gelöscht : HKLM\SOFTWARE\VBMZ
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\VisualBee for Microsoft PowerPoint
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=localhost:8118;hxxps=localhost:8118;ftp=localhost:8118;socks=localhost:9050
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - localhost;127.0.01;<local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.2 (x86 de)


-\\ Google Chrome v

[C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}
[C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=3212_2&babsrc=SP_ss&mntrId=2a21be6200000000000000ff9e5a681c

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [4594 Bytes] - [12/05/2015 23:32:14]
AdwCleaner[S0].txt - [4251 Bytes] - [12/05/2015 23:33:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4310  Bytes] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 7 Ultimate x86
Ran by Flavia on 13.05.2015 at  7:59:04.00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{71576546-354D-41C9-AAE8-31F2EC22BF0D}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{71576546-354D-41C9-AAE8-31F2EC22BF0D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\drivergenius
Successfully deleted: [Folder] C:\Users\Flavia\AppData\Roaming\getrighttogo
Successfully deleted: [Folder] C:\Windows\System32\ai_recyclebin



~~~ FireFox

Emptied folder: C:\Users\Flavia\AppData\Roaming\mozilla\firefox\profiles\ppf858wc.default\minidumps [84 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.05.2015 at  8:01:52.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-05-2015
Ran by Flavia (administrator) on FLAVIA-PC on 13-05-2015 08:04:53
Running from C:\Users\Flavia\Desktop
Loaded Profiles: Flavia (Available profiles: Flavia)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [DT LGE] => C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [81920 2007-10-11] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-22] ()
AppInit_DLLs: ´ê6 => ´ê6 File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-03] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-10] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {52836EB0-631A-47B1-94A6-61F9D9112DAE} -  No File
Toolbar: HKLM - No Name - {71576546-354D-41c9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {60F33B36-3E89-48EF-BE77-ACC23A366C2A} https://wstatic.plaync.co.kr/common/UniUpdate/NCLoader.8.cab
DPF: {640044E9-92A3-4B89-A615-1F65354D3A65} hxxp://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-19] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll No File
FF Plugin: @real.com/nprjplug;version=1.0.3.732 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll No File
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File
FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll [2009-10-19] ()
FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Users\Flavia\AppData\Roaming\mozilla\plugins\npDXStudioPlugin.DLL [2010-01-26] (Worldweaver Ltd.)
FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-images.xml [2014-12-21]
FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-maps.xml [2014-12-21]
FF Extension: WOT - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: Adblock Plus - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-31]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-21]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-25]
FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [{282BBB71-6301-4E39-9F74-00210BB4E0B3}] - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3}
FF Extension: XULRunner - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3} [2011-04-30]

Chrome:
=======
CHR Profile: C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-24]
CHR Extension: (Google Search) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-24]
CHR Extension: (avast! WebRep) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-03-08]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-02-24]
CHR Extension: (Gmail) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-03] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-03] (Avast Software)
S2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [65536 2007-10-11] () [File not signed]
S2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-05-11] (Foxit Software Inc.)
R2 hmpalertsvc; C:\Program Files\HitmanPro.Alert\hmpalert.exe [1876816 2014-12-20] (SurfRight B.V.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [116224 2012-02-09] ()
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S3 npggsvc; C:\Windows\system32\GameMon.des [4573608 2013-05-13] (INCA Internet Co., Ltd.)
S2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-03] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2012-06-21] (Overwolf Ltd)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 xsherlock; C:\Windows\system32\xsherlock.xem [670816 2012-07-01] (Wellbia.com Co., Ltd.) [File not signed]
S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
S3 apf003; C:\Windows\system32\apf003.sys [13232 2012-03-16] () [File not signed]
S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-01-08] ()
R1 AsrAppCharger; C:\Windows\System32\DRIVERS\AsrAppCharger.sys [15656 2011-05-10] (Windows (R) Win 7 DDK provider)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-03] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-03] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-03] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-03] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-03] ()
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [75640 2014-12-20] ()
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21952 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21952 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [40936 2013-01-19] ()
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [734208 2009-05-25] (Ralink Technology Corp.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [15920 2006-11-16] (Portrait Displays, Inc.)
S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors)
S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3328472 2011-07-28] (Windows (R) Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-06-17] (Duplex Secure Ltd.)
S3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [834832 2015-03-06] (TENCENT)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-07-28] (Scott)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-03] (Avast Software)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [31680 2015-05-13] ()
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S2 adfs; No ImagePath
S3 catchme; \??\C:\Users\Flavia\AppData\Local\Temp\catchme.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 StarOpen; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 taphss; system32\DRIVERS\taphss.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 08:04 - 2015-05-13 08:05 - 00023017 _____ () C:\Users\Flavia\Desktop\FRST.txt
2015-05-13 08:04 - 2015-05-13 08:04 - 01141248 _____ (Farbar) C:\Users\Flavia\Desktop\FRST.exe
2015-05-13 08:01 - 2015-05-13 08:01 - 00001465 _____ () C:\Users\Flavia\Desktop\JRT.txt
2015-05-13 07:59 - 2015-05-13 07:59 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FLAVIA-PC-Windows-7-Ultimate-(32-bit).dat
2015-05-13 07:59 - 2015-05-13 07:59 - 00000000 ____D () C:\RegBackup
2015-05-13 07:43 - 2015-05-13 07:59 - 00086976 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-05-12 23:32 - 2015-05-12 23:33 - 00000000 ____D () C:\AdwCleaner
2015-05-12 23:29 - 2015-05-12 23:27 - 02720307 _____ (Thisisu) C:\Users\Flavia\Desktop\JRT.exe
2015-05-12 23:29 - 2015-05-12 23:26 - 02209792 _____ () C:\Users\Flavia\Desktop\AdwCleaner_4.204.exe
2015-05-12 23:21 - 2015-05-12 23:21 - 00026009 _____ () C:\Users\Flavia\Desktop\mbam.txt
2015-05-12 22:31 - 2015-05-12 23:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-12 22:30 - 2015-05-12 22:30 - 00001028 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-12 22:30 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-12 22:30 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-12 22:30 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-12 22:29 - 2015-05-12 22:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Flavia\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-12 21:48 - 2015-05-12 21:50 - 00079509 _____ () C:\Users\Flavia\Downloads\Addition.txt
2015-05-12 21:47 - 2015-05-13 08:04 - 00000000 ____D () C:\FRST
2015-05-12 21:47 - 2015-05-12 21:50 - 00064531 _____ () C:\Users\Flavia\Downloads\FRST.txt
2015-05-12 21:45 - 2015-05-12 21:45 - 01141248 _____ (Farbar) C:\Users\Flavia\Downloads\FRST.exe
2015-05-12 18:47 - 2015-05-12 18:47 - 00002059 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2015-05-12 18:47 - 2015-05-12 18:47 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-05-12 18:46 - 2015-05-12 18:46 - 00000000 ____D () C:\Program Files\Foxit Software
2015-05-12 00:47 - 2015-05-12 00:47 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Real
2015-05-11 19:45 - 2015-05-11 19:45 - 00000000 __SHD () C:\found.000
2015-05-11 18:20 - 2015-04-18 11:03 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-05-11 18:20 - 2015-04-18 11:03 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-05-11 18:20 - 2015-04-18 11:03 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-05-11 18:20 - 2015-04-18 11:03 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-05-08 14:49 - 2015-05-08 14:49 - 00108513 _____ () C:\Users\Flavia\Downloads\Swim Suit v2.package
2015-05-08 14:40 - 2015-05-08 14:40 - 00009928 ____N () C:\bootsqm.dat
2015-05-08 14:25 - 2015-05-08 14:25 - 00412306 _____ () C:\Users\Flavia\Downloads\Sims4Krampus_RandomBathingsuits.package
2015-05-08 14:25 - 2015-05-08 14:25 - 00412243 _____ () C:\Users\Flavia\Downloads\1271248.zip
2015-05-08 14:20 - 2015-05-08 14:20 - 11148041 _____ () C:\Users\Flavia\Downloads\1274607.zip
2015-05-08 14:19 - 2015-05-08 14:19 - 00247066 _____ () C:\Users\Flavia\Downloads\1294924.zip
2015-05-08 14:08 - 2015-05-08 14:18 - 00466431 _____ () C:\Users\Flavia\Downloads\Birba32_fy_BulletSwimsuit.package
2015-05-08 14:05 - 2015-05-08 14:07 - 00530134 _____ () C:\Users\Flavia\Downloads\Birba32_fy_AlphaStringSwimsuit.package
2015-05-08 13:51 - 2015-05-08 13:51 - 00559198 _____ () C:\Users\Flavia\Downloads\Leather vest with tube top [CB].package
2015-05-08 13:51 - 2015-05-08 13:51 - 00326145 _____ () C:\Users\Flavia\Downloads\1Z_outfit_fem_sunny_Otshorts_neu3F.package
2015-05-07 21:35 - 2015-05-07 21:35 - 01135032 _____ () C:\Users\Flavia\Downloads\uktrash_SundaySweaterDress.package
2015-05-07 21:35 - 2015-05-07 21:35 - 00143756 _____ () C:\Users\Flavia\Downloads\Wolfcry_LaceJeansShort.package
2015-05-07 21:31 - 2015-05-07 21:31 - 01485427 _____ () C:\Users\Flavia\Downloads\S4_DelicateLace_Mh75.package
2015-05-07 21:30 - 2015-05-07 21:30 - 00638215 _____ () C:\Users\Flavia\Downloads\Simsimay_2DyBlazer.package
2015-05-07 21:29 - 2015-05-07 21:29 - 00460843 _____ () C:\Users\Flavia\Downloads\uktrash_CropTankTop.package
2015-05-07 21:29 - 2015-05-07 21:29 - 00411079 _____ () C:\Users\Flavia\Downloads\1285044.zip
2015-05-07 21:28 - 2015-05-07 21:28 - 00292353 _____ () C:\Users\Flavia\Downloads\simsoertchen_white top sexy - kawaii -.package
2015-05-07 21:27 - 2015-05-07 21:27 - 00252514 _____ () C:\Users\Flavia\Downloads\Printed Crop tops.package
2015-05-07 21:27 - 2015-05-07 21:27 - 00151527 _____ () C:\Users\Flavia\Downloads\longlivetherecklessandthesims_yfTop_SweaterOffShoulder_AWG.package
2015-05-07 21:24 - 2015-05-07 21:24 - 00646329 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_LaceBodycon (1).package
2015-05-07 21:24 - 2015-05-07 21:24 - 00587743 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_Longsleeve.package
2015-05-07 21:23 - 2015-05-07 21:23 - 01913334 _____ () C:\Users\Flavia\Downloads\uktrash_BasicsLongSleeve.package
2015-05-07 21:23 - 2015-05-07 21:23 - 00923513 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Stripe Print Knitted Dress.package
2015-05-07 21:22 - 2015-05-07 21:22 - 00493988 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Tartan Check Crop Top.package
2015-05-07 21:18 - 2015-05-07 21:18 - 02086542 _____ () C:\Users\Flavia\Downloads\Metens_Serenity.package
2015-05-07 21:17 - 2015-05-07 21:17 - 00210168 _____ () C:\Users\Flavia\Downloads\2.package
2015-05-07 21:07 - 2015-05-07 21:07 - 01212670 _____ () C:\Users\Flavia\Downloads\Birba32_fy_winterbootpastel.package
2015-05-07 21:06 - 2015-05-07 21:06 - 00971151 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 eyecolors 09.package
2015-05-07 21:05 - 2015-05-07 21:05 - 01860807 _____ () C:\Users\Flavia\Downloads\SL_yf_ZuhairMurad_Gown1.package
2015-05-07 21:03 - 2015-05-07 21:03 - 00805049 _____ () C:\Users\Flavia\Downloads\BL_Sequin Blazer.package
2015-05-07 11:44 - 2015-05-07 11:44 - 00321678 _____ () C:\Users\Flavia\Downloads\S4FD_MissLicious_Tanks.package
2015-05-07 11:44 - 2015-05-07 11:44 - 00132781 _____ () C:\Users\Flavia\Downloads\Jeans.package
2015-05-07 11:42 - 2015-05-07 11:42 - 00291721 _____ () C:\Users\Flavia\Downloads\top renda dani's.package
2015-05-07 11:41 - 2015-05-07 11:41 - 00169125 _____ () C:\Users\Flavia\Downloads\cutesims4_gtw top india.package
2015-05-07 11:40 - 2015-05-07 11:40 - 01976727 _____ () C:\Users\Flavia\Downloads\1294014.zip
2015-05-07 11:39 - 2015-05-07 11:39 - 01373730 _____ () C:\Users\Flavia\Downloads\Birba32_fy_LaceCipriaDress.package
2015-05-07 11:39 - 2015-05-07 11:39 - 00345945 _____ () C:\Users\Flavia\Downloads\Cleotopia-MiniShortsRippedColorful.package
2015-05-07 11:38 - 2015-05-07 11:38 - 00504146 _____ () C:\Users\Flavia\Downloads\Spring Dress set.package
2015-05-07 11:37 - 2015-05-07 11:37 - 00668569 _____ () C:\Users\Flavia\Downloads\Milk Lace Dress.package
2015-05-07 11:37 - 2015-05-07 11:37 - 00074451 _____ () C:\Users\Flavia\Downloads\cutesims4_romantic_White_Tube.package
2015-05-07 11:36 - 2015-05-07 11:36 - 00500120 _____ () C:\Users\Flavia\Downloads\Aztec Top by Pinkzombiecupcake.package
2015-05-07 11:36 - 2015-05-07 11:36 - 00451796 _____ () C:\Users\Flavia\Downloads\Blusa Renda Branca.package
2015-05-07 11:33 - 2015-05-07 11:33 - 00090648 _____ () C:\Users\Flavia\Downloads\Leeah_yfShoes_CalfCowboy_SuedeChocolate.package
2015-05-07 11:30 - 2015-05-07 11:30 - 00607019 _____ () C:\Users\Flavia\Downloads\Madlen Scafati Boots.package
2015-05-07 11:30 - 2015-05-07 11:30 - 00403762 _____ () C:\Users\Flavia\Downloads\Madlen Cirino Shoes.package
2015-05-07 11:29 - 2015-05-07 11:29 - 00710251 _____ () C:\Users\Flavia\Downloads\Madlen Tiziano Shoes.package
2015-05-07 11:29 - 2015-05-07 11:29 - 00511975 _____ () C:\Users\Flavia\Downloads\Madlen Umbria Shoes.package
2015-05-07 11:28 - 2015-05-07 11:28 - 00387493 _____ () C:\Users\Flavia\Downloads\Madlen Livia Shoes.package
2015-05-07 11:27 - 2015-05-07 11:28 - 00417972 _____ () C:\Users\Flavia\Downloads\Madlen Eris Boots.package
2015-05-07 11:27 - 2015-05-07 11:27 - 00603820 _____ () C:\Users\Flavia\Downloads\Madlen Ambrogio Shoes.package
2015-05-07 11:26 - 2015-05-07 11:26 - 01278415 _____ () C:\Users\Flavia\Downloads\1294236.zip
2015-05-07 11:26 - 2015-05-07 11:26 - 00704730 _____ () C:\Users\Flavia\Downloads\Madlen Nineveh Shoes.package
2015-05-07 11:25 - 2015-05-07 11:25 - 00497960 _____ () C:\Users\Flavia\Downloads\Madlen Novara Sandals.package
2015-05-07 11:22 - 2015-05-07 11:22 - 00287377 _____ () C:\Users\Flavia\Downloads\Toska.zip
2015-05-07 11:22 - 2015-05-07 11:22 - 00134871 _____ () C:\Users\Flavia\Downloads\ZIP UP BOOTS.package
2015-05-07 11:21 - 2015-05-07 11:21 - 00756084 _____ () C:\Users\Flavia\Downloads\Madlen Neroni Sneakers (Male).package
2015-05-07 11:21 - 2015-05-07 11:21 - 00161515 _____ () C:\Users\Flavia\Downloads\Vans  Classic Slip-On Core (male) by Pinzombiecupcake.package
2015-05-07 11:20 - 2015-05-07 11:20 - 00451295 _____ () C:\Users\Flavia\Downloads\Madlen Orlando Shoes (Male).package
2015-05-07 11:20 - 2015-05-07 11:20 - 00187334 _____ () C:\Users\Flavia\Downloads\THL_NikeShoesSB_M.package
2015-05-07 11:18 - 2015-05-07 11:19 - 00095991 _____ () C:\Users\Flavia\Downloads\Jazminerev.zip
2015-05-07 11:18 - 2015-05-07 11:18 - 00101879 _____ () C:\Users\Flavia\Downloads\TugmeL-S4_Daphne-FYA.zip
2015-05-07 11:17 - 2015-05-07 11:17 - 00102633 _____ () C:\Users\Flavia\Downloads\AlyssaDíazPérezbySimFabulous.zip
2015-05-07 11:17 - 2015-05-07 11:17 - 00091261 _____ () C:\Users\Flavia\Downloads\MsBlue_JasminBlue.zip
2015-05-07 11:16 - 2015-05-07 11:16 - 00089561 _____ () C:\Users\Flavia\Downloads\MK_KendallEdwards.zip
2015-05-07 11:15 - 2015-05-07 11:15 - 00095291 _____ () C:\Users\Flavia\Downloads\Bryant Caliente.zip
2015-05-07 11:14 - 2015-05-07 11:15 - 00090187 _____ () C:\Users\Flavia\Downloads\MaseoUehara-Munter_Bacon2.zip
2015-05-07 11:12 - 2015-05-07 11:12 - 04833426 _____ () C:\Users\Flavia\Downloads\1291079.zip
2015-05-07 11:12 - 2015-05-07 11:12 - 00385291 _____ () C:\Users\Flavia\Downloads\MsBlue_LauraSkin.package
2015-05-07 11:10 - 2015-05-07 11:10 - 00448444 _____ () C:\Users\Flavia\Downloads\curbs_hat4_rosa.package
2015-05-07 11:10 - 2015-05-07 11:10 - 00278001 _____ () C:\Users\Flavia\Downloads\altea127 Visor Hat .package
2015-05-07 11:09 - 2015-05-07 11:09 - 00648473 _____ () C:\Users\Flavia\Downloads\[SrslyBrownie] (S4) Sheer Leggings .package
2015-05-07 11:09 - 2015-05-07 11:09 - 00119657 _____ () C:\Users\Flavia\Downloads\Vault101Hat.package
2015-05-07 11:08 - 2015-05-07 11:08 - 00686972 _____ () C:\Users\Flavia\Downloads\Birba32_fy_SideBandLeggings.package
2015-05-07 11:07 - 2015-05-07 11:07 - 00338585 _____ () C:\Users\Flavia\Downloads\cutesims4_replay skinny jeans - set.package
2015-05-07 11:07 - 2015-05-07 11:07 - 00056175 _____ () C:\Users\Flavia\Downloads\PDsims_SpikedBobbySocks.package
2015-05-07 11:06 - 2015-05-07 11:06 - 02335029 _____ () C:\Users\Flavia\Downloads\[SrslySims] (S4) High Waist PVC Leggings.package
2015-05-07 11:06 - 2015-05-07 11:06 - 00156997 _____ () C:\Users\Flavia\Downloads\TS4 Stockings Cat by Irink@a.package
2015-05-07 11:05 - 2015-05-07 11:05 - 01379143 _____ () C:\Users\Flavia\Downloads\altea127 Sonia Tights.package
2015-05-07 11:05 - 2015-05-07 11:05 - 00049164 _____ () C:\Users\Flavia\Downloads\Metens_Seduction.package
2015-05-07 11:03 - 2015-05-07 11:03 - 00395555 _____ () C:\Users\Flavia\Downloads\[Sintiklia]Eyeshadow 7.package
2015-05-07 11:02 - 2015-05-07 11:02 - 00338242 _____ () C:\Users\Flavia\Downloads\Alin22_NecklaceShapes.package
2015-05-07 11:01 - 2015-05-07 11:02 - 00718560 _____ () C:\Users\Flavia\Downloads\LLSIMS_LayeredNecklace_001.package
2015-05-07 11:01 - 2015-05-07 11:01 - 00810278 _____ () C:\Users\Flavia\Downloads\1269610.zip
2015-05-07 11:00 - 2015-05-07 11:00 - 00252918 _____ () C:\Users\Flavia\Downloads\Mallard Close.zip
2015-05-07 11:00 - 2015-05-07 11:00 - 00032549 _____ () C:\Users\Flavia\Downloads\Wood_Style.package
2015-05-07 10:59 - 2015-05-07 10:59 - 00427598 _____ () C:\Users\Flavia\Downloads\1Z_dress_marine_neu2D.package
2015-05-07 10:58 - 2015-05-07 10:58 - 00166194 _____ () C:\Users\Flavia\Downloads\SV Earrings with round jewel.package
2015-05-07 10:58 - 2015-05-07 10:58 - 00079101 _____ () C:\Users\Flavia\Downloads\NataliS_Spring and crystal earings FT-FA.package
2015-05-07 10:57 - 2015-05-07 10:57 - 00144082 _____ () C:\Users\Flavia\Downloads\NataliS_Crystal drop earrings FT-FA.package
2015-05-07 10:56 - 2015-05-07 10:56 - 00054561 _____ () C:\Users\Flavia\Downloads\MYOBI-zest-eyes.package
2015-05-07 10:55 - 2015-05-07 10:55 - 00089604 _____ () C:\Users\Flavia\Downloads\MYOBI-jelly-eyemask.package
2015-05-07 10:54 - 2015-05-07 10:54 - 00041317 _____ () C:\Users\Flavia\Downloads\EnticingSims_Feather Tattoo.package
2015-05-07 10:53 - 2015-05-07 10:53 - 01851664 _____ () C:\Users\Flavia\Downloads\MILK Jasmine Skintone.zip
2015-05-07 10:53 - 2015-05-07 10:53 - 00003782 _____ () C:\Users\Flavia\Downloads\cateye.package
2015-05-07 10:51 - 2015-05-07 10:51 - 04378955 _____ () C:\Users\Flavia\Downloads\MILK Divine.package
2015-05-07 10:51 - 2015-05-07 10:51 - 00269171 _____ () C:\Users\Flavia\Downloads\Love Frekles by Pinkzombiecupcake.package
2015-05-07 10:50 - 2015-05-07 10:50 - 00042966 _____ () C:\Users\Flavia\Downloads\MYOBI-samantha-facedetail.package
2015-05-07 10:49 - 2015-05-07 10:49 - 00265490 _____ () C:\Users\Flavia\Downloads\MorganeParis_For_Natalis_Nails_02.package
2015-05-07 10:49 - 2015-05-07 10:49 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL(1).package
2015-05-07 10:48 - 2015-05-07 10:48 - 00209148 _____ () C:\Users\Flavia\Downloads\PS Lip 01.package
2015-05-07 10:47 - 2015-05-07 10:47 - 00217924 _____ () C:\Users\Flavia\Downloads\Aveira_LipglossN3.package
2015-05-07 09:48 - 2015-05-07 09:48 - 00000000 ____D () C:\ProgramData\Aeria Games
2015-05-06 10:32 - 2015-05-06 10:32 - 00001608 _____ () C:\Users\Flavia\Desktop\Echo of Soul.lnk
2015-05-06 10:17 - 2015-05-06 10:17 - 00001950 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk
2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\Program Files\Aeria Games
2015-05-06 09:46 - 2015-05-06 10:17 - 00000000 ____D () C:\AeriaGames
