Mbam.txt: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 02.05.2015
Suchlauf-Zeit: 19:32:18
Logdatei: mbam.txt
Administrator: Ja
Version: 2.01.6.1022
Malware Datenbank: v2015.05.02.03
Rootkit Datenbank: v2015.04.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Belinda
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 453871
Verstrichene Zeit: 37 Min, 33 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente gefunden)
Module: 0
(Keine schädliche Elemente gefunden)
Registrierungsschlüssel: 1
PUP.Optional.LuckSearches.A, HKLM\SOFTWARE\WOW6432NODE\luckysearchesSoftware, In Quarantäne, [3e9dfe903753d264dca8715ee91a51af],
Registrierungswerte: 1
PUP.Vulnerable.DellSystemDetect, HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|DellSystemDetect, C:\Users\Belinda\AppData\Local\Apps\2.0\H7YJZ2ZK.M3R\NYLNGZD2.NJP\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe, In Quarantäne, [cb106a241f6b9b9b34eb1fad689bc838]
Registrierungsdaten: 4
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.oursurfing.com/?type=hp&ts=1430247080&from=amt&uid=ST9500325AS_5VESZ085XXXX5VESZ085, Gut: (www.google.com), Schlecht: (hxxp://www.oursurfing.com/?type=hp&ts=1430247080&from=amt&uid=ST9500325AS_5VESZ085XXXX5VESZ085),Ersetzt,[3ba03955c5c5e94dbfa15bb7bd496e92]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.oursurfing.com/web/?type=ds&ts=1430247080&from=amt&uid=ST9500325AS_5VESZ085XXXX5VESZ085&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.oursurfing.com/web/?type=ds&ts=1430247080&from=amt&uid=ST9500325AS_5VESZ085XXXX5VESZ085&q={searchTerms}),Ersetzt,[5586bad452380432411ff919b650d828]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.oursurfing.com/?type=hp&ts=1430247080&from=amt&uid=ST9500325AS_5VESZ085XXXX5VESZ085, Gut: (www.google.com), Schlecht: (hxxp://www.oursurfing.com/?type=hp&ts=1430247080&from=amt&uid=ST9500325AS_5VESZ085XXXX5VESZ085),Ersetzt,[796229653f4bd46265fbf51de224d62a]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.oursurfing.com/web/?type=ds&ts=1430247080&from=amt&uid=ST9500325AS_5VESZ085XXXX5VESZ085&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.oursurfing.com/web/?type=ds&ts=1430247080&from=amt&uid=ST9500325AS_5VESZ085XXXX5VESZ085&q={searchTerms}),Ersetzt,[24b73a540a805ed8ff6141d119ed9a66]
Ordner: 11
PUP.Optional.VeggyAddon.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\veggy@veggyAddon.com, In Quarantäne, [d8033658c4c670c64cc3c00847bc05fb],
PUP.Optional.VeggyAddon.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\veggy@veggyAddon.com\chrome, In Quarantäne, [d8033658c4c670c64cc3c00847bc05fb],
PUP.Optional.VeggyAddon.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\veggy@veggyAddon.com\chrome\content, In Quarantäne, [d8033658c4c670c64cc3c00847bc05fb],
PUP.Optional.VeggyAddon.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\veggy@veggyAddon.com\chrome\skin, In Quarantäne, [d8033658c4c670c64cc3c00847bc05fb],
PUP.Optional.VeggyAddon.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\veggy@veggyAddon.com\modules, In Quarantäne, [d8033658c4c670c64cc3c00847bc05fb],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\content, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\skin, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\tools, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
Dateien: 40
PUP.Optional.VeggyAddon.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\veggy@veggyAddon.com\chrome.manifest, In Quarantäne, [d8033658c4c670c64cc3c00847bc05fb],
PUP.Optional.VeggyAddon.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\veggy@veggyAddon.com\install.rdf, In Quarantäne, [d8033658c4c670c64cc3c00847bc05fb],
PUP.Optional.VeggyAddon.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\veggy@veggyAddon.com\chrome\content\main.js, In Quarantäne, [d8033658c4c670c64cc3c00847bc05fb],
PUP.Optional.VeggyAddon.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\veggy@veggyAddon.com\chrome\content\main.xul, In Quarantäne, [d8033658c4c670c64cc3c00847bc05fb],
PUP.Optional.VeggyAddon.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\veggy@veggyAddon.com\chrome\skin\icon.png, In Quarantäne, [d8033658c4c670c64cc3c00847bc05fb],
PUP.Optional.VeggyAddon.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\veggy@veggyAddon.com\modules\XCipher.js, In Quarantäne, [d8033658c4c670c64cc3c00847bc05fb],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome.manifest, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\install.rdf, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\content\content.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\content\html5slider.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\content\jquery-1.8.3.min.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\content\li.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\content\main.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\content\main.xul, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\content\options.html, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\content\options.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\content\tools.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\content\tr.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\content\zoom.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\skin\button.png, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\skin\icon32x32-disabled.png, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\skin\icon32x32.png, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\skin\options.css, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\skin\options_bg.png, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\skin\otaznik.png, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\chrome\skin\slider.png, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\addon_d.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\addon_info.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\file_cacher.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\guid.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\observer.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\pref_man.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\pu_upd.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\timer.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\time_passed.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\xcipher.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\tools\days_passed.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\tools\ff_info.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\tools\firstrun.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
