Windows 7: Laptop ist nur mit Internet langsam und ständige Sicherheitszertifikat nachfragen

Zubato · 08.02.2015, 22:04

Hallo

Ich habe seit kurzem das Problem, dass mein laptop sehr langsam ist oder gar nicht reagiert, sprich dass die Programme die Meldung keine Rückmeldung anzeigen. Das ganze ist aber nur so wenn ich mit dem Internet verbunden bin. Ab und zu kommt auch Musik obwohl ich nichts offen habe. Als ich mir einmal die laufenden Prozesse in meinem Task Manager anguckte, konnte ich sehen das der Prozess vom Internet Explorer aktiv war, obwohl ich diesen nicht startete. Seit kurzem klagen auch die anderen Familie Mitglieder über ein langsames Internet.

Mein Internet Browser (Opera) zeigt mir auch andauernd Sicherheitszertifikatwarnungen.

Ich hab dann einmal das Programm Malwarebytes Anti-Malware einen komplett Scan machen lassen. Es fand nur ein Programm dass sich Convert Ads nannte. Daraufhin habe ich dass Programm mal gegoogelt da ich aber nichts sinvolles fand entschied ich mich dafür einfach das Programm mit hilfe die Programm deinstallieren Funktion von Windows dieses Programm zu löschen.

Ich hoffe mal ich habe alles richtig gemacht

cosinus · 08.02.2015, 23:40

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Zubato · 09.02.2015, 16:57

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-02-2015
Ran by Jul (administrator) on JUL-01 on 08-02-2015 21:44:56
Running from C:\Users\Jul\Desktop\Gegen Ihn
Loaded Profiles: Jul (Available profiles: Jul & Stefan)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CartCrunch Israel Ltd.) C:\ProgramData\SecurityUtility\ColorMedia.exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Razer Inc.) C:\Program Files\Razer\Razer Game Booster\RzKLService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
() C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mail.Ru) C:\Users\Jul\AppData\Local\MailRu\MailRuUpdater.exe
(Spotify Ltd) C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Pokki) C:\Users\Jul\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Pokki) C:\Users\Jul\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(streamwriter.org) C:\Program Files\streamWriter\streamwriter.exe
(Spotify Ltd) C:\Users\Jul\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9874024 2010-11-16] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1806728 2010-08-30] (ELAN Microelectronics Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1770792 2010-05-20] (Synaptics Incorporated)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [RemoteControl10] => C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM\...\Run: [ChicoSys] => C:\Windows\system32\cc32\webtmr.exe [5992896 2009-07-14] (Salfeld Computer)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [4928512 2010-07-07] (Broadcom Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [MessengerPlusForSkypeService] => "C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
HKLM\...\Run: [Adobe ARM] => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3813200 2014-01-23] (LogMeIn Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [Raptr] => C:\Program Files\Raptr\raptrstub.exe [55568 2015-01-30] (Raptr, Inc)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [RGSC] => C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [SkypeVoiceChanger] => C:\Program Files\AthTek\Voice Changer for Skype\SkypeVoiceChanger.exe /auto
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [MailRuUpdater] => C:\Users\Jul\AppData\Local\MailRu\MailRuUpdater.exe [7239400 2015-01-30] (Mail.Ru)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [Spotify Web Helper] => C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-08] (Spotify Ltd)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {054dd5e1-af97-11e3-9437-9b94ad7f775b} - F:\Startme.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {5aa476c5-bd20-11e1-af23-e811324622ab} - F:\Launcher.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {832b2e42-96ac-11e1-a9af-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {9c0303b7-be8b-11e1-8911-e811324622ab} - F:\Launcher.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {b2466843-f486-11e3-a8c2-e811324622ab} - F:\Startme.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {ec4c2c5b-31a1-11e3-a38a-8a2832f57e22} - E:\windows\Data\setup.exe
HKU\S-1-5-18\...\Run: [CCWinTray] => C:\Windows\tray\wintmr.exe [6107072 2009-07-14] (Salfeld Computer)
AppInit_DLLs: c:\windows\system32\nvinit.dll => c:\windows\system32\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs:  c:\windows\system32\nvinit.dll => c:\windows\system32\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinit.dll => C:\Windows\system32\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\streamWriter.lnk
ShortcutTarget: streamWriter.lnk -> C:\Program Files\streamWriter\streamwriter.exe (streamwriter.org)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.mail.ru/?ieverfix=1&fr=ieverfix_sg
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1422816583&from=cvs4&uid=TOSHIBAXMK3265GSX_217ID6EDBXX217ID6EDB
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSS&chn=retail&geo=DE&ver=2014&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?q={SearchTerms}&ieverfix=1&fr=ieverfix_dse
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> {310E121A-788D-4D56-94F0-AFC6468A7852} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> {5BCDEDD9-641B-4373-830C-8F6997D12DBC} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?q={SearchTerms}&ieverfix=1&fr=ieverfix_dse
BHO: CoupExtenSion -> {104c6270-1cbc-4b65-8f90-ea6cd02ccda2} -> C:\ProgramData\CoupExtenSion\erYSIaRuzWHj9I.dll No File
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: BueesstSaveForYou -> {b1e87602-fbdc-4bbb-9052-cadc1b5d03ee} -> C:\ProgramData\BueesstSaveForYou\es2W25OVTuaiAp.dll No File
BHO: Booster-Web helper -> {B5147546-9359-4D9B-8B36-F54C54555799} -> C:\Program Files\Booster-Web\Booster-Web.dll No File
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKU\.DEFAULT -> No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI_v415.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 15 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Hosts: Hosts file not detected in the default directory

FireFox:
========
FF ProfilePath: C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin: @kaspersky.com/online_banking -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin: @kaspersky.com/virtual_keyboard -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files\OnLive\Plugin\npolgdet.dll No File
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Jul\AppData\LocalLow\Sony Online Entertainment\npsoe.dll No File
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: electronicarts.com/GameFacePlugin -> C:\Users\Jul\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: pokki.com/PokkiDownloadHelper -> C:\Users\Jul\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608\user.js
FF Extension: Booster Web - C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack [2015-02-05]
FF Extension: Adblock Plus - C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-03]
FF Extension: myCoups - C:\Program Files\Mozilla Firefox\extensions\agjqcacdnhemgjev@hclmgodt.org [2013-01-27]
FF HKLM\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.6.0.73\coFFFw
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions:  - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-02-01]

Chrome: 
=======
CHR Profile: C:\Users\Jul\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
R2 ColorMedia; C:\ProgramData\SecurityUtility\ColorMedia.exe [1844232 2015-01-27] (CartCrunch Israel Ltd.) [File not signed]
S3 Connectify; C:\Program Files\Connectify\ConnectifyService.exe [487936 2013-12-23] (Connectify) [File not signed]
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [107552 2014-06-22] (EasyAntiCheat Ltd)
S3 GalaxyService; C:\Program Files\GalaxyClient\GalaxyService.exe [2191648 2014-09-18] (GOG.com)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1677136 2014-01-23] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-12-13] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [17536800 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2014-12-07] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-09-13] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2012-05-05] () [File not signed]
R2 RzKLService; C:\Program Files\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [3665408 2013-09-18] (A-Volute) [File not signed]
R2 SecurityUtility Service; C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe [615936 2015-01-30] () [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [4261888 2010-07-07] (Broadcom Corporation) [File not signed]
S3 Futuremark SystemInfo Service; "C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe" [X]
S2 ZAtheros Wlan Agent; C:\Program Files\Atheros\Ath_WlanAgent.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [295432 2010-01-20] (Protect Software GmbH)
S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [143360 2012-07-17] (Windows (R) Win 7 DDK provider)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2910720 2012-05-01] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2012-05-06] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18496 2010-07-07] (Broadcom Corporation)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [29672 2014-01-09] (Connectify)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-05-27] (DT Soft Ltd)
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [100744 2010-08-30] (ELAN Microelectronics Corp.)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135264 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112136 2015-02-02] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [34400 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [644808 2015-02-02] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24672 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145888 2014-03-26] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-05-06] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [28120 2014-07-02] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [33016 2013-09-18] (Windows (R) Win 7 DDK provider)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [25896 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [23840 2007-08-08] (RapidSolution Software AG)
R3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34384 2009-11-25] (Screaming Bee LLC)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-06-23] (Duplex Secure Ltd.)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-04-07] (Symantec Corporation)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [20664 2012-07-20] (Hajo Krabbenhöft)
S3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x32.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [X]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]
S3 XDva402; \??\C:\Windows\system32\XDva402.sys [X]
S3 XDva404; \??\C:\Windows\system32\XDva404.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 21:43 - 2015-02-08 21:45 - 00000000 ____D () C:\FRST
2015-02-08 21:40 - 2015-02-08 21:44 - 00000000 ____D () C:\Users\Jul\Desktop\Gegen Ihn
2015-02-08 21:37 - 2015-02-08 21:37 - 00050477 _____ () C:\Users\Jul\Downloads\Defogger(1).exe
2015-02-08 00:12 - 2015-02-08 12:46 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-02-06 22:36 - 2015-02-06 22:36 - 00000578 _____ () C:\Users\Jul\Downloads\defogger_disable.log
2015-02-06 22:36 - 2015-02-06 22:36 - 00000020 _____ () C:\Users\Jul\defogger_reenable
2015-02-05 19:03 - 2015-02-05 19:03 - 00002403 _____ () C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixsta.lnk
2015-02-05 19:02 - 2015-02-05 19:02 - 02756424 _____ (Pokki) C:\Users\Jul\Downloads\PokkiInstaller (2).exe
2015-02-05 19:01 - 2015-02-05 19:01 - 00002276 _____ () C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-05 19:00 - 2015-02-05 19:00 - 00002105 _____ () C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
2015-02-05 18:48 - 2015-02-05 18:48 - 02756424 _____ (Pokki) C:\Users\Jul\Downloads\PokkiInstaller.exe
2015-02-05 18:47 - 2015-02-08 19:42 - 00000000 ____D () C:\Users\Jul\AppData\Local\Pokki
2015-02-05 18:47 - 2015-02-05 18:47 - 00796936 _____ (Pokki) C:\Users\Jul\Downloads\Pokki_PixstaSetup.exe
2015-02-05 17:44 - 2015-02-05 17:44 - 00000000 ____D () C:\Users\Jul\AppData\Local\Steam
2015-02-05 14:09 - 2015-02-05 14:09 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\514D6CB0.sys
2015-02-05 13:17 - 2015-02-08 20:25 - 00000000 ____D () C:\Program Files\Booster-Web
2015-02-05 13:12 - 2015-02-08 19:38 - 00005408 _____ () C:\Windows\system32\ColorMedia.ini
2015-02-02 19:20 - 2015-02-02 19:20 - 00244118 _____ () C:\Users\Jul\Desktop\Extras.Txt
2015-02-02 19:16 - 2015-02-02 19:16 - 00176670 _____ () C:\Users\Jul\Desktop\OTL.Txt
2015-02-02 17:48 - 2015-02-08 20:56 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 17:46 - 2015-02-02 17:47 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-02-02 17:46 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-02 17:46 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-02 17:46 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-02 17:18 - 2015-02-02 17:18 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-02-02 15:19 - 2015-02-02 15:19 - 00018475 _____ () C:\Users\Jul\Downloads\saints-row-the-third-wallpaper-1600x900.shtml
2015-02-02 15:13 - 2015-02-08 21:44 - 00001326 _____ () C:\Windows\Tasks\MTSO.job
2015-02-02 15:13 - 2015-02-08 19:40 - 00001324 _____ () C:\Windows\Tasks\NUB.job
2015-02-02 15:10 - 2015-02-02 15:10 - 00000000 ____D () C:\Users\Jul\AppData\Local\Pirates
2015-02-02 15:09 - 2015-02-02 15:09 - 00000000 ____D () C:\Users\Jul\AppData\Local\Sparta
2015-02-01 21:00 - 2015-02-01 21:17 - 35648512 _____ () C:\Users\Jul\Downloads\PhysX-9.12.0613-SystemSoftware.msi
2015-02-01 20:52 - 2015-02-01 20:52 - 00000000 ____D () C:\Users\Jul\AppData\Local\Macromedia
2015-02-01 20:50 - 2015-02-01 20:50 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Sony Network Entertainment International LLC
2015-02-01 20:49 - 2015-02-01 20:49 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-02-01 20:49 - 2015-02-01 20:49 - 00000000 ____D () C:\Program Files\Kaspersky Lab
2015-02-01 20:48 - 2015-02-02 12:37 - 00644808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-02-01 20:48 - 2015-02-02 12:37 - 00112136 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-02-01 20:48 - 2014-04-10 17:25 - 00034400 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-02-01 20:35 - 2015-02-01 20:35 - 00000000 ____D () C:\Users\Jul\AppData\Local\Mozilla
2015-02-01 19:54 - 2015-02-02 12:10 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Booster-Web
2015-02-01 19:54 - 2015-01-27 17:31 - 00301168 _____ (CartCrunch Israel Ltd.) C:\Windows\system32\ColorMedia.dll
2015-02-01 19:49 - 2015-02-01 19:49 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\moters
2015-02-01 19:45 - 2015-02-08 19:45 - 00001678 _____ () C:\Windows\Tasks\OZTQSYNJ.job
2015-02-01 19:45 - 2015-02-02 20:46 - 00000000 ____D () C:\Program Files\globalUpdate
2015-02-01 19:45 - 2015-02-01 19:45 - 00000000 ____D () C:\Users\Jul\AppData\Local\globalUpdate
2015-02-01 19:44 - 2015-02-02 17:20 - 00000011 _____ () C:\END
2015-02-01 19:44 - 2015-02-02 17:19 - 00000000 ____D () C:\Program Files\TabNav
2015-02-01 19:44 - 2015-01-28 22:40 - 00323720 _____ (Abengine) C:\Windows\system32\abengine.dll
2015-02-01 19:26 - 2015-02-01 19:26 - 00000000 ____D () C:\Windows\81C42533F5A846CE9013ECF783A4CBD4.TMP
2015-01-25 17:12 - 2015-01-25 17:12 - 00002086 _____ () C:\Users\Jul\AppData\Roaming\NUB
2015-01-25 17:12 - 2015-01-25 17:12 - 00001248 _____ () C:\Users\Jul\AppData\Roaming\OZTQSYNJ
2015-01-25 17:12 - 2015-01-25 17:12 - 00001248 _____ () C:\Users\Jul\AppData\Roaming\MTSO
2015-01-24 17:57 - 2015-01-24 17:57 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\LolClient
2015-01-15 15:30 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 15:30 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 15:30 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-15 15:30 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-15 15:30 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-15 15:30 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 22:55 - 2015-01-16 20:42 - 00000000 ____D () C:\Users\Jul\Documents\MuseScore
2015-01-13 22:26 - 2015-01-13 22:26 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\MusE
2015-01-13 22:26 - 2015-01-13 22:26 - 00000000 ____D () C:\Users\Jul\AppData\Local\MusE
2015-01-13 21:29 - 2015-01-13 21:29 - 00000000 ____D () C:\Program Files\MuseScore