2015-05-05 13:00 - 2015-05-05 13:00 - 00268383 _____ () C:\Users\Flavia\Downloads\Cenothera Biennis - by Onyxium.zip
2015-05-05 12:59 - 2015-05-05 12:59 - 00164311 _____ () C:\Users\Flavia\Downloads\MYOBI-opulent-lipcolour.package
2015-05-05 12:58 - 2015-05-05 12:58 - 00772625 _____ () C:\Users\Flavia\Downloads\[EVE62]lipstick1.package
2015-05-05 12:58 - 2015-05-05 12:58 - 00042707 _____ () C:\Users\Flavia\Downloads\Doll Lipstick Nr1. by Baarbiie-GiirL .package
2015-05-05 12:57 - 2015-05-05 12:57 - 00203248 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 Lipstick 09.package
2015-05-05 12:57 - 2015-05-05 12:57 - 00062311 _____ () C:\Users\Flavia\Downloads\Autumn dream lipstick by Pinzombiecupcake.package
2015-05-05 12:56 - 2015-05-05 12:56 - 00252650 _____ () C:\Users\Flavia\Downloads\MYOBI-lilt-lipcolour.package
2015-05-05 12:55 - 2015-05-05 12:55 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL.package
2015-05-05 12:54 - 2015-05-05 12:54 - 00003717 _____ () C:\Users\Flavia\Downloads\Doll Eyeliner.package
2015-05-05 12:53 - 2015-05-05 12:53 - 00135801 _____ () C:\Users\Flavia\Downloads\[GrizzlySimr] Sohlein Classy Eyeshadow.package
2015-05-05 12:52 - 2015-05-05 12:52 - 00122500 _____ () C:\Users\Flavia\Downloads\[simbastic] smokey_glitter_eyeshadow.package
2015-05-05 12:52 - 2015-05-05 12:52 - 00043249 _____ () C:\Users\Flavia\Downloads\mormo_eyeshadow1_AF.package
2015-05-05 12:51 - 2015-05-05 12:51 - 01685607 _____ () C:\Users\Flavia\Downloads\MYOBI-fiona-eyeshadow.package
2015-05-05 12:42 - 2015-05-05 12:42 - 00132889 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows16 M .package
2015-05-05 12:41 - 2015-05-05 12:41 - 00192771 _____ () C:\Users\Flavia\Downloads\MYOBI-nemo-brows.package
2015-05-05 12:40 - 2015-05-05 12:40 - 19387267 _____ () C:\Users\Flavia\Downloads\1265549.zip
2015-05-05 12:40 - 2015-05-05 12:40 - 01063041 _____ () C:\Users\Flavia\Downloads\SV Summer floral dress.package
2015-05-05 12:39 - 2015-05-05 12:39 - 00109478 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows12 F.package
2015-05-05 12:38 - 2015-05-05 12:38 - 04103232 _____ () C:\Users\Flavia\Downloads\Realistic beard By Pinkzombiecupcake.package
2015-05-05 12:38 - 2015-05-05 12:38 - 00025198 _____ () C:\Users\Flavia\Downloads\Eyebrow with 8 colours.package
2015-05-05 12:36 - 2015-05-05 12:37 - 07179080 _____ () C:\Users\Flavia\Downloads\beard nr 2.package
2015-05-05 12:35 - 2015-05-05 12:35 - 08296793 _____ () C:\Users\Flavia\Downloads\Cazy_c119-Nicholas_r.package
2015-05-05 11:18 - 2015-05-05 11:18 - 00494281 _____ () C:\Users\Flavia\Downloads\1268783.zip
2015-05-05 11:17 - 2015-05-05 11:17 - 20023938 _____ () C:\Users\Flavia\Downloads\Stealthic Like Lust (Hair).package
2015-05-05 11:17 - 2015-05-05 11:17 - 00468442 _____ () C:\Users\Flavia\Downloads\1266813.zip
2015-05-05 11:16 - 2015-05-05 11:16 - 23228914 _____ () C:\Users\Flavia\Downloads\Stealthic Haunting (Hair).package
2015-05-05 11:15 - 2015-05-05 11:16 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair)(1).package
2015-05-05 11:14 - 2015-05-05 11:14 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229(1).package
2015-05-05 11:10 - 2015-05-05 11:11 - 24898232 _____ () C:\Users\Flavia\Downloads\Stealthic Sleepwalking (Hair).package
2015-05-05 11:10 - 2015-05-05 11:10 - 05337936 _____ () C:\Users\Flavia\Downloads\Skysims-hair257g.package
2015-05-05 11:09 - 2015-05-05 11:09 - 17935799 _____ () C:\Users\Flavia\Downloads\Stealthic Captivated (Hair).package
2015-05-05 11:08 - 2015-05-05 11:08 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229.package
2015-05-05 11:06 - 2015-05-05 11:06 - 21139442 _____ () C:\Users\Flavia\Downloads\Stealthic Runaway (Hair).package
2015-05-05 11:04 - 2015-05-05 11:04 - 04326482 _____ () C:\Users\Flavia\Downloads\Skysims Hair 208-lok sims4.package
2015-05-05 11:03 - 2015-05-05 11:03 - 21509106 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair)(1).package
2015-05-05 11:02 - 2015-05-05 11:02 - 11803982 _____ () C:\Users\Flavia\Downloads\Cazy_c172-Izzy_t-e_type2_re.package
2015-05-05 11:01 - 2015-05-05 11:01 - 00208048 _____ () C:\Users\Flavia\Downloads\Tantars Estate.zip
2015-05-05 11:00 - 2015-05-05 11:00 - 23136216 _____ () C:\Users\Flavia\Downloads\Stealthic Midsummer Night (Hair and Acc).package
2015-05-05 11:00 - 2015-05-05 11:00 - 05331542 _____ () C:\Users\Flavia\Downloads\Skysims-hair149.package
2015-05-05 10:59 - 2015-05-05 10:59 - 08029586 _____ () C:\Users\Flavia\Downloads\Nightcrawler AF Hair Turn It Up.package
2015-05-05 10:57 - 2015-05-05 10:57 - 21011847 _____ () C:\Users\Flavia\Downloads\Stealthic Amber Lights (Hair).package
2015-05-05 10:56 - 2015-05-05 10:56 - 07481536 _____ () C:\Users\Flavia\Downloads\Alesso_Circus.zip
2015-05-05 10:55 - 2015-05-05 10:55 - 06149100 _____ () C:\Users\Flavia\Downloads\Skysims-Hair-113.package
2015-05-05 10:53 - 2015-05-05 10:53 - 31996596 _____ () C:\Users\Flavia\Downloads\Stealthic Daughter (Hair).package
2015-05-05 10:52 - 2015-05-05 10:53 - 21697048 _____ () C:\Users\Flavia\Downloads\Stealthic Sanctuary (Hair).package
2015-05-05 10:51 - 2015-05-05 10:51 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair).package
2015-05-04 17:59 - 2015-05-04 17:59 - 03451698 _____ () C:\Users\Flavia\Downloads\1427212032d4244028654db8b5795c78.zip
2015-05-04 17:57 - 2015-05-04 17:57 - 02772812 _____ () C:\Users\Flavia\Downloads\141571469380eb3fb6e18314cd5679e3.zip
2015-05-04 17:53 - 2015-05-04 17:53 - 21497179 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair).package
2015-05-03 21:04 - 2015-05-03 21:04 - 00000000 ____D () C:\Program Files\Origin Games
2015-05-03 20:50 - 2015-05-03 20:50 - 00000000 ____D () C:\Users\Flavia\Documents\Electronic Arts
2015-05-03 20:48 - 2015-05-03 21:04 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Origin
2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\Program Files\Origin
2015-05-03 20:45 - 2015-05-03 20:45 - 00000905 _____ () C:\Users\Public\Desktop\Origin.lnk
2015-05-03 20:43 - 2015-05-03 20:43 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-03 20:41 - 2015-05-03 20:41 - 00002051 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2015-05-03 20:41 - 2015-05-03 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2015-05-03 20:34 - 2015-05-03 20:34 - 00000000 ____D () C:\Program Files\The Sims 4
2015-05-03 19:57 - 2015-05-03 21:11 - 00000000 ____D () C:\ProgramData\Origin
2015-05-03 19:51 - 2015-05-03 20:45 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-05-03 12:23 - 2015-05-03 12:23 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-03 12:23 - 2015-05-03 12:23 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-28 10:53 - 2015-04-28 10:53 - 00000000 ____D () C:\Users\Flavia\Downloads\[FS]Day04
2015-04-23 15:32 - 2015-04-23 15:32 - 00000000 __SHD () C:\Users\Flavia\AppData\Local\EmieBrowserModeList
2015-04-23 15:05 - 2015-04-23 15:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-22 11:15 - 2015-05-06 10:31 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-04-19 14:10 - 2015-04-19 14:10 - 00000000 ____D () C:\ProgramData\Ahead
2015-04-19 13:58 - 2015-05-12 23:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-19 13:58 - 2015-04-19 13:58 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-19 13:58 - 2015-04-19 13:58 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-18 11:04 - 2015-04-18 11:04 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-04-18 11:03 - 2015-04-18 11:03 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-16 10:50 - 2015-04-18 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-15 09:39 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 09:39 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 09:39 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:38 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 09:38 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 09:38 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 09:38 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:38 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 09:38 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 09:38 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 09:38 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 09:38 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 09:38 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 09:38 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 09:38 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 09:38 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 09:38 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 09:38 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 09:38 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 09:38 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 09:38 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 09:38 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 09:38 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 09:38 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:38 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 09:38 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 09:38 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 09:38 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:38 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:38 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 09:38 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 09:38 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 09:38 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 09:38 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 09:38 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:38 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 09:38 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:38 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 09:38 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:38 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 09:38 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 09:38 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 09:38 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 09:38 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 09:38 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 09:38 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 09:38 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:38 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 09:38 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 09:38 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 09:38 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 09:38 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 09:38 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 09:38 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 09:38 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 09:37 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:37 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 08:02 - 2012-11-09 19:40 - 00000000 ____D () C:\Users\Flavia\AppData\Local\CrashDumps
2015-05-13 07:59 - 2012-11-09 19:08 - 00031680 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-05-13 07:59 - 2011-07-09 18:33 - 00000000 ____D () C:\Users\Flavia\AppData\Local\PMB Files
2015-05-13 07:52 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 07:52 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 07:49 - 2009-12-28 01:26 - 01756880 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 07:45 - 2014-12-20 14:36 - 00000000 ____D () C:\Windows\CryptoGuard
2015-05-13 07:44 - 2011-09-25 14:34 - 00145542 _____ () C:\Windows\setupact.log
2015-05-13 07:43 - 2010-01-20 16:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-13 07:43 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-13 07:42 - 2011-09-25 16:31 - 00623506 _____ () C:\Windows\PFRO.log
2015-05-12 23:32 - 2014-08-14 11:55 - 00651504 _____ () C:\Windows\system32\perfh01F.dat
2015-05-12 23:32 - 2014-08-14 11:55 - 00140826 _____ () C:\Windows\system32\perfc01F.dat
2015-05-12 23:32 - 2011-05-21 00:31 - 00423246 _____ () C:\Windows\system32\perfh012.dat
2015-05-12 23:32 - 2011-05-21 00:31 - 00121210 _____ () C:\Windows\system32\perfc012.dat
2015-05-12 23:32 - 2010-01-20 16:25 - 00411600 _____ () C:\Windows\system32\perfh011.dat
2015-05-12 23:32 - 2010-01-20 16:25 - 00122926 _____ () C:\Windows\system32\perfc011.dat
2015-05-12 23:32 - 2009-12-27 16:41 - 04400078 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-12 23:11 - 2011-03-30 17:25 - 00000000 ____D () C:\Windows\Minidump
2015-05-12 18:48 - 2013-01-31 14:12 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Foxit Software
2015-05-12 18:47 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2015-05-12 16:07 - 2009-12-27 16:44 - 00000000 ____D () C:\Users\Flavia
2015-05-12 00:45 - 2011-09-15 17:48 - 00000000 ____D () C:\Download
2015-05-12 00:43 - 2014-05-27 12:07 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Samsung
2015-05-12 00:43 - 2009-12-27 18:54 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-05-11 20:55 - 2011-09-25 15:14 - 00000000 ____D () C:\Windows\pss
2015-05-11 20:38 - 2012-12-05 21:15 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Spotify
2015-05-11 20:37 - 2012-12-05 21:14 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Spotify
2015-05-11 18:39 - 2013-08-02 10:35 - 00000992 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-11 18:21 - 2015-01-23 17:12 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-05-03 20:05 - 2013-03-16 15:21 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Origin
2015-05-03 12:23 - 2014-05-16 17:00 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-03 12:23 - 2014-01-07 17:20 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-03 12:23 - 2013-03-17 18:59 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-03 12:23 - 2013-03-17 18:59 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-03 12:23 - 2012-02-24 15:33 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-03 12:23 - 2011-09-25 16:52 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-03 12:23 - 2011-09-25 16:51 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-03 12:23 - 2011-09-25 16:51 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-30 16:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-26 19:18 - 2012-04-18 19:53 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Audacity
2015-04-26 19:03 - 2012-07-28 11:45 - 00000000 ____D () C:\Users\Flavia\Downloads\eBooks
2015-04-26 18:49 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-04-25 16:03 - 2013-11-01 15:29 - 00000000 ____D () C:\Users\Flavia\Downloads\Dokumente
2015-04-25 09:54 - 2013-01-19 15:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-22 11:15 - 2013-03-15 12:46 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-04-22 11:15 - 2010-08-06 13:49 - 00000000 ____D () C:\Windows\system32\directx
2015-04-19 14:00 - 2015-01-16 12:23 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Adobe
2015-04-19 13:57 - 2009-12-28 16:55 - 00000000 ____D () C:\Program Files\Adobe
2015-04-19 13:56 - 2009-12-28 16:55 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-18 11:03 - 2013-02-21 13:11 - 00000000 ____D () C:\Program Files\Java
2015-04-16 09:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-15 10:44 - 2014-12-10 19:18 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 10:44 - 2014-05-01 19:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-04-15 10:18 - 2013-07-11 10:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 10:10 - 2009-12-27 17:09 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 10:09 - 2009-12-27 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-13 18:07 - 2015-03-09 17:41 - 00000000 ____D () C:\Users\Flavia\Top Body

==================== Files in the root of some directories =======

2014-01-20 15:12 - 2014-01-27 16:12 - 0000085 _____ () C:\Users\Flavia\AppData\Roaming\WB.CFG
2011-04-29 13:55 - 2011-04-29 13:55 - 0009216 _____ () C:\Users\Flavia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-30 19:59 - 2011-07-22 13:50 - 0000000 _____ () C:\Users\Flavia\AppData\Local\Itiqeyabeguyoya.bin
2011-03-30 19:59 - 2011-07-21 10:02 - 0000120 _____ () C:\Users\Flavia\AppData\Local\Kholohiyesupa.dat
2015-04-10 16:47 - 2015-04-10 16:47 - 0005197 _____ () C:\Users\Flavia\AppData\Local\recently-used.xbel
2012-04-25 22:36 - 2012-07-11 23:50 - 0007597 _____ () C:\Users\Flavia\AppData\Local\resmon.resmoncfg
2011-09-25 10:24 - 2011-09-25 10:24 - 0000000 _____ () C:\Users\Flavia\AppData\Local\{07929EE3-DAD7-4105-8DF8-2CE403B4C7E2}
2015-02-27 18:27 - 2015-03-06 13:11 - 0000040 _____ () C:\ProgramData\DT0001.dat
2015-02-25 22:32 - 2015-03-06 13:11 - 0000040 _____ () C:\ProgramData\DT0006.dat
2010-02-22 15:38 - 2010-02-22 15:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Files to move or delete:
====================
C:\ProgramData\DT0001.dat
C:\ProgramData\DT0006.dat


Some content of TEMP:
====================
C:\Users\Flavia\AppData\Local\temp\dxwebsetup.exe
C:\Users\Flavia\AppData\Local\temp\FoxitUpdater.exe
C:\Users\Flavia\AppData\Local\temp\jre-8u45-windows-au.exe
C:\Users\Flavia\AppData\Local\temp\Quarantine.exe
C:\Users\Flavia\AppData\Local\temp\sqlite3.dll
C:\Users\Flavia\AppData\Local\temp\uninst.exe
C:\Users\Flavia\AppData\Local\temp\uninstall_complete.exe
C:\Users\Flavia\AppData\Local\temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-05 10:31

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

cosinus 13.05.2015 12:48
Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.

http://saved.im/mtg0mjy4yjlu/2014-04...ryscantool.png

BlueAzure 13.05.2015 17:32
Huch, dachte ich hätte die Addition.txt angehängt.

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-05-2015
Ran by Flavia at 2015-05-13 08:05:46
Running from C:\Users\Flavia\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4132011797-2711336362-2655832662-500 - Administrator - Disabled)
Flavia (S-1-5-21-4132011797-2711336362-2655832662-1000 - Administrator - Enabled) => C:\Users\Flavia
Guest (S-1-5-21-4132011797-2711336362-2655832662-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4132011797-2711336362-2655832662-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version:  - )
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-To-Play (HKLM\...\AION Free-To-Play) (Version: v0.1 - Gameforge 4D)
Akamai NetSession Interface (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Audacity 2.0 (HKLM\...\Audacity_is1) (Version:  - Audacity Team)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4600 (Version: 130.0.425.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{249F13C9-889B-405E-8987-F4E6AA90BD8E}) (Version: 0.9.17 - Kovid Goyal)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4329 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
Digitale Bibliothek 4 (HKLM\...\Digitale Bibliothek 4) (Version:  - )
Dropbox (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Echo of Soul (HKLM\...\Echo of Soul) (Version:  - )
EXPERTool v8.6 (HKLM\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.6.0.0 - Gainward Co. Ltd.)
forteManager (HKLM\...\{1883A84D-94AA-432C-9519-FA31B6B118B9}) (Version: 2.80.002 - Portrait Displays, Inc.)
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.4.96.511 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Free Audio Converter version 5.0.46.820 (HKLM\...\Free Audio Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
Free AVI Video Converter version 5.0.18.1005 (HKLM\...\Free AVI Video Converter_is1) (Version: 5.0.18.1005 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.23.320 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free Studio version 5.1.7 (HKLM\...\Free Studio_is1) (Version:  - DVDVideoSoft Ltd.)
Free Video Dub version 2.0.22.925 (HKLM\...\Free Video Dub_is1) (Version: 2.0.22.925 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.23.320 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.33.1005 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.33.1005 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HD Video Plugin (HKLM\...\HD Video Plugin) (Version: 1.28.153.5 - Plugin)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (HKLM\...\{44C81D1A-0520-49BB-B510-98B8DD414EA1}) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x86 (HKLM\...\{175A0271-B6F3-4AB6-ADAD-DC9D17F4A321}) (Version: 2.0.1083.0 - Intel)
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 3.9.5 (HKLM\...\KLiteCodecPack_is1) (Version: 3.9.5 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
MEDION MD86511 (HKLM\...\{1251B5BC-E285-4078-98C9-ED21F61B552A}) (Version: 1.0.0.0 - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{2F750C77-1FEC-44F9-88CC-2CE322EBD61E}) (Version: 1.1.0324 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version:  - NCsoft)
Netzmanager (HKLM\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Overwolf (HKLM\...\{4150D0B5-D203-419B-9C49-9B615AF11BAF}) (Version: 0.33.199 - Overwolf)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.7.0.0 - Pando Networks Inc.)