PUP.Optional.ZoomIt.A, C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\extensions\{57763f9e-18cd-1926-9267-e5fe3d6b0c07}\modules\tools\os.js, In Quarantäne, [3d9e5935513948ee3b428cc0e422ad53],
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end)
AdwCleaner.txt Code:
# AdwCleaner v4.203 - Bericht erstellt 02/05/2015 um 20:44:56
# Aktualisiert 30/04/2015 von Xplode
# Datenbank : 2015-05-02.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Belinda - QUEENIXX
# Gestarted von : C:\Users\Belinda\dwhelper\Downloads\adwcleaner_4.203.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : QQPCRTP
[#] Dienst Gelöscht : ReimageRealTimeProtector
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\rei
Ordner Gelöscht : C:\ProgramData\baidu
Ordner Gelöscht : C:\ProgramData\MountainApp
Ordner Gelöscht : C:\ProgramData\Reimage Protector
Ordner Gelöscht : C:\ProgramData\KingSoft
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
Ordner Gelöscht : C:\Program Files (x86)\Movies Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Common Files\baidu
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\baidu
Ordner Gelöscht : C:\Program Files\Reimage
Ordner Gelöscht : C:\Users\Belinda\AppData\Roaming\baidu
Datei Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pfmopbbadnfoelckkcmjjeaaegjpjjbk_0.localstorage
Datei Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pfmopbbadnfoelckkcmjjeaaegjpjjbk_0.localstorage-journal
Datei Gelöscht : C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
Datei Gelöscht : C:\Windows\Reimage.ini
***** [ Geplante Tasks ] *****
Task Gelöscht : Reimage Reminder
Task Gelöscht : ReimageUpdater
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Belinda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Belinda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Belinda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Belinda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Belinda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BDDownloadProxy.Downloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BDDownloadProxy.Downloader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{91B5E4DE-4C97-41CD-9F94-84BFAABB7371}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{554EBE31-AEC1-4E34-BCE3-606467760D88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{36E6A19A-6C8C-4250-B42A-24B8D3514ABA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15DEE173-1BE9-4424-81E0-58A87076E9B1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{15DEE173-1BE9-4424-81E0-58A87076E9B1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{85E0B1AA-04FA-11D1-B7DA-00A0C90348D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\Reimage
Schlüssel Gelöscht : HKLM\SOFTWARE\SafetyNut
Schlüssel Gelöscht : HKLM\SOFTWARE\Baidu
Schlüssel Gelöscht : HKLM\SOFTWARE\SiteSee
Schlüssel Gelöscht : HKU\.DEFAULT\Software\ImInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Reimage
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\DF917BEA0BDE9E345B42099FC7E14699
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\DF917BEA0BDE9E345B42099FC7E14699
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF917BEA0BDE9E345B42099FC7E14699
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\anisearch.de
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchnu.com
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:51116;hxxps=127.0.0.1:51116
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17728
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v37.0.2 (x86 de)
[1obdb2lb.default-1381238947563\prefs.js] - Zeile Gelöscht : user_pref("extensions.aF9dRfAAB.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumoro[...]
-\\ Google Chrome v35.0.1916.153
-\\ Comodo Dragon v
-\\ Chrome Canary v
*************************
AdwCleaner[R2].txt - [8523 Bytes] - [02/05/2015 20:42:28]
AdwCleaner[S2].txt - [8035 Bytes] - [02/05/2015 20:44:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [8094 Bytes] ##########
JRT.txt Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.7 (04.30.2015:1)
OS: Windows 7 Home Premium x64
Ran by Belinda on 02.05.2015 at 20:55:03,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\PCDEventLauncherTask
Successfully deleted: [Task] C:\Windows\system32\tasks\PCDoctorBackgroundMonitorTask
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{E19990DF-6FB7-4B55-A59B-6A5188750476}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E19990DF-6FB7-4B55-A59B-6A5188750476}
~~~ Files
Failed to delete: [File] C:\Users\Belinda\AppData\Roaming\nyiyirds\subcalal.dll [Adware.AdPeak?]
Successfully deleted: [File] C:\Windows\prefetch\BAIDUAN.EXE-01CD5C42.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUANBUGRPT.EXE-F2C3CB4E.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUANSVC.EXE-3E4527CE.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUANUPDATE.EXE-1313B7D9.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUHIPS.EXE-6F66C4BE.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUHIPSBUGRPT.EXE-56CF248A.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUHIPSUPDATE.EXE-771F1115.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUSD.EXE-7F48E5DE.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDBUGRPT.EXE-6FB4CFAA.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDSVC.EXE-E218B34A.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDUPDATE.EXE-9004BC35.pf
~~~ Folders
Failed to delete: [Folder] C:\Users\Belinda\AppData\Roaming\nyiyirds [Adware.AdPeak?]
Successfully deleted: [Folder] C:\ProgramData\pcdr
Successfully deleted: [Folder] C:\ProgramData\tencent
Successfully deleted: [Folder] C:\Users\Belinda\appdata\locallow\pcdr
Successfully deleted: [Folder] C:\Users\Belinda\AppData\Roaming\pcdr
Successfully deleted: [Folder] C:\Users\Belinda\AppData\Roaming\tencent
~~~ FireFox
Emptied folder: C:\Users\Belinda\AppData\Roaming\mozilla\firefox\profiles\1obdb2lb.default-1381238947563\minidumps [33 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.05.2015 at 21:01:20,30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.7 (04.30.2015:1)
OS: Windows 7 Home Premium x64
Ran by Belinda on 02.05.2015 at 20:55:03,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\PCDEventLauncherTask
Successfully deleted: [Task] C:\Windows\system32\tasks\PCDoctorBackgroundMonitorTask
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{E19990DF-6FB7-4B55-A59B-6A5188750476}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E19990DF-6FB7-4B55-A59B-6A5188750476}
~~~ Files
Failed to delete: [File] C:\Users\Belinda\AppData\Roaming\nyiyirds\subcalal.dll [Adware.AdPeak?]