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 21:44 - 2014-07-14 12:39 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Spotify
2015-02-08 21:07 - 2012-05-04 20:23 - 01754076 _____ () C:\Windows\WindowsUpdate.log
2015-02-08 20:59 - 2012-05-06 00:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-08 20:17 - 2014-09-05 20:57 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\streamWriter
2015-02-08 20:07 - 2014-09-05 20:57 - 00000000 ____D () C:\Program Files\streamWriter
2015-02-08 20:00 - 2014-10-20 13:30 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Curse Client
2015-02-08 19:47 - 2009-07-14 05:34 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-08 19:47 - 2009-07-14 05:34 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-08 19:45 - 2012-05-05 13:34 - 00000000 ____D () C:\Program Files\Steam
2015-02-08 19:43 - 2013-12-03 17:25 - 00000000 ____D () C:\Users\Jul\AppData\Local\LogMeIn Hamachi
2015-02-08 19:41 - 2015-01-04 19:13 - 00000013 _____ () C:\NET.INI
2015-02-08 19:41 - 2014-10-21 14:02 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Raptr
2015-02-08 19:40 - 2014-01-23 13:50 - 00000460 ____H () C:\Windows\Tasks\GS.Enabler-S-1824435291.job
2015-02-08 19:38 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-08 19:38 - 2009-07-14 05:39 - 00205789 _____ () C:\Windows\setupact.log
2015-02-08 19:37 - 2014-05-23 16:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-02-07 22:43 - 2012-05-07 16:14 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Skype
2015-02-07 15:46 - 2014-07-14 12:40 - 00000000 ____D () C:\Users\Jul\AppData\Local\Spotify
2015-02-07 15:39 - 2012-05-05 07:21 - 00000000 ____D () C:\Users\Jul
2015-02-06 20:52 - 2012-05-05 19:56 - 02193694 _____ () C:\Windows\PFRO.log
2015-02-06 15:25 - 2012-05-12 00:03 - 00000000 ____D () C:\Users\Jul\AppData\Local\CrashDumps
2015-02-05 13:59 - 2012-05-06 00:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 13:59 - 2012-05-06 00:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 13:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Help
2015-02-03 14:44 - 2014-11-06 19:08 - 00000000 ____D () C:\Users\Jul\Desktop\Spiele
2015-02-02 20:54 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\twain_32
2015-02-02 17:19 - 2014-07-04 17:27 - 00000000 ____D () C:\Program Files\NeixtCoupp
2015-02-02 17:19 - 2014-02-05 17:52 - 00000000 ____D () C:\Program Files\Websavee
2015-02-02 17:19 - 2013-12-04 21:34 - 00000000 ____D () C:\Program Files\Sk.Enhancer
2015-02-02 17:19 - 2013-10-03 19:59 - 00000000 ____D () C:\Program Files\Ss_Helper
2015-02-02 15:13 - 2013-08-23 20:39 - 00000000 ____D () C:\Program Files\Google
2015-02-02 15:10 - 2012-09-15 07:11 - 00000000 ____D () C:\Users\Jul\AppData\Local\Google
2015-02-01 20:35 - 2012-10-23 17:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-01 20:22 - 2014-03-15 20:29 - 00000000 ____D () C:\Users\Jul\AppData\Local\MailRu
2015-02-01 19:26 - 2012-06-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-02-01 19:26 - 2012-05-11 23:44 - 00000000 ____D () C:\Users\Jul\Documents\My Games
2015-02-01 19:26 - 2012-05-05 20:19 - 00307239 _____ () C:\Windows\DirectX.log
2015-02-01 16:11 - 2013-05-24 17:58 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\TS3Client
2015-01-31 15:42 - 2014-05-23 16:22 - 00000000 ____D () C:\Users\Jul\AppData\Local\Thunderbird
2015-01-31 13:45 - 2014-10-21 14:02 - 00000000 ____D () C:\Program Files\Raptr
2015-01-30 21:25 - 2014-07-27 22:39 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Bioshock
2015-01-30 16:11 - 2012-05-05 07:26 - 01651678 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-29 20:35 - 2009-07-14 05:33 - 03942608 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-27 19:19 - 2012-05-05 11:54 - 00153840 _____ () C:\Users\Jul\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-25 15:40 - 2013-05-15 18:24 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Synthesia
2015-01-24 13:21 - 2012-05-05 13:26 - 00566200 _____ () C:\Windows\DPINST.LOG
2015-01-24 13:20 - 2012-05-05 11:52 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-18 15:19 - 2013-12-18 07:19 - 00000000 ____D () C:\Users\Jul\Documents\Schule
2015-01-16 03:11 - 2013-07-18 11:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 03:02 - 2012-05-06 08:03 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 16:52 - 2014-10-26 18:32 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Adobe
2015-01-13 16:52 - 2012-12-20 15:22 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-13 06:36 - 2014-12-17 07:31 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2015-01-12 22:36 - 2014-11-22 16:00 - 00000000 ____D () C:\Users\Jul\AppData\Local\Adobe

==================== Files in the root of some directories =======

2014-10-26 21:15 - 2014-12-31 23:34 - 0000132 _____ () C:\Users\Jul\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-12-20 23:09 - 2013-12-20 21:23 - 0012005 _____ () C:\Users\Jul\AppData\Roaming\alsoft.ini
2013-02-23 19:43 - 2013-02-23 19:43 - 0000121 _____ () C:\Users\Jul\AppData\Roaming\D2Info0
2013-02-23 19:43 - 2013-02-23 20:09 - 0000008 _____ () C:\Users\Jul\AppData\Roaming\DofusAppId0_2
2013-10-03 20:03 - 2014-02-05 18:05 - 0001203 _____ () C:\Users\Jul\AppData\Roaming\LiveSupport.exe_log.txt
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Jul\AppData\Roaming\MTSO
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Jul\AppData\Roaming\NUB
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Jul\AppData\Roaming\OZTQSYNJ
2012-07-30 07:25 - 2014-05-30 19:59 - 0138056 _____ () C:\Users\Jul\AppData\Roaming\PnkBstrK.sys
2013-10-03 20:03 - 2014-02-05 17:59 - 0000086 _____ () C:\Users\Jul\AppData\Roaming\regsvr32.exe_log.txt
2012-06-09 13:15 - 2012-06-09 13:15 - 0000004 _____ () C:\Users\Jul\AppData\Roaming\steam_md5.dat
2013-01-23 15:51 - 2013-01-23 15:51 - 0703104 _____ () C:\Users\Jul\AppData\Roaming\technic-launcher.jar
2012-07-05 23:36 - 2014-06-22 15:20 - 0006144 _____ () C:\Users\Jul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-15 21:20 - 2013-02-15 21:20 - 1065984 _____ () C:\Users\Jul\AppData\Local\file__0.localstorage
2012-12-22 00:19 - 2012-12-22 00:19 - 0000091 _____ () C:\Users\Jul\AppData\Local\fusioncache.dat
2012-12-17 05:06 - 2012-12-17 05:06 - 0000337 _____ () C:\Users\Jul\AppData\Local\Perfmon.PerfmonCfg
2014-12-06 17:15 - 2014-12-06 17:15 - 0001590 _____ () C:\Users\Jul\AppData\Local\recently-used.xbel
2012-05-26 12:10 - 2013-05-26 14:20 - 0007601 _____ () C:\Users\Jul\AppData\Local\Resmon.ResmonCfg
2013-09-01 12:24 - 2013-09-13 16:03 - 1341859 ____N () C:\Users\Jul\AppData\Local\Tempmusic.ogg
2013-02-04 14:05 - 2013-02-04 14:05 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-04-07 13:15 - 2013-04-07 13:15 - 0272292 _____ () C:\ProgramData\firstlsp.reg.dat
2013-09-29 17:07 - 2013-07-31 17:07 - 0000032 ____R () C:\ProgramData\hash.dat
2012-05-05 19:41 - 2012-05-05 19:41 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-05 19:36 - 2012-05-05 19:36 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-05-05 19:38 - 2012-05-05 19:39 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-05 19:36 - 2012-05-05 19:38 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-05-05 19:39 - 2012-05-05 19:41 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Files to move or delete:
====================
C:\Users\Jul\InstallHiRezGamesEnglish.exe
C:\Users\Jul\libgtk-win32-2.0-0.dll
C:\Users\Jul\TechnicLauncher.exe