Pando Media Booster Packages (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Pando Media Booster Packages) (Version:  - ) <==== ATTENTION
PDF24 Creator 6.9.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PS_AIO_05_C4600_Software_Min (Version: 130.0.425.000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SDFormatter (HKLM\...\{5A347920-4AFC-11D5-9FB0-800649886934}) (Version:  - )
SDK (Version: 1.40.002 - Portrait Displays, Inc.) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TERA (HKLM\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 19.04.02.03.hf3 - Gameforge Productions GmbH)
The Sims 4 Version 1.0 u1 (HKLM\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.0 u1 - EA Games)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
Uniblue RegistryBooster 2010 (HKLM\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version:  - Uniblue Systems Ltd)
Unity Web Player (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Viva Piñata (HKLM\...\InstallShield_{343EFA17-5BC5-44DA-924F-539ECBEFF68C}) (Version: 1.00.0000 - Microsoft Game Studios)
Viva Pinata (Version: 1.00.0000 - Microsoft Game Studios) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.21 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WOT für Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}\InprocServer32 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll ()
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{F12BE2CC-A901-4203-B4F2-ADCB957D1887}\InprocServer32 -> C:\ProgramData\Windows\wsse.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

03-04-2015 11:18:39 Windows Update
05-04-2015 13:08:17 Windows Update
06-04-2015 10:07:45 Windows Backup
06-04-2015 11:49:08 Removed Adobe Shockwave Player 12.0.
06-04-2015 11:53:36 Removed Adobe Shockwave Player 12.0.
06-04-2015 11:54:30 Removed Skype™ 6.11
10-04-2015 12:19:34 Windows Update
10-04-2015 17:34:27 avast! antivirus system restore point
12-04-2015 19:00:08 Windows Backup
15-04-2015 09:37:53 Windows Update
15-04-2015 10:02:58 Windows Update
16-04-2015 10:49:16 Installed Java 7 Update 75
18-04-2015 11:11:22 Windows Update
19-04-2015 14:08:41 Removed Nero 7 Ultra Edition. Available with Windows Installer version 1.2 and later.
20-04-2015 15:59:31 Windows Backup
23-04-2015 16:17:06 Removed Aeria Ignite
25-04-2015 10:07:27 Windows Update
26-04-2015 19:00:12 Windows Backup
29-04-2015 09:27:46 Windows Update
03-05-2015 12:21:03 avast! antivirus system restore point
03-05-2015 19:00:05 Windows Backup
03-05-2015 20:42:40 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
06-05-2015 08:53:50 Windows Update
11-05-2015 14:22:32 Windows Backup
12-05-2015 00:40:46 Removed Samsung Kies

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2013-11-17 14:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {051D9757-8B82-499C-84F3-DAA24A3DE582} - System32\Tasks\939a6e80 => C:\Users\Flavia\AppData\Local\Temp\\setup43644544.exe <==== ATTENTION
Task: {06C689DC-E76C-4A21-8866-20195A7C7D8A} - System32\Tasks\{75581C9E-7CDE-4760-94A5-B7305B0DBEEB} => C:\Program Files\VOX3DPlaner2\Konfigurator\VOX3DPlaner2.exe
Task: {0EA169F2-3396-4693-8141-E0B0BDEAD2D0} - System32\Tasks\{2BA6D508-0A05-49CB-A72A-BAE924AAA86D} => C:\Program Files\FIFA06\fifa06 demo.exe
Task: {0EDCC5B6-3393-4E15-A50F-DAFD2C9832E3} - System32\Tasks\{1C432A36-43A8-4E97-9064-E347447B9584} => pcalua.exe -a "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall\Magical Diary - Horse Hall.exe" -d "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall"
Task: {10330BF6-A675-4800-A815-653A883EA389} - System32\Tasks\{1A0A79E3-33E7-4B14-AEE7-9402B154A87B} => C:\Program Files\Nexon\MabinogiEU\Mabinogi.exe
Task: {118AB896-6545-4634-8DE0-05F08A6DAF5A} - System32\Tasks\{C0B08E39-FC9D-46D1-A7D0-6BFF81B8BFAA} => J:\Setup.exe
Task: {1266A55D-07A0-4E1E-9850-9BAD8D5A9C13} - System32\Tasks\{E4CB1F65-9BC1-413F-BFE8-1E9629412274} => C:\Program Files\Origin Games\The Sims 3\Game\Bin\Sims3Launcher.exe
Task: {135387F8-A0AF-4292-8994-E2BCC2B0EC1F} - System32\Tasks\{0040F31E-F0C2-4718-BE4B-C574915E4BC9} => pcalua.exe -a J:\setup.exe -d J:\
Task: {144C66C0-FD3E-4C35-9168-C4146F8435E6} - System32\Tasks\9d0be300 => C:\Users\Flavia\AppData\Local\Temp\\setup115842944.exe <==== ATTENTION
Task: {15C3D743-59C8-4FFC-86D8-25C055A63066} - System32\Tasks\{FE3A9151-4B9D-490C-902E-5BA73455C78D} => C:\Program Files\FIFA06\AutoRun.exe
Task: {16E8B459-123F-4050-8F2D-CB02F7AD2A7C} - System32\Tasks\{F74CF72E-9781-4504-8186-2857FBB1D1B9} => pcalua.exe -a C:\Users\Flavia\Vampire1CD1\demo32.exe -d C:\Users\Flavia\Vampire1CD1
Task: {19816D70-8705-49B4-B7E3-A7000B629593} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {224F3630-CB78-4C5B-A202-BB60DE1EE253} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {23E365D6-24D8-4700-BEEF-E67496FF5057} - System32\Tasks\{089899D8-646F-4E09-976A-F2857E4AE461} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe
Task: {25FFB239-81CC-410B-B309-9869E3734E7B} - System32\Tasks\NRYP => Rundll32.exe "C:\Windows\system32\TSChannelx.dll",JVTZJMTO
Task: {272C4B3C-B7FF-4E2C-A7D6-AA2CEB799B99} - System32\Tasks\{EF40B049-C1A4-429A-855E-7E736CD595F8} => C:\Users\Flavia\Pandora_Saga_MY_20090826.exe
Task: {276F4387-DDCA-4F09-B462-E5FFED32E870} - System32\Tasks\2e912b80 => C:\Users\Flavia\AppData\Local\Temp\\setup536466048.exe <==== ATTENTION
Task: {27CA32BA-775A-4923-AD8D-F4C8A99E8490} - System32\Tasks\{99960E19-E1E3-4BC0-A7A4-A1F66A43DCFE} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe
Task: {2B3DCFB4-2927-42C4-9870-9EF1FCEB80D2} - System32\Tasks\{23A04515-4009-43ED-8264-0AC9F9844B64} => J:\Setup.exe
Task: {3041F3B3-D300-4F4D-8F4C-DD67AADE7B20} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-03] (Avast Software s.r.o.)
Task: {34A8B566-44A8-456C-8A5C-0AEE57E4D0DD} - System32\Tasks\{E986319D-82CB-45ED-B545-2CD8B296A658} => J:\SETUP.EXE
Task: {35CD2091-3830-43C5-AC08-BAFE84CA8F48} - System32\Tasks\{4B341BDB-DA54-42E7-A1FB-C9CDE0C95496} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe
Task: {39A33003-0331-4A81-A608-D2F23205261C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3D3BB7C7-E5BB-4C86-A2A5-30199569C9CC} - System32\Tasks\{A62C7B66-2F13-417E-A060-23782DDEAF20} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe
Task: {44912348-372A-4DD4-8CB6-6DAC2C4AC1D8} - System32\Tasks\{25267E23-2FF8-4F82-B0AD-2BBE296B0A62} => J:\Setup.exe
Task: {449B9DA7-0B3E-4E1C-8C9D-C6BF9FDF9C89} - System32\Tasks\{5D295678-F417-44D3-9555-C19215CB7C78} => pcalua.exe -a E:\setup.exe -d E:\
Task: {4A4B1380-D7DF-43FA-84D8-5ACA740F4295} - System32\Tasks\{D7160B9E-A401-4BA6-9910-7D3B17F6B085} => C:\Nexon\MabinogiEU\Mabinogi.exe
Task: {4CC5B90C-C451-4CEE-A99D-6419EA202BDD} - System32\Tasks\{3BE569F6-B383-40A1-B2D8-372F5AE2AE37} => C:\Program Files\2K Games\Mafia II\pc\mafia2.exe
Task: {4E565704-159F-4924-B782-8174373FFBC5} - System32\Tasks\750dc200 => C:\Users\Flavia\AppData\Local\Temp\\setup1380827392.exe <==== ATTENTION
Task: {54A5AF44-E789-4BC6-999B-974485D891D7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {54EBCF67-64E5-4ECB-8F5D-5D184E5BB5A1} - System32\Tasks\{2B245C46-ECB2-41C9-9976-CD44CDD321B8} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe
Task: {5C2B861B-1BE5-46E0-9233-649BC50825CB} - System32\Tasks\{C57C0966-A03B-4532-87DD-BCC169B78F59} => C:\Nexon\MabinogiEU\Mabinogi.exe
Task: {64A6AAA7-589E-4B22-B2FF-BE327C2DB015} - System32\Tasks\{9B1B0303-3793-4D0B-81B1-059D5D27551B} => E:\StartCD.exe
Task: {69EBAFD0-8E9D-4507-81C1-914140DD02B7} - System32\Tasks\{7456ADC2-5627-4CD7-81E0-915ACE8069C7} => C:\Program Files\Viva Media\Alter Ego\AlterEgo.exe
Task: {6F8F9112-A4E8-408B-802D-BD5499168F95} - System32\Tasks\{2D7C4757-CBC2-4149-901B-33F4AE95A112} => pcalua.exe -a "C:\Program Files\Vektoris3D25Plus\uninstall.exe"
Task: {711D8645-65A8-4CE5-A3E0-00B3036124CE} - System32\Tasks\fb41c00 => C:\Users\Flavia\AppData\Local\Temp\\setup828756736.exe <==== ATTENTION
Task: {714A1540-2A02-4584-9649-0258C90D64F7} - System32\Tasks\39080f80 => C:\Users\Flavia\AppData\Local\Temp\\setup3143229824.exe <==== ATTENTION
Task: {7425C34A-8E3A-442C-A109-97D19E95760E} - System32\Tasks\{47941BC1-6CC9-42B4-82D9-05A8B357B1FE} => J:\Setup.exe
Task: {75885767-6A67-4842-B477-2CCE374BD762} - System32\Tasks\f4e4a200 => C:\Users\Flavia\AppData\Local\Temp\\setup1919017344.exe <==== ATTENTION
Task: {772E9FA9-B5F1-4CF3-BF28-524E23A07787} - System32\Tasks\{6105EF99-5F22-4B53-A3E1-3FAEF66E868A} => C:\Nexon\MabinogiEU\Mabinogi.exe
Task: {7858E897-E286-44C6-81C1-5E3F359738AB} - System32\Tasks\5eb6d380 => C:\Users\Flavia\AppData\Local\Temp\\setup127876736.exe <==== ATTENTION
Task: {78A23ACE-C365-4389-9782-41C31F76D202} - System32\Tasks\{61557E34-772C-4E2F-BB3E-FE138B65AFD2} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe
Task: {81DC7CF1-D24D-42B2-9105-916784164C94} - System32\Tasks\{EAC62CFA-EA8B-42D0-A599-13AC7CA93F90} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe
Task: {84EA453B-234E-488D-B778-7FF247893378} - System32\Tasks\{49D40749-5F5F-482A-8312-83B9076882C1} => C:\Program Files\Runes of Magic\Runes of Magic.exe
Task: {85A67C56-CEAB-429E-8E4C-7BD04C02DE46} - System32\Tasks\{B477751F-7EC4-47E6-BEFF-AD589581480F} => C:\Program Files\Electronic Arts\Die Sims 3\Game\Bin\TS3.exe
Task: {86996018-097E-4AF9-9D91-76D8029146DB} - System32\Tasks\{94C70D2F-3BFB-44BE-86FD-D65818B82648} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe
Task: {86C28AB1-5C52-46E1-935C-7B74A647D69F} - System32\Tasks\{29709F28-06CA-4E3E-9DC1-1CABD4A8227C} => J:\Setup.exe
Task: {86FB483D-2035-4838-81C7-CEF7B37B4610} - System32\Tasks\{1673BF47-0F92-4B1D-B87E-4EBB27586308} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {8B0E773E-3CCB-4481-AB1B-004E9DCCC22D} - System32\Tasks\a3509c80 => C:\Users\Flavia\AppData\Local\Temp\\setup3791351296.exe <==== ATTENTION
Task: {8B2FBBE3-7C1E-4223-B2FB-9BB9E94C4EED} - System32\Tasks\{46A3F437-83A6-4E51-A907-76A3DA579DED} => C:\Program Files\The Adventure Company\Evany Schlüssel zur Freiheit\Evany.exe
Task: {8BC2271C-234F-4E3C-BFCB-DDCA2B6962BA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8F453FA1-759E-456E-ABB4-CD3E9886462E} - System32\Tasks\{11118169-3789-4C4D-BCAE-8832D80F70FE} => pcalua.exe -a C:\Users\Flavia\Downloads\NetmarbleDBOSetup.exe -d C:\Users\Flavia\Desktop
Task: {91A325AA-8FAB-4A48-9A22-BE79FC121B65} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4132011797-2711336362-2655832662-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {94734BFA-359F-4601-B879-1D63B8A98D08} - System32\Tasks\{42F5F183-C47D-4FC1-80A8-6839E5BA9D93} => pcalua.exe -a J:\Setup.exe -d J:\
Task: {947BCACF-EFEE-4890-9FF5-477553FA0B3B} - System32\Tasks\{601445B5-0494-4034-8562-EC2AD924F5CB} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {967AB9D1-D3BB-45D2-81F0-D5802AB2DFA0} - System32\Tasks\{F250B786-AD66-4FE5-8D5E-7E395764F3B9} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{343EFA17-5BC5-44DA-924F-539ECBEFF68C}\setup.exe" -c -runfromtemp -l0x0407 -removeonly
Task: {96F01EEC-EC2F-4CED-9D40-306115A4C961} - System32\Tasks\{170FF8E8-C96D-40CF-8FCB-7DB4E8976221} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe
Task: {9781BC6D-4495-453E-94FB-262BC14AB1C3} - System32\Tasks\{CF01B6F4-BECB-4298-9FFC-D696BF961AFD} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe
Task: {A014E8EE-56A1-4E84-89C4-09283331A317} - System32\Tasks\{260B4302-4B67-4CA9-B0EC-D07F489E91A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.111/de/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {ADD8A39D-0D85-4A88-AD46-93E20B277877} - System32\Tasks\{CEB044B5-B67C-4C0F-8D31-E23A9B55BE93} => J:\startup.exe
Task: {B2E8EE57-0899-41A0-AEEA-6E9C81636382} - System32\Tasks\{DD66FA04-B610-4FB0-A6EB-CAF7ADD2926A} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe
Task: {BA219B21-6C51-44A8-9D19-F17E49E1AD43} - System32\Tasks\{FCCF13A5-3AA1-4B1E-83D8-11D706C12D1A} => pcalua.exe -a C:\Users\Flavia\Pandora_Saga_MY_20090826.exe -d C:\Users\Flavia
Task: {BB2A62CA-F06B-49CF-9C75-491D2F4B11CE} - System32\Tasks\{2A771DDE-9262-4EB0-8398-C970CEADF012} => C:\Program Files\Changyou\Zentia\patcher.exe
Task: {BE950A6D-81CB-4DFB-8049-1D76504A23FF} - System32\Tasks\{6586BE00-2E28-44BD-8F0C-A361B71BBD78} => C:\Program Files\Electronic Arts\Harry Potter und der Orden des Phönix\hp.exe
Task: {C01212D2-464F-4D6E-93A6-A9C29CFE2D3F} - System32\Tasks\{162A6AD8-106B-4C19-A4B1-281D64BEEC22} => J:\startup.exe
Task: {C1DE965C-3A58-4214-A83B-CC053BB338A7} - System32\Tasks\{1C77C66B-9114-46D3-B57D-091E235E12C7} => C:\Program Files\EA SPORTS\FIFA 06 Demo\fifa06 demo.exe
Task: {C63A36E3-FC0C-41F7-8401-31E28E135348} - System32\Tasks\72b7df00 => C:\Users\Flavia\AppData\Local\Temp\\setup2246522240.exe <==== ATTENTION
Task: {C7430DF4-E05F-4463-A94B-588BCEE90AC1} - System32\Tasks\84919c00 => C:\Users\Flavia\AppData\Local\Temp\\setup115568128.exe <==== ATTENTION
Task: {C8B95971-0615-4A22-930F-497F1F05C036} - System32\Tasks\{3B337EAA-C525-4D86-98A4-8F4636C9D23A} => C:\Microids\Die Rückkehr zur Geheimnisvollen Insel 2\RTMI2.exe
Task: {CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871} - System32\Tasks\ac67a900 => C:\Users\Flavia\AppData\Local\Temp\\setup2323362176.exe <==== ATTENTION
Task: {CB02E8DD-A292-401A-A47E-8DBA30321AE1} - System32\Tasks\895e7e00 => C:\Users\Flavia\AppData\Local\Temp\\setup196104192.exe <==== ATTENTION
Task: {CB413622-74BC-44E6-985C-5F4F1941433E} - System32\Tasks\{C0F69074-C3C9-43C0-9E62-0883EDB9AD52} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe
Task: {D042EFA4-DB30-481A-B3FC-A5462C3FB398} - System32\Tasks\37afaf80 => C:\Users\Flavia\AppData\Local\Temp\\setup445119232.exe <==== ATTENTION
Task: {D367179D-51C7-4CBF-A496-5C26C25D18C2} - System32\Tasks\{59FC5536-60F1-4046-AE30-521FD21DD8C3} => pcalua.exe -a "C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe" -c RealNetworks|RealPlayer|12.0
Task: {D38E282A-7EF8-4878-A84E-332D25456102} - System32\Tasks\c3793e00 => C:\Users\Flavia\AppData\Local\Temp\\setup522615808.exe <==== ATTENTION
Task: {D83A6590-8B91-4CBB-9154-DF65E0FD162A} - System32\Tasks\{FAFB8A66-A5E8-46D8-AB10-41519A7DD50D} => C:\Program Files\Ubisoft\Abenteuer auf dem Reiterhof 3 - Das Erbe der Gräfin\Reiterhof3.exe
Task: {D91162AA-8064-40C7-9887-1CDA75FF058D} - System32\Tasks\{98341868-9868-4F93-B186-B2EF031C9524} => C:\Program Files\FIFA06\fifa06 demo.exe
Task: {DDF5E073-5C25-4E88-A462-FFBEA129B65F} - System32\Tasks\66f0bd80 => C:\Users\Flavia\AppData\Local\Temp\\setup1887453440.exe <==== ATTENTION
Task: {E1422BD5-0558-4973-9380-2CD169B649A7} - System32\Tasks\{1C483E90-D6C1-4EF8-9BC2-3D2B1B56CCDA} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe
Task: {E2FE5906-3FC0-4CF0-B775-2CF244262600} - System32\Tasks\{C0A21489-2C59-4A15-9D9B-88AA56172945} => C:\Program Files\Skype\Phone\Skype.exe
Task: {E67AC7EA-AAD3-4B74-AE04-B1D18FD743C9} - System32\Tasks\{71B95856-969C-4D1F-A7C7-328F667F7495} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {EA31D609-5550-48F9-9C87-E33A3C459E48} - System32\Tasks\{A1243B8A-A37E-4891-A587-9E295C39B9DC} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {EC4889F0-C3FE-442C-90B7-CE166DB1358C} - System32\Tasks\{6590403D-AF4A-46AF-860B-8EC7EC9D1883} => pcalua.exe -a C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe -c REMOVE=TRUE MODIFY=FALSE
Task: {EC8EA56F-8B14-4D04-A6A1-C8F8FDCB49CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated)
Task: {FA25C835-088B-4B7A-BE70-7E0F6379F28F} - System32\Tasks\{D7D0F476-5A34-473B-92ED-3F56D37F1B8F} => J:\autorun.exe
Task: {FFA49ECB-8D5F-40CA-BB5F-DBEDA81B3D0F} - System32\Tasks\{0547096A-63B8-43D5-8A62-443D81F62B43} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2015-05-03 12:23 - 2015-05-03 12:23 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-03 12:23 - 2015-05-03 12:23 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-12 22:32 - 2015-05-12 22:32 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051202\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-19 13:54 - 2015-03-19 13:54 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-19 13:54 - 2015-03-19 13:54 - 00985600 _____ () C:\Program Files\AVAST Software\Avast\ffmpegsumo.dll
2012-02-09 17:26 - 2012-02-09 17:26 - 00116224 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00041984 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 17:26 - 2012-02-09 17:26 - 00032768 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7571 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files\CyberLink\YouCam\YouCam.exe" /s

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{E926E57D-011D-4F63-BCC5-FFCFDC28D091}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{CE504808-152F-4073-8BB9-0F8E7C4D30C6}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{AB3FBA72-52C3-4476-9A38-230DBE05659B}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [TCP Query User{B4BE9938-7F72-4A8F-8AFC-59A3E97A8C90}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{CD206E8E-4251-4D41-BBCA-7E1530E9FAA9}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{AF14EA5F-61F8-4FE4-9FE6-C4730BE4F7B6}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FC1627D8-D25B-45AB-A418-F1486F792E83}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{59302FB5-A1E9-480C-8BF4-45AB55DB672B}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{38D62175-A6FB-480E-952F-9FD4FD6D491C}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{BC2A5E90-0AC7-48E6-B570-308A64B0DED9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BEACD746-1789-42A8-B76D-5F42C7882396}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4A26D664-9010-40ED-9DA9-C1EB4EB0038D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D19F2778-75FE-4E14-910A-F664C3ECFF05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{81FB1BFC-6861-4487-9FB6-68FBE4AE9EBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3F3C3C45-80F2-474F-BDB2-256ED4411935}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5D697DC0-C1F0-4F6E-BEC5-E90BAB98E186}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{9EA5A4A1-58A0-45FD-809E-E9A61B40B282}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [{AEFF8D32-76DE-4551-9CA2-45AF568C3EDE}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{6325CFDC-F297-471C-B1F4-54ABC44758FA}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{111361FE-47F8-40CC-88C3-94E4EE48A3CC}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{CD642251-541E-443A-A680-09D382B26332}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{431373F4-9F84-47F1-B308-1ABD4215F20B}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{C18CA305-4CDD-4294-AB64-FEB4D343931C}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{E9868860-8969-4BB3-AAC8-CA0E63B49582}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [TCP Query User{7A64FEF9-033E-4D2E-A005-0CB94B57CFCF}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E9429E86-D119-4158-85AA-2E2A92FFFEA5}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [{C343E5C6-5573-4111-A23F-687E4BFFC92E}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{3285F562-0BFE-47FF-A259-B998E92CF967}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{34D4736F-C193-400D-96FB-C7E94A79A4F2}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe
FirewallRules: [{919CACC1-1EC1-4459-A39D-8F5424015410}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe
FirewallRules: [TCP Query User{02286B40-50D8-44F7-AB96-81E2E97DCD2A}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe
FirewallRules: [UDP Query User{C3A1ED8C-2CD6-40CF-9D7C-93BF0F8C7495}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe
FirewallRules: [TCP Query User{CE27873A-A8D6-489F-B3B7-02849328CD1B}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe
FirewallRules: [UDP Query User{982F5FD8-ADAE-47DC-965B-23FA3695281F}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe
FirewallRules: [TCP Query User{54C7BBEF-C9C4-4B4F-9808-BB1671AC0790}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{DB9CB2CE-9614-4406-B0B4-EB16A5F6F704}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{9B782A49-3613-4A13-B2EC-70AD25A67187}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{8884CA3A-5AC0-4A2C-9F8A-C6B32A2BAB4A}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [{744CA3E2-230F-4452-9700-88113294B2EF}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe
FirewallRules: [{AEB0600D-5966-4DCF-BEC1-A5BE5238AB95}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe
FirewallRules: [TCP Query User{A4757E28-FE18-4884-979F-8C3F6D760841}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe
FirewallRules: [UDP Query User{C36B91E8-7D9D-4596-9E56-65D99E0ED0E3}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe
FirewallRules: [{4AD73C9B-F847-4C03-B5A3-7EE21FFE91BB}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe
FirewallRules: [{3AF77807-C7FF-4EB8-88E7-ECE5146931A8}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe
FirewallRules: [{046170AF-457C-4A2B-B1AE-D8B702AAD290}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe
FirewallRules: [{41CA41D1-E0C9-4917-A3EF-473DD374F9E0}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe
FirewallRules: [{D093AD71-9AF5-45AB-87C5-477A9CF8B594}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe
FirewallRules: [{B14768B3-AC64-4986-A76F-3BBB378D9130}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe
FirewallRules: [TCP Query User{B08B02A2-BE4B-427E-80D0-6CDB1EA3EAD6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [UDP Query User{F90E1670-79F8-4D12-83D9-8A8CC2CCBF5F}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [{5DA0E919-6DB9-4E31-A26D-4C0CD0E40402}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{FA86693F-21CC-4B76-8413-0083D1888F32}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{143D9615-3757-4244-8DA3-83C3DCF53DAD}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe
FirewallRules: [{7AEECADC-8AD9-497B-B5D2-C40983D85B5C}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe
FirewallRules: [TCP Query User{2F7AB098-6778-447C-8919-B37CBD0F75EC}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [UDP Query User{6AA73BC2-CEFC-4975-9B3E-43A37004DE2B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [TCP Query User{84FC3551-BC28-4714-80D4-F863A31A6D38}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe
FirewallRules: [UDP Query User{1E9CDD4F-191A-4823-A463-BB2EC36510E0}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe
FirewallRules: [TCP Query User{1D234196-5AF3-4F68-A2A7-DE37EDD3A0F0}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe
FirewallRules: [UDP Query User{17D5432E-962A-498C-BE67-F2C886F771F8}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe
FirewallRules: [TCP Query User{0981AD7C-0896-4656-A233-345BB7729BB8}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe
FirewallRules: [UDP Query User{70994A97-7B1C-4602-A6A3-2F21241F43CE}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe
FirewallRules: [{D10FF877-1B1E-43CD-9184-2D513B10DACC}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{E0E7CE75-D7B3-4AD2-88B1-D74C712FD192}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{70FD046F-3941-4940-9A17-139AEA801C03}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
FirewallRules: [{8B10610D-077F-4B30-A3DE-964D291220FE}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
FirewallRules: [{28B5638F-F97B-4F6C-AA78-91AB0FD55B17}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DF53A54A-E20F-434A-8401-1F019BC5E9E6}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E85FBBD0-A683-427B-80B1-877FBE19D3DD}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{0B685BCF-B227-4354-BFA9-ACD720ABEBAE}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{8F28D682-FA91-4E20-A799-77A8036FA32D}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{457729AF-2B40-4364-8816-17459E5123DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{533CE4C0-41E3-4AEC-B81E-CBE9D41ADCF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FD04AF46-1FA2-44BC-B930-2AB0450C2562}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3ED7FBAB-6DE3-4637-A750-313E9C679262}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0CC87D7F-CCAA-46EC-8482-D8749468E1F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{36BBA65E-86A3-4A86-9EE9-AC24A313FFF8}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{D0BBB486-E9E9-4FA3-A544-A3E50A1B35D1}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [TCP Query User{1E47A4E1-112A-409D-A98A-D54B12DF1F09}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe
FirewallRules: [UDP Query User{FAD99B3B-107E-415E-A683-134EB320AF42}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe
FirewallRules: [{F825764F-4D73-46DA-B8D8-302A3ECA7E5E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{750FD75E-9811-4432-8D8A-35118F1C5A2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A91CF122-54EE-4FC1-80D1-15127DCDF37A}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe
FirewallRules: [{984E644F-E2E5-415E-B36B-CA92E9B144EE}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe
FirewallRules: [{3415B431-3193-4DD8-9B2C-14384A5F2572}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe
FirewallRules: [{E9642D98-3A70-4862-A144-E5196B4D58E6}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe
FirewallRules: [TCP Query User{00D7FE05-581C-4AB8-AF5E-849DCD1A3F14}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe
FirewallRules: [UDP Query User{BBAD1188-58DB-4EB5-9E1F-D8BE3B9A85AE}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe
FirewallRules: [{4E66913D-358A-403D-A9E8-9B7989A43C39}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe
FirewallRules: [{35804F06-7B2E-435C-B4B8-B6A6EA3D475F}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe
FirewallRules: [TCP Query User{8FD8D9FF-BB5E-40CF-BF24-20C38C313BE3}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe
FirewallRules: [UDP Query User{F6AF6EB6-2BEF-4BF3-9BA0-B87BDA5DFC98}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe
FirewallRules: [{ED5DD1D2-BC2A-489F-976A-50A3EFAC211E}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCmgrInstallGuide.exe
FirewallRules: [{C9BEB083-89A0-4D6A-88A4-26631F103F77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCTray.exe
FirewallRules: [{B1618BF2-1752-4507-9407-C7C4EF22B532}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCMgr.exe
FirewallRules: [{C86646EE-C466-40E2-A2C5-A9F137D75316}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCRTP.exe
FirewallRules: [{71BA372D-5459-412B-A05A-57F83DE50ED0}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\bugreport.exe
FirewallRules: [{BF2D6A2C-DEF3-42C2-AF33-F8DA7ADEC9E1}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCFileOpen.exe
FirewallRules: [{1A8C7C91-64F2-4B76-A8AC-B5CFAB265113}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLeakScan.exe
FirewallRules: [{5F284AB1-6534-439F-B403-8655FA842427}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLoader.exe
FirewallRules: [{2B22D286-39D7-4147-B1D1-BE5F49D8BCA5}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPConfig.exe
FirewallRules: [{3361BE24-27CF-4A1E-8625-1EDB10CC9638}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftMgr.exe
FirewallRules: [{DFD5C668-7F74-41BA-890A-B1ACCA77A73A}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{97F3E152-8725-4AAE-A1A0-A68DF4B009CB}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QDeskSetup.exe
FirewallRules: [{B226C09D-A1DA-46F8-9870-6623B06991A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCBTU.exe
FirewallRules: [{B4CE7C15-4C54-4829-AEF9-C81E3C021302}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCClinic.exe
FirewallRules: [{66AE12AB-39D6-4533-8EAF-FF5D9117D2F8}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLaunch.exe
FirewallRules: [{31BF9B38-8D0B-4391-9804-173F2F4A9229}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{1D012E8E-D8A7-4EA0-ADA3-2818072909A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftGame.exe
FirewallRules: [{EE4F1111-C79A-47DB-ACED-3314CB673F3D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSysOptimize.exe
FirewallRules: [{E6D8510A-3007-49C6-8F1E-2DC45CCDC318}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCUpdateAVLib.exe
FirewallRules: [{11ECB399-C5AF-4833-874E-78A5909206DC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQRepair.exe
FirewallRules: [{C0DBA3BE-781C-4DFC-8E4C-B187744F1ECC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\Uninst.exe
FirewallRules: [{596392A1-F67C-40A7-8BC5-C9A561B74B77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCPatch.exe
FirewallRules: [{1793F45A-E6F6-415C-9216-552366F0E340}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\TpkUpdate.exe
FirewallRules: [{F46F5CC2-5876-4DDB-8200-07592298470D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe
FirewallRules: [{8AEC1FB7-EBBE-4FD7-AF98-44B61A663E39}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe
FirewallRules: [{716E9B56-29A2-4502-B181-D0197CDB1DBC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMAccountProtection.exe
FirewallRules: [{255D8D5D-5762-43C1-9F87-7847136588ED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe
FirewallRules: [{A1CA16EF-E171-445A-9C46-03B26F13A7BE}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe
FirewallRules: [{E7DE9980-8860-490A-A6E6-62DA62D95F78}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe
FirewallRules: [{22FC9814-7E39-44A6-859E-34B43C819DED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe
FirewallRules: [{EF5A7E47-C67A-4B1C-B214-8FB83A1AE6E7}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{56E2A954-8AC1-4B44-9F08-DCC13E871A8B}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{7139256C-55B0-4436-977F-5BE69DD9BDE0}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe
FirewallRules: [{754D4617-8B07-4055-8E8A-9A703A05DDCE}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe
FirewallRules: [{7A0B75BD-6FBA-41E4-B6EB-1A6DA9C446FA}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe
FirewallRules: [{14F7DABA-F1DC-43AC-8A89-EC0586904AE2}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe
FirewallRules: [{073F08B8-6C27-4356-8341-97B2FFC84719}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe
FirewallRules: [{40C6E482-05FC-4C60-AC8A-96F5994347A4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe
FirewallRules: [{5C6DB019-088A-42A8-948D-DF170B6A09FB}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe
FirewallRules: [{41983DCE-17F7-4B9A-BEEF-2CE05401D8C4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe
FirewallRules: [{A7A13C01-D0B0-4ABF-B739-6EC79DFE9F70}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe
FirewallRules: [{7F625C70-A8C4-41D5-BB2B-BF5EF66E33A3}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe
FirewallRules: [TCP Query User{5A15A186-C8EC-4619-BD41-23637DBB5992}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe
FirewallRules: [UDP Query User{4F8F780E-04CD-4C33-8C0F-B8201574E6CF}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe
FirewallRules: [TCP Query User{3A501415-8406-445B-892F-80CF2318BA87}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{F7A04728-96EA-4C29-8174-DF89EAC35E16}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{3D061B38-D7EF-4C10-AA3F-6A58BC1CB4FB}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{F8A8F2D8-E493-4F33-B0B4-5D74E679ED2F}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{C21AAC83-B6E7-4EEA-BDA9-4C8D799DCE3B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{10E9319E-3857-4A0F-9641-912832051A0B}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{A425D2F1-49E5-44BC-8601-CA41AEBA56F3}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{E2F00FF9-7B3D-4FB9-ACE7-07748AE29E46}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{A16F3853-1087-46F5-9DB6-2A553BF193A4}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{1A36DB5C-A112-4BF4-894B-16589671AC88}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{7BB8CD60-887F-4B67-B0F2-6B6515BEF76C}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{3E78078E-6ABE-4910-88E2-ED5676E41D97}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{491770F3-B6F1-43C1-9BC9-A454FC5B64D0}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{3566D56A-628D-456F-8823-EF3B2F358837}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{B4967FE5-063F-47C7-9DD2-DF5894E51C8E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe] => Enabled:NEXON_EU_Downloader_Engine.exe

==================== Faulty Device Manager Devices =============

Name: adfs
Description: adfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adfs
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: USB Device(VID_1f3a_PID_efe8)
Description: USB Device(VID_1f3a_PID_efe8)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: USB Devices
Service: usbUDisc
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/13/2015 08:01:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: DropboxExt.24.dll, Version: 1.0.0.24, Zeitstempel: 0x53a8c6fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000732b
ID des fehlerhaften Prozesses: 0xb58
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (05/13/2015 07:59:36 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (05/13/2015 07:59:36 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::ResetBIOS          Reset SASD failed, error=0

Error: (05/13/2015 07:59:36 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::UpdateSASD          Failed to set the sleep time, error=0

Error: (05/13/2015 07:59:36 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CISCTPnpDriverApi::SetBIOSWakeTime  *****IOCTL_ISCT_SASD(SASD) Failed, Error=0x2

Error: (05/13/2015 07:43:38 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (05/13/2015 07:43:38 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::ResetBIOS          Reset SASD failed, error=0

Error: (05/13/2015 07:43:38 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::UpdateSASD          Failed to set the sleep time, error=0

Error: (05/13/2015 07:43:38 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CISCTPnpDriverApi::SetBIOSWakeTime  *****IOCTL_ISCT_SASD(SASD) Failed, Error=0x2

Error: (05/12/2015 11:34:53 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


System errors:
=============
Error: (05/13/2015 08:00:02 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Media Player Network Sharing Service" Korrekturmaßnahmen (Restart the service) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Restart the service.

Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player Network Sharing Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Restart the service.

Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/13/2015 07:59:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "ISCT Always Updated Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Restart the service.

Error: (05/13/2015 07:59:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Foxit Cloud Safe Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/13/2015 07:59:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Portrait Displays Display Tune Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/13/2015 07:59:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (04/25/2015 04:17:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 267 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (09/23/2011 04:14:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 54 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2015-05-13 08:04:52.782
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 07:58:57.406
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 07:43:26.827
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 23:34:49.486
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 23:29:05.418
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 23:19:56.247
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 23:12:43.972
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 23:06:44.617
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 22:30:05.935
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-12 22:11:02.800
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 45%
Total physical RAM: 3565.21 MB
Available physical RAM: 1933.72 MB
Total Pagefile: 7128.71 MB
Available Pagefile: 5218.18 MB
Total Virtual: 3071.88 MB
Available Virtual: 2944.43 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:94.34 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:0 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 66916FAD)
Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)

==================== End Of Log ============================

cosinus 13.05.2015 17:53
Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:
    Google Update Helper
    Pando Media Booster Packages

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 

BlueAzure 13.05.2015 18:42
So, hab das mit den Pando Media Booster Packages gemacht. Den Google Update Helper habe ich anscheinend nicht. Den normalen Pando Media Booster soll ich aber nicht auswählen ja?

(kann man mit dem Programm auch Anwendungen löschen, die sich nicht mehr auf normale Weise deinstallieren lassen?)

cosinus 13.05.2015 18:47
Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

http://saved.im/mtg0mjy4yjlu/2014-04...ryscantool.png

BlueAzure 13.05.2015 18:54
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-05-2015
Ran by Flavia (administrator) on FLAVIA-PC on 13-05-2015 19:50:59
Running from C:\Users\Flavia\Desktop
Loaded Profiles: Flavia (Available profiles: Flavia)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Portrait Displays, Inc) C:\Program Files\Portrait Displays\forteManager\dthtml.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Akamai Technologies, Inc.) C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Akamai Technologies, Inc.) C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe
(Portrait Displays Inc.) C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [DT LGE] => C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [81920 2007-10-11] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-22] ()
AppInit_DLLs: ´ê6 => ´ê6 File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-03] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-10] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {52836EB0-631A-47B1-94A6-61F9D9112DAE} -  No File
Toolbar: HKLM - No Name - {71576546-354D-41c9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {60F33B36-3E89-48EF-BE77-ACC23A366C2A} https://wstatic.plaync.co.kr/common/UniUpdate/NCLoader.8.cab
DPF: {640044E9-92A3-4B89-A615-1F65354D3A65} hxxp://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-19] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll No File
FF Plugin: @real.com/nprjplug;version=1.0.3.732 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll No File
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File
FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll [2009-10-19] ()
FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Users\Flavia\AppData\Roaming\mozilla\plugins\npDXStudioPlugin.DLL [2010-01-26] (Worldweaver Ltd.)
FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-images.xml [2014-12-21]
FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-maps.xml [2014-12-21]
FF Extension: WOT - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: Adblock Plus - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-31]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-21]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-25]
FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [{282BBB71-6301-4E39-9F74-00210BB4E0B3}] - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3}
FF Extension: XULRunner - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3} [2011-04-30]

Chrome:
=======
CHR Profile: C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-24]
CHR Extension: (Google Search) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-24]
CHR Extension: (avast! WebRep) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-03-08]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-02-24]
CHR Extension: (Gmail) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-03] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-03] (Avast Software)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [851456 2015-04-27] (Microsoft Corporation)
R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [65536 2007-10-11] () [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-05-11] (Foxit Software Inc.)
R2 hmpalertsvc; C:\Program Files\HitmanPro.Alert\hmpalert.exe [1876816 2014-12-20] (SurfRight B.V.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [116224 2012-02-09] ()
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S3 npggsvc; C:\Windows\system32\GameMon.des [4573608 2013-05-13] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-03] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2012-06-21] (Overwolf Ltd)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 xsherlock; C:\Windows\system32\xsherlock.xem [670816 2012-07-01] (Wellbia.com Co., Ltd.) [File not signed]
S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
S3 apf003; C:\Windows\system32\apf003.sys [13232 2012-03-16] () [File not signed]
S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-01-08] ()
R1 AsrAppCharger; C:\Windows\System32\DRIVERS\AsrAppCharger.sys [15656 2011-05-10] (Windows (R) Win 7 DDK provider)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-03] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-03] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-03] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-03] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-03] ()
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [75640 2014-12-20] ()
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21952 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21952 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [40936 2013-01-19] ()
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [734208 2009-05-25] (Ralink Technology Corp.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [15920 2006-11-16] (Portrait Displays, Inc.)
S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors)
S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3328472 2011-07-28] (Windows (R) Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-06-17] (Duplex Secure Ltd.)