Successfully deleted: [File] C:\Windows\prefetch\BAIDUAN.EXE-01CD5C42.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUANBUGRPT.EXE-F2C3CB4E.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUANSVC.EXE-3E4527CE.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUANUPDATE.EXE-1313B7D9.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUHIPS.EXE-6F66C4BE.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUHIPSBUGRPT.EXE-56CF248A.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUHIPSUPDATE.EXE-771F1115.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUSD.EXE-7F48E5DE.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDBUGRPT.EXE-6FB4CFAA.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDSVC.EXE-E218B34A.pf
Successfully deleted: [File] C:\Windows\prefetch\BAIDUSDUPDATE.EXE-9004BC35.pf
~~~ Folders
Failed to delete: [Folder] C:\Users\Belinda\AppData\Roaming\nyiyirds [Adware.AdPeak?]
Successfully deleted: [Folder] C:\ProgramData\pcdr
Successfully deleted: [Folder] C:\ProgramData\tencent
Successfully deleted: [Folder] C:\Users\Belinda\appdata\locallow\pcdr
Successfully deleted: [Folder] C:\Users\Belinda\AppData\Roaming\pcdr
Successfully deleted: [Folder] C:\Users\Belinda\AppData\Roaming\tencent
~~~ FireFox
Emptied folder: C:\Users\Belinda\AppData\Roaming\mozilla\firefox\profiles\1obdb2lb.default-1381238947563\minidumps [33 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.05.2015 at 21:01:20,30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by Belinda at 2015-05-02 21:04:35
Running from C:\Users\Belinda\dwhelper\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1432196140-1771900234-4215042517-500 - Administrator - Disabled)
Belinda (S-1-5-21-1432196140-1771900234-4215042517-1001 - Administrator - Enabled) => C:\Users\Belinda
Gast (S-1-5-21-1432196140-1771900234-4215042517-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1432196140-1771900234-4215042517-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 3.9 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock 2 (HKLM-x32\...\{4A8B461A-9336-4CF9-98F4-14DD38E673F0}) (Version: 1.00.0000 - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
ClipGrab 3.4.9 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - Philipp Schmieder Medien)
Crawler 3D Fireplace (HKLM-x32\...\{CDAFD956-97BE-443D-8EF7-F4F094EB5766}_SAV_3DFIREPLACE) (Version: - Crawler, LLC)
Curse Client (HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3E90B7F4-1817-4405-B4A5-E4EA5EC0E2B3}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell System Detect (HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\...\9204f5692a8faf3b) (Version: 5.10.0.8 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.217 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.52 - Dell Inc.)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.44.0 - International GeoGebra Institute)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417015FF}) (Version: 7.0.150 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java SE Development Kit 7 Update 15 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170150}) (Version: 1.7.0.150 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LINE (HKLM-x32\...\LINE) (Version: 4.0.1.313 - LINE Corporation)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft1.5.1 (HKLM-x32\...\Minecraft1.5.1) (Version: - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Network Notepad 4.6.9 (HKLM-x32\...\Netnotep_is1) (Version: - Jason Green)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
Novell Vibe Desktop 64-bit 1.0 (HKLM\...\{CA0D6979-21D2-40C1-AC0B-A34F944EC45C}) (Version: 1.0.0.17399 - Novell, Inc.)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Oracle VM VirtualBox 4.1.22 (HKLM\...\{883F56F3-B9E7-4B07-8F6D-2BEF6291DF16}) (Version: 4.1.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Screen Recorder 1.0 (HKLM-x32\...\{4CEC58D7-3667-4C30-8AB1-13ED2A5487FA}_is1) (Version: 1.0.0.4 - hxxp://freerecorders.com)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
ShowShifter (HKLM-x32\...\ShowShifter) (Version: - )
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sony PC Companion 2.10.188 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.188 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VH Toolkit 1.0.30.0 (HKLM-x32\...\VH Toolkit_is1) (Version: - Hmelyoff Labs)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.0.0.0 - Azureus Software, Inc.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2500 - Broadcom Corporation)
WildTangent Games App (Dell Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-2 - BitNami)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1432196140-1771900234-4215042517-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Belinda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1432196140-1771900234-4215042517-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-1432196140-1771900234-4215042517-1001_Classes\CLSID\{7d1136e6-470c-41aa-8ae5-b8db9ded6ddb}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1432196140-1771900234-4215042517-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Belinda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1432196140-1771900234-4215042517-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Belinda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1432196140-1771900234-4215042517-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Belinda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1432196140-1771900234-4215042517-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Belinda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
24-04-2015 15:40:51 Windows Update
27-04-2015 15:55:51 Windows Update
29-04-2015 07:57:05 Microsoft Antimalware Checkpoint