Some content of TEMP:
====================
C:\Users\Jul\AppData\Local\Temp\1_Offer_7.exe
C:\Users\Jul\AppData\Local\Temp\7z.dll
C:\Users\Jul\AppData\Local\Temp\7z.exe
C:\Users\Jul\AppData\Local\Temp\AdobeAIRInstaller.exe
C:\Users\Jul\AppData\Local\Temp\app.exe
C:\Users\Jul\AppData\Local\Temp\AutoRun.exe
C:\Users\Jul\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Jul\AppData\Local\Temp\BASSMOD.dll
C:\Users\Jul\AppData\Local\Temp\bdfilters.dll
C:\Users\Jul\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Jul\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Jul\AppData\Local\Temp\cbcabfbbbbd.exe
C:\Users\Jul\AppData\Local\Temp\ccittfax3.exe
C:\Users\Jul\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Jul\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Jul\AppData\Local\Temp\down.2900.OptimizerProInstaller.exe
C:\Users\Jul\AppData\Local\Temp\drm_dyndata_7350008.dll
C:\Users\Jul\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Jul\AppData\Local\Temp\dtkill.exe
C:\Users\Jul\AppData\Local\Temp\EAInstall.dll
C:\Users\Jul\AppData\Local\Temp\eauninstall.exe
C:\Users\Jul\AppData\Local\Temp\Executor.exe
C:\Users\Jul\AppData\Local\Temp\farcry3_1.02.exe
C:\Users\Jul\AppData\Local\Temp\fbt0gci4.dll
C:\Users\Jul\AppData\Local\Temp\FH311E.tmp.exe
C:\Users\Jul\AppData\Local\Temp\FH6D91.tmp.exe
C:\Users\Jul\AppData\Local\Temp\FHB8D3.tmp.exe
C:\Users\Jul\AppData\Local\Temp\ForteDependencies.exe
C:\Users\Jul\AppData\Local\Temp\GameuxInstallHelper.dll
C:\Users\Jul\AppData\Local\Temp\GLF7641.tmp.dll
C:\Users\Jul\AppData\Local\Temp\GLFB9A8.tmp.dll
C:\Users\Jul\AppData\Local\Temp\GLFD781.tmp.dll
C:\Users\Jul\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jul\AppData\Local\Temp\install.exe
C:\Users\Jul\AppData\Local\Temp\InstallerBT.exe
C:\Users\Jul\AppData\Local\Temp\instloffer.exe
C:\Users\Jul\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Jul\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Jul\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\Jul\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Jul\AppData\Local\Temp\LiveSupport_update.exe
C:\Users\Jul\AppData\Local\Temp\MouseKeyboardCenterx86_1031.exe
C:\Users\Jul\AppData\Local\Temp\mpegc.dll
C:\Users\Jul\AppData\Local\Temp\mpegm.dll
C:\Users\Jul\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\Jul\AppData\Local\Temp\Nexus%20Mod%20Manager-0.44.1.exe
C:\Users\Jul\AppData\Local\Temp\Nexus%20Mod%20Manager-0.44.2.exe
C:\Users\Jul\AppData\Local\Temp\NGMDll.dll
C:\Users\Jul\AppData\Local\Temp\NGMResource.dll
C:\Users\Jul\AppData\Local\Temp\nsuF2A0.exe
C:\Users\Jul\AppData\Local\Temp\p200.exe
C:\Users\Jul\AppData\Local\Temp\printpdfsetup.exe
C:\Users\Jul\AppData\Local\Temp\pyl2BB3.tmp.exe
C:\Users\Jul\AppData\Local\Temp\pyl85B.tmp.exe
C:\Users\Jul\AppData\Local\Temp\pylB396.tmp.exe
C:\Users\Jul\AppData\Local\Temp\pylC10F.tmp.exe
C:\Users\Jul\AppData\Local\Temp\pylEDAB.tmp.exe
C:\Users\Jul\AppData\Local\Temp\rnbssv.exe
C:\Users\Jul\AppData\Local\Temp\runprog.exe
C:\Users\Jul\AppData\Local\Temp\SetupO.exe
C:\Users\Jul\AppData\Local\Temp\sgtvim.exe
C:\Users\Jul\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Jul\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jul\AppData\Local\Temp\SpOrder.dll
C:\Users\Jul\AppData\Local\Temp\sqlite3.exe
C:\Users\Jul\AppData\Local\Temp\Stp7937_TMP.EXE
C:\Users\Jul\AppData\Local\Temp\StpCE58_TMP.EXE
C:\Users\Jul\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Jul\AppData\Local\Temp\The Lord of the Rings, The Rise of the Witch-king_uninst.exe
C:\Users\Jul\AppData\Local\Temp\tmd_34014327.exe
C:\Users\Jul\AppData\Local\Temp\tnvhwn.exe
C:\Users\Jul\AppData\Local\Temp\Tsu47F522EB.dll
C:\Users\Jul\AppData\Local\Temp\TsuD589FF05.dll
C:\Users\Jul\AppData\Local\Temp\TW_autoskip.exe
C:\Users\Jul\AppData\Local\Temp\ubi9C8D.tmp.exe
C:\Users\Jul\AppData\Local\Temp\ubiE024.tmp.exe
C:\Users\Jul\AppData\Local\Temp\unicows.dll
C:\Users\Jul\AppData\Local\Temp\uninst1.exe
C:\Users\Jul\AppData\Local\Temp\Uninstall.exe
C:\Users\Jul\AppData\Local\Temp\Uninstaller-704.exe
C:\Users\Jul\AppData\Local\Temp\Uninstaller-8220.exe
C:\Users\Jul\AppData\Local\Temp\Uninstall_2.exe
C:\Users\Jul\AppData\Local\Temp\uttA8BA.tmp.exe
C:\Users\Jul\AppData\Local\Temp\vcredist_x86-2010.exe
C:\Users\Jul\AppData\Local\Temp\vcredist_x86-2012.exe
C:\Users\Jul\AppData\Local\Temp\VirtualRouterPlusSetup.exe
C:\Users\Jul\AppData\Local\Temp\wmfdist.exe
C:\Users\Jul\AppData\Local\Temp\wvc1dmo.exe
C:\Users\Jul\AppData\Local\Temp\xuninst.exe
C:\Users\Jul\AppData\Local\Temp\_is13B5.exe
C:\Users\Jul\AppData\Local\Temp\_is14B2.exe
C:\Users\Jul\AppData\Local\Temp\_is153A.exe
C:\Users\Jul\AppData\Local\Temp\_is15FF.exe
C:\Users\Jul\AppData\Local\Temp\_is16F9.exe
C:\Users\Jul\AppData\Local\Temp\_is17B7.exe
C:\Users\Jul\AppData\Local\Temp\_is1F6F.exe
C:\Users\Jul\AppData\Local\Temp\_is229E.exe
C:\Users\Jul\AppData\Local\Temp\_is3E20.exe
C:\Users\Jul\AppData\Local\Temp\_is44D4.exe
C:\Users\Jul\AppData\Local\Temp\_is5290.exe
C:\Users\Jul\AppData\Local\Temp\_is56BD.exe
C:\Users\Jul\AppData\Local\Temp\_is5864.exe
C:\Users\Jul\AppData\Local\Temp\_is5BEC.exe
C:\Users\Jul\AppData\Local\Temp\_is84AF.exe
C:\Users\Jul\AppData\Local\Temp\_is8828.exe
C:\Users\Jul\AppData\Local\Temp\_is892A.exe
C:\Users\Jul\AppData\Local\Temp\_is9D6E.exe
C:\Users\Jul\AppData\Local\Temp\_isA2C3.exe
C:\Users\Jul\AppData\Local\Temp\_isA3ED.exe
C:\Users\Jul\AppData\Local\Temp\_isA72E.exe
C:\Users\Jul\AppData\Local\Temp\_isC002.exe
C:\Users\Jul\AppData\Local\Temp\_isCEA5.exe
C:\Users\Jul\AppData\Local\Temp\_isD647.exe
C:\Users\Jul\AppData\Local\Temp\_isDE89.exe
C:\Users\Jul\AppData\Local\Temp\_isE53E.exe
C:\Users\Jul\AppData\Local\Temp\_isF100.exe
C:\Users\Jul\AppData\Local\Temp\_isFAD2.exe
C:\Users\Stefan\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Stefan\AppData\Local\Temp\drm_dyndata_7400006.dll
C:\Users\Stefan\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Stefan\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Stefan\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 00:17