S3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [834832 2015-03-06] (TENCENT)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-07-28] (Scott)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-03] (Avast Software)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [31680 2015-05-13] ()
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S2 adfs; No ImagePath
S3 catchme; \??\C:\Users\Flavia\AppData\Local\Temp\catchme.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 StarOpen; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 taphss; system32\DRIVERS\taphss.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 19:50 - 2015-05-13 19:51 - 00024688 _____ () C:\Users\Flavia\Desktop\Main.txt
2015-05-13 19:49 - 2015-05-13 19:49 - 00000000 ____D () C:\Users\Flavia\Desktop\FRST-OlderVersion
2015-05-13 19:31 - 2015-05-13 19:31 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Flavia\Downloads\revosetup95.exe
2015-05-13 19:31 - 2015-05-13 19:31 - 00001190 _____ () C:\Users\Flavia\Desktop\Revo Uninstaller.lnk
2015-05-13 19:31 - 2015-05-13 19:31 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-05-13 15:45 - 2015-05-13 15:45 - 00086976 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-05-13 15:26 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:14 - 2015-05-13 15:23 - 00000000 ____D () C:\5e70d9db387db9995457cc6f15b48b
2015-05-13 10:35 - 2015-05-13 10:35 - 00145871 _____ () C:\Users\Flavia\Downloads\Robe-rose.package
2015-05-13 10:07 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-05-13 10:07 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 10:07 - 2015-04-27 21:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 10:07 - 2015-04-27 21:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 10:07 - 2015-04-27 21:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 10:07 - 2015-04-27 21:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 10:07 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 10:07 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 10:07 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 10:07 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 10:07 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 10:07 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 10:07 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 10:07 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 10:07 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 10:07 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 10:07 - 2015-04-27 20:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 10:07 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 10:07 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 10:07 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 10:07 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 10:07 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 10:07 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 10:07 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 10:07 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 10:07 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 10:07 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 10:07 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 10:07 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 10:07 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 10:07 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 10:07 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 10:07 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 10:07 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 10:07 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 10:07 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 10:07 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 10:07 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 10:07 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 10:07 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 10:07 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 10:07 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 10:07 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 10:07 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 10:07 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 10:07 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 10:07 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 10:07 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 10:07 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 10:07 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 10:06 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 10:06 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 10:06 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 10:06 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 10:06 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 10:06 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 10:06 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 10:06 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 10:06 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 10:06 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 10:05 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 08:43 - 2015-05-13 08:43 - 00004390 _____ () C:\Users\Flavia\Desktop\AdwCleaner[S0].txt
2015-05-13 08:05 - 2015-05-13 08:07 - 00078781 _____ () C:\Users\Flavia\Desktop\Addition.txt
2015-05-13 08:04 - 2015-05-13 19:49 - 01143808 _____ (Farbar) C:\Users\Flavia\Desktop\FRST.exe
2015-05-13 08:04 - 2015-05-13 08:07 - 00064025 _____ () C:\Users\Flavia\Desktop\FRST.txt
2015-05-13 08:01 - 2015-05-13 08:01 - 00001465 _____ () C:\Users\Flavia\Desktop\JRT.txt
2015-05-13 07:59 - 2015-05-13 07:59 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FLAVIA-PC-Windows-7-Ultimate-(32-bit).dat
2015-05-13 07:59 - 2015-05-13 07:59 - 00000000 ____D () C:\RegBackup
2015-05-12 23:32 - 2015-05-12 23:33 - 00000000 ____D () C:\AdwCleaner
2015-05-12 23:29 - 2015-05-12 23:27 - 02720307 _____ (Thisisu) C:\Users\Flavia\Desktop\JRT.exe
2015-05-12 23:29 - 2015-05-12 23:26 - 02209792 _____ () C:\Users\Flavia\Desktop\AdwCleaner_4.204.exe
2015-05-12 23:21 - 2015-05-12 23:21 - 00026009 _____ () C:\Users\Flavia\Desktop\mbam.txt
2015-05-12 22:31 - 2015-05-12 23:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-12 22:30 - 2015-05-12 22:30 - 00001028 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-12 22:30 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-12 22:30 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-12 22:30 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-12 22:29 - 2015-05-12 22:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Flavia\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-12 21:48 - 2015-05-12 21:50 - 00079509 _____ () C:\Users\Flavia\Downloads\Addition.txt
2015-05-12 21:47 - 2015-05-13 19:51 - 00000000 ____D () C:\FRST
2015-05-12 21:47 - 2015-05-12 21:50 - 00064531 _____ () C:\Users\Flavia\Downloads\FRST.txt
2015-05-12 21:45 - 2015-05-12 21:45 - 01141248 _____ (Farbar) C:\Users\Flavia\Downloads\FRST.exe
2015-05-12 18:47 - 2015-05-12 18:47 - 00002059 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2015-05-12 18:47 - 2015-05-12 18:47 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-05-12 18:46 - 2015-05-12 18:46 - 00000000 ____D () C:\Program Files\Foxit Software
2015-05-12 00:47 - 2015-05-12 00:47 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Real
2015-05-11 19:45 - 2015-05-11 19:45 - 00000000 __SHD () C:\found.000
2015-05-11 18:20 - 2015-04-18 11:03 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-05-11 18:20 - 2015-04-18 11:03 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-05-11 18:20 - 2015-04-18 11:03 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-05-11 18:20 - 2015-04-18 11:03 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-05-08 14:49 - 2015-05-08 14:49 - 00108513 _____ () C:\Users\Flavia\Downloads\Swim Suit v2.package
2015-05-08 14:25 - 2015-05-08 14:25 - 00412306 _____ () C:\Users\Flavia\Downloads\Sims4Krampus_RandomBathingsuits.package
2015-05-08 14:25 - 2015-05-08 14:25 - 00412243 _____ () C:\Users\Flavia\Downloads\1271248.zip
2015-05-08 14:20 - 2015-05-08 14:20 - 11148041 _____ () C:\Users\Flavia\Downloads\1274607.zip
2015-05-08 14:19 - 2015-05-08 14:19 - 00247066 _____ () C:\Users\Flavia\Downloads\1294924.zip
2015-05-08 14:08 - 2015-05-08 14:18 - 00466431 _____ () C:\Users\Flavia\Downloads\Birba32_fy_BulletSwimsuit.package
2015-05-08 14:05 - 2015-05-08 14:07 - 00530134 _____ () C:\Users\Flavia\Downloads\Birba32_fy_AlphaStringSwimsuit.package
2015-05-08 13:51 - 2015-05-08 13:51 - 00559198 _____ () C:\Users\Flavia\Downloads\Leather vest with tube top [CB].package
2015-05-08 13:51 - 2015-05-08 13:51 - 00326145 _____ () C:\Users\Flavia\Downloads\1Z_outfit_fem_sunny_Otshorts_neu3F.package
2015-05-07 21:35 - 2015-05-07 21:35 - 01135032 _____ () C:\Users\Flavia\Downloads\uktrash_SundaySweaterDress.package
2015-05-07 21:35 - 2015-05-07 21:35 - 00143756 _____ () C:\Users\Flavia\Downloads\Wolfcry_LaceJeansShort.package
2015-05-07 21:31 - 2015-05-07 21:31 - 01485427 _____ () C:\Users\Flavia\Downloads\S4_DelicateLace_Mh75.package
2015-05-07 21:30 - 2015-05-07 21:30 - 00638215 _____ () C:\Users\Flavia\Downloads\Simsimay_2DyBlazer.package
2015-05-07 21:29 - 2015-05-07 21:29 - 00460843 _____ () C:\Users\Flavia\Downloads\uktrash_CropTankTop.package
2015-05-07 21:29 - 2015-05-07 21:29 - 00411079 _____ () C:\Users\Flavia\Downloads\1285044.zip
2015-05-07 21:28 - 2015-05-07 21:28 - 00292353 _____ () C:\Users\Flavia\Downloads\simsoertchen_white top sexy - kawaii -.package
2015-05-07 21:27 - 2015-05-07 21:27 - 00252514 _____ () C:\Users\Flavia\Downloads\Printed Crop tops.package
2015-05-07 21:27 - 2015-05-07 21:27 - 00151527 _____ () C:\Users\Flavia\Downloads\longlivetherecklessandthesims_yfTop_SweaterOffShoulder_AWG.package
2015-05-07 21:24 - 2015-05-07 21:24 - 00646329 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_LaceBodycon (1).package
2015-05-07 21:24 - 2015-05-07 21:24 - 00587743 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_Longsleeve.package
2015-05-07 21:23 - 2015-05-07 21:23 - 01913334 _____ () C:\Users\Flavia\Downloads\uktrash_BasicsLongSleeve.package
2015-05-07 21:23 - 2015-05-07 21:23 - 00923513 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Stripe Print Knitted Dress.package
2015-05-07 21:22 - 2015-05-07 21:22 - 00493988 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Tartan Check Crop Top.package
2015-05-07 21:18 - 2015-05-07 21:18 - 02086542 _____ () C:\Users\Flavia\Downloads\Metens_Serenity.package
2015-05-07 21:17 - 2015-05-07 21:17 - 00210168 _____ () C:\Users\Flavia\Downloads\2.package
2015-05-07 21:07 - 2015-05-07 21:07 - 01212670 _____ () C:\Users\Flavia\Downloads\Birba32_fy_winterbootpastel.package
2015-05-07 21:06 - 2015-05-07 21:06 - 00971151 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 eyecolors 09.package
2015-05-07 21:05 - 2015-05-07 21:05 - 01860807 _____ () C:\Users\Flavia\Downloads\SL_yf_ZuhairMurad_Gown1.package
2015-05-07 21:03 - 2015-05-07 21:03 - 00805049 _____ () C:\Users\Flavia\Downloads\BL_Sequin Blazer.package
2015-05-07 11:44 - 2015-05-07 11:44 - 00321678 _____ () C:\Users\Flavia\Downloads\S4FD_MissLicious_Tanks.package
2015-05-07 11:44 - 2015-05-07 11:44 - 00132781 _____ () C:\Users\Flavia\Downloads\Jeans.package
2015-05-07 11:42 - 2015-05-07 11:42 - 00291721 _____ () C:\Users\Flavia\Downloads\top renda dani's.package
2015-05-07 11:41 - 2015-05-07 11:41 - 00169125 _____ () C:\Users\Flavia\Downloads\cutesims4_gtw top india.package
2015-05-07 11:40 - 2015-05-07 11:40 - 01976727 _____ () C:\Users\Flavia\Downloads\1294014.zip
2015-05-07 11:39 - 2015-05-07 11:39 - 01373730 _____ () C:\Users\Flavia\Downloads\Birba32_fy_LaceCipriaDress.package
2015-05-07 11:39 - 2015-05-07 11:39 - 00345945 _____ () C:\Users\Flavia\Downloads\Cleotopia-MiniShortsRippedColorful.package
2015-05-07 11:38 - 2015-05-07 11:38 - 00504146 _____ () C:\Users\Flavia\Downloads\Spring Dress set.package
2015-05-07 11:37 - 2015-05-07 11:37 - 00668569 _____ () C:\Users\Flavia\Downloads\Milk Lace Dress.package
2015-05-07 11:37 - 2015-05-07 11:37 - 00074451 _____ () C:\Users\Flavia\Downloads\cutesims4_romantic_White_Tube.package
2015-05-07 11:36 - 2015-05-07 11:36 - 00500120 _____ () C:\Users\Flavia\Downloads\Aztec Top by Pinkzombiecupcake.package
2015-05-07 11:36 - 2015-05-07 11:36 - 00451796 _____ () C:\Users\Flavia\Downloads\Blusa Renda Branca.package
2015-05-07 11:33 - 2015-05-07 11:33 - 00090648 _____ () C:\Users\Flavia\Downloads\Leeah_yfShoes_CalfCowboy_SuedeChocolate.package
2015-05-07 11:30 - 2015-05-07 11:30 - 00607019 _____ () C:\Users\Flavia\Downloads\Madlen Scafati Boots.package
2015-05-07 11:30 - 2015-05-07 11:30 - 00403762 _____ () C:\Users\Flavia\Downloads\Madlen Cirino Shoes.package
2015-05-07 11:29 - 2015-05-07 11:29 - 00710251 _____ () C:\Users\Flavia\Downloads\Madlen Tiziano Shoes.package
2015-05-07 11:29 - 2015-05-07 11:29 - 00511975 _____ () C:\Users\Flavia\Downloads\Madlen Umbria Shoes.package
2015-05-07 11:28 - 2015-05-07 11:28 - 00387493 _____ () C:\Users\Flavia\Downloads\Madlen Livia Shoes.package
2015-05-07 11:27 - 2015-05-07 11:28 - 00417972 _____ () C:\Users\Flavia\Downloads\Madlen Eris Boots.package
2015-05-07 11:27 - 2015-05-07 11:27 - 00603820 _____ () C:\Users\Flavia\Downloads\Madlen Ambrogio Shoes.package
2015-05-07 11:26 - 2015-05-07 11:26 - 01278415 _____ () C:\Users\Flavia\Downloads\1294236.zip
2015-05-07 11:26 - 2015-05-07 11:26 - 00704730 _____ () C:\Users\Flavia\Downloads\Madlen Nineveh Shoes.package
2015-05-07 11:25 - 2015-05-07 11:25 - 00497960 _____ () C:\Users\Flavia\Downloads\Madlen Novara Sandals.package
2015-05-07 11:22 - 2015-05-07 11:22 - 00287377 _____ () C:\Users\Flavia\Downloads\Toska.zip
2015-05-07 11:22 - 2015-05-07 11:22 - 00134871 _____ () C:\Users\Flavia\Downloads\ZIP UP BOOTS.package
2015-05-07 11:21 - 2015-05-07 11:21 - 00756084 _____ () C:\Users\Flavia\Downloads\Madlen Neroni Sneakers (Male).package
2015-05-07 11:21 - 2015-05-07 11:21 - 00161515 _____ () C:\Users\Flavia\Downloads\Vans  Classic Slip-On Core (male) by Pinzombiecupcake.package
2015-05-07 11:20 - 2015-05-07 11:20 - 00451295 _____ () C:\Users\Flavia\Downloads\Madlen Orlando Shoes (Male).package
2015-05-07 11:20 - 2015-05-07 11:20 - 00187334 _____ () C:\Users\Flavia\Downloads\THL_NikeShoesSB_M.package
2015-05-07 11:18 - 2015-05-07 11:19 - 00095991 _____ () C:\Users\Flavia\Downloads\Jazminerev.zip
2015-05-07 11:18 - 2015-05-07 11:18 - 00101879 _____ () C:\Users\Flavia\Downloads\TugmeL-S4_Daphne-FYA.zip
2015-05-07 11:17 - 2015-05-07 11:17 - 00102633 _____ () C:\Users\Flavia\Downloads\AlyssaDíazPérezbySimFabulous.zip
2015-05-07 11:17 - 2015-05-07 11:17 - 00091261 _____ () C:\Users\Flavia\Downloads\MsBlue_JasminBlue.zip
2015-05-07 11:16 - 2015-05-07 11:16 - 00089561 _____ () C:\Users\Flavia\Downloads\MK_KendallEdwards.zip
2015-05-07 11:15 - 2015-05-07 11:15 - 00095291 _____ () C:\Users\Flavia\Downloads\Bryant Caliente.zip
2015-05-07 11:14 - 2015-05-07 11:15 - 00090187 _____ () C:\Users\Flavia\Downloads\MaseoUehara-Munter_Bacon2.zip
2015-05-07 11:12 - 2015-05-07 11:12 - 04833426 _____ () C:\Users\Flavia\Downloads\1291079.zip
2015-05-07 11:12 - 2015-05-07 11:12 - 00385291 _____ () C:\Users\Flavia\Downloads\MsBlue_LauraSkin.package
2015-05-07 11:10 - 2015-05-07 11:10 - 00448444 _____ () C:\Users\Flavia\Downloads\curbs_hat4_rosa.package
2015-05-07 11:10 - 2015-05-07 11:10 - 00278001 _____ () C:\Users\Flavia\Downloads\altea127 Visor Hat .package
2015-05-07 11:09 - 2015-05-07 11:09 - 00648473 _____ () C:\Users\Flavia\Downloads\[SrslyBrownie] (S4) Sheer Leggings .package
2015-05-07 11:09 - 2015-05-07 11:09 - 00119657 _____ () C:\Users\Flavia\Downloads\Vault101Hat.package
2015-05-07 11:08 - 2015-05-07 11:08 - 00686972 _____ () C:\Users\Flavia\Downloads\Birba32_fy_SideBandLeggings.package
2015-05-07 11:07 - 2015-05-07 11:07 - 00338585 _____ () C:\Users\Flavia\Downloads\cutesims4_replay skinny jeans - set.package
2015-05-07 11:07 - 2015-05-07 11:07 - 00056175 _____ () C:\Users\Flavia\Downloads\PDsims_SpikedBobbySocks.package
2015-05-07 11:06 - 2015-05-07 11:06 - 02335029 _____ () C:\Users\Flavia\Downloads\[SrslySims] (S4) High Waist PVC Leggings.package
2015-05-07 11:06 - 2015-05-07 11:06 - 00156997 _____ () C:\Users\Flavia\Downloads\TS4 Stockings Cat by Irink@a.package
2015-05-07 11:05 - 2015-05-07 11:05 - 01379143 _____ () C:\Users\Flavia\Downloads\altea127 Sonia Tights.package
2015-05-07 11:05 - 2015-05-07 11:05 - 00049164 _____ () C:\Users\Flavia\Downloads\Metens_Seduction.package
2015-05-07 11:03 - 2015-05-07 11:03 - 00395555 _____ () C:\Users\Flavia\Downloads\[Sintiklia]Eyeshadow 7.package
2015-05-07 11:02 - 2015-05-07 11:02 - 00338242 _____ () C:\Users\Flavia\Downloads\Alin22_NecklaceShapes.package
2015-05-07 11:01 - 2015-05-07 11:02 - 00718560 _____ () C:\Users\Flavia\Downloads\LLSIMS_LayeredNecklace_001.package
2015-05-07 11:01 - 2015-05-07 11:01 - 00810278 _____ () C:\Users\Flavia\Downloads\1269610.zip
2015-05-07 11:00 - 2015-05-07 11:00 - 00252918 _____ () C:\Users\Flavia\Downloads\Mallard Close.zip
2015-05-07 11:00 - 2015-05-07 11:00 - 00032549 _____ () C:\Users\Flavia\Downloads\Wood_Style.package
2015-05-07 10:59 - 2015-05-07 10:59 - 00427598 _____ () C:\Users\Flavia\Downloads\1Z_dress_marine_neu2D.package
2015-05-07 10:58 - 2015-05-07 10:58 - 00166194 _____ () C:\Users\Flavia\Downloads\SV Earrings with round jewel.package
2015-05-07 10:58 - 2015-05-07 10:58 - 00079101 _____ () C:\Users\Flavia\Downloads\NataliS_Spring and crystal earings FT-FA.package
2015-05-07 10:57 - 2015-05-07 10:57 - 00144082 _____ () C:\Users\Flavia\Downloads\NataliS_Crystal drop earrings FT-FA.package
2015-05-07 10:56 - 2015-05-07 10:56 - 00054561 _____ () C:\Users\Flavia\Downloads\MYOBI-zest-eyes.package
2015-05-07 10:55 - 2015-05-07 10:55 - 00089604 _____ () C:\Users\Flavia\Downloads\MYOBI-jelly-eyemask.package
2015-05-07 10:54 - 2015-05-07 10:54 - 00041317 _____ () C:\Users\Flavia\Downloads\EnticingSims_Feather Tattoo.package
2015-05-07 10:53 - 2015-05-07 10:53 - 01851664 _____ () C:\Users\Flavia\Downloads\MILK Jasmine Skintone.zip
2015-05-07 10:53 - 2015-05-07 10:53 - 00003782 _____ () C:\Users\Flavia\Downloads\cateye.package
2015-05-07 10:51 - 2015-05-07 10:51 - 04378955 _____ () C:\Users\Flavia\Downloads\MILK Divine.package
2015-05-07 10:51 - 2015-05-07 10:51 - 00269171 _____ () C:\Users\Flavia\Downloads\Love Frekles by Pinkzombiecupcake.package
2015-05-07 10:50 - 2015-05-07 10:50 - 00042966 _____ () C:\Users\Flavia\Downloads\MYOBI-samantha-facedetail.package
2015-05-07 10:49 - 2015-05-07 10:49 - 00265490 _____ () C:\Users\Flavia\Downloads\MorganeParis_For_Natalis_Nails_02.package
2015-05-07 10:49 - 2015-05-07 10:49 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL(1).package
2015-05-07 10:48 - 2015-05-07 10:48 - 00209148 _____ () C:\Users\Flavia\Downloads\PS Lip 01.package
2015-05-07 10:47 - 2015-05-07 10:47 - 00217924 _____ () C:\Users\Flavia\Downloads\Aveira_LipglossN3.package
2015-05-07 09:48 - 2015-05-07 09:48 - 00000000 ____D () C:\ProgramData\Aeria Games
2015-05-06 10:32 - 2015-05-06 10:32 - 00001608 _____ () C:\Users\Flavia\Desktop\Echo of Soul.lnk
2015-05-06 10:17 - 2015-05-06 10:17 - 00001950 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk
2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\Program Files\Aeria Games
2015-05-06 09:46 - 2015-05-06 10:17 - 00000000 ____D () C:\AeriaGames
2015-05-05 13:00 - 2015-05-05 13:00 - 00268383 _____ () C:\Users\Flavia\Downloads\Cenothera Biennis - by Onyxium.zip
2015-05-05 12:59 - 2015-05-05 12:59 - 00164311 _____ () C:\Users\Flavia\Downloads\MYOBI-opulent-lipcolour.package
2015-05-05 12:58 - 2015-05-05 12:58 - 00772625 _____ () C:\Users\Flavia\Downloads\[EVE62]lipstick1.package
2015-05-05 12:58 - 2015-05-05 12:58 - 00042707 _____ () C:\Users\Flavia\Downloads\Doll Lipstick Nr1. by Baarbiie-GiirL .package
2015-05-05 12:57 - 2015-05-05 12:57 - 00203248 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 Lipstick 09.package
2015-05-05 12:57 - 2015-05-05 12:57 - 00062311 _____ () C:\Users\Flavia\Downloads\Autumn dream lipstick by Pinzombiecupcake.package
2015-05-05 12:56 - 2015-05-05 12:56 - 00252650 _____ () C:\Users\Flavia\Downloads\MYOBI-lilt-lipcolour.package
2015-05-05 12:55 - 2015-05-05 12:55 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL.package
2015-05-05 12:54 - 2015-05-05 12:54 - 00003717 _____ () C:\Users\Flavia\Downloads\Doll Eyeliner.package
2015-05-05 12:53 - 2015-05-05 12:53 - 00135801 _____ () C:\Users\Flavia\Downloads\[GrizzlySimr] Sohlein Classy Eyeshadow.package
2015-05-05 12:52 - 2015-05-05 12:52 - 00122500 _____ () C:\Users\Flavia\Downloads\[simbastic] smokey_glitter_eyeshadow.package
2015-05-05 12:52 - 2015-05-05 12:52 - 00043249 _____ () C:\Users\Flavia\Downloads\mormo_eyeshadow1_AF.package
2015-05-05 12:51 - 2015-05-05 12:51 - 01685607 _____ () C:\Users\Flavia\Downloads\MYOBI-fiona-eyeshadow.package
2015-05-05 12:42 - 2015-05-05 12:42 - 00132889 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows16 M .package
2015-05-05 12:41 - 2015-05-05 12:41 - 00192771 _____ () C:\Users\Flavia\Downloads\MYOBI-nemo-brows.package
2015-05-05 12:40 - 2015-05-05 12:40 - 19387267 _____ () C:\Users\Flavia\Downloads\1265549.zip
2015-05-05 12:40 - 2015-05-05 12:40 - 01063041 _____ () C:\Users\Flavia\Downloads\SV Summer floral dress.package
2015-05-05 12:39 - 2015-05-05 12:39 - 00109478 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows12 F.package
2015-05-05 12:38 - 2015-05-05 12:38 - 04103232 _____ () C:\Users\Flavia\Downloads\Realistic beard By Pinkzombiecupcake.package
2015-05-05 12:38 - 2015-05-05 12:38 - 00025198 _____ () C:\Users\Flavia\Downloads\Eyebrow with 8 colours.package