30-04-2015 17:07:08 Revo Uninstaller's restore point - Software Version Updater
30-04-2015 17:12:00 Revo Uninstaller's restore point - lection
30-04-2015 17:13:37 Revo Uninstaller's restore point - Movies Toolbar(Dist. by Azureus Software, Inc.) for Firefox
30-04-2015 17:15:34 Revo Uninstaller's restore point - sAAvue on
01-05-2015 09:46:43 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-04-30 09:49 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {003CE8D0-B628-495F-AF71-5FCEA53834F6} - System32\Tasks\{D425CE48-0F2F-4B0B-9D66-A7AF9798F4C3} => pcalua.exe -a "C:\Users\Belinda\M2\Documents\Vuze Downloads\PaintTool SAI 1.0.1\Install.exe" -d "C:\Users\Belinda\M2\Documents\Vuze Downloads\PaintTool SAI 1.0.1"
Task: {0FF9826D-9419-4382-82F2-DCC06E2E8C1C} - System32\Tasks\{AFF8AE6D-C1E9-4421-9FC3-92E3843900E6} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.60.102/de/abandoninstall?page=tsMain
Task: {162F0C4C-B0D3-4683-940A-72869FFA066B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {169F6838-AC82-4DD4-881A-F224CDF3DE93} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
Task: {18D90D48-9820-4C82-ADD6-505043C428BF} - System32\Tasks\{64698EA9-AC20-48D3-89FC-74686F1D8121} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {1F111C6F-066D-44D2-9732-A38EE45D6DDD} - System32\Tasks\{C57A53CA-F269-43DC-BC00-36E051C43FB4} => C:\Program Files\Microsoft Office\Office15\WINWORD.EXE [2015-03-24] (Microsoft Corporation)
Task: {2562F549-1286-4C81-8F18-34BCC538FDE5} - System32\Tasks\{85204892-237E-4B81-9969-91AA9528BF13} => C:\Program Files\Microsoft Office\Office15\WINWORD.EXE [2015-03-24] (Microsoft Corporation)
Task: {27FC83DA-DE75-4F5F-BF54-D584B3D81FF7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {30E32499-AA69-463C-87E9-FAB3280AEA44} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {30F1B1A4-F654-4EA1-97C2-9AE7BC7040E8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3C0504A9-F0CF-4FB4-AB89-31F1ED2FBCAA} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {45B45BA6-32FF-4A86-8A32-583775C8B3EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {4B3DB016-769C-4584-997F-F30D2722C417} - System32\Tasks\{FD4E808B-150B-4DA6-82EF-D168BA20D698} => pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\\Uplay.exe" -c uplay://uninstall/625
Task: {4EE8B216-1997-401A-A982-6675CF6AA2EA} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {5DA4CBEF-078B-4640-9FC2-F124C3E05C8C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {5EFC2F4F-5866-4B0E-A0F6-C5778FDD185F} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {60981396-8E41-4D14-BD86-F60B72C1034B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6925EB37-0F28-472D-95E7-D9586471DFEA} - System32\Tasks\{08169894-71C7-41FE-8C59-3C26BB7B473D} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.60.102/de/abandoninstall?page=tsBing
Task: {6A6511E9-8A7C-4FEF-9F52-439B7C86CCF6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {71A09E9F-BB50-4DF8-9802-9C10E3655AC1} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {777F5872-2E8F-419B-98FD-B122A7B889D1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {7BE5822E-744A-4F79-B162-0B156BDDE393} - System32\Tasks\{D059BDD4-852F-49E5-91A8-11FE41D9189E} => Firefox.exe
Task: {8B5B67EF-4D31-40D2-8FD7-6BDBA2750880} - System32\Tasks\{61C9DBC5-09D7-47A1-AF31-0DD4CB996EC2} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-03-06] (Broadcom Corporation.)
Task: {913C8B18-94E1-485D-A8C8-4C74FE18E85B} - System32\Tasks\{10B5F54E-D356-41A6-8D5A-8D1F35078BAF} => pcalua.exe -a "C:\Users\Belinda\M2\Documents\Vuze Downloads\rzr-skrm\install.exe" -d "C:\Users\Belinda\M2\Documents\Vuze Downloads\rzr-skrm"
Task: {9274DFCF-B48A-409E-AD19-09554674AFAE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {954AFBB9-CACF-417C-9A1C-A094327BF52E} - System32\Tasks\{AF52A664-B800-4985-B684-3DB3775A4D4F} => C:\Program Files\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe
Task: {9DA0B75B-9A57-4FE3-B4B3-CBD09EF4A638} - \PCDEventLauncherTask No Task File <==== ATTENTION
Task: {9E8AE981-1C5A-425C-9403-B06604AD0EF1} - System32\Tasks\{37DB6B3B-24D3-41FE-8C6E-AFCCC02FA676} => pcalua.exe -a "C:\Users\Belinda\Documents\Vuze Downloads\Left 4 Dead 2 V2.0.2.7 Full-Rip {blaze69}-1\Left 4 Dead 2\#Support#\vcredist_x86\vcredist_x86.exe" -d "C:\Users\Belinda\Documents\Vuze Downloads\Left 4 Dead 2 V2.0.2.7 Full-Rip {blaze69}-1\Left 4 Dead 2" -c /q
Task: {9FD839E7-6F57-4F3E-B803-BC397D8CF618} - System32\Tasks\{87B59C41-63AE-4EB4-9B61-36B6C5989F76} => Firefox.exe
Task: {A24B3C1A-70F9-4BA2-9F0D-D955176806A7} - \PCDoctorBackgroundMonitorTask No Task File <==== ATTENTION
Task: {AC203361-3C1B-46A7-A684-8F7BFD55B746} - System32\Tasks\{392748DE-1992-47F3-ADAC-34B52537B5EE} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {B336CD99-7E4E-4E6C-BB52-67EBC5881792} - System32\Tasks\{A85F6F04-052B-4224-8E1D-96C109F56B1E} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{9CCB3527-C033-415C-88B6-27173B5E3592}\setup.exe" -c -runfromtemp -l0x0407 -removeonly
Task: {B4DD9B4B-FA90-42C8-859C-366F39AC7527} - System32\Tasks\{43426D0C-2840-40B1-885F-B5DAE5D333FF} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {C290A6E6-A3E6-4C32-A0F3-3C08E257A2A6} - System32\Tasks\{DC242968-6CFA-4B78-82E2-32BA5D747072} => pcalua.exe -a "C:\Users\Belinda\Spiele\LEGO Batman 2 DC Super Heroes [PC ~ ENG - Sub Ita Fra Deu Esp Pol Dan Por Ned Rus][RELOADED][Colombo-BT.i2p]\LEGO Batman 2 DC Super Heroes [PC ~ ENG - Sub Ita Fra Deu Esp Pol Dan Por Ned Rus][RELOADED]\rld-legobat2\Launcher.exe" -d "C:\Users\Belinda\Spiele\LEGO Batman 2 DC Super Heroes [PC ~ ENG - Sub Ita Fra Deu Esp Pol Dan Por Ned Rus][RELOADED][Colombo-BT.i2p]\LEGO Batman 2 DC Super Heroes [PC ~ ENG - Sub Ita Fra Deu Esp Pol Dan Por Ned Rus][RELOADED]\rld-legobat2"