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-02-2015
Ran by Jul at 2015-02-08 21:49:29
Running from C:\Users\Jul\Desktop\Gegen Ihn
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aces Wild: Manic Brawling Action! (HKLM\...\Steam App 269230) (Version:  - Culture Attack Studio)
Active@ ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alan Wake (HKLM\...\Steam App 108710) (Version:  - Remedy Entertainment)
Aliens vs Predator Classic 2000 (HKLM\...\1207665883_is1) (Version: 2.0.0.22 - GOG.com)
Amnesia: A Machine for Pigs (HKLM\...\Steam App 239200) (Version:  - The Chinese Room)
Amnesia: The Dark Descent (HKLM\...\Steam App 57300) (Version:  - Frictional Games)
Among the Sleep (HKLM\...\Steam App 250620) (Version:  - Krillbite Studio)
Anna - Extended Edition (HKLM\...\Steam App 217690) (Version:  - Dreampainters)
Antichamber (HKLM\...\Steam App 219890) (Version:  - Alexander Bruce)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin’s Creed® III (HKLM\...\Steam App 208480) (Version:  - Ubisoft Montreal)
Assassin's Creed Brotherhood (HKLM\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Aufstieg des Hexenkönigs™ (HKLM\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version:  - )
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Awesomenauts (HKLM\...\Steam App 204300) (Version:  - Ronimo Games)
Bandicam (HKLM\...\Bandicam) (Version: 2.0.0.637 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)
Batman: Arkham Asylum (HKLM\...\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}) (Version: 1.0.0.0 - Eidos Interactive Limited)
Batman: Arkham City™ (HKLM\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (Version: 1.0.0000.131 - WB Games) Hidden
Batman: Arkham City™ (Version: 1.0.0003.131 - WB Games) Hidden
Batman™: Arkham Origins (HKLM\...\Steam App 209000) (Version:  - WB Games Montreal)
Batman™: Arkham Origins Blackgate - Deluxe Edition (HKLM\...\Steam App 267490) (Version:  - Armature Studio)
BattleBlock Theater (HKLM\...\Steam App 238460) (Version:  - The Behemoth)
Battlefield 3™ (HKLM\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Betrayer (HKLM\...\Steam App 243120) (Version:  - Blackpowder Games)
Binary Domain (HKLM\...\Steam App 203750) (Version:  - Devil's Details)
BioShock (HKLM\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM\...\Steam App 8870) (Version:  - Irrational Games)
BitTorrent (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\BitTorrent) (Version: 7.9.2.35704 - BitTorrent Inc.)
Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
Blue Satin Skin (HKLM\...\{B0C00181-ECF5-4124-A6DE-14EA663D4799}) (Version: 2.2.0 - Screaming Bee)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.60.48.55 - Broadcom Corporation)
Browser faster (HKLM\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{5837205}) (Version:  - GTgroup) <==== ATTENTION
Call of Juarez Gunslinger (HKLM\...\Steam App 204450) (Version:  - Techland)
Camtasia Studio 8 (HKLM\...\{19F81C0C-D0DB-453D-9C1C-AD26C4140E7E}) (Version: 8.4.0.1691 - TechSmith Corporation)
Canyon Capers (HKLM\...\Steam App 275490) (Version:  - Crazy Moo Games)
Cheat Engine 6.4 (HKLM\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cinema 4D version R12 (HKLM\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Connectify (HKLM\...\Connectify) (Version: 7.2.1.29658 - Connectify)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.61.3 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Craften Terminal 3.5.5 (HKLM\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.5.5 - Craften.de)
Cry of Fear (HKLM\...\Steam App 223710) (Version:  - Team Psykskallar)
Crysis (HKLM\...\Steam App 17300) (Version:  - Crytek)
Crysis Wars (HKLM\...\Steam App 17340) (Version:  - Crytek)
Curse (HKLM\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
CyberLink Media Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3806.02 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
Dead Island Riptide (HKLM\...\Steam App 216250) (Version:  - Techland)
Dead Island: Epidemic (HKLM\...\Steam App 222900) (Version:  - Stunlock Studios)
Deadlight (HKLM\...\Steam App 211400) (Version:  - Tequila Works, S.L.)
Die Schlacht um Mittelerde™ II (HKLM\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
Dishonored (HKLM\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DLC Quest (HKLM\...\Steam App 230050) (Version:  - Going Loud Studios)
Don't Starve (HKLM\...\Steam App 219740) (Version:  - Klei Entertainment)
doubleTwist Sync (HKLM\...\doubleTwist) (Version: 4.0.4.19767 - doubleTwist Corporation)
Dual-Core Optimizer (HKLM\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
EA Sports™ FIFA World (HKLM\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.0.0.47449 - Electronic Arts, Inc.)
Easy Content Share (HKLM\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
EAX4 Unified Redist (HKLM\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Eldritch (HKLM\...\Eldritch) (Version:  - )
Eldritch (HKLM\...\Steam App 252630) (Version:  - Minor Key Games)
ETDWare PS/2-X86 8.0.7.1_WHQL (HKLM\...\Elantech) (Version: 8.0.7.1 - ELAN Microelectronic Corp.)
Evolve (HKLM\...\Steam App 273350) (Version:  - Turtle Rock Studios)
Fantasy Voice Pack (HKLM\...\{8061C2C9-C2A3-4550-A3FC-585B646840CB}) (Version: 1.3.0 - Screaming Bee)
Far Cry 3 Blood Dragon (HKLM\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FEZ (HKLM\...\Steam App 224760) (Version:  - Polytron Corporation)
Fiesta Online DE (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\fiestaonline_de) (Version: 1.0.0.1 - Gamigo Games)
FIFA 11 (HKLM\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 13 (HKLM\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.8.0.0 - Electronic Arts)
Five Nights at Freddy's (HKLM\...\Steam App 319510) (Version:  - Scott Cawthon)
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Free YouTube Download version 3.2.39.604 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.39.604 - DVDVideoSoft Ltd.)
Free YouTube to iPhone Converter version 2.12.2.430 (HKLM\...\Free YouTube to iPhone Converter_is1) (Version: 2.12.2.430 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Galaxy Client (HKLM\...\{D6D1DA54-531F-4FA0-B683-CE66ACE3543F}_is1) (Version: 0.1.0.456 - GOG.com)
Game Cam 2.2 (HKLM\...\Game Cam) (Version: 2.2 - Planet Game Cam, Inc.)
GameSpy Comrade (HKLM\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Garry)
GCFScape 1.3.1 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
GGoSave (HKLM\...\{64A4ABCA-CF3D-C548-2DC4-72A55DC5882A}) (Version:  - "")
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Glyph (HKLM\...\Glyph) (Version:  - Trion Worlds, Inc.)
Gunpoint version v1.1 (HKLM\...\{B33EDF25-91DF-40FC-B2F7-FA19E3F0489F}}_is1) (Version: v1.1 - )
Happy Cloud Client (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\HappyCloud) (Version: 5.24 - Happy Cloud, Inc.)
HAWKEN (HKLM\...\Steam App 271290) (Version:  - Adhesive Games)
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Home (HKLM\...\Steam App 215670) (Version:  - Benjamin Rivers)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{E5360B00-4DEF-4F6E-8ED9-B2C31875D813}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
Indiana Jones and the Emperors Tomb (HKLM\...\{0DBF3265-57F1-4D8A-87EA-332B2A669BDE}) (Version:  - )
InfiniteCrisis_0B203096692B (HKLM\...\InfiniteCrisis_0B203096692B) (Version:  - Turbine, Inc)
InfiniteCrisis_6EDD581C692E (HKLM\...\InfiniteCrisis_6EDD581C692E) (Version:  - Turbine, Inc)
InfiniteCrisis_76B7D2EE4D73 (HKLM\...\InfiniteCrisis_76B7D2EE4D73) (Version:  - Turbine, Inc)
Insanely Twisted Shadow Planet (HKLM\...\Steam App 205730) (Version:  - Shadow Planet Productions)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Internet Explorer Toolbar 4.6 by SweetPacks (HKLM\...\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}) (Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Jazzpunk (HKLM\...\Steam App 250260) (Version:  - Necrophone Games)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JoNiCoUpeoun (HKLM\...\{51417852-174C-88D4-34A0-D0FE7858BE47}) (Version:  - "") <==== ATTENTION
Kaspersky Internet Security (HKLM\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (Version: 15.0.0.463 - Kaspersky Lab) Hidden
Killing Floor (HKLM\...\Steam App 1250) (Version:  - Tripwire Interactive)
Knock-knock (HKLM\...\Steam App 250380) (Version:  - Ice-pick Lodge)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Legend of Grimrock (HKLM\...\Steam App 207170) (Version:  - Almost Human Games)
LEGO MARVEL Super Heroes (HKLM\...\Steam App 249130) (Version:  - Traveller's Tales)
LEGO® Batman™ 2: DC Super Heroes (HKLM\...\{4E2EA555-3DAE-4BE1-96BF-6A632ACFE8DE}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® Der Herr der Ringe™ (HKLM\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® Harry Potter™: Die Jahre 1-4 (HKLM\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games)
LEGO® Pirates of the Caribbean Das Videospiel (HKLM\...\{64958DA4-79D3-43FD-AF06-720DAD044F9E}) (Version: 1.0.0.0 - Disney Interactive Studios)
LEGO® Star Wars™: Die Komplette Saga (HKLM\...\InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}) (Version: 1.00.0000 - LucasArts)
LEGO® Star Wars™: The Complete Saga (Version: 1.00.0000 - LucasArts) Hidden
LetsTrade Komponenten (HKLM\...\LetsTrade) (Version:  - )
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Mafia 2 version 1.0 (HKLM\...\{B3808FA6-2354-47D2-AC62-ECE7D1952E7E}_is1) (Version: 1.0 - Huaker)
Magicka: Wizard Wars (HKLM\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManiaPlanet (HKLM\...\ManiaPlanet_is1) (Version:  - Nadeo)
MassiveThirdAgeTranslator 3.1 (HKLM\...\MassiveThirdAgeTranslator 3.1) (Version: 3.1 - ecozone)
Max Payne 3 (HKLM\...\Steam App 204100) (Version:  - Rockstar)
Media Go (HKLM\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM\...\{73FA7631-3015-4EEC-A002-09488C47A07C}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.108.06300 (HKLM\...\{FC091743-5193-2B65-E49E-E03BC9E8B728}) (Version: 2.12.108.06300 - Sony)
Medieval II Total War (HKLM\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
MemoryLeakAlpha1 (HKLM\...\UDK-0acfabc9-568c-4a84-999d-e0556bca7d6b) (Version:  - Epic Games, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MilkShape 3D 1.8.4 (HKLM\...\MilkShape 3D 1.8.4) (Version: 1.8.4 - chUmbaLum sOft)
MinimumPrice (HKLM\...\{CA1838EF-A497-194E-3850-37A62CEE398B}) (Version:  - "")
Montas (HKLM\...\Steam App 269350) (Version:  - Organic Humans)
MorphVOX Pro (HKLM\...\{A25A7B10-75EA-4208-AAF1-0E3841C444F1}) (Version: 4.3.3 - Screaming Bee)
moters (HKLM\...\{c8730ca5-3f82-41cc-65e2-01b87600cd89}) (Version: 1.0.0 - ningsup) <==== ATTENTION!
Mount & Blade: Warband (HKLM\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
My Game Long Name (HKLM\...\UDK-5f3d63f7-bcb4-41d2-8abc-ca5e433e0d56) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-e9df117c-1a25-47d7-83ef-8f8b8dd82c26) (Version:  - Epic Games, Inc.)
NeixtCoupp (HKLM\...\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}) (Version: 2.1.0.1434 - NextCoup)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.44.2 - Black Tree Gaming)
Nidhogg (HKLM\...\TmlkaG9nZw==_is1) (Version: 1 - )
Norton Internet Security (Version: 18.1.0.37 - Symantec Corporation) Hidden
Notepad++ (HKLM\...\Notepad++) (Version: 6.1.5 - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.6123 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Octodad: Dadliest Catch (HKLM\...\Steam App 224480) (Version:  - Young Horses)
OlliOlli (HKLM\...\Steam App 274250) (Version:  - Roll7)
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.00 (HKLM\...\Opera 12.00.1467) (Version: 12.00.1467 - Opera Software ASA)
Opera Next 12.50 internal build 1497 (HKLM\...\Opera 12.50.1497) (Version: 12.50.1497 - Opera Software ASA)
Orcs Must Die! 2 (HKLM\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
osu! (HKLM\...\{2a4e052f-156b-41d3-84c5-1de2d1157670}) (Version: latest - ppy Pty Ltd)
Our Darker Purpose (HKLM\...\Steam App 262790) (Version:  - Avidly Wild Games)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Passing Pineview Forest (HKLM\...\Steam App 331120) (Version:  - VIS - Visual Imagination Software)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM\...\Steam App 24240) (Version:  - OVERKILL Software)
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Pepakura Viewer 3 (HKLM\...\pepakura_viewer3en) (Version:  - TamaSoftware)
Personality Voices (HKLM\...\{29C042AB-059B-414C-840E-94775E3F24A8}) (Version: 1.0.0 - Screaming Bee)
Pixsta (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Pokki_83453a3d886e527a470b5bb8291dd338de4b1e44) (Version: 2.5.3.4 - Pokki)
Pokki (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Pokki) (Version: 0.269.5.460 - Pokki)
Pokki Download Helper (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM\...\Steam App 644) (Version:  - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raptr (HKLM\...\Raptr) (Version:  - )
Razer Game Booster (HKLM\...\Razer Game Booster_is1) (Version: 4.0.68.0 - Razer Inc.)
Razer Surround (HKLM\...\Razer Surround) (Version: 1.04.07 - Razer Inc.)
Really Big Sky (HKLM\...\Steam App 201570) (Version:  - Boss Baddie)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.33.1125.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6246 - Realtek Semiconductor Corp.)
Receiver (HKLM\...\Steam App 234190) (Version:  - Wolfire Games)
Reus (HKLM\...\Steam App 222730) (Version:  - Abbey Games)
Risen 2 - Dark Waters (HKLM\...\Steam App 40390) (Version:  - Piranha Bytes)
Risk of Rain (HKLM\...\Steam App 248820) (Version:  - )
Rocketbirds: Hardboiled Chicken (HKLM\...\Steam App 215510) (Version:  - Ratloop Asia) <==== ATTENTION!
Rockstar Games Social Club (HKLM\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
S4 League_EU (HKLM\...\{D4B85288-879E-4D57-B4CD-9303A75DF301}) (Version: 1.00.0000 - )
Saints Row: The Third (HKLM\...\Steam App 55230) (Version:  - Volition)
Samsung Recovery Solution 5 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.2.4 - Samsung)
Sanctum 2 (HKLM\...\Steam App 210770) (Version:  - Coffee Stain Studios)
SavveMAss (HKLM\...\{A695893E-A5C7-2E5C-6953-52B0E61E4C1A}) (Version:  - SaveMassi)
Scribblenauts Unmasked (HKLM\...\Steam App 249870) (Version:  - 5th Cell Media)
SecurityUtility (HKLM\...\SecurityUtility) (Version: 1.0.0.1940 - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SK.Helper 1.74 (HKLM\...\SP_ecec6af5) (Version:  - Verified Publisher)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slender: The Arrival (HKLM\...\Steam App 252330) (Version:  - Blue Isle Studios)
Smite (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2533.0 - Hi-Rez Studios)
Sniper Elite V2 (HKLM\...\Steam App 63380) (Version:  - Rebellion)
SOE Web Installer (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
Sonos Controller (HKLM\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 17.5.51200 - Sonos, Inc.)
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.7.201405202226 - Sony Mobile Communications AB)
Sony PC Companion 2.10.245 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.245 - Sony)
Source SDK (HKLM\...\Steam App 211) (Version:  - Valve)
Space Engineers (HKLM\...\Steam App 244850) (Version:  - )
Spider-Man(TM) - Web of Shadows 1.1 Patch (Version:  - ) Hidden
Spotify (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.0301 - SRS Labs, Inc.)
Ss_Helper 1.74 (HKLM\...\SP_ad635a31) (Version:  - )
Star Wars Battlefront II (HKLM\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars Republic Commando (HKLM\...\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}) (Version: 1.0 - )
Star Wars®: Knights of the Old Republic (TM) (HKLM\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version:  - )
Starbound (HKLM\...\Steam App 211820) (Version:  - )
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
streamWriter (HKLM\...\streamWriter_is1) (Version:  - )
Super Meat Boy (HKLM\...\Steam App 40800) (Version:  - Team Meat)
Surgeon Simulator 2013 (HKLM\...\Steam App 233720) (Version:  - Bossa Studios)
SW-Booster (HKLM\...\S-792098896) (Version: 1.1.0.1233 - PremiumSoft) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.22.0 - Synaptics Incorporated)
Synthesia (HKLM\...\Synthesia) (Version: 8.5 - Synthesia LLC)
Tales from Space: Mutant Blobs Attack (HKLM\...\Steam App 206370) (Version:  - DrinkBox Studios)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.17396 - TeamViewer)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
TeXnicCenter Version 1 Beta 7.01 (Greengrass) (HKLM\...\TeXnicCenter_is1) (Version: Version 1 Beta 7.01 - TeXnicCenter.org)
The Binding of Isaac (HKLM\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Bridge (HKLM\...\Steam App 204240) (Version:  - Ty Taylor and Mario Castañeda)
The Cat Lady (HKLM\...\Steam App 253110) (Version:  - Harvester Games)
The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version PLus UPDATE 10 1.00 (HKLM\...\The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version PLus UPDATE 10 1.00) (Version:  - )
The Elder Scrolls V Skyrim Dragonborn DLC Deutsche Version 1.00 (HKLM\...\The Elder Scrolls V Skyrim Dragonborn DLC Deutsche Version 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
The Elder Scrolls V Skyrim Update 11 (1.8.151.0.7) Deutsche Version 1.00 (HKLM\...\The Elder Scrolls V Skyrim Update 11 (1.8.151.0.7) Deutsche Version 1.00) (Version:  - )
The Evil Within Demo (HKLM\...\Steam App 329960) (Version:  - Tango Gameworks)
The Lord of the Rings - Conquest (HKLM\...\The Lord of the Rings - Conquest_is1) (Version:  - )
The Novelist (HKLM\...\Steam App 245150) (Version:  - Orthogonal Games)
The Ship (HKLM\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Sims 2: Ultimate Collection (HKLM\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Swapper (HKLM\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Train 1.0 (HKLM\...\The Train 1.0) (Version: 1.0 - Cat-A-Cat)
Thief - Deadly Shadows (HKLM\...\{FC123EEA-330A-4685-911C-95B8F5E9DE68}) (Version: 1.0 - )
Thief (HKLM\...\Steam App 239160) (Version:  - Eidos-Montréal)
Third Age - Total War 3.0 (Part 1of2) (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
Titan Quest (HKLM\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Tom Clancy's Ghost Recon Advanced Warfighter® 2 DEMO SP (HKLM\...\{2551B1D3-30D3-409B-B905-751A70B26C03}) (Version: 1.00.0000 - UBISOFT)
Tom Clancy's Splinter Cell Conviction v1.04 (HKLM\...\Tom Clancy's Splinter Cell Conviction_is1) (Version:  - Spieler)
Tomb Raider (HKLM\...\Steam App 203160) (Version:  - Crystal Dynamics)
Torchlight II (HKLM\...\Steam App 200710) (Version:  - Runic Games)
Total War: ROME II - Emperor Edition (HKLM\...\Steam App 214950) (Version:  - Creative Assembly)
Tower of Guns (HKLM\...\Steam App 266110) (Version:  - Terrible Posture Games)
TrackMania Nations Forever (HKLM\...\Steam App 11020) (Version:  - Nadeo)
TreeSize Free V2.7 (HKLM\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Tunatic (HKLM\...\Tunatic) (Version:  - )
Tunngle - Brio HD Skin Version 1.0 (HKLM\...\{FE600607-335B-4CC2-A50D-90EECE0356ED}_is1) (Version: 1.0 - Brioche for the Tunngle.Net Community)
Tunngle Version Tunngle (HKLM\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Two Worlds II (HKLM\...\Two Worlds II) (Version: 1.3.0.0 - )
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ubuntu (HKLM\...\Wubi) (Version: 12.04.1-rev273 - Ubuntu)
Unity Web Player (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-9f1c6fcf-0541-47e3-bb42-0f85fbc9e43d) (Version:  - Epic Games, Inc.)
Update 2.0.11.0 for "Men of War: Assault Squad" (HKLM\...\{D8B5C1BB-5951-422D-A4D5-451675614956}_update2.0.11.0) (Version: 2.0.11.0 - )
Uplay (HKLM\...\Uplay) (Version: 2.0 - Ubisoft)
Velvet Assassin (HKLM\...\Steam App 16720) (Version:  - Replay Studios)
Vertical Drop Heroes HD (HKLM\...\Steam App 311480) (Version:  - Nerdook Productions)
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VTFEdit 1.2.5 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wanderlust: Rebirth (HKLM\...\Steam App 211580) (Version:  - Yeti Trunk)
Warlock - Master of the Arcane (HKLM\...\Steam App 203630) (Version:  - Ino-Co Plus)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net  (03/11/2013 10.0.0.234) (HKLM\...\99C882A44FD971DC797FE21420A3099DECE89966) (Version: 03/11/2013 10.0.0.234 - Qualcomm Atheros Communications Inc.)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. Net  (03/11/2013 10.0.0.234) (HKLM\...\9F26BE7C257739D7488254A1B5CBFE820E44E902) (Version: 03/11/2013 10.0.0.234 - Qualcomm Atheros Communications Inc.)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WS_Enabler (HKLM\...\S-815932687) (Version: 3.1.0.1226 - PremiumSoft) <==== ATTENTION
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)
Xilisoft ISO Maker (HKLM\...\Xilisoft ISO Maker) (Version: 1.0.21.0112 - Xilisoft)
Yet Another Zombie Defense (HKLM\...\Steam App 270550) (Version:  - Awesome Games Studio)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION
You Have to Win the Game (HKLM\...\Steam App 286100) (Version:  - Minor Key Games)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{22848257-6a2d-4d2a-8d56-c886d25b8b58}\InprocServer32 -> C:\Users\Jul\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Jul\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Jul\AppData\Roaming\moters\mentste.dll () <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{cbd32acd-3033-5dc4-af3e-a32955785032}\InprocServer32 -> C:\Users\Jul\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb.dll ()
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Jul\AppData\Local\Temp\f4f17353B0.exe No File
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