2015-05-05 12:36 - 2015-05-05 12:37 - 07179080 _____ () C:\Users\Flavia\Downloads\beard nr 2.package
2015-05-05 12:35 - 2015-05-05 12:35 - 08296793 _____ () C:\Users\Flavia\Downloads\Cazy_c119-Nicholas_r.package
2015-05-05 11:18 - 2015-05-05 11:18 - 00494281 _____ () C:\Users\Flavia\Downloads\1268783.zip
2015-05-05 11:17 - 2015-05-05 11:17 - 20023938 _____ () C:\Users\Flavia\Downloads\Stealthic Like Lust (Hair).package
2015-05-05 11:17 - 2015-05-05 11:17 - 00468442 _____ () C:\Users\Flavia\Downloads\1266813.zip
2015-05-05 11:16 - 2015-05-05 11:16 - 23228914 _____ () C:\Users\Flavia\Downloads\Stealthic Haunting (Hair).package
2015-05-05 11:15 - 2015-05-05 11:16 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair)(1).package
2015-05-05 11:14 - 2015-05-05 11:14 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229(1).package
2015-05-05 11:10 - 2015-05-05 11:11 - 24898232 _____ () C:\Users\Flavia\Downloads\Stealthic Sleepwalking (Hair).package
2015-05-05 11:10 - 2015-05-05 11:10 - 05337936 _____ () C:\Users\Flavia\Downloads\Skysims-hair257g.package
2015-05-05 11:09 - 2015-05-05 11:09 - 17935799 _____ () C:\Users\Flavia\Downloads\Stealthic Captivated (Hair).package
2015-05-05 11:08 - 2015-05-05 11:08 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229.package
2015-05-05 11:06 - 2015-05-05 11:06 - 21139442 _____ () C:\Users\Flavia\Downloads\Stealthic Runaway (Hair).package
2015-05-05 11:04 - 2015-05-05 11:04 - 04326482 _____ () C:\Users\Flavia\Downloads\Skysims Hair 208-lok sims4.package
2015-05-05 11:03 - 2015-05-05 11:03 - 21509106 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair)(1).package
2015-05-05 11:02 - 2015-05-05 11:02 - 11803982 _____ () C:\Users\Flavia\Downloads\Cazy_c172-Izzy_t-e_type2_re.package
2015-05-05 11:01 - 2015-05-05 11:01 - 00208048 _____ () C:\Users\Flavia\Downloads\Tantars Estate.zip
2015-05-05 11:00 - 2015-05-05 11:00 - 23136216 _____ () C:\Users\Flavia\Downloads\Stealthic Midsummer Night (Hair and Acc).package
2015-05-05 11:00 - 2015-05-05 11:00 - 05331542 _____ () C:\Users\Flavia\Downloads\Skysims-hair149.package
2015-05-05 10:59 - 2015-05-05 10:59 - 08029586 _____ () C:\Users\Flavia\Downloads\Nightcrawler AF Hair Turn It Up.package
2015-05-05 10:57 - 2015-05-05 10:57 - 21011847 _____ () C:\Users\Flavia\Downloads\Stealthic Amber Lights (Hair).package
2015-05-05 10:56 - 2015-05-05 10:56 - 07481536 _____ () C:\Users\Flavia\Downloads\Alesso_Circus.zip
2015-05-05 10:55 - 2015-05-05 10:55 - 06149100 _____ () C:\Users\Flavia\Downloads\Skysims-Hair-113.package
2015-05-05 10:53 - 2015-05-05 10:53 - 31996596 _____ () C:\Users\Flavia\Downloads\Stealthic Daughter (Hair).package
2015-05-05 10:52 - 2015-05-05 10:53 - 21697048 _____ () C:\Users\Flavia\Downloads\Stealthic Sanctuary (Hair).package
2015-05-05 10:51 - 2015-05-05 10:51 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair).package
2015-05-04 17:59 - 2015-05-04 17:59 - 03451698 _____ () C:\Users\Flavia\Downloads\1427212032d4244028654db8b5795c78.zip
2015-05-04 17:57 - 2015-05-04 17:57 - 02772812 _____ () C:\Users\Flavia\Downloads\141571469380eb3fb6e18314cd5679e3.zip
2015-05-04 17:53 - 2015-05-04 17:53 - 21497179 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair).package
2015-05-03 21:04 - 2015-05-03 21:04 - 00000000 ____D () C:\Program Files\Origin Games
2015-05-03 20:50 - 2015-05-03 20:50 - 00000000 ____D () C:\Users\Flavia\Documents\Electronic Arts
2015-05-03 20:48 - 2015-05-03 21:04 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Origin
2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\Program Files\Origin
2015-05-03 20:45 - 2015-05-03 20:45 - 00000905 _____ () C:\Users\Public\Desktop\Origin.lnk
2015-05-03 20:43 - 2015-05-03 20:43 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-03 20:41 - 2015-05-03 20:41 - 00002051 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2015-05-03 20:41 - 2015-05-03 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2015-05-03 20:34 - 2015-05-03 20:34 - 00000000 ____D () C:\Program Files\The Sims 4
2015-05-03 19:57 - 2015-05-03 21:11 - 00000000 ____D () C:\ProgramData\Origin
2015-05-03 19:51 - 2015-05-03 20:45 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-05-03 12:23 - 2015-05-03 12:23 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-03 12:23 - 2015-05-03 12:23 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-28 10:53 - 2015-04-28 10:53 - 00000000 ____D () C:\Users\Flavia\Downloads\[FS]Day04
2015-04-23 15:32 - 2015-04-23 15:32 - 00000000 __SHD () C:\Users\Flavia\AppData\Local\EmieBrowserModeList
2015-04-23 15:05 - 2015-04-23 15:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-22 11:15 - 2015-05-06 10:31 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-04-19 14:10 - 2015-04-19 14:10 - 00000000 ____D () C:\ProgramData\Ahead
2015-04-19 13:58 - 2015-05-13 19:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-19 13:58 - 2015-04-19 13:58 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-19 13:58 - 2015-04-19 13:58 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-18 11:04 - 2015-04-18 11:04 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-04-18 11:03 - 2015-04-18 11:03 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-16 10:50 - 2015-04-18 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-15 09:39 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 09:39 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 09:39 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 09:38 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 09:38 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 09:38 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 09:38 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 09:38 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 09:37 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:37 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 19:39 - 2014-01-16 17:13 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\0P1T1G1Q1F
2015-05-13 19:20 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-05-13 18:56 - 2011-07-09 18:33 - 00000000 ____D () C:\Users\Flavia\AppData\Local\PMB Files
2015-05-13 18:25 - 2014-12-20 14:36 - 00000000 ____D () C:\Windows\CryptoGuard
2015-05-13 18:25 - 2009-12-28 01:26 - 02064622 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 15:54 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 15:54 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 15:52 - 2014-08-14 11:55 - 00651504 _____ () C:\Windows\system32\perfh01F.dat
2015-05-13 15:52 - 2014-08-14 11:55 - 00140826 _____ () C:\Windows\system32\perfc01F.dat
2015-05-13 15:52 - 2011-05-21 00:31 - 00423246 _____ () C:\Windows\system32\perfh012.dat
2015-05-13 15:52 - 2011-05-21 00:31 - 00121210 _____ () C:\Windows\system32\perfc012.dat
2015-05-13 15:52 - 2010-01-20 16:25 - 00411600 _____ () C:\Windows\system32\perfh011.dat
2015-05-13 15:52 - 2010-01-20 16:25 - 00122926 _____ () C:\Windows\system32\perfc011.dat
2015-05-13 15:52 - 2009-12-27 16:41 - 04400078 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-13 15:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-13 15:45 - 2012-11-09 19:08 - 00031680 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-05-13 15:45 - 2011-09-25 14:34 - 00145878 _____ () C:\Windows\setupact.log
2015-05-13 15:45 - 2010-01-20 16:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-13 15:45 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-13 15:45 - 2009-07-14 06:33 - 02339336 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 15:44 - 2011-09-25 16:31 - 00624828 _____ () C:\Windows\PFRO.log
2015-05-13 15:44 - 2010-04-28 09:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 15:26 - 2009-12-27 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-13 15:23 - 2013-07-11 10:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 15:14 - 2009-12-27 17:09 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 15:10 - 2010-06-04 07:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 08:02 - 2012-11-09 19:40 - 00000000 ____D () C:\Users\Flavia\AppData\Local\CrashDumps
2015-05-12 23:11 - 2011-03-30 17:25 - 00000000 ____D () C:\Windows\Minidump
2015-05-12 18:48 - 2013-01-31 14:12 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Foxit Software
2015-05-12 18:47 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2015-05-12 16:07 - 2009-12-27 16:44 - 00000000 ____D () C:\Users\Flavia
2015-05-12 00:45 - 2011-09-15 17:48 - 00000000 ____D () C:\Download
2015-05-12 00:43 - 2014-05-27 12:07 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Samsung
2015-05-12 00:43 - 2009-12-27 18:54 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-05-11 20:55 - 2011-09-25 15:14 - 00000000 ____D () C:\Windows\pss
2015-05-11 20:38 - 2012-12-05 21:15 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Spotify
2015-05-11 20:37 - 2012-12-05 21:14 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Spotify
2015-05-11 18:39 - 2013-08-02 10:35 - 00000992 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-11 18:21 - 2015-01-23 17:12 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-05-03 20:05 - 2013-03-16 15:21 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Origin
2015-05-03 12:23 - 2014-05-16 17:00 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-03 12:23 - 2014-01-07 17:20 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-03 12:23 - 2013-03-17 18:59 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-03 12:23 - 2013-03-17 18:59 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-03 12:23 - 2012-02-24 15:33 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-03 12:23 - 2011-09-25 16:52 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-03 12:23 - 2011-09-25 16:51 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-03 12:23 - 2011-09-25 16:51 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-30 16:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-26 19:18 - 2012-04-18 19:53 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Audacity
2015-04-26 19:03 - 2012-07-28 11:45 - 00000000 ____D () C:\Users\Flavia\Downloads\eBooks
2015-04-25 16:03 - 2013-11-01 15:29 - 00000000 ____D () C:\Users\Flavia\Downloads\Dokumente
2015-04-25 09:54 - 2013-01-19 15:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-22 11:15 - 2013-03-15 12:46 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-04-22 11:15 - 2010-08-06 13:49 - 00000000 ____D () C:\Windows\system32\directx
2015-04-19 14:00 - 2015-01-16 12:23 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Adobe
2015-04-19 13:57 - 2009-12-28 16:55 - 00000000 ____D () C:\Program Files\Adobe
2015-04-19 13:56 - 2009-12-28 16:55 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-18 11:03 - 2013-02-21 13:11 - 00000000 ____D () C:\Program Files\Java
2015-04-15 10:44 - 2014-12-10 19:18 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 10:44 - 2014-05-01 19:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-13 18:07 - 2015-03-09 17:41 - 00000000 ____D () C:\Users\Flavia\Top Body

==================== Files in the root of some directories =======

2014-01-20 15:12 - 2014-01-27 16:12 - 0000085 _____ () C:\Users\Flavia\AppData\Roaming\WB.CFG
2011-04-29 13:55 - 2011-04-29 13:55 - 0009216 _____ () C:\Users\Flavia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-30 19:59 - 2011-07-22 13:50 - 0000000 _____ () C:\Users\Flavia\AppData\Local\Itiqeyabeguyoya.bin
2011-03-30 19:59 - 2011-07-21 10:02 - 0000120 _____ () C:\Users\Flavia\AppData\Local\Kholohiyesupa.dat
2015-04-10 16:47 - 2015-04-10 16:47 - 0005197 _____ () C:\Users\Flavia\AppData\Local\recently-used.xbel
2012-04-25 22:36 - 2012-07-11 23:50 - 0007597 _____ () C:\Users\Flavia\AppData\Local\resmon.resmoncfg
2011-09-25 10:24 - 2011-09-25 10:24 - 0000000 _____ () C:\Users\Flavia\AppData\Local\{07929EE3-DAD7-4105-8DF8-2CE403B4C7E2}
2015-02-27 18:27 - 2015-03-06 13:11 - 0000040 _____ () C:\ProgramData\DT0001.dat
2015-02-25 22:32 - 2015-03-06 13:11 - 0000040 _____ () C:\ProgramData\DT0006.dat
2010-02-22 15:38 - 2010-02-22 15:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Files to move or delete:
====================
C:\ProgramData\DT0001.dat
C:\ProgramData\DT0006.dat


Some content of TEMP:
====================
C:\Users\Flavia\AppData\Local\temp\dxwebsetup.exe
C:\Users\Flavia\AppData\Local\temp\FoxitUpdater.exe
C:\Users\Flavia\AppData\Local\temp\jre-8u45-windows-au.exe
C:\Users\Flavia\AppData\Local\temp\Quarantine.exe
C:\Users\Flavia\AppData\Local\temp\sqlite3.dll
C:\Users\Flavia\AppData\Local\temp\uninst.exe
C:\Users\Flavia\AppData\Local\temp\uninstall_complete.exe
C:\Users\Flavia\AppData\Local\temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-05 10:31

==================== End Of Log ============================
--- --- ---

--- --- ---

BlueAzure 13.05.2015 18:55
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-05-2015
Ran by Flavia at 2015-05-13 19:51:50
Running from C:\Users\Flavia\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4132011797-2711336362-2655832662-500 - Administrator - Disabled)
Flavia (S-1-5-21-4132011797-2711336362-2655832662-1000 - Administrator - Enabled) => C:\Users\Flavia
Guest (S-1-5-21-4132011797-2711336362-2655832662-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4132011797-2711336362-2655832662-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version:  - )
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-To-Play (HKLM\...\AION Free-To-Play) (Version: v0.1 - Gameforge 4D)
Akamai NetSession Interface (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Audacity 2.0 (HKLM\...\Audacity_is1) (Version:  - Audacity Team)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4600 (Version: 130.0.425.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{249F13C9-889B-405E-8987-F4E6AA90BD8E}) (Version: 0.9.17 - Kovid Goyal)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4329 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
Digitale Bibliothek 4 (HKLM\...\Digitale Bibliothek 4) (Version:  - )
Dropbox (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Echo of Soul (HKLM\...\Echo of Soul) (Version:  - )
EXPERTool v8.6 (HKLM\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.6.0.0 - Gainward Co. Ltd.)
forteManager (HKLM\...\{1883A84D-94AA-432C-9519-FA31B6B118B9}) (Version: 2.80.002 - Portrait Displays, Inc.)
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.4.96.511 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Free Audio Converter version 5.0.46.820 (HKLM\...\Free Audio Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
Free AVI Video Converter version 5.0.18.1005 (HKLM\...\Free AVI Video Converter_is1) (Version: 5.0.18.1005 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.23.320 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free Studio version 5.1.7 (HKLM\...\Free Studio_is1) (Version:  - DVDVideoSoft Ltd.)
Free Video Dub version 2.0.22.925 (HKLM\...\Free Video Dub_is1) (Version: 2.0.22.925 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.23.320 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.33.1005 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.33.1005 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HD Video Plugin (HKLM\...\HD Video Plugin) (Version: 1.28.153.5 - Plugin)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (HKLM\...\{44C81D1A-0520-49BB-B510-98B8DD414EA1}) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x86 (HKLM\...\{175A0271-B6F3-4AB6-ADAD-DC9D17F4A321}) (Version: 2.0.1083.0 - Intel)
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 3.9.5 (HKLM\...\KLiteCodecPack_is1) (Version: 3.9.5 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
MEDION MD86511 (HKLM\...\{1251B5BC-E285-4078-98C9-ED21F61B552A}) (Version: 1.0.0.0 - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{2F750C77-1FEC-44F9-88CC-2CE322EBD61E}) (Version: 1.1.0324 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version:  - NCsoft)
Netzmanager (HKLM\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Overwolf (HKLM\...\{4150D0B5-D203-419B-9C49-9B615AF11BAF}) (Version: 0.33.199 - Overwolf)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.7.0.0 - Pando Networks Inc.)
PDF24 Creator 6.9.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PS_AIO_05_C4600_Software_Min (Version: 130.0.425.000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SDFormatter (HKLM\...\{5A347920-4AFC-11D5-9FB0-800649886934}) (Version:  - )
SDK (Version: 1.40.002 - Portrait Displays, Inc.) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TERA (HKLM\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 19.04.02.03.hf3 - Gameforge Productions GmbH)
The Sims 4 Version 1.0 u1 (HKLM\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.0 u1 - EA Games)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
Uniblue RegistryBooster 2010 (HKLM\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version:  - Uniblue Systems Ltd)
Unity Web Player (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Viva Piñata (HKLM\...\InstallShield_{343EFA17-5BC5-44DA-924F-539ECBEFF68C}) (Version: 1.00.0000 - Microsoft Game Studios)
Viva Pinata (Version: 1.00.0000 - Microsoft Game Studios) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.21 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WOT für Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}\InprocServer32 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll ()
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{F12BE2CC-A901-4203-B4F2-ADCB957D1887}\InprocServer32 -> C:\ProgramData\Windows\wsse.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

06-04-2015 10:07:45 Windows Backup
06-04-2015 11:49:08 Removed Adobe Shockwave Player 12.0.
06-04-2015 11:53:36 Removed Adobe Shockwave Player 12.0.
06-04-2015 11:54:30 Removed Skype™ 6.11
10-04-2015 12:19:34 Windows Update
10-04-2015 17:34:27 avast! antivirus system restore point
12-04-2015 19:00:08 Windows Backup
15-04-2015 09:37:53 Windows Update
15-04-2015 10:02:58 Windows Update
16-04-2015 10:49:16 Installed Java 7 Update 75
18-04-2015 11:11:22 Windows Update
19-04-2015 14:08:41 Removed Nero 7 Ultra Edition. Available with Windows Installer version 1.2 and later.
20-04-2015 15:59:31 Windows Backup
23-04-2015 16:17:06 Removed Aeria Ignite
25-04-2015 10:07:27 Windows Update
26-04-2015 19:00:12 Windows Backup
29-04-2015 09:27:46 Windows Update
03-05-2015 12:21:03 avast! antivirus system restore point
03-05-2015 19:00:05 Windows Backup
03-05-2015 20:42:40 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
06-05-2015 08:53:50 Windows Update
11-05-2015 14:22:32 Windows Backup
12-05-2015 00:40:46 Removed Samsung Kies
13-05-2015 09:32:56 Windows Update
13-05-2015 15:02:49 Windows Update
13-05-2015 19:33:49 Revo Uninstaller's restore point - Pando Media Booster Packages

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2013-11-17 14:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {051D9757-8B82-499C-84F3-DAA24A3DE582} - System32\Tasks\939a6e80 => C:\Users\Flavia\AppData\Local\Temp\\setup43644544.exe <==== ATTENTION
Task: {06C689DC-E76C-4A21-8866-20195A7C7D8A} - System32\Tasks\{75581C9E-7CDE-4760-94A5-B7305B0DBEEB} => C:\Program Files\VOX3DPlaner2\Konfigurator\VOX3DPlaner2.exe
Task: {0EA169F2-3396-4693-8141-E0B0BDEAD2D0} - System32\Tasks\{2BA6D508-0A05-49CB-A72A-BAE924AAA86D} => C:\Program Files\FIFA06\fifa06 demo.exe
Task: {0EDCC5B6-3393-4E15-A50F-DAFD2C9832E3} - System32\Tasks\{1C432A36-43A8-4E97-9064-E347447B9584} => pcalua.exe -a "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall\Magical Diary - Horse Hall.exe" -d "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall"
Task: {10330BF6-A675-4800-A815-653A883EA389} - System32\Tasks\{1A0A79E3-33E7-4B14-AEE7-9402B154A87B} => C:\Program Files\Nexon\MabinogiEU\Mabinogi.exe
Task: {118AB896-6545-4634-8DE0-05F08A6DAF5A} - System32\Tasks\{C0B08E39-FC9D-46D1-A7D0-6BFF81B8BFAA} => J:\Setup.exe
Task: {1266A55D-07A0-4E1E-9850-9BAD8D5A9C13} - System32\Tasks\{E4CB1F65-9BC1-413F-BFE8-1E9629412274} => C:\Program Files\Origin Games\The Sims 3\Game\Bin\Sims3Launcher.exe
Task: {135387F8-A0AF-4292-8994-E2BCC2B0EC1F} - System32\Tasks\{0040F31E-F0C2-4718-BE4B-C574915E4BC9} => pcalua.exe -a J:\setup.exe -d J:\
Task: {144C66C0-FD3E-4C35-9168-C4146F8435E6} - System32\Tasks\9d0be300 => C:\Users\Flavia\AppData\Local\Temp\\setup115842944.exe <==== ATTENTION
Task: {15C3D743-59C8-4FFC-86D8-25C055A63066} - System32\Tasks\{FE3A9151-4B9D-490C-902E-5BA73455C78D} => C:\Program Files\FIFA06\AutoRun.exe
Task: {16E8B459-123F-4050-8F2D-CB02F7AD2A7C} - System32\Tasks\{F74CF72E-9781-4504-8186-2857FBB1D1B9} => pcalua.exe -a C:\Users\Flavia\Vampire1CD1\demo32.exe -d C:\Users\Flavia\Vampire1CD1
Task: {19816D70-8705-49B4-B7E3-A7000B629593} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {224F3630-CB78-4C5B-A202-BB60DE1EE253} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {23E365D6-24D8-4700-BEEF-E67496FF5057} - System32\Tasks\{089899D8-646F-4E09-976A-F2857E4AE461} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe
Task: {25FFB239-81CC-410B-B309-9869E3734E7B} - System32\Tasks\NRYP => Rundll32.exe "C:\Windows\system32\TSChannelx.dll",JVTZJMTO
Task: {272C4B3C-B7FF-4E2C-A7D6-AA2CEB799B99} - System32\Tasks\{EF40B049-C1A4-429A-855E-7E736CD595F8} => C:\Users\Flavia\Pandora_Saga_MY_20090826.exe
Task: {276F4387-DDCA-4F09-B462-E5FFED32E870} - System32\Tasks\2e912b80 => C:\Users\Flavia\AppData\Local\Temp\\setup536466048.exe <==== ATTENTION
Task: {27CA32BA-775A-4923-AD8D-F4C8A99E8490} - System32\Tasks\{99960E19-E1E3-4BC0-A7A4-A1F66A43DCFE} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe
Task: {2B3DCFB4-2927-42C4-9870-9EF1FCEB80D2} - System32\Tasks\{23A04515-4009-43ED-8264-0AC9F9844B64} => J:\Setup.exe
Task: {3041F3B3-D300-4F4D-8F4C-DD67AADE7B20} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-03] (Avast Software s.r.o.)