Task: {DA4F2E1D-8512-414E-95F4-C5F987EC5BCB} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {DF96CB30-1F76-4F55-85CF-5FECFFE0D917} - System32\Tasks\{C6238737-8183-47DD-9983-07AC2471B430} => C:\Program Files\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe
Task: {E5C16C27-AF69-43A4-8A81-486BEB7B9C7D} - System32\Tasks\{CF0D215B-989B-40DD-80DA-03DF1C4B3E41} => C:\Program Files\Microsoft Office\Office15\WINWORD.EXE [2015-03-24] (Microsoft Corporation)
Task: {E754DCF1-CBE1-43EB-AAD4-1B7A0A947C12} - System32\Tasks\{9CE87621-B0FF-4B20-BBC1-176D52210A67} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-03-06] (Broadcom Corporation.)
Task: {EB03C167-1DA4-4622-A073-846A2A12B6C9} - System32\Tasks\{33F5561D-4D5C-4229-9E4D-EEA1B37208AB} => pcalua.exe -a c:\progra~2\crawler\ssaver\cssaver.exe -c /UNINST_SAV_3DFIREPLACE
Task: {EBE528AE-F1C7-497D-8F34-4C05B015E9E2} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {EC5C1C3F-73E1-4AC7-B41C-A7DB05934789} - System32\Tasks\{CAEBA7BF-B00F-49A8-8F94-7D6C89BF0491} => C:\Program Files\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe
Task: {EFBED716-74F2-402A-B30F-A31BCDF40309} - System32\Tasks\{9403A9C1-7DB1-430D-A40F-AB8EC2DE7063} => pcalua.exe -a "C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\GUninstaller.exe" -c -uprtc -key "BabylonToolbar"
Task: {F3FDEDBB-E8DD-4D88-A809-2C224D767A10} - System32\Tasks\{22710777-211C-4E7B-B2D4-052FEFC208EB} => pcalua.exe -a D:\setup.exe -d D:\
Task: {F859CECB-B4B3-4301-BFE0-B28FDCE8352F} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {F9FC3C86-2CD6-4EC7-BD71-615029A45AED} - System32\Tasks\AdobeAAMUpdater-1.0-Belinda-PC-Belinda => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {FC1B8405-F529-4F78-A896-F8C1C585BEE1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-13 21:06 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-12-18 15:42 - 2015-04-09 02:58 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-05-02 20:56 - 2015-05-02 20:56 - 00133120 _____ () C:\Users\Belinda\AppData\Roaming\juvaquse\subcalal.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138 - 8.8.8.8
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{663CBDFE-F086-477D-B03C-556D376E64C9}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{630A436A-489A-4F9E-973A-30FFC71EDCC2}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{7C7AD4A8-8D9C-4068-BA47-28249063C22D}] => (Allow) C:\Program Files\dell stage\musicstage\musicstageengine.exe
FirewallRules: [{E2FD35B9-683C-4F32-AA84-83350F24FE2D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{00CA5D22-CCEB-4B79-BBB7-DA683C9AF3C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{160A4750-8C2F-401D-B10F-6E85C0AF18ED}] => (Allow) C:\Program Files (x86)\2K Games\BioShock 2\SP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{3FEBB75B-3473-41DD-BA14-D42B61805DC5}] => (Allow) C:\Program Files (x86)\2K Games\BioShock 2\SP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{27A11D3D-BB9D-4EF6-8CE7-17BB9766B345}] => (Allow) C:\Program Files (x86)\2K Games\BioShock 2\MP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{9FCC6CB2-D063-4E63-920C-072D4EAEBC2D}] => (Allow) C:\Program Files (x86)\2K Games\BioShock 2\MP\Builds\Binaries\Bioshock2.exe
FirewallRules: [{5C301F1E-F9BA-445D-A5E6-38A5DDCB0C2B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{F891C5BC-7914-461D-88E6-1611686FF7B2}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{BBF2D40C-373D-4828-9F15-4288288C57DD}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{020F471A-1793-4488-8EC6-E0EB52E78ECC}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{E636088B-E103-4119-A8D7-A993C5678C00}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{15A75F1D-6415-4A4D-A1DD-EF0F878C6773}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{27C932A8-1A34-4105-981A-890823A5AB14}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{DC35ED99-D4AD-4134-851C-D81EE46CF9A4}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{1223D4D7-F12B-4C01-8B54-255599586EFA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{8D9C5420-1FFE-4079-A0D1-00B7AC3F21DE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [TCP Query User{A387FF59-3CB4-4A7B-B5C6-D6A6AA5F6E2B}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [UDP Query User{BC9082D0-A647-463F-BF4D-E195305252B3}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [TCP Query User{67211533-83E4-42E1-B437-7EE4926DE295}C:\program files (x86)\activision\call of duty - world at war\codwaw.unpacked.exe] => (Allow) C:\program files (x86)\activision\call of duty - world at war\codwaw.unpacked.exe
FirewallRules: [UDP Query User{B07BA5A7-69C2-4246-933F-F9571DA16525}C:\program files (x86)\activision\call of duty - world at war\codwaw.unpacked.exe] => (Allow) C:\program files (x86)\activision\call of duty - world at war\codwaw.unpacked.exe
FirewallRules: [{EF276D30-4A6F-428E-88B6-6F0AEE255CEC}] => (Block) C:\program files (x86)\activision\call of duty - world at war\codwaw.unpacked.exe
FirewallRules: [{D5AAA65E-DD5E-4E0A-AA4C-E0CF7A02D296}] => (Block) C:\program files (x86)\activision\call of duty - world at war\codwaw.unpacked.exe
FirewallRules: [{592BC288-F776-4A81-A559-3374B01FCA96}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{F3463252-2EDB-47EC-B60D-8E8419FC3C6B}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{8A5E696B-BE9A-4ACD-B2A1-05D0668B1AF5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{376341FB-FA31-4856-BAA5-56EEF1066E96}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{58F6CC77-1AA6-44D6-AF9C-6FF8BF6F3CDE}C:\program files (x86)\left 4 dead 2 the sacrifice + game + online tool - roydolfje\left4dead2.exe] => (Allow) C:\program files (x86)\left 4 dead 2 the sacrifice + game + online tool - roydolfje\left4dead2.exe