==================== Restore Points  =========================

03-02-2015 09:51:59 Windows Update

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0FE75F76-05CE-4C92-8F16-4321286179D1} - System32\Tasks\advSRS5 => C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-01-28] (SEC)
Task: {105CCC59-C844-479E-8E75-A0137BB80D96} - System32\Tasks\{049A1C24-D2D8-4567-9D6D-F8383BAB2C44} => pcalua.exe -a "C:\Program Files\Electronic Arts\Die Schlacht um Mittelerde II\extra_uninst.exe" -d "C:\Program Files\Electronic Arts\Die Schlacht um Mittelerde II"
Task: {1542D16C-E5F9-40A6-95D6-A4574B382F46} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {1AC19D3E-BCC1-4F79-98BF-B2D82A7DDC7C} - \zufap3002 No Task File <==== ATTENTION
Task: {21CBA4EA-F1FB-4D45-9AE5-FD9F0D058E27} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {2CF3ACEC-8748-4821-BC59-23F099383378} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {32CB7AE5-68B5-4228-96F5-3DA3AFB66F65} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {32F0DD72-0817-490A-A0B2-31823A06F504} - System32\Tasks\{0CCE2ECC-9086-44A1-82A3-8F5C6FC71B73} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{2551B1D3-30D3-409B-B905-751A70B26C03}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {353DD8CF-A31E-457C-A30B-73E39FDA367B} - System32\Tasks\{827E2852-7706-4B91-9EBE-DBEF32649C4A} => c:\program files\opera next\opera.exe [2012-07-09] (Opera Software)
Task: {398B32FA-7848-4FB1-8A83-20DEFBCE40BC} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {39C7300E-1ACA-4204-97CC-1CC243CB1B8C} - System32\Tasks\{D92DC94D-6E95-4A36-A1E2-365CA1106C24} => pcalua.exe -a E:\setup.exe -d E:\
Task: {4479EEFA-0A9E-4F38-8E46-B140635A481F} - \GS.Enabler-S-1824435291 No Task File <==== ATTENTION
Task: {5661A87A-EA9C-4989-8047-AEB64A1811D6} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel.exe [2010-11-15] (SRS Labs, Inc.)
Task: {65A65475-8924-4FAF-8505-545D14BE4FDD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {935DE525-6405-43B7-B56A-7C5AD2330D0A} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe
Task: {9C8BA281-4907-40DE-806C-9E582E7E43A6} - System32\Tasks\{696500DC-1ACD-4AD7-B092-4C9731F67AD6} => pcalua.exe -a "C:\Program Files\Maxis\SimCity 4\eauninstall.exe" -d "C:\Program Files\Maxis\SimCity 4"
Task: {AD2D0C22-8C7C-4A9F-845E-48069C5D3605} - System32\Tasks\WifiManager => C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {B53EC1DA-B551-4F80-9FAA-32D716ABAE92} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe
Task: {CDC268C6-9FD0-4E0B-979C-59A1A50607A6} - System32\Tasks\{9A380426-921D-4A51-8EEE-F4769519B85C} => pcalua.exe -a "C:\Program Files\Electronic Arts\Die Schlacht um Mittelerde II\EAUninstall.exe"
Task: {D1C20394-7C93-45C2-9ABC-3F7E4284F8AF} - System32\Tasks\{67E70911-626E-4DAC-B71A-413A8E801400} => pcalua.exe -a "E:\urban terror\unins000.exe" -d "E:\urban terror"
Task: {D8DEEB7E-769F-48D0-9286-4ADD61682A99} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe
Task: {E3C1D5A4-F5A1-4BFF-88A1-168BEF1A0AD3} - System32\Tasks\{378434CA-B7EE-44F1-A2F7-2DB1D6962527} => pcalua.exe -a C:\Users\Jul\Desktop\basic-miktex-2.9.4521.exe -d C:\Users\Jul\Desktop
Task: {E83B894C-BB09-45DA-8A2E-016EE395F50B} - System32\Tasks\AdobeAAMUpdater-1.0-Jul-01-Jul => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {EB804975-3CD0-421F-AE16-F0C25A85FD48} - System32\Tasks\OZTQSYNJ => C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe <==== ATTENTION
Task: {F536A8EA-9A6B-43C4-B70C-8570A38C27CE} - System32\Tasks\MTSO => C:\Users\Jul\AppData\Roaming\MTSO.exe <==== ATTENTION
Task: {F936E3B7-E1AC-48A3-BBAE-65E7CBEE2226} - System32\Tasks\sondhschedule => C:\Users\Jul\AppData\Roaming\Booster-Web\Booster-Web-Installer.exe [2015-01-27] ()
Task: {FC9F52B2-4770-4387-A152-286293AB3BE5} - System32\Tasks\NUB => C:\Users\Jul\AppData\Roaming\NUB.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GS.Enabler-S-1824435291.job => c:\programdata\house of soft\gs.enabler\GS.Enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\MTSO.job => C:\Users\Jul\AppData\Roaming\MTSO.exe <==== ATTENTION
Task: C:\Windows\Tasks\NUB.job => C:\Users\Jul\AppData\Roaming\NUB.exe <==== ATTENTION
Task: C:\Windows\Tasks\OZTQSYNJ.job => C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2014-10-03 01:01 - 2014-07-02 21:54 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-03 01:11 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2015-02-01 19:54 - 2015-01-27 17:31 - 00177808 _____ () C:\ProgramData\SecurityUtility\ColorMediaCrt.dll
2012-05-27 14:17 - 2014-09-13 21:25 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2012-05-05 19:38 - 2012-05-05 19:29 - 00244904 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2015-02-01 19:54 - 2015-01-30 16:02 - 00615936 _____ () C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe
2014-03-20 10:23 - 2014-03-20 10:23 - 00691360 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
2012-05-21 19:01 - 2012-02-17 19:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2014-10-07 21:27 - 2014-10-07 21:27 - 00117760 _____ () C:\Users\Jul\AppData\Roaming\moters\mentste.dll
2014-10-16 20:37 - 2014-10-16 20:37 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\17c296575fad30d021e6370dc70cf800\IsdiInterop.ni.dll
2012-05-05 11:52 - 2011-02-18 07:16 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2009-11-02 13:20 - 2009-11-02 13:20 - 00619816 _____ () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 13:23 - 2009-11-02 13:23 - 00013096 _____ () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2012-05-05 19:27 - 2006-08-12 11:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files\Steam\libavcodec-56.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files\Steam\libavformat-56.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2013-04-07 15:22 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files\Steam\SDL2.dll
2014-12-07 18:14 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files\Steam\v8.dll
2014-12-07 18:14 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files\Steam\icui18n.dll
2014-12-07 18:14 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files\Steam\icuuc.dll
2014-05-22 18:37 - 2015-02-06 23:03 - 02357952 _____ () C:\Program Files\Steam\video.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2013-04-07 15:22 - 2015-02-06 23:03 - 00701632 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2014-12-07 18:14 - 2015-02-06 23:03 - 03924160 _____ () C:\Program Files\Steam\bin\panorama\panorama.dll
2013-04-07 15:22 - 2015-02-06 23:03 - 00138432 _____ () C:\Program Files\Steam\bin\audio.dll
2013-04-07 15:22 - 2014-11-11 19:48 - 00071680 _____ () C:\Program Files\Steam\bin\mssmp3.asi
2013-07-15 13:17 - 2014-11-11 19:48 - 00153088 _____ () C:\Program Files\Steam\bin\mssvoice.asi
2015-02-01 20:34 - 2015-01-23 11:37 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00347328 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2014-04-20 01:42 - 2015-02-01 20:58 - 00642344 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-07-14 12:40 - 2014-12-08 14:06 - 36966968 _____ () C:\Users\Jul\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-14 12:40 - 2014-12-08 14:06 - 00374840 _____ () C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-07-14 12:44 - 2014-12-08 14:06 - 00867896 _____ () C:\Users\Jul\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-07-14 12:40 - 2014-12-08 14:06 - 00886840 _____ () C:\Users\Jul\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-07-14 12:40 - 2014-12-08 14:06 - 00108600 _____ () C:\Users\Jul\AppData\Roaming\Spotify\Data\libegl.dll
2013-04-07 15:22 - 2015-01-28 02:30 - 34641288 _____ () C:\Program Files\Steam\bin\libcef.dll
2014-08-14 22:02 - 2015-01-28 02:30 - 01709960 _____ () C:\Program Files\Steam\bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2741185204-2122887262-4188245074-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2741185204-2122887262-4188245074-1011 - Limited - Enabled)
Gast (S-1-5-21-2741185204-2122887262-4188245074-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2741185204-2122887262-4188245074-1003 - Limited - Enabled)
Jul (S-1-5-21-2741185204-2122887262-4188245074-1000 - Administrator - Enabled) => C:\Users\Jul
Stefan (S-1-5-21-2741185204-2122887262-4188245074-1004 - Administrator - Enabled) => C:\Users\Stefan

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/08/2015 01:42:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ColorMedia.exe, Version: 2.3.2.2, Zeitstempel: 0x54c1cd71
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x531599f6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0x4648
Startzeit der fehlerhaften Anwendung: 0xColorMedia.exe0
Pfad der fehlerhaften Anwendung: ColorMedia.exe1
Pfad des fehlerhaften Moduls: ColorMedia.exe2
Berichtskennung: ColorMedia.exe3

Error: (02/07/2015 06:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ColorMedia.exe, Version: 2.3.2.2, Zeitstempel: 0x54c1cd71
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x531599f6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0x804
Startzeit der fehlerhaften Anwendung: 0xColorMedia.exe0
Pfad der fehlerhaften Anwendung: ColorMedia.exe1
Pfad des fehlerhaften Moduls: ColorMedia.exe2
Berichtskennung: ColorMedia.exe3