Task: {34A8B566-44A8-456C-8A5C-0AEE57E4D0DD} - System32\Tasks\{E986319D-82CB-45ED-B545-2CD8B296A658} => J:\SETUP.EXE
Task: {35CD2091-3830-43C5-AC08-BAFE84CA8F48} - System32\Tasks\{4B341BDB-DA54-42E7-A1FB-C9CDE0C95496} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe
Task: {39A33003-0331-4A81-A608-D2F23205261C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3D3BB7C7-E5BB-4C86-A2A5-30199569C9CC} - System32\Tasks\{A62C7B66-2F13-417E-A060-23782DDEAF20} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe
Task: {44912348-372A-4DD4-8CB6-6DAC2C4AC1D8} - System32\Tasks\{25267E23-2FF8-4F82-B0AD-2BBE296B0A62} => J:\Setup.exe
Task: {449B9DA7-0B3E-4E1C-8C9D-C6BF9FDF9C89} - System32\Tasks\{5D295678-F417-44D3-9555-C19215CB7C78} => pcalua.exe -a E:\setup.exe -d E:\
Task: {4A4B1380-D7DF-43FA-84D8-5ACA740F4295} - System32\Tasks\{D7160B9E-A401-4BA6-9910-7D3B17F6B085} => C:\Nexon\MabinogiEU\Mabinogi.exe
Task: {4CC5B90C-C451-4CEE-A99D-6419EA202BDD} - System32\Tasks\{3BE569F6-B383-40A1-B2D8-372F5AE2AE37} => C:\Program Files\2K Games\Mafia II\pc\mafia2.exe
Task: {4E565704-159F-4924-B782-8174373FFBC5} - System32\Tasks\750dc200 => C:\Users\Flavia\AppData\Local\Temp\\setup1380827392.exe <==== ATTENTION
Task: {54A5AF44-E789-4BC6-999B-974485D891D7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {54EBCF67-64E5-4ECB-8F5D-5D184E5BB5A1} - System32\Tasks\{2B245C46-ECB2-41C9-9976-CD44CDD321B8} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe
Task: {5C2B861B-1BE5-46E0-9233-649BC50825CB} - System32\Tasks\{C57C0966-A03B-4532-87DD-BCC169B78F59} => C:\Nexon\MabinogiEU\Mabinogi.exe
Task: {64A6AAA7-589E-4B22-B2FF-BE327C2DB015} - System32\Tasks\{9B1B0303-3793-4D0B-81B1-059D5D27551B} => E:\StartCD.exe
Task: {69EBAFD0-8E9D-4507-81C1-914140DD02B7} - System32\Tasks\{7456ADC2-5627-4CD7-81E0-915ACE8069C7} => C:\Program Files\Viva Media\Alter Ego\AlterEgo.exe
Task: {6F8F9112-A4E8-408B-802D-BD5499168F95} - System32\Tasks\{2D7C4757-CBC2-4149-901B-33F4AE95A112} => pcalua.exe -a "C:\Program Files\Vektoris3D25Plus\uninstall.exe"
Task: {711D8645-65A8-4CE5-A3E0-00B3036124CE} - System32\Tasks\fb41c00 => C:\Users\Flavia\AppData\Local\Temp\\setup828756736.exe <==== ATTENTION
Task: {714A1540-2A02-4584-9649-0258C90D64F7} - System32\Tasks\39080f80 => C:\Users\Flavia\AppData\Local\Temp\\setup3143229824.exe <==== ATTENTION
Task: {7425C34A-8E3A-442C-A109-97D19E95760E} - System32\Tasks\{47941BC1-6CC9-42B4-82D9-05A8B357B1FE} => J:\Setup.exe
Task: {75885767-6A67-4842-B477-2CCE374BD762} - System32\Tasks\f4e4a200 => C:\Users\Flavia\AppData\Local\Temp\\setup1919017344.exe <==== ATTENTION
Task: {772E9FA9-B5F1-4CF3-BF28-524E23A07787} - System32\Tasks\{6105EF99-5F22-4B53-A3E1-3FAEF66E868A} => C:\Nexon\MabinogiEU\Mabinogi.exe
Task: {7858E897-E286-44C6-81C1-5E3F359738AB} - System32\Tasks\5eb6d380 => C:\Users\Flavia\AppData\Local\Temp\\setup127876736.exe <==== ATTENTION
Task: {78A23ACE-C365-4389-9782-41C31F76D202} - System32\Tasks\{61557E34-772C-4E2F-BB3E-FE138B65AFD2} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe
Task: {81DC7CF1-D24D-42B2-9105-916784164C94} - System32\Tasks\{EAC62CFA-EA8B-42D0-A599-13AC7CA93F90} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe
Task: {84EA453B-234E-488D-B778-7FF247893378} - System32\Tasks\{49D40749-5F5F-482A-8312-83B9076882C1} => C:\Program Files\Runes of Magic\Runes of Magic.exe
Task: {85A67C56-CEAB-429E-8E4C-7BD04C02DE46} - System32\Tasks\{B477751F-7EC4-47E6-BEFF-AD589581480F} => C:\Program Files\Electronic Arts\Die Sims 3\Game\Bin\TS3.exe
Task: {86996018-097E-4AF9-9D91-76D8029146DB} - System32\Tasks\{94C70D2F-3BFB-44BE-86FD-D65818B82648} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe
Task: {86C28AB1-5C52-46E1-935C-7B74A647D69F} - System32\Tasks\{29709F28-06CA-4E3E-9DC1-1CABD4A8227C} => J:\Setup.exe
Task: {86FB483D-2035-4838-81C7-CEF7B37B4610} - System32\Tasks\{1673BF47-0F92-4B1D-B87E-4EBB27586308} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {8B0E773E-3CCB-4481-AB1B-004E9DCCC22D} - System32\Tasks\a3509c80 => C:\Users\Flavia\AppData\Local\Temp\\setup3791351296.exe <==== ATTENTION
Task: {8B2FBBE3-7C1E-4223-B2FB-9BB9E94C4EED} - System32\Tasks\{46A3F437-83A6-4E51-A907-76A3DA579DED} => C:\Program Files\The Adventure Company\Evany Schlüssel zur Freiheit\Evany.exe
Task: {8BC2271C-234F-4E3C-BFCB-DDCA2B6962BA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8F453FA1-759E-456E-ABB4-CD3E9886462E} - System32\Tasks\{11118169-3789-4C4D-BCAE-8832D80F70FE} => pcalua.exe -a C:\Users\Flavia\Downloads\NetmarbleDBOSetup.exe -d C:\Users\Flavia\Desktop
Task: {91A325AA-8FAB-4A48-9A22-BE79FC121B65} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4132011797-2711336362-2655832662-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {94734BFA-359F-4601-B879-1D63B8A98D08} - System32\Tasks\{42F5F183-C47D-4FC1-80A8-6839E5BA9D93} => pcalua.exe -a J:\Setup.exe -d J:\
Task: {947BCACF-EFEE-4890-9FF5-477553FA0B3B} - System32\Tasks\{601445B5-0494-4034-8562-EC2AD924F5CB} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {967AB9D1-D3BB-45D2-81F0-D5802AB2DFA0} - System32\Tasks\{F250B786-AD66-4FE5-8D5E-7E395764F3B9} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{343EFA17-5BC5-44DA-924F-539ECBEFF68C}\setup.exe" -c -runfromtemp -l0x0407 -removeonly
Task: {96F01EEC-EC2F-4CED-9D40-306115A4C961} - System32\Tasks\{170FF8E8-C96D-40CF-8FCB-7DB4E8976221} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe
Task: {9781BC6D-4495-453E-94FB-262BC14AB1C3} - System32\Tasks\{CF01B6F4-BECB-4298-9FFC-D696BF961AFD} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe
Task: {A014E8EE-56A1-4E84-89C4-09283331A317} - System32\Tasks\{260B4302-4B67-4CA9-B0EC-D07F489E91A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.111/de/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {ADD8A39D-0D85-4A88-AD46-93E20B277877} - System32\Tasks\{CEB044B5-B67C-4C0F-8D31-E23A9B55BE93} => J:\startup.exe
Task: {B2E8EE57-0899-41A0-AEEA-6E9C81636382} - System32\Tasks\{DD66FA04-B610-4FB0-A6EB-CAF7ADD2926A} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe
Task: {BA219B21-6C51-44A8-9D19-F17E49E1AD43} - System32\Tasks\{FCCF13A5-3AA1-4B1E-83D8-11D706C12D1A} => pcalua.exe -a C:\Users\Flavia\Pandora_Saga_MY_20090826.exe -d C:\Users\Flavia
Task: {BB2A62CA-F06B-49CF-9C75-491D2F4B11CE} - System32\Tasks\{2A771DDE-9262-4EB0-8398-C970CEADF012} => C:\Program Files\Changyou\Zentia\patcher.exe
Task: {BE950A6D-81CB-4DFB-8049-1D76504A23FF} - System32\Tasks\{6586BE00-2E28-44BD-8F0C-A361B71BBD78} => C:\Program Files\Electronic Arts\Harry Potter und der Orden des Phönix\hp.exe
Task: {C01212D2-464F-4D6E-93A6-A9C29CFE2D3F} - System32\Tasks\{162A6AD8-106B-4C19-A4B1-281D64BEEC22} => J:\startup.exe
Task: {C1DE965C-3A58-4214-A83B-CC053BB338A7} - System32\Tasks\{1C77C66B-9114-46D3-B57D-091E235E12C7} => C:\Program Files\EA SPORTS\FIFA 06 Demo\fifa06 demo.exe
Task: {C63A36E3-FC0C-41F7-8401-31E28E135348} - System32\Tasks\72b7df00 => C:\Users\Flavia\AppData\Local\Temp\\setup2246522240.exe <==== ATTENTION
Task: {C7430DF4-E05F-4463-A94B-588BCEE90AC1} - System32\Tasks\84919c00 => C:\Users\Flavia\AppData\Local\Temp\\setup115568128.exe <==== ATTENTION
Task: {C8B95971-0615-4A22-930F-497F1F05C036} - System32\Tasks\{3B337EAA-C525-4D86-98A4-8F4636C9D23A} => C:\Microids\Die Rückkehr zur Geheimnisvollen Insel 2\RTMI2.exe
Task: {CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871} - System32\Tasks\ac67a900 => C:\Users\Flavia\AppData\Local\Temp\\setup2323362176.exe <==== ATTENTION
Task: {CB02E8DD-A292-401A-A47E-8DBA30321AE1} - System32\Tasks\895e7e00 => C:\Users\Flavia\AppData\Local\Temp\\setup196104192.exe <==== ATTENTION
Task: {CB413622-74BC-44E6-985C-5F4F1941433E} - System32\Tasks\{C0F69074-C3C9-43C0-9E62-0883EDB9AD52} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe
Task: {D042EFA4-DB30-481A-B3FC-A5462C3FB398} - System32\Tasks\37afaf80 => C:\Users\Flavia\AppData\Local\Temp\\setup445119232.exe <==== ATTENTION
Task: {D367179D-51C7-4CBF-A496-5C26C25D18C2} - System32\Tasks\{59FC5536-60F1-4046-AE30-521FD21DD8C3} => pcalua.exe -a "C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe" -c RealNetworks|RealPlayer|12.0
Task: {D38E282A-7EF8-4878-A84E-332D25456102} - System32\Tasks\c3793e00 => C:\Users\Flavia\AppData\Local\Temp\\setup522615808.exe <==== ATTENTION
Task: {D83A6590-8B91-4CBB-9154-DF65E0FD162A} - System32\Tasks\{FAFB8A66-A5E8-46D8-AB10-41519A7DD50D} => C:\Program Files\Ubisoft\Abenteuer auf dem Reiterhof 3 - Das Erbe der Gräfin\Reiterhof3.exe
Task: {D91162AA-8064-40C7-9887-1CDA75FF058D} - System32\Tasks\{98341868-9868-4F93-B186-B2EF031C9524} => C:\Program Files\FIFA06\fifa06 demo.exe
Task: {DDF5E073-5C25-4E88-A462-FFBEA129B65F} - System32\Tasks\66f0bd80 => C:\Users\Flavia\AppData\Local\Temp\\setup1887453440.exe <==== ATTENTION
Task: {E1422BD5-0558-4973-9380-2CD169B649A7} - System32\Tasks\{1C483E90-D6C1-4EF8-9BC2-3D2B1B56CCDA} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe
Task: {E2FE5906-3FC0-4CF0-B775-2CF244262600} - System32\Tasks\{C0A21489-2C59-4A15-9D9B-88AA56172945} => C:\Program Files\Skype\Phone\Skype.exe
Task: {E67AC7EA-AAD3-4B74-AE04-B1D18FD743C9} - System32\Tasks\{71B95856-969C-4D1F-A7C7-328F667F7495} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {EA31D609-5550-48F9-9C87-E33A3C459E48} - System32\Tasks\{A1243B8A-A37E-4891-A587-9E295C39B9DC} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {EC4889F0-C3FE-442C-90B7-CE166DB1358C} - System32\Tasks\{6590403D-AF4A-46AF-860B-8EC7EC9D1883} => pcalua.exe -a C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe -c REMOVE=TRUE MODIFY=FALSE
Task: {EC8EA56F-8B14-4D04-A6A1-C8F8FDCB49CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated)
Task: {FA25C835-088B-4B7A-BE70-7E0F6379F28F} - System32\Tasks\{D7D0F476-5A34-473B-92ED-3F56D37F1B8F} => J:\autorun.exe
Task: {FFA49ECB-8D5F-40CA-BB5F-DBEDA81B3D0F} - System32\Tasks\{0547096A-63B8-43D5-8A62-443D81F62B43} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2015-05-03 12:23 - 2015-05-03 12:23 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-03 12:23 - 2015-05-03 12:23 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-13 15:01 - 2015-05-13 15:01 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051300\algo.dll
2015-05-13 15:46 - 2015-05-13 15:46 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051301\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-12-27 18:54 - 2007-10-11 17:17 - 00065536 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00116224 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00041984 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 17:26 - 2012-02-09 17:26 - 00032768 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2014-10-19 09:06 - 2014-10-19 09:06 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2012-11-09 19:04 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-02-22 12:43 - 2015-02-05 20:27 - 00108864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2009-12-27 18:54 - 2007-10-11 17:17 - 00167936 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\dthook.dll
2009-12-27 18:54 - 2007-10-11 17:16 - 00102400 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2009-12-27 18:54 - 2007-10-11 17:17 - 00077824 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll
2009-12-27 18:55 - 2007-10-04 14:36 - 00065536 _____ () C:\Program Files\Common Files\Portrait Displays\drivers\vista.dll
2015-03-19 13:54 - 2015-03-19 13:54 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7571 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files\CyberLink\YouCam\YouCam.exe" /s

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{E926E57D-011D-4F63-BCC5-FFCFDC28D091}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{CE504808-152F-4073-8BB9-0F8E7C4D30C6}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{AB3FBA72-52C3-4476-9A38-230DBE05659B}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [TCP Query User{B4BE9938-7F72-4A8F-8AFC-59A3E97A8C90}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{CD206E8E-4251-4D41-BBCA-7E1530E9FAA9}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{AF14EA5F-61F8-4FE4-9FE6-C4730BE4F7B6}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FC1627D8-D25B-45AB-A418-F1486F792E83}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{59302FB5-A1E9-480C-8BF4-45AB55DB672B}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{38D62175-A6FB-480E-952F-9FD4FD6D491C}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{BC2A5E90-0AC7-48E6-B570-308A64B0DED9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BEACD746-1789-42A8-B76D-5F42C7882396}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4A26D664-9010-40ED-9DA9-C1EB4EB0038D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D19F2778-75FE-4E14-910A-F664C3ECFF05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{81FB1BFC-6861-4487-9FB6-68FBE4AE9EBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3F3C3C45-80F2-474F-BDB2-256ED4411935}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5D697DC0-C1F0-4F6E-BEC5-E90BAB98E186}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{9EA5A4A1-58A0-45FD-809E-E9A61B40B282}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [{AEFF8D32-76DE-4551-9CA2-45AF568C3EDE}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{6325CFDC-F297-471C-B1F4-54ABC44758FA}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{111361FE-47F8-40CC-88C3-94E4EE48A3CC}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{CD642251-541E-443A-A680-09D382B26332}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{431373F4-9F84-47F1-B308-1ABD4215F20B}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{C18CA305-4CDD-4294-AB64-FEB4D343931C}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{E9868860-8969-4BB3-AAC8-CA0E63B49582}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [TCP Query User{7A64FEF9-033E-4D2E-A005-0CB94B57CFCF}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E9429E86-D119-4158-85AA-2E2A92FFFEA5}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [{C343E5C6-5573-4111-A23F-687E4BFFC92E}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{3285F562-0BFE-47FF-A259-B998E92CF967}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{34D4736F-C193-400D-96FB-C7E94A79A4F2}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe
FirewallRules: [{919CACC1-1EC1-4459-A39D-8F5424015410}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe
FirewallRules: [TCP Query User{02286B40-50D8-44F7-AB96-81E2E97DCD2A}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe
FirewallRules: [UDP Query User{C3A1ED8C-2CD6-40CF-9D7C-93BF0F8C7495}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe
FirewallRules: [TCP Query User{CE27873A-A8D6-489F-B3B7-02849328CD1B}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe
FirewallRules: [UDP Query User{982F5FD8-ADAE-47DC-965B-23FA3695281F}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe
FirewallRules: [TCP Query User{54C7BBEF-C9C4-4B4F-9808-BB1671AC0790}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{DB9CB2CE-9614-4406-B0B4-EB16A5F6F704}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{9B782A49-3613-4A13-B2EC-70AD25A67187}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{8884CA3A-5AC0-4A2C-9F8A-C6B32A2BAB4A}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [{744CA3E2-230F-4452-9700-88113294B2EF}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe
FirewallRules: [{AEB0600D-5966-4DCF-BEC1-A5BE5238AB95}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe
FirewallRules: [TCP Query User{A4757E28-FE18-4884-979F-8C3F6D760841}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe
FirewallRules: [UDP Query User{C36B91E8-7D9D-4596-9E56-65D99E0ED0E3}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe
FirewallRules: [{4AD73C9B-F847-4C03-B5A3-7EE21FFE91BB}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe
FirewallRules: [{3AF77807-C7FF-4EB8-88E7-ECE5146931A8}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe
FirewallRules: [{046170AF-457C-4A2B-B1AE-D8B702AAD290}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe
FirewallRules: [{41CA41D1-E0C9-4917-A3EF-473DD374F9E0}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe
FirewallRules: [{D093AD71-9AF5-45AB-87C5-477A9CF8B594}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe
FirewallRules: [{B14768B3-AC64-4986-A76F-3BBB378D9130}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe
FirewallRules: [TCP Query User{B08B02A2-BE4B-427E-80D0-6CDB1EA3EAD6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [UDP Query User{F90E1670-79F8-4D12-83D9-8A8CC2CCBF5F}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [{5DA0E919-6DB9-4E31-A26D-4C0CD0E40402}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{FA86693F-21CC-4B76-8413-0083D1888F32}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{143D9615-3757-4244-8DA3-83C3DCF53DAD}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe
FirewallRules: [{7AEECADC-8AD9-497B-B5D2-C40983D85B5C}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe
FirewallRules: [TCP Query User{2F7AB098-6778-447C-8919-B37CBD0F75EC}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [UDP Query User{6AA73BC2-CEFC-4975-9B3E-43A37004DE2B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [TCP Query User{84FC3551-BC28-4714-80D4-F863A31A6D38}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe
FirewallRules: [UDP Query User{1E9CDD4F-191A-4823-A463-BB2EC36510E0}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe
FirewallRules: [TCP Query User{1D234196-5AF3-4F68-A2A7-DE37EDD3A0F0}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe
FirewallRules: [UDP Query User{17D5432E-962A-498C-BE67-F2C886F771F8}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe
FirewallRules: [TCP Query User{0981AD7C-0896-4656-A233-345BB7729BB8}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe
FirewallRules: [UDP Query User{70994A97-7B1C-4602-A6A3-2F21241F43CE}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe
FirewallRules: [{D10FF877-1B1E-43CD-9184-2D513B10DACC}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{E0E7CE75-D7B3-4AD2-88B1-D74C712FD192}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{70FD046F-3941-4940-9A17-139AEA801C03}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
FirewallRules: [{8B10610D-077F-4B30-A3DE-964D291220FE}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
FirewallRules: [{28B5638F-F97B-4F6C-AA78-91AB0FD55B17}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DF53A54A-E20F-434A-8401-1F019BC5E9E6}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E85FBBD0-A683-427B-80B1-877FBE19D3DD}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{0B685BCF-B227-4354-BFA9-ACD720ABEBAE}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{8F28D682-FA91-4E20-A799-77A8036FA32D}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{457729AF-2B40-4364-8816-17459E5123DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{533CE4C0-41E3-4AEC-B81E-CBE9D41ADCF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FD04AF46-1FA2-44BC-B930-2AB0450C2562}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3ED7FBAB-6DE3-4637-A750-313E9C679262}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0CC87D7F-CCAA-46EC-8482-D8749468E1F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{36BBA65E-86A3-4A86-9EE9-AC24A313FFF8}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{D0BBB486-E9E9-4FA3-A544-A3E50A1B35D1}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [TCP Query User{1E47A4E1-112A-409D-A98A-D54B12DF1F09}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe
FirewallRules: [UDP Query User{FAD99B3B-107E-415E-A683-134EB320AF42}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe
FirewallRules: [{F825764F-4D73-46DA-B8D8-302A3ECA7E5E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{750FD75E-9811-4432-8D8A-35118F1C5A2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A91CF122-54EE-4FC1-80D1-15127DCDF37A}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe
FirewallRules: [{984E644F-E2E5-415E-B36B-CA92E9B144EE}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe
FirewallRules: [{3415B431-3193-4DD8-9B2C-14384A5F2572}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe
FirewallRules: [{E9642D98-3A70-4862-A144-E5196B4D58E6}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe
FirewallRules: [TCP Query User{00D7FE05-581C-4AB8-AF5E-849DCD1A3F14}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe
FirewallRules: [UDP Query User{BBAD1188-58DB-4EB5-9E1F-D8BE3B9A85AE}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe
FirewallRules: [{4E66913D-358A-403D-A9E8-9B7989A43C39}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe
FirewallRules: [{35804F06-7B2E-435C-B4B8-B6A6EA3D475F}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe
FirewallRules: [TCP Query User{8FD8D9FF-BB5E-40CF-BF24-20C38C313BE3}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe
FirewallRules: [UDP Query User{F6AF6EB6-2BEF-4BF3-9BA0-B87BDA5DFC98}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe
FirewallRules: [{ED5DD1D2-BC2A-489F-976A-50A3EFAC211E}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCmgrInstallGuide.exe
FirewallRules: [{C9BEB083-89A0-4D6A-88A4-26631F103F77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCTray.exe
FirewallRules: [{B1618BF2-1752-4507-9407-C7C4EF22B532}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCMgr.exe
FirewallRules: [{C86646EE-C466-40E2-A2C5-A9F137D75316}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCRTP.exe
FirewallRules: [{71BA372D-5459-412B-A05A-57F83DE50ED0}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\bugreport.exe
FirewallRules: [{BF2D6A2C-DEF3-42C2-AF33-F8DA7ADEC9E1}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCFileOpen.exe