FirewallRules: [UDP Query User{B620D8F0-2700-478B-82FF-B791DD3B8F34}C:\program files (x86)\left 4 dead 2 the sacrifice + game + online tool - roydolfje\left4dead2.exe] => (Allow) C:\program files (x86)\left 4 dead 2 the sacrifice + game + online tool - roydolfje\left4dead2.exe
FirewallRules: [TCP Query User{E3A9336E-1FAC-485D-A94C-1390FB2CA112}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{3DF1CF35-34B4-4ADE-898D-664F4BD33C7B}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [{4AB06823-E9A8-4331-9CF8-77D020042424}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{5B9DDFD0-BEC8-4625-9B1B-2EE33FC74D53}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{A5C0A40E-3B6F-44A9-BBFE-B070C30A3A29}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{345343AF-346D-4F28-BC7B-3F32AE1EC197}] => (Allow) LPort=2869
FirewallRules: [{758628A2-7681-4E1A-8736-D0536338F849}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{2964F7D1-9840-4531-B202-3485D44183D7}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{B9EACF3C-78E1-48CC-9B98-02E9573AEAAD}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{D748D676-B189-41FF-B0E7-41FB5AD4408E}] => (Allow) LPort=49221
FirewallRules: [{B86A6B1C-311B-4361-91FC-9FDFA4DEC0CD}] => (Allow) LPort=5000
FirewallRules: [{441011E7-A27B-49B3-80DB-E792D2B7DF95}] => (Allow) LPort=53970
FirewallRules: [{DC6E1854-5DDC-4C72-8D1C-7BB154CBF2D2}] => (Allow) LPort=5000
FirewallRules: [{6C0CFDB4-3B4E-4AB3-A5D2-97A15F478C3B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A8460F70-7AF5-46D1-AA83-A8E53B612B6B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{BD65CAAC-145F-4C5B-8BBB-21F25F43EE6D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3367486C-5288-406A-BF95-6175F9C763A4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{145FB488-A44C-48E0-85AA-7008FD0EE021}] => (Allow) C:\Program Files\Microsoft Office\Office15\outlook.exe
FirewallRules: [TCP Query User{62F80126-BD50-4BF3-BA3C-CFBD9D158878}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{690CE980-EF1E-4F3B-A2EC-99759A2412E8}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{1C73091C-1D56-422A-8C09-6611961D265D}C:\windows\syswow64\java.exe] => (Block) C:\windows\syswow64\java.exe
FirewallRules: [UDP Query User{FD20D915-0908-4E23-8737-7187E87CEEAD}C:\windows\syswow64\java.exe] => (Block) C:\windows\syswow64\java.exe
FirewallRules: [TCP Query User{40B627ED-2179-464C-9767-0571562D11DE}C:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe] => (Block) C:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe
FirewallRules: [UDP Query User{B3BE8B61-B6CB-4B64-9EA0-D14935D90DF6}C:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe] => (Block) C:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe
FirewallRules: [TCP Query User{9460CC38-1299-4180-BB6D-06A2FE564283}C:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe] => (Allow) C:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe
FirewallRules: [UDP Query User{357DC0F4-EED9-4BC3-9E00-288881B6518D}C:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe] => (Allow) C:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe
FirewallRules: [TCP Query User{4E150575-7721-45EB-BA2C-0C43046A493B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{C59EB5B2-C8C8-4B34-8C91-084E64BBA260}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{32DDD059-A24D-46A3-84A7-BB0A936F615D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{0DE7FDE3-F4AD-45E1-99C3-5B77DFC6E230}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{1EF7806C-1864-4656-832B-90C6065EDFA3}] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{5775C6E8-FDDF-4DFE-855A-CF2E1C7067FC}] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{5EB55CD0-B636-4907-8631-1BCC3B569110}] => (Allow) C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\TNT2User.exe
FirewallRules: [{8279CC7F-93E8-4874-A16A-30F230B0EC60}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E3CACE51-ED59-469E-8CF9-7A14F3671239}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B42A7AB1-ADB9-47A9-BE45-48E7000D062D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{77FA2251-62B9-4016-BA5B-5A03E52A59B2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{89757638-F985-4DB9-B9E6-5D1177CE09F8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{38EB2054-96B5-421C-AD56-5887D6EA5B7F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [TCP Query User{E28D8AF3-B3D0-41E4-8252-7BCE363D35A0}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{311E6413-CC4F-41D0-AB80-4E9C402403F3}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{B87D1FCC-CAE6-4F85-B8B5-7428B9CF50CE}] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{CACA1DF1-2D6F-4FCE-A9B4-CC86AEFA98D1}] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{3847B183-3934-4B41-8C37-2AEBC118A898}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [UDP Query User{A220497E-EB5C-402D-B837-8E2A728FFF80}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{AE5A8060-BDFC-4421-937F-74F42B77E78F}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{EF517E46-D1BA-40CA-A4BE-B95C677ABB64}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{8E76245A-5F22-44ED-9358-CF9BA106806C}] => (Allow) C:\Users\Belinda\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6F9C1E23-95FD-49F6-9323-86D4297174B2}] => (Allow) C:\Users\Belinda\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{016DD74D-F551-4B82-BFDD-6C9FDC3A9110}] => (Allow) C:\Users\Belinda\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9D159BC0-A3DE-42DA-B373-E6C8A6A73B6F}] => (Allow) C:\Users\Belinda\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{530E5CA9-027A-4834-BA34-B0B7DB43F70A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A84D7F6B-C836-4CB9-B161-0D5877153333}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{B7FE41B2-0CAB-438A-B05E-D75F6A49829F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B81787EA-8102-4FD9-9C00-345AA2256382}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{263C58FA-E484-447A-8741-F7D28AA17F95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F8C81CF3-A2F6-4202-B77C-63D703F0CF2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FA9C8460-08CA-4D2F-A6C4-85B7F5F84F64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E45B4B0A-6D6A-4618-A212-B5550C20A976}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{776AFE36-92EB-4679-858A-CFFDC832FAAC}] => (Allow) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