Error: (02/06/2015 07:01:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29188

Error: (02/06/2015 07:01:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29188

Error: (02/06/2015 07:01:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/06/2015 07:01:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 28190

Error: (02/06/2015 07:01:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 28190

Error: (02/06/2015 07:01:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/06/2015 07:01:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27176

Error: (02/06/2015 07:01:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27176


System errors:
=============
Error: (02/08/2015 08:46:52 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (02/08/2015 08:24:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (02/08/2015 08:24:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (02/08/2015 08:24:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (02/08/2015 08:24:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (02/08/2015 08:24:20 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (02/08/2015 08:24:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (02/08/2015 08:24:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (02/08/2015 08:24:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (02/08/2015 08:24:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (02/08/2015 01:42:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ColorMedia.exe2.3.2.254c1cd71KERNELBASE.dll6.1.7601.18409531599f6e06d73630000812f464801d042fc5876446aC:\ProgramData\SecurityUtility\ColorMedia.exeC:\Windows\system32\KERNELBASE.dll51de9deb-af2b-11e4-ac9c-e811324622ab

Error: (02/07/2015 06:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ColorMedia.exe2.3.2.254c1cd71KERNELBASE.dll6.1.7601.18409531599f6e06d73630000812f80401d042caad197e9eC:\ProgramData\SecurityUtility\ColorMedia.exeC:\Windows\system32\KERNELBASE.dll6854bc80-aeef-11e4-ac9c-e811324622ab

Error: (02/06/2015 07:01:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29188

Error: (02/06/2015 07:01:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29188

Error: (02/06/2015 07:01:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/06/2015 07:01:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 28190

Error: (02/06/2015 07:01:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 28190

Error: (02/06/2015 07:01:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/06/2015 07:01:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27176

Error: (02/06/2015 07:01:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27176


CodeIntegrity Errors:
===================================
  Date: 2014-08-13 15:05:42.495
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.492
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.489
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.482
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.479
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.476
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.460
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.457
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.454
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.447
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 90%
Total physical RAM: 2868.49 MB
Available physical RAM: 260.68 MB
Total Pagefile: 5735.27 MB
Available Pagefile: 1266.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1868.99 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:275.86 GB) (Free:37.74 GB) NTFS
Drive d: (ACB) (CDROM) (Total:7.78 GB) (Free:0 GB) CDFS
Drive e: (INTENSO) (Fixed) (Total:1862.55 GB) (Free:932.32 GB) FAT32
Drive x: () (Network) (Total:917.07 GB) (Free:241.22 GB) 

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 3EC49987)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=275.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22.1 GB) - (Type=27)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 8A40FF20)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0C)

==================== End Of Log ============================

Zubato · 09.02.2015, 17:15

Code:

ATTFilter

OTL logfile created on: 02.02.2015 18:19:17 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jul\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,80 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 56,33% Memory free
5,60 Gb Paging File | 2,74 Gb Available in Paging File | 48,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 275,86 Gb Total Space | 37,98 Gb Free Space | 13,77% Space Free | Partition Type: NTFS
Drive D: | 7,78 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1862,55 Gb Total Space | 942,87 Gb Free Space | 50,62% Space Free | Partition Type: FAT32
Drive X: | 917,07 Gb Total Space | 241,22 Gb Free Space | 26,30% Space Free | Partition Type: NTFS
 
Computer Name: JUL-01 | User Name: Jul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jul\Desktop\otl.exe (OldTimer Tools)
PRC - C:\Program Files\CinemaP-1.9cV02.02\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-1-6.exe (Cinema PlusV02.02)
PRC - C:\Program Files\Raptr\raptr_im.exe (Raptr, Inc)
PRC - C:\Program Files\Raptr\raptr.exe (Raptr, Inc)
PRC - C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe ()
PRC - C:\ProgramData\SecurityUtility\ColorMedia.exe (CartCrunch Israel Ltd.)
PRC - C:\Program Files\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
PRC - C:\Program Files\streamWriter\streamwriter.exe (streamwriter.org)
PRC - C:\Users\Jul\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
PRC - C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe ()
PRC - C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\CyberGhost 5\Service.exe (CyberGhost S.R.L)
PRC - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
PRC - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe (A-Volute)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
PRC - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE (Broadcom Corporation)
PRC - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Broadcom Corporation)
PRC - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Broadcom Corporation)
PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Raptr\ltc_host_ex.dll ()
MOD - C:\Users\Jul\AppData\Roaming\Spotify\Data\libcef.dll ()
MOD - C:\Users\Jul\AppData\Roaming\Spotify\Data\libGLESv2.dll ()
MOD - C:\Users\Jul\AppData\Roaming\Spotify\Data\ffmpegsumo.dll ()
MOD - C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe ()
MOD - C:\Users\Jul\AppData\Roaming\Spotify\Data\libEGL.dll ()
MOD - C:\Users\Jul\AppData\Roaming\moters\mentste.dll ()
MOD - C:\Program Files\Raptr\libvlccore.dll ()
MOD - C:\Program Files\Raptr\libvlc.dll ()
MOD - C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\Program Files\Raptr\heliotrope._purple.pyd ()
MOD - C:\Program Files\Raptr\PyQt4.QtCore.pyd ()
MOD - C:\Program Files\Raptr\PyQt4.QtNetwork.pyd ()
MOD - C:\Program Files\Raptr\PyQt4.QtGui.pyd ()
MOD - C:\Program Files\Raptr\PyQt4.QtWebKit.pyd ()
MOD - C:\Program Files\Raptr\sip.pyd ()
MOD - C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
MOD - C:\Program Files\Raptr\amd_ags.dll ()
MOD - C:\Program Files\Raptr\liboscar.dll ()
MOD - C:\Program Files\Raptr\plugins\libicq.dll ()
MOD - C:\Program Files\Raptr\plugins\libaim.dll ()
MOD - C:\Program Files\Raptr\libjabber.dll ()
MOD - C:\Program Files\Raptr\libymsg.dll ()
MOD - C:\Program Files\Raptr\plugins\libirc.dll ()
MOD - C:\Program Files\Raptr\plugins\ssl-nss.dll ()
MOD - C:\Program Files\Raptr\plugins\ssl.dll ()
MOD - C:\Program Files\Raptr\plugins\libyahoojp.dll ()
MOD - C:\Program Files\Raptr\plugins\libmsn.dll ()
MOD - C:\Program Files\Raptr\plugins\libxmpp.dll ()
MOD - C:\Program Files\Raptr\plugins\libyahoo.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Raptr\libxml2-2.dll ()
MOD - C:\Program Files\Raptr\sqlite3.dll ()
MOD - C:\Program Files\Raptr\zlib1.dll ()
MOD - C:\Program Files\Raptr\win32gui.pyd ()
MOD - C:\Program Files\Raptr\win32file.pyd ()
MOD - C:\Program Files\Raptr\win32api.pyd ()
MOD - C:\Program Files\Raptr\win32process.pyd ()
MOD - C:\Program Files\Raptr\win32trace.pyd ()
MOD - C:\Program Files\Raptr\gobject._gobject.pyd ()
MOD - C:\Program Files\Raptr\win32com.shell.shell.pyd ()
MOD - C:\Program Files\Raptr\pythoncom26.dll ()
MOD - C:\Program Files\Raptr\pywintypes26.dll ()
MOD - C:\Program Files\Raptr\PIL._imaging.pyd ()
MOD - C:\Program Files\Raptr\_ssl.pyd ()
MOD - C:\Program Files\Raptr\unicodedata.pyd ()
MOD - C:\Program Files\Raptr\_hashlib.pyd ()
MOD - C:\Program Files\Raptr\pyexpat.pyd ()
MOD - C:\Program Files\Raptr\_ctypes.pyd ()
MOD - C:\Program Files\Raptr\_sqlite3.pyd ()
MOD - C:\Program Files\Raptr\_socket.pyd ()
MOD - C:\Program Files\Raptr\select.pyd ()
MOD - C:\Program Files\Raptr\winsound.pyd ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (ZAtheros Wlan Agent) -- C:\Program Files\Atheros\Ath_WlanAgent.exe File not found
SRV - (Futuremark SystemInfo Service) -- C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe File not found
SRV - (globalUpdatem) -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (globalUpdate)
SRV - (globalUpdate) -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (globalUpdate)
SRV - (SecurityUtility Service) -- C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe ()
SRV - (ColorMedia) -- C:\ProgramData\SecurityUtility\ColorMedia.exe (CartCrunch Israel Ltd.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (HiPatchService) -- C:\Program Files\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Origin Client Service) -- C:\Program Files\Origin\OriginClientService.exe (Electronic Arts)
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation)
SRV - (TunngleService) -- C:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (CGVPNCliService) -- C:\Program Files\CyberGhost 5\Service.exe (CyberGhost S.R.L)
SRV - (GalaxyService) -- C:\Program Files\GalaxyClient\GalaxyService.exe (GOG.com)
SRV - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV - (NvNetworkService) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (EasyAntiCheat) -- C:\Windows\System32\EasyAntiCheat.exe (EasyAntiCheat Ltd)
SRV - (AVP15.0.0) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe (Kaspersky Lab ZAO)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Connectify) -- C:\Program Files\Connectify\ConnectifyService.exe (Connectify)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (LMIGuardianSvc) -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (RzKLService) -- C:\Program Files\Razer\Razer Game Booster\RzKLService.exe (Razer Inc.)
SRV - (RzMaelstromVADStreamingService) -- C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe (A-Volute)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TeamViewer8) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Sony PC Companion) -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (wltrysvc) -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Broadcom Corporation)
SRV - (UNS) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (XDva405) -- C:\Windows\system32\XDva405.sys File not found
DRV - (XDva404) -- C:\Windows\system32\XDva404.sys File not found
DRV - (XDva402) -- C:\Windows\system32\XDva402.sys File not found
DRV - (XDva401) -- C:\Windows\system32\XDva401.sys File not found
DRV - (WinRing0_1_2_0) -- C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys File not found
DRV - (VBoxNetFlt) -- system32\DRIVERS\VBoxNetFlt.sys File not found
DRV - (taphss6) -- system32\DRIVERS\taphss6.sys File not found
DRV - (massfilter) -- system32\drivers\massfilter.sys File not found
DRV - (HSPADataCardusbser) -- system32\DRIVERS\HSPADataCardusbser.sys File not found
DRV - (HSPADataCardusbnmea) -- system32\DRIVERS\HSPADataCardusbnmea.sys File not found
DRV - (HSPADataCardusbmdm) -- system32\DRIVERS\HSPADataCardusbmdm.sys File not found
DRV - (EagleNT) -- C:\Windows\system32\drivers\EagleNT.sys File not found
DRV - (cpuz136) -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys File not found
DRV - (afdpkjlu) --  File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab ZAO)
DRV - (klflt) -- C:\Windows\System32\drivers\klflt.sys (Kaspersky Lab ZAO)
DRV - (MBAMWebAccessControl) -- C:\Windows\System32\drivers\mwac.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvpciflt) -- C:\Windows\System32\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV - (klhk) -- C:\Windows\System32\drivers\klhk.sys (Kaspersky Lab ZAO)
DRV - (nvvad_WaveExtensible) -- C:\Windows\System32\drivers\nvvad32v.sys (NVIDIA Corporation)
DRV - (klkbdflt) -- C:\Windows\System32\drivers\klkbdflt.sys (Kaspersky Lab ZAO)
DRV - (kneps) -- C:\Windows\System32\drivers\kneps.sys (Kaspersky Lab ZAO)
DRV - (kltdi) -- C:\Windows\System32\drivers\kltdi.sys (Kaspersky Lab ZAO)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (cnnctfy3) -- C:\Windows\System32\drivers\cnnctfy3.sys (Connectify)
DRV - (RZMAELSTROMVADService) -- C:\Windows\System32\drivers\RzMaelstromVAD.sys (Windows (R) Win 7 DDK provider)
DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab ZAO)
DRV - (VBoxNetAdp) -- C:\Windows\System32\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (klpd) -- C:\Windows\System32\drivers\klpd.sys (Kaspersky Lab ZAO)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (tenCapture) -- C:\Windows\System32\drivers\tenCapture.sys (Hajo Krabbenhöft)
DRV - (AMPPAL) -- C:\Windows\System32\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (IntcDAud) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Qualcomm Atheros Communications, Inc.)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (clwvd) -- C:\Windows\System32\drivers\clwvd.sys (CyberLink Corporation)
DRV - (BCM42RLY) -- C:\Windows\System32\drivers\bcm42rly.sys (Broadcom Corporation)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (HECI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (tap0901t) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (VCSVADHWSer) -- C:\Windows\System32\drivers\vcsvad.sys (Avnex)
DRV - (scramby_out) -- C:\Windows\System32\drivers\scramby_out.sys (RapidSolution Software AG)
DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (scramby) -- C:\Windows\System32\drivers\scramby.sys (RapidSolution Software AG)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1422816583&from=cvs4&uid=TOSHIBAXMK3265GSX_217ID6EDBXX217ID6EDB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1422816583&from=cvs4&uid=TOSHIBAXMK3265GSX_217ID6EDBXX217ID6EDB&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1422816583&from=cvs4&uid=TOSHIBAXMK3265GSX_217ID6EDBXX217ID6EDB&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1422816583&from=cvs4&uid=TOSHIBAXMK3265GSX_217ID6EDBXX217ID6EDB
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://istart.webssearches.com/web/?type=ds&ts=1422816583&from=cvs4&uid=TOSHIBAXMK3265GSX_217ID6EDBXX217ID6EDB&q={searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = hxxp://websearch.fastsearchings.info/?l=1&q={searchTerms}&pid=625&r=2014/07/03&hid=1071830447083835621&lg=EN&cc=DE&unqvl=56
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSS&chn=retail&geo=DE&ver=2014&locale=de_DE&gct=kwd&qsrc=2869
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSS&chn=retail&geo=DE&ver=2014&locale=de_DE&gct=kwd&qsrc=2869
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSS&chn=retail&geo=DE&ver=2014&locale=de_DE&gct=kwd&qsrc=2869
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
 