FirewallRules: [{1A8C7C91-64F2-4B76-A8AC-B5CFAB265113}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLeakScan.exe
FirewallRules: [{5F284AB1-6534-439F-B403-8655FA842427}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLoader.exe
FirewallRules: [{2B22D286-39D7-4147-B1D1-BE5F49D8BCA5}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPConfig.exe
FirewallRules: [{3361BE24-27CF-4A1E-8625-1EDB10CC9638}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftMgr.exe
FirewallRules: [{DFD5C668-7F74-41BA-890A-B1ACCA77A73A}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{97F3E152-8725-4AAE-A1A0-A68DF4B009CB}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QDeskSetup.exe
FirewallRules: [{B226C09D-A1DA-46F8-9870-6623B06991A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCBTU.exe
FirewallRules: [{B4CE7C15-4C54-4829-AEF9-C81E3C021302}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCClinic.exe
FirewallRules: [{66AE12AB-39D6-4533-8EAF-FF5D9117D2F8}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLaunch.exe
FirewallRules: [{31BF9B38-8D0B-4391-9804-173F2F4A9229}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{1D012E8E-D8A7-4EA0-ADA3-2818072909A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftGame.exe
FirewallRules: [{EE4F1111-C79A-47DB-ACED-3314CB673F3D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSysOptimize.exe
FirewallRules: [{E6D8510A-3007-49C6-8F1E-2DC45CCDC318}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCUpdateAVLib.exe
FirewallRules: [{11ECB399-C5AF-4833-874E-78A5909206DC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQRepair.exe
FirewallRules: [{C0DBA3BE-781C-4DFC-8E4C-B187744F1ECC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\Uninst.exe
FirewallRules: [{596392A1-F67C-40A7-8BC5-C9A561B74B77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCPatch.exe
FirewallRules: [{1793F45A-E6F6-415C-9216-552366F0E340}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\TpkUpdate.exe
FirewallRules: [{F46F5CC2-5876-4DDB-8200-07592298470D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe
FirewallRules: [{8AEC1FB7-EBBE-4FD7-AF98-44B61A663E39}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe
FirewallRules: [{716E9B56-29A2-4502-B181-D0197CDB1DBC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMAccountProtection.exe
FirewallRules: [{255D8D5D-5762-43C1-9F87-7847136588ED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe
FirewallRules: [{A1CA16EF-E171-445A-9C46-03B26F13A7BE}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe
FirewallRules: [{E7DE9980-8860-490A-A6E6-62DA62D95F78}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe
FirewallRules: [{22FC9814-7E39-44A6-859E-34B43C819DED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe
FirewallRules: [{EF5A7E47-C67A-4B1C-B214-8FB83A1AE6E7}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{56E2A954-8AC1-4B44-9F08-DCC13E871A8B}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{7139256C-55B0-4436-977F-5BE69DD9BDE0}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe
FirewallRules: [{754D4617-8B07-4055-8E8A-9A703A05DDCE}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe
FirewallRules: [{7A0B75BD-6FBA-41E4-B6EB-1A6DA9C446FA}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe
FirewallRules: [{14F7DABA-F1DC-43AC-8A89-EC0586904AE2}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe
FirewallRules: [{073F08B8-6C27-4356-8341-97B2FFC84719}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe
FirewallRules: [{40C6E482-05FC-4C60-AC8A-96F5994347A4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe
FirewallRules: [{5C6DB019-088A-42A8-948D-DF170B6A09FB}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe
FirewallRules: [{41983DCE-17F7-4B9A-BEEF-2CE05401D8C4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe
FirewallRules: [{A7A13C01-D0B0-4ABF-B739-6EC79DFE9F70}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe
FirewallRules: [{7F625C70-A8C4-41D5-BB2B-BF5EF66E33A3}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe
FirewallRules: [TCP Query User{5A15A186-C8EC-4619-BD41-23637DBB5992}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe
FirewallRules: [UDP Query User{4F8F780E-04CD-4C33-8C0F-B8201574E6CF}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe
FirewallRules: [TCP Query User{3A501415-8406-445B-892F-80CF2318BA87}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{F7A04728-96EA-4C29-8174-DF89EAC35E16}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{3D061B38-D7EF-4C10-AA3F-6A58BC1CB4FB}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{F8A8F2D8-E493-4F33-B0B4-5D74E679ED2F}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{C21AAC83-B6E7-4EEA-BDA9-4C8D799DCE3B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{10E9319E-3857-4A0F-9641-912832051A0B}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{A425D2F1-49E5-44BC-8601-CA41AEBA56F3}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{E2F00FF9-7B3D-4FB9-ACE7-07748AE29E46}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{A16F3853-1087-46F5-9DB6-2A553BF193A4}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{1A36DB5C-A112-4BF4-894B-16589671AC88}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{7BB8CD60-887F-4B67-B0F2-6B6515BEF76C}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{3E78078E-6ABE-4910-88E2-ED5676E41D97}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{491770F3-B6F1-43C1-9BC9-A454FC5B64D0}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{3566D56A-628D-456F-8823-EF3B2F358837}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{B4967FE5-063F-47C7-9DD2-DF5894E51C8E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe] => Enabled:NEXON_EU_Downloader_Engine.exe

==================== Faulty Device Manager Devices =============

Name: adfs
Description: adfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adfs
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: USB Device(VID_1f3a_PID_efe8)
Description: USB Device(VID_1f3a_PID_efe8)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: USB Devices
Service: usbUDisc
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/13/2015 07:33:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Access is denied.
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Operation:
  Gathering Writer Data

Context:
  Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
  Writer Name: System Writer
  Writer Instance ID: {b090ed1c-3667-4df4-a457-a49183ca9b15}

Error: (05/13/2015 03:45:36 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (05/13/2015 03:45:36 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::ResetBIOS          Reset SASD failed, error=0

Error: (05/13/2015 03:45:36 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::UpdateSASD          Failed to set the sleep time, error=0

Error: (05/13/2015 03:45:36 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CISCTPnpDriverApi::SetBIOSWakeTime  *****IOCTL_ISCT_SASD(SASD) Failed, Error=0x2

Error: (05/13/2015 08:48:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 37.0.2.5583 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 109c

Startzeit: 01d08d476303e708

Endzeit: 186

Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Berichts-ID: f67a3e91-f93b-11e4-bbac-bc5ff43154bc

Error: (05/13/2015 08:28:37 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (05/13/2015 08:28:37 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::ResetBIOS          Reset SASD failed, error=0

Error: (05/13/2015 08:28:37 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::UpdateSASD          Failed to set the sleep time, error=0

Error: (05/13/2015 08:28:37 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CISCTPnpDriverApi::SetBIOSWakeTime  *****IOCTL_ISCT_SASD(SASD) Failed, Error=0x2


System errors:
=============
Error: (05/13/2015 03:45:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/13/2015 03:10:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80080005 fehlgeschlagen: Security Update for Windows 7 (KB3046002)

Error: (05/13/2015 03:10:44 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (05/13/2015 08:28:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/13/2015 08:28:07 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎13.‎05.‎2015 um 08:27:13 unerwartet heruntergefahren.

Error: (05/13/2015 08:00:02 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Media Player Network Sharing Service" Korrekturmaßnahmen (Restart the service) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Restart the service.

Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player Network Sharing Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Restart the service.

Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (04/25/2015 04:17:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 267 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (09/23/2011 04:14:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 54 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2015-05-13 19:48:53.210
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 19:38:43.512
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 19:31:58.372
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 18:27:08.649
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 15:45:20.979
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 10:30:40.805
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 09:02:49.057
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 08:47:32.847
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 08:36:14.348
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 08:28:31.649
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 43%
Total physical RAM: 3565.21 MB
Available physical RAM: 2025.37 MB
Total Pagefile: 7128.73 MB
Available Pagefile: 5087.94 MB
Total Virtual: 3071.88 MB
Available Virtual: 2948.42 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:98.75 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:0 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 66916FAD)
Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)

==================== End Of Log ============================
EDIT: Also hier wird der Google Update Helper aber angezeigt als Hidden.

cosinus 13.05.2015 19:09
FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
AppInit_DLLs: ´ê6 => ´ê6 File Not Found
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Toolbar: HKLM - No Name - {52836EB0-631A-47B1-94A6-61F9D9112DAE} -  No File
Toolbar: HKLM - No Name - {71576546-354D-41c9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
C:\ProgramData\DT0001.dat
C:\ProgramData\DT0006.dat
Task: {051D9757-8B82-499C-84F3-DAA24A3DE582} - System32\Tasks\939a6e80 => C:\Users\Flavia\AppData\Local\Temp\\setup43644544.exe <==== ATTENTION
Task: {144C66C0-FD3E-4C35-9168-C4146F8435E6} - System32\Tasks\9d0be300 => C:\Users\Flavia\AppData\Local\Temp\\setup115842944.exe <==== ATTENTION
Task: {276F4387-DDCA-4F09-B462-E5FFED32E870} - System32\Tasks\2e912b80 => C:\Users\Flavia\AppData\Local\Temp\\setup536466048.exe <==== ATTENTION
Task: {4E565704-159F-4924-B782-8174373FFBC5} - System32\Tasks\750dc200 => C:\Users\Flavia\AppData\Local\Temp\\setup1380827392.exe <==== ATTENTION
Task: {711D8645-65A8-4CE5-A3E0-00B3036124CE} - System32\Tasks\fb41c00 => C:\Users\Flavia\AppData\Local\Temp\\setup828756736.exe <==== ATTENTION
Task: {714A1540-2A02-4584-9649-0258C90D64F7} - System32\Tasks\39080f80 => C:\Users\Flavia\AppData\Local\Temp\\setup3143229824.exe <==== ATTENTION
Task: {75885767-6A67-4842-B477-2CCE374BD762} - System32\Tasks\f4e4a200 => C:\Users\Flavia\AppData\Local\Temp\\setup1919017344.exe <==== ATTENTION
Task: {7858E897-E286-44C6-81C1-5E3F359738AB} - System32\Tasks\5eb6d380 => C:\Users\Flavia\AppData\Local\Temp\\setup127876736.exe <==== ATTENTION
Task: {8B0E773E-3CCB-4481-AB1B-004E9DCCC22D} - System32\Tasks\a3509c80 => C:\Users\Flavia\AppData\Local\Temp\\setup3791351296.exe <==== ATTENTION
Task: {C63A36E3-FC0C-41F7-8401-31E28E135348} - System32\Tasks\72b7df00 => C:\Users\Flavia\AppData\Local\Temp\\setup2246522240.exe <==== ATTENTION
Task: {C7430DF4-E05F-4463-A94B-588BCEE90AC1} - System32\Tasks\84919c00 => C:\Users\Flavia\AppData\Local\Temp\\setup115568128.exe <==== ATTENTION
Task: {CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871} - System32\Tasks\ac67a900 => C:\Users\Flavia\AppData\Local\Temp\\setup2323362176.exe <==== ATTENTION
Task: {CB02E8DD-A292-401A-A47E-8DBA30321AE1} - System32\Tasks\895e7e00 => C:\Users\Flavia\AppData\Local\Temp\\setup196104192.exe <==== ATTENTION
Task: {D042EFA4-DB30-481A-B3FC-A5462C3FB398} - System32\Tasks\37afaf80 => C:\Users\Flavia\AppData\Local\Temp\\setup445119232.exe <==== ATTENTION
Task: {D38E282A-7EF8-4878-A84E-332D25456102} - System32\Tasks\c3793e00 => C:\Users\Flavia\AppData\Local\Temp\\setup522615808.exe <==== ATTENTION
Task: {DDF5E073-5C25-4E88-A462-FFBEA129B65F} - System32\Tasks\66f0bd80 => C:\Users\Flavia\AppData\Local\Temp\\setup1887453440.exe <==== ATTENTION
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


BlueAzure 13.05.2015 19:32
Hab ich gemacht. Allerdings hat sich das FRST-Tool erstmal aufgehängt bevor es den Fix gemacht hat, hoffe der ist trotzdem richtig durchgelaufen.

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-05-2015
Ran by Flavia at 2015-05-13 20:15:38 Run:1
Running from C:\Users\Flavia\Desktop
Loaded Profiles: Flavia (Available profiles: Flavia)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
AppInit_DLLs: ´ê6 => ´ê6 File Not Found
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Toolbar: HKLM - No Name - {52836EB0-631A-47B1-94A6-61F9D9112DAE} -  No File
Toolbar: HKLM - No Name - {71576546-354D-41c9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
C:\ProgramData\DT0001.dat
C:\ProgramData\DT0006.dat
Task: {051D9757-8B82-499C-84F3-DAA24A3DE582} - System32\Tasks\939a6e80 => C:\Users\Flavia\AppData\Local\Temp\\setup43644544.exe <==== ATTENTION
Task: {144C66C0-FD3E-4C35-9168-C4146F8435E6} - System32\Tasks\9d0be300 => C:\Users\Flavia\AppData\Local\Temp\\setup115842944.exe <==== ATTENTION
Task: {276F4387-DDCA-4F09-B462-E5FFED32E870} - System32\Tasks\2e912b80 => C:\Users\Flavia\AppData\Local\Temp\\setup536466048.exe <==== ATTENTION
Task: {4E565704-159F-4924-B782-8174373FFBC5} - System32\Tasks\750dc200 => C:\Users\Flavia\AppData\Local\Temp\\setup1380827392.exe <==== ATTENTION
Task: {711D8645-65A8-4CE5-A3E0-00B3036124CE} - System32\Tasks\fb41c00 => C:\Users\Flavia\AppData\Local\Temp\\setup828756736.exe <==== ATTENTION
Task: {714A1540-2A02-4584-9649-0258C90D64F7} - System32\Tasks\39080f80 => C:\Users\Flavia\AppData\Local\Temp\\setup3143229824.exe <==== ATTENTION
Task: {75885767-6A67-4842-B477-2CCE374BD762} - System32\Tasks\f4e4a200 => C:\Users\Flavia\AppData\Local\Temp\\setup1919017344.exe <==== ATTENTION
Task: {7858E897-E286-44C6-81C1-5E3F359738AB} - System32\Tasks\5eb6d380 => C:\Users\Flavia\AppData\Local\Temp\\setup127876736.exe <==== ATTENTION
Task: {8B0E773E-3CCB-4481-AB1B-004E9DCCC22D} - System32\Tasks\a3509c80 => C:\Users\Flavia\AppData\Local\Temp\\setup3791351296.exe <==== ATTENTION
Task: {C63A36E3-FC0C-41F7-8401-31E28E135348} - System32\Tasks\72b7df00 => C:\Users\Flavia\AppData\Local\Temp\\setup2246522240.exe <==== ATTENTION
Task: {C7430DF4-E05F-4463-A94B-588BCEE90AC1} - System32\Tasks\84919c00 => C:\Users\Flavia\AppData\Local\Temp\\setup115568128.exe <==== ATTENTION
Task: {CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871} - System32\Tasks\ac67a900 => C:\Users\Flavia\AppData\Local\Temp\\setup2323362176.exe <==== ATTENTION
Task: {CB02E8DD-A292-401A-A47E-8DBA30321AE1} - System32\Tasks\895e7e00 => C:\Users\Flavia\AppData\Local\Temp\\setup196104192.exe <==== ATTENTION
Task: {D042EFA4-DB30-481A-B3FC-A5462C3FB398} - System32\Tasks\37afaf80 => C:\Users\Flavia\AppData\Local\Temp\\setup445119232.exe <==== ATTENTION
Task: {D38E282A-7EF8-4878-A84E-332D25456102} - System32\Tasks\c3793e00 => C:\Users\Flavia\AppData\Local\Temp\\setup522615808.exe <==== ATTENTION
Task: {DDF5E073-5C25-4E88-A462-FFBEA129B65F} - System32\Tasks\66f0bd80 => C:\Users\Flavia\AppData\Local\Temp\\setup1887453440.exe <==== ATTENTION
EmptyTemp:
       
*****************

"´ê6" => Value Data removed successfully.
"HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{52836EB0-631A-47B1-94A6-61F9D9112DAE} => value deleted successfully.
HKCR\CLSID\{52836EB0-631A-47B1-94A6-61F9D9112DAE} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{71576546-354D-41c9-AAE8-31F2EC22BF0D} => value deleted successfully.
HKCR\CLSID\{71576546-354D-41c9-AAE8-31F2EC22BF0D} => Key not found.
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
C:\ProgramData\DT0001.dat => Moved successfully.
C:\ProgramData\DT0006.dat => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{051D9757-8B82-499C-84F3-DAA24A3DE582}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{051D9757-8B82-499C-84F3-DAA24A3DE582}" => Key deleted successfully.
C:\Windows\System32\Tasks\939a6e80 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\939a6e80" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{144C66C0-FD3E-4C35-9168-C4146F8435E6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{144C66C0-FD3E-4C35-9168-C4146F8435E6}" => Key deleted successfully.
C:\Windows\System32\Tasks\9d0be300 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9d0be300" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{276F4387-DDCA-4F09-B462-E5FFED32E870}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{276F4387-DDCA-4F09-B462-E5FFED32E870}" => Key deleted successfully.
C:\Windows\System32\Tasks\2e912b80 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e912b80" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E565704-159F-4924-B782-8174373FFBC5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E565704-159F-4924-B782-8174373FFBC5}" => Key deleted successfully.
C:\Windows\System32\Tasks\750dc200 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\750dc200" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{711D8645-65A8-4CE5-A3E0-00B3036124CE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{711D8645-65A8-4CE5-A3E0-00B3036124CE}" => Key deleted successfully.
C:\Windows\System32\Tasks\fb41c00 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fb41c00" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{714A1540-2A02-4584-9649-0258C90D64F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{714A1540-2A02-4584-9649-0258C90D64F7}" => Key deleted successfully.
C:\Windows\System32\Tasks\39080f80 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\39080f80" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75885767-6A67-4842-B477-2CCE374BD762}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75885767-6A67-4842-B477-2CCE374BD762}" => Key deleted successfully.
C:\Windows\System32\Tasks\f4e4a200 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f4e4a200" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7858E897-E286-44C6-81C1-5E3F359738AB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7858E897-E286-44C6-81C1-5E3F359738AB}" => Key deleted successfully.
C:\Windows\System32\Tasks\5eb6d380 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\5eb6d380" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B0E773E-3CCB-4481-AB1B-004E9DCCC22D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B0E773E-3CCB-4481-AB1B-004E9DCCC22D}" => Key deleted successfully.
C:\Windows\System32\Tasks\a3509c80 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\a3509c80" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C63A36E3-FC0C-41F7-8401-31E28E135348}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C63A36E3-FC0C-41F7-8401-31E28E135348}" => Key deleted successfully.
C:\Windows\System32\Tasks\72b7df00 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\72b7df00" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7430DF4-E05F-4463-A94B-588BCEE90AC1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7430DF4-E05F-4463-A94B-588BCEE90AC1}" => Key deleted successfully.
C:\Windows\System32\Tasks\84919c00 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\84919c00" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871}" => Key deleted successfully.
C:\Windows\System32\Tasks\ac67a900 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ac67a900" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB02E8DD-A292-401A-A47E-8DBA30321AE1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB02E8DD-A292-401A-A47E-8DBA30321AE1}" => Key deleted successfully.
C:\Windows\System32\Tasks\895e7e00 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\895e7e00" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D042EFA4-DB30-481A-B3FC-A5462C3FB398}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D042EFA4-DB30-481A-B3FC-A5462C3FB398}" => Key deleted successfully.
C:\Windows\System32\Tasks\37afaf80 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\37afaf80" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D38E282A-7EF8-4878-A84E-332D25456102}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D38E282A-7EF8-4878-A84E-332D25456102}" => Key deleted successfully.
C:\Windows\System32\Tasks\c3793e00 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\c3793e00" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDF5E073-5C25-4E88-A462-FFBEA129B65F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDF5E073-5C25-4E88-A462-FFBEA129B65F}" => Key deleted successfully.
C:\Windows\System32\Tasks\66f0bd80 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\66f0bd80" => Key deleted successfully.
EmptyTemp: => Removed 2.3 GB temporary data.


The system needed a reboot.

==== End of Fixlog 20:21:11 ====


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:24 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131