FirewallRules: [{9643AAAA-D73B-48A5-B8F2-26A9CFF2B001}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{812B1E82-DFD2-44E3-99CF-230E40F1392C}] => (Allow) C:\users\belinda\documents\vuze downloads\left 4 dead 2 v2.0.2.7 full-rip {blaze69}\left 4 dead 2\left4dead2.exe
FirewallRules: [{92677026-CEE1-4806-81B7-9829B6EB032D}] => (Allow) C:\users\belinda\appdata\local\akamai\netsession_win.exe
FirewallRules: [{162A0B1B-DB38-4C40-93D4-CA45494BD8A3}] => (Allow) C:\users\belinda\spiele\dishonored nosteam\binaries\win32\dishonored.exe
FirewallRules: [{8641C670-3032-429B-B339-919AB599352B}] => (Allow) C:\users\belinda\spiele\dead island\myprog\deadislandgame.exe
FirewallRules: [{7037E06B-080B-4644-910B-6B3981DE8F63}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{AA8DC8D8-4F70-4766-9C19-472B4C089B0D}] => (Allow) C:\Program Files (x86)\A1\A1 Breitband\A1Breitband.exe
FirewallRules: [{81702258-DB32-4B57-937B-D7620B514D6B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{4171F74B-C537-439C-B9FA-526EDC0F4B54}] => (Allow) C:\users\belinda\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [{30AF46E7-2090-428D-9DBE-5863F11DDF9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{CC4F2610-F971-4406-9710-26DBCCEF64C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Epigenesis\Binaries\Win32\Epigenesis.exe
FirewallRules: [{8A8C1BD0-909C-4E11-B5CF-37C7B178F7BD}] => (Block) C:\program files (x86)\steam\steamapps\common\epigenesis\binaries\win32\lochgame.exe
FirewallRules: [{79797EF1-577F-487E-8C4F-B637722A3D36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{6E7A9093-838E-4A24-855A-8FE48B24A857}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C639E049-69CA-4F35-BEEA-59269BE6D473}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{1BA8F622-4A42-4FFB-838F-0F8BC13C3741}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{0F492CD4-5AC6-41BE-BC46-5407FCE4D2F7}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{860FA1D2-8EAD-4FB7-A732-C7BB973DD0B9}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{B7EF4023-5E83-4DD0-999C-4C171BEFB908}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{2BF7F6FD-2F1A-462C-A1FB-05E221026677}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{2AF1106F-CBC3-41CD-A817-D6A601906AF3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DA84496B-CE3A-4687-898A-08E75FA94C5F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F17707A4-260D-44AE-A149-15ABA6A4C534}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{BB5521BF-803D-484F-99DB-AD3980944E64}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [TCP Query User{9297A288-AB53-451F-9386-D0C12B5725A4}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [UDP Query User{15C3A5B6-B0F3-47ED-A034-28FCB32A6182}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{A0DD838B-4D83-4DCC-8E19-2B5D90077600}] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{46B2CD58-AC1B-4F84-99E5-594661E207DF}] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{D023B744-371D-4ECC-B6EC-F0007BBE2D6C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{FE390BB6-7209-455C-89E6-FA9936A88985}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{555F0591-2901-4FAF-8504-1E65A29AE558}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{AA85FD64-D007-4188-A3BE-49AB8A3334C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{E38E0A0C-1681-42F3-BAD2-B767E6527444}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{031E3896-5A5A-4751-9DFC-D48B9B86F1BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{64A03824-D23A-4DB6-815F-403AFE0F4350}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5E78142A-159B-4080-BF8E-3E228344F5A4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7231FBB7-6E05-43F4-9442-7DB3A5EF83EC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F8978081-1B9E-4B04-8575-2355B66A00E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{6D0DB6CB-0D10-4947-86DA-25CA1CDA3808}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BFC80092-B22B-475B-A0C7-BE57DA9EBB48}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{D31FB1DB-2CC5-4DA9-B4F8-D31B0612459C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{8561D884-B1C9-472F-A170-84FB5DE57730}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{7F2698E5-9257-450B-8ECC-7A8B868B10D5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{5707F6BE-8B33-4679-AF4D-4830F1E08DEA}C:\programdata\battle.net\agent\agent.3669\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3669\agent.exe
FirewallRules: [UDP Query User{73C372AA-18A5-4B41-BBA9-77847FB98459}C:\programdata\battle.net\agent\agent.3669\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3669\agent.exe
FirewallRules: [{AEB1E8FF-5C9B-41DE-B3BA-6A6F3F6922B6}] => (Block) C:\programdata\battle.net\agent\agent.3669\agent.exe
FirewallRules: [{91629726-E655-4584-939C-25C68C9D53B5}] => (Block) C:\programdata\battle.net\agent\agent.3669\agent.exe