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1422816583&from=cvs4&uid=TOSHIBAXMK3265GSX_217ID6EDBXX217ID6EDB
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.mail.ru/?ieverfix=1&fr=ieverfix_sg
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..\SearchScopes,DefaultScope = {FFEBBF0A-C22C-4172-89FF-45215A135AC7}
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325580&octid=EB_ORIGINAL_CTID&ISID=MD4C7E4CF-FE6B-427E-B894-7D9439C0B630&SearchSource=58&CUI=&UM=2&UP=SP1949E65B-F478-4216-93A4-8C77FFFD66C1&q={searchTerms}&SSPV=
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&babsrc=SP_ss_wls&mntrId=D2437A7900000000&affID=121232&tt=290713_190&tsp=4958
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..\SearchScopes\{310E121A-788D-4D56-94F0-AFC6468A7852}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://istart.webssearches.com/web/?type=ds&ts=1422816583&from=cvs4&uid=TOSHIBAXMK3265GSX_217ID6EDBXX217ID6EDB&q={searchTerms}
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..\SearchScopes\{5BCDEDD9-641B-4373-830C-8F6997D12DBC}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = hxxp://websearch.fastsearchings.info/?l=1&q={searchTerms}&pid=625&r=2014/07/03&hid=1071830447083835621&lg=EN&cc=DE&unqvl=56
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = hxxp://go.mail.ru/search?q={SearchTerms}&ieverfix=1&fr=ieverfix_dse
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1422816583&from=cvs4&uid=TOSHIBAXMK3265GSX_217ID6EDBXX217ID6EDB
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.mail.ru/?ieverfix=1&fr=ieverfix_sg
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = {FFEBBF0A-C22C-4172-89FF-45215A135AC7}
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325580&octid=EB_ORIGINAL_CTID&ISID=MD4C7E4CF-FE6B-427E-B894-7D9439C0B630&SearchSource=58&CUI=&UM=2&UP=SP1949E65B-F478-4216-93A4-8C77FFFD66C1&q={searchTerms}&SSPV=
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&babsrc=SP_ss_wls&mntrId=D2437A7900000000&affID=121232&tt=290713_190&tsp=4958
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{310E121A-788D-4D56-94F0-AFC6468A7852}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://istart.webssearches.com/web/?type=ds&ts=1422816583&from=cvs4&uid=TOSHIBAXMK3265GSX_217ID6EDBXX217ID6EDB&q={searchTerms}
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{5BCDEDD9-641B-4373-830C-8F6997D12DBC}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = hxxp://websearch.fastsearchings.info/?l=1&q={searchTerms}&pid=625&r=2014/07/03&hid=1071830447083835621&lg=EN&cc=DE&unqvl=56
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = hxxp://go.mail.ru/search?q={SearchTerms}&ieverfix=1&fr=ieverfix_dse
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..extensions.enabledAddons: OIBMBKA115048682%40HYKFIU97176590.com:0.95.56
FF - prefs.js..extensions.enabledAddons: content_blocker%40kaspersky.com:4.0.10.15
FF - prefs.js..extensions.enabledAddons: virtual_keyboard%40kaspersky.com:4.0.10.15
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:4.0.10.15
FF - prefs.js..extensions.enabledAddons: online_banking%40kaspersky.com:4.0.10.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1: C:\Program Files\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/content_blocker: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015.02.02 12:38:16 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/online_banking: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015.02.02 12:38:16 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/virtual_keyboard: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015.02.02 12:38:17 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0:  File not found
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files\OnLive\Plugin\npolgdet.dll File not found
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Jul\AppData\LocalLow\Sony Online Entertainment\npsoe.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\Jul\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF - HKCU\Software\MozillaPlugins\sony.com/MediaGoDetector: C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}: C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.6.0.73\coFFFw\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015.02.02 12:38:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015.02.02 12:38:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015.02.02 12:38:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015.02.02 12:38:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015.02.02 12:38:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.3.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.3.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2014.11.17 15:57:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jul\AppData\Roaming\Mozilla\Extensions
[2015.02.02 17:46:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jul\AppData\Roaming\Mozilla\firefox\Profiles\b3izpfhg.default\extensions
[2015.02.02 17:46:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jul\AppData\Roaming\Mozilla\firefox\Profiles\b3izpfhg.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack
[2015.02.02 15:13:27 | 000,000,000 | ---D | M] ("CinemaP-1.9cV02.02") -- C:\Users\Jul\AppData\Roaming\Mozilla\firefox\Profiles\b3izpfhg.default\extensions\OIBMBKA115048682@HYKFIU97176590.com
[2015.02.02 12:10:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jul\AppData\Roaming\Mozilla\firefox\Profiles\b3izpfhg.default\extensions\staged
[2015.02.02 15:13:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jul\AppData\Roaming\Mozilla\firefox\Profiles\b3izpfhg.default\extensions\OIBMBKA115048682@HYKFIU97176590.com\extensionData
[2015.02.02 15:13:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jul\AppData\Roaming\Mozilla\firefox\Profiles\b3izpfhg.default\extensions\OIBMBKA115048682@HYKFIU97176590.com\extensionData\plugins
[2015.02.02 15:13:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jul\AppData\Roaming\Mozilla\firefox\Profiles\b3izpfhg.default\extensions\OIBMBKA115048682@HYKFIU97176590.com\extensionData\userCode
[2015.02.01 20:51:42 | 000,985,112 | ---- | M] () (No name found) -- C:\Users\Jul\AppData\Roaming\Mozilla\firefox\Profiles\b3izpfhg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.01.27 00:44:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.01.27 00:44:19 | 000,000,000 | ---D | M] (myCoups) -- C:\Program Files\Mozilla Firefox\extensions\agjqcacdnhemgjev@hclmgodt.org
[2015.02.01 20:34:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015.02.01 20:34:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015.02.02 12:38:16 | 000,000,000 | ---D | M] (Chặn quảng cáo) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.0\FFEXT\ANTI_BANNER@KASPERSKY.COM
[2015.02.02 12:38:16 | 000,000,000 | ---D | M] (Ngăn chặn trang web nguy hiểm) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.0\FFEXT\CONTENT_BLOCKER@KASPERSKY.COM
[2015.02.02 12:38:16 | 000,000,000 | ---D | M] (An toàn giao dịch tài chính) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.0\FFEXT\ONLINE_BANKING@KASPERSKY.COM
[2015.02.02 12:38:17 | 000,000,000 | ---D | M] (CÃ´ng cá»¥ kiá»ƒm tra liÃªn káº¿t cá»§a Kaspersky) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.0\FFEXT\URL_ADVISOR@KASPERSKY.COM
[2015.02.02 12:38:17 | 000,000,000 | ---D | M] (Bàn phím ảo) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 15.0.0\FFEXT\VIRTUAL_KEYBOARD@KASPERSKY.COM
 