FirewallRules: [{D7C0F7A0-41D2-4062-87F8-E72F6C646415}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D669D438-2437-458A-8CF0-C5ED3D25481E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{31602285-E38F-4CBC-B2AA-A921E7A7DDFE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5A2D0BC6-458C-4446-BED9-3BC93C100949}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF99C7E2-08A8-4291-8098-4B86B8DF4279}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{A4EEA696-839C-40BB-8A8F-834F167ED925}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{98ED4994-3600-4BA7-891A-F3E3BD7BE9F5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{0323C2B1-C087-46DA-8A17-493AF30E76EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{018C1414-BA93-42E1-9488-3E43977BA077}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2E38C73C-0826-4D7A-844E-485C96996772}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{85F6687A-30F9-4DFC-87B8-4CE2A8BC9D36}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7358AADA-49E5-49AA-A192-1BE82689516B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2687FBEE-52C0-4820-A5DC-2D5D9A391630}] => (Allow) C:\Users\Belinda\AppData\Local\Temp\nsmFA7A.tmp\CnetInstaller-75937532.exe
FirewallRules: [{4A5B7BB3-C247-436F-B049-93E15888CFE3}] => (Allow) C:\Users\Belinda\AppData\Local\Temp\nsmFA7A.tmp\CnetInstaller-75937532.exe
FirewallRules: [TCP Query User{8201017C-A249-4641-880E-6B793D51E2D0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E30EFEB2-C691-40B1-B053-0FE57F579B73}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{0AC0F2B8-DD3E-4C65-80E0-67585D3B7D9E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4D6CC72C-798F-4893-A995-AE038AF3EF24}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3BA25BB1-444F-4174-9663-46928BC00F30}] => (Allow) C:\program files (x86)\common files\baidu\bddownload\109\bddownloader.exe
FirewallRules: [{C93BBD18-D0D4-4DAD-8B1D-9904D8C0EF38}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{036432B2-B6FB-4AC7-AE19-312CBDE81CD5}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: tencent QMUdisk
Description: tencent QMUdisk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: QMUdisk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: TSDefenseBt
Description: TSDefenseBt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: TSDefenseBt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2015 08:48:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/02/2015 08:23:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/02/2015 06:50:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/02/2015 10:59:17 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (05/02/2015 10:50:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/01/2015 09:43:10 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (05/01/2015 09:34:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/30/2015 04:57:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/30/2015 04:12:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/30/2015 09:39:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (05/02/2015 09:03:04 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (05/02/2015 09:02:54 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (05/02/2015 08:56:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (05/02/2015 08:56:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/02/2015 08:56:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/02/2015 08:56:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/02/2015 08:56:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/02/2015 08:56:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/02/2015 08:56:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell Data Vault" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/02/2015 08:56:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (05/02/2015 08:48:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/02/2015 08:23:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/02/2015 06:50:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Belinda\dwhelper\Downloads\esetsmartinstaller_deu.exe
Error: (05/02/2015 10:59:17 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (05/02/2015 10:50:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/01/2015 09:43:10 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (05/01/2015 09:34:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/30/2015 04:57:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/30/2015 04:12:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/30/2015 09:39:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-04-30 09:32:43.423
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-04-30 09:32:43.376
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-04-30 09:32:43.329
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-04-30 09:32:43.283
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-08 13:16:53.106
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-08 13:16:53.028
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-19 15:54:06.335
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 15:54:06.284
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 15:54:06.231
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 15:54:06.175
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3612QM CPU @ 2.10GHz
Percentage of memory in use: 34%
Total physical RAM: 8063.41 MB
Available physical RAM: 5245.66 MB
Total Pagefile: 16125.01 MB
Available Pagefile: 13295.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:309.72 GB) (Free:29.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (ACL) (CDROM) (Total:3.41 GB) (Free:0 GB) CDFS
Drive e: (Server2012) (Fixed) (Total:156 GB) (Free:90.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7AF659C3)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=309.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=156 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Lesestoff:
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
dann auf 
und dann auf 
. 