Hosts file not found
O2 - BHO: (CoupExtenSion) - {104c6270-1cbc-4b65-8f90-ea6cd02ccda2} - C:\ProgramData\CoupExtenSion\erYSIaRuzWHj9I.dll File not found
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (BueesstSaveForYou) - {b1e87602-fbdc-4bbb-9052-cadc1b5d03ee} - C:\ProgramData\BueesstSaveForYou\es2W25OVTuaiAp.dll File not found
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No CLSID value found.
O3 - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Toolbar\WebBrowser: (no name) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No CLSID value found.
O3 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O4 - HKLM..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" File not found
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Broadcom Corporation)
O4 - HKLM..\Run: [ChicoSys] C:\Windows\System32\cc32\webtmr.exe (Salfeld Computer)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mbot_de_481]  File not found
O4 - HKLM..\Run: [MessengerPlusForSkypeService] "C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" File not found
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Raptr] C:\Program Files\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKU\.DEFAULT..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)
O4 - HKU\S-1-5-18..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)
O4 - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe File not found
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [avs reload sys] C:\Users\Jul\AppData\Local\Temp\tnvhwn.exe (oracle enterprises)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [driver restore update] C:\Users\Jul\AppData\Local\Temp\sgtvim.exe (paint effects ltd)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [HP Officejet 6500 E710n-z (NET)] C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe File not found
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [LiveSupport] "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log File not found
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [MailRuUpdater] C:\Users\Jul\AppData\Local\MailRu\MailRuUpdater.exe (Mail.Ru)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [msi system check] %TEMP%\gnbsso.exe File not found
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [SkypeVoiceChanger] C:\Program Files\AthTek\Voice Changer for Skype\SkypeVoiceChanger.exe /auto File not found
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [Spotify Web Helper] C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000..\Run: [stream system eng] C:\Users\Jul\AppData\Local\Temp\rnbssv.exe (kaz relay systems)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe File not found
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [avs reload sys] C:\Users\Jul\AppData\Local\Temp\tnvhwn.exe (oracle enterprises)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [driver restore update] C:\Users\Jul\AppData\Local\Temp\sgtvim.exe (paint effects ltd)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [HP Officejet 6500 E710n-z (NET)] C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe File not found
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [LiveSupport] "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log File not found
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [MailRuUpdater] C:\Users\Jul\AppData\Local\MailRu\MailRuUpdater.exe (Mail.Ru)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [msi system check] %TEMP%\gnbsso.exe File not found
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [SkypeVoiceChanger] C:\Program Files\AthTek\Voice Changer for Skype\SkypeVoiceChanger.exe /auto File not found
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Spotify Web Helper] C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [stream system eng] C:\Users\Jul\AppData\Local\Temp\rnbssv.exe (kaz relay systems)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Norton Download Manager{NF22-B22-4abb-B07C-C084B04B4F12}] C:\Users\Public\Downloads\Norton\{NF22-B22-4abb-B07C-C084B04B4F12}\NF_Installer.exe (Symantec Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\streamWriter.lnk = C:\Program Files\streamWriter\streamwriter.exe (streamwriter.org)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0
O8 - Extra context menu item: Zu Anti-Banner hinzufügen - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm ()
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Link-Untersuchung - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\ColorMedia.dll (CartCrunch Israel Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\ColorMedia.dll (CartCrunch Israel Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\ColorMedia.dll (CartCrunch Israel Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\ColorMedia.dll (CartCrunch Israel Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\ColorMedia.dll (CartCrunch Israel Ltd.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..Trusted Domains: knuddels.de ([www] http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: knuddels.de ([www] http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI_v415.cab (FuturemarkSystemInfoX Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FB53F10-9E60-4036-A931-DC60F52C3F17}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88B37941-1342-40D0-BA09-DCFA7D2FF6ED}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9B2C989-435D-45B0-B450-39D17CBD5391}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\windows\system32\nvinit.dll c:\windows\system32\nvinit.dll) - C:\Windows\System32\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\nvinit.dll) - C:\Windows\System32\nvinit.dll (NVIDIA Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.02.17 21:55:25 | 000,000,000 | ---D | M] - D:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2011.02.17 21:55:34 | 003,057,784 | R--- | M] (UBISOFT) - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2011.02.17 21:39:07 | 000,231,798 | R--- | M] () - D:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2011.02.17 21:39:07 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{054dd5e1-af97-11e3-9437-9b94ad7f775b}\Shell - "" = AutoRun
O33 - MountPoints2\{054dd5e1-af97-11e3-9437-9b94ad7f775b}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{5aa476c5-bd20-11e1-af23-e811324622ab}\Shell - "" = AutoRun
O33 - MountPoints2\{5aa476c5-bd20-11e1-af23-e811324622ab}\Shell\AutoRun\command - "" = F:\Launcher.exe
O33 - MountPoints2\{832b2e42-96ac-11e1-a9af-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{832b2e42-96ac-11e1-a9af-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2011.02.17 21:55:34 | 003,057,784 | R--- | M] (UBISOFT)
O33 - MountPoints2\{9c0303b7-be8b-11e1-8911-e811324622ab}\Shell - "" = AutoRun
O33 - MountPoints2\{9c0303b7-be8b-11e1-8911-e811324622ab}\Shell\AutoRun\command - "" = F:\Launcher.exe
O33 - MountPoints2\{b2466843-f486-11e3-a8c2-e811324622ab}\Shell - "" = AutoRun
O33 - MountPoints2\{b2466843-f486-11e3-a8c2-e811324622ab}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{ec4c2c5b-31a1-11e3-a38a-8a2832f57e22}\Shell - "" = AutoRun
O33 - MountPoints2\{ec4c2c5b-31a1-11e3-a38a-8a2832f57e22}\Shell\AutoRun\command - "" = E:\windows\Data\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015.02.02 17:48:09 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015.02.02 17:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
[2015.02.02 17:46:59 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015.02.02 17:46:59 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015.02.02 17:46:59 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2015.02.02 17:46:58 | 000,000,000 | ---D | C] -- C:\Program Files\ Malwarebytes Anti-Malware 
[2015.02.02 17:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015.02.02 17:37:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jul\Desktop\otl.exe
[2015.02.02 17:18:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2015.02.02 15:13:30 | 001,541,080 | ---- | C] (Cinema PlusV02.02) -- C:\Users\Jul\AppData\Roaming\NUB.exe
[2015.02.02 15:13:09 | 002,038,232 | ---- | C] (Cinema PlusV02.02) -- C:\Users\Jul\AppData\Roaming\MTSO.exe
[2015.02.02 15:13:06 | 000,000,000 | ---D | C] -- C:\Program Files\CinemaP-1.9cV02.02
[2015.02.02 15:12:27 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Local\ConvertAd
[2015.02.02 15:10:00 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Local\Pirates
[2015.02.02 15:09:50 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Local\Sparta
[2015.02.01 20:52:32 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Local\Macromedia
[2015.02.01 20:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
[2015.02.01 20:50:00 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Roaming\Sony Network Entertainment International LLC
[2015.02.01 20:49:12 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2015.02.01 20:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2015.02.01 20:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2015.02.01 20:48:30 | 000,644,808 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2015.02.01 20:48:30 | 000,112,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2015.02.01 20:48:30 | 000,034,400 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klhk.sys
[2015.02.01 20:35:13 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Local\Mozilla
[2015.02.01 19:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SecurityUtilityData
[2015.02.01 19:54:24 | 000,301,168 | ---- | C] (CartCrunch Israel Ltd.) -- C:\Windows\System32\ColorMedia.dll
[2015.02.01 19:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SecurityUtility
[2015.02.01 19:54:03 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Roaming\SoftwareUpdater
[2015.02.01 19:54:03 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Roaming\Booster-Web
[2015.02.01 19:54:03 | 000,000,000 | ---D | C] -- C:\Program Files\Booster-Web
[2015.02.01 19:50:59 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Local\wincheck
[2015.02.01 19:49:00 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Roaming\moters
[2015.02.01 19:48:53 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Roaming\VOPackage
[2015.02.01 19:46:43 | 000,000,000 | ---D | C] -- C:\Program Files\StormWatch
[2015.02.01 19:46:35 | 000,000,000 | ---D | C] -- C:\Program Files\mbot_de_465
[2015.02.01 19:45:46 | 001,960,408 | ---- | C] (Cinema PlusV01.02) -- C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe
[2015.02.01 19:45:46 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Local\globalUpdate
[2015.02.01 19:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\globalUpdate
[2015.02.01 19:44:37 | 000,323,720 | ---- | C] (Abengine) -- C:\Windows\System32\abengine.dll
[2015.02.01 19:44:34 | 000,000,000 | ---D | C] -- C:\Program Files\TabNav
[2015.01.28 18:37:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Red AdBlocker
[2015.01.24 17:57:29 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Roaming\LolClient
[2015.01.22 20:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2015.01.15 15:30:50 | 003,971,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015.01.15 15:30:50 | 003,916,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015.01.15 15:30:15 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2015.01.13 22:55:00 | 000,000,000 | ---D | C] -- C:\Users\Jul\Documents\MuseScore
[2015.01.13 22:26:55 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Roaming\MusE
[2015.01.13 22:26:37 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Local\MusE
[2015.01.13 21:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
[2015.01.13 21:29:18 | 000,000,000 | ---D | C] -- C:\Program Files\MuseScore
[2015.01.13 16:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2015.01.10 15:16:02 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Local\Programs
[2015.01.06 21:07:47 | 000,000,000 | ---D | C] -- C:\Users\Jul\AppData\Roaming\Awesomium
[2015.01.06 00:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\dmhgolipefccdonoakkendijofamdnae
[2015.01.05 20:30:07 | 000,000,000 | ---D | C] -- C:\ProgramData\BueesstSaveForYou
[2015.01.05 20:29:58 | 000,000,000 | ---D | C] -- C:\ProgramData\CoupExtenSion
[2015.01.04 21:05:09 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2014.10.21 13:42:32 | 046,860,733 | ---- | C] (Hi-Rez Studios) -- C:\Users\Jul\InstallHiRezGamesEnglish.exe
[2013.08.17 16:42:48 | 003,979,892 | ---- | C] (The GTK developer community) -- C:\Users\Jul\libgtk-win32-2.0-0.dll
[9 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2015.02.02 18:19:19 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015.02.02 18:13:23 | 000,003,116 | ---- | M] () -- C:\Windows\tasks\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-1-6.job
[2015.02.02 18:00:20 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.02.02 17:47:04 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2015.02.02 17:37:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jul\Desktop\otl.exe
[2015.02.02 17:31:06 | 000,001,678 | ---- | M] () -- C:\Windows\tasks\OZTQSYNJ.job
[2015.02.02 17:20:08 | 000,000,011 | ---- | M] () -- C:\END
[2015.02.02 15:18:41 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2015.02.02 15:18:02 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2015.02.02 15:14:04 | 000,002,424 | ---- | M] () -- C:\Windows\tasks\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-5_user.job
[2015.02.02 15:14:03 | 000,002,424 | ---- | M] () -- C:\Windows\tasks\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-5.job
[2015.02.02 15:13:34 | 000,003,116 | ---- | M] () -- C:\Windows\tasks\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-1-7.job
[2015.02.02 15:13:32 | 000,001,324 | ---- | M] () -- C:\Windows\tasks\NUB.job
[2015.02.02 15:13:30 | 001,541,080 | ---- | M] (Cinema PlusV02.02) -- C:\Users\Jul\AppData\Roaming\NUB.exe
[2015.02.02 15:13:21 | 000,004,136 | ---- | M] () -- C:\Windows\tasks\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-4.job
[2015.02.02 15:13:15 | 000,005,162 | ---- | M] () -- C:\Windows\tasks\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-11.job
[2015.02.02 15:13:12 | 000,001,326 | ---- | M] () -- C:\Windows\tasks\MTSO.job
[2015.02.02 15:13:09 | 002,038,232 | ---- | M] (Cinema PlusV02.02) -- C:\Users\Jul\AppData\Roaming\MTSO.exe
[2015.02.02 14:11:09 | 000,025,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.02.02 14:11:09 | 000,025,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.02.02 14:02:37 | 000,000,013 | ---- | M] () -- C:\NET.INI
[2015.02.02 14:02:22 | 000,005,408 | ---- | M] () -- C:\Windows\System32\ColorMedia.ini
[2015.02.02 14:02:01 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\Upd Inst-S-1750791845.job
[2015.02.02 14:02:00 | 000,000,460 | -H-- | M] () -- C:\Windows\tasks\GS.Enabler-S-1824435291.job
[2015.02.02 14:02:00 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\WS_Enabler-S-815932687.job
[2015.02.02 14:01:59 | 000,000,472 | -H-- | M] () -- C:\Windows\tasks\SW-Booster-S-792098896.job
[2015.02.02 14:01:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.02.02 14:01:00 | 3007,832,064 | -HS- | M] () -- C:\hiberfil.sys
[2015.02.02 12:37:52 | 000,644,808 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2015.02.02 12:37:52 | 000,112,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2015.02.01 20:17:16 | 000,003,408 | ---- | M] () -- C:\bootsqm.dat
[2015.02.01 19:45:46 | 001,960,408 | ---- | M] (Cinema PlusV01.02) -- C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe
[2015.02.01 19:44:52 | 000,004,800 | ---- | M] () -- C:\Windows\System32\abengine.ini
[2015.02.01 19:44:52 | 000,002,704 | ---- | M] () -- C:\Windows\System32\abengineOff.ini
[2015.02.01 14:21:14 | 000,003,202 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015.01.30 16:11:53 | 000,710,750 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2015.01.30 16:11:53 | 000,663,826 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015.01.30 16:11:53 | 000,155,048 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2015.01.30 16:11:53 | 000,126,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015.01.29 20:35:33 | 003,942,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015.01.28 22:40:24 | 000,323,720 | ---- | M] (Abengine) -- C:\Windows\System32\abengine.dll
[2015.01.27 17:31:28 | 000,301,168 | ---- | M] (CartCrunch Israel Ltd.) -- C:\Windows\System32\ColorMedia.dll
[2015.01.25 17:12:14 | 000,002,086 | ---- | M] () -- C:\Users\Jul\AppData\Roaming\NUB
[2015.01.25 17:12:14 | 000,001,248 | ---- | M] () -- C:\Users\Jul\AppData\Roaming\OZTQSYNJ
[2015.01.25 17:12:14 | 000,001,248 | ---- | M] () -- C:\Users\Jul\AppData\Roaming\MTSO
[2015.01.24 23:59:21 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015.01.24 23:59:20 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015.01.06 04:36:02 | 000,249,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[9 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015.02.02 17:47:04 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2015.02.02 15:14:04 | 000,002,424 | ---- | C] () -- C:\Windows\tasks\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-5_user.job
[2015.02.02 15:14:02 | 000,002,424 | ---- | C] () -- C:\Windows\tasks\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-5.job
[2015.02.02 15:13:35 | 000,003,116 | ---- | C] () -- C:\Windows\tasks\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-1-6.job
[2015.02.02 15:13:33 | 000,003,116 | ---- | C] () -- C:\Windows\tasks\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-1-7.job
[2015.02.02 15:13:31 | 000,001,324 | ---- | C] () -- C:\Windows\tasks\NUB.job
[2015.02.02 15:13:21 | 000,004,136 | ---- | C] () -- C:\Windows\tasks\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-4.job
[2015.02.02 15:13:13 | 000,005,162 | ---- | C] () -- C:\Windows\tasks\9c3a8fcc-3fa1-4b4c-8c76-a09d270328fb-11.job
[2015.02.02 15:13:11 | 000,001,326 | ---- | C] () -- C:\Windows\tasks\MTSO.job
[2015.02.01 20:35:06 | 000,001,125 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015.02.01 20:17:16 | 000,003,408 | ---- | C] () -- C:\bootsqm.dat
[2015.02.01 19:54:30 | 000,005,408 | ---- | C] () -- C:\Windows\System32\ColorMedia.ini
[2015.02.01 19:45:48 | 000,000,958 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2015.02.01 19:45:47 | 000,001,678 | ---- | C] () -- C:\Windows\tasks\OZTQSYNJ.job
[2015.02.01 19:45:47 | 000,000,954 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2015.02.01 19:44:55 | 000,000,011 | ---- | C] () -- C:\END
[2015.02.01 19:44:47 | 000,004,800 | ---- | C] () -- C:\Windows\System32\abengine.ini
[2015.02.01 19:44:47 | 000,002,704 | ---- | C] () -- C:\Windows\System32\abengineOff.ini
[2015.01.25 17:12:14 | 000,002,086 | ---- | C] () -- C:\Users\Jul\AppData\Roaming\NUB
[2015.01.25 17:12:14 | 000,001,248 | ---- | C] () -- C:\Users\Jul\AppData\Roaming\OZTQSYNJ
[2015.01.25 17:12:14 | 000,001,248 | ---- | C] () -- C:\Users\Jul\AppData\Roaming\MTSO
[2015.01.04 19:13:12 | 000,000,013 | ---- | C] () -- C:\NET.INI
[2014.12.29 20:17:44 | 003,810,012 | ---- | C] () -- C:\Users\Jul\PSX.psv
[2014.12.06 17:15:02 | 000,001,590 | ---- | C] () -- C:\Users\Jul\AppData\Local\recently-used.xbel
[2014.11.14 21:44:24 | 001,333,223 | ---- | C] () -- C:\Windows\unins000.exe
[2014.11.14 21:44:24 | 000,004,770 | ---- | C] () -- C:\Windows\unins000.dat
[2014.10.26 21:15:29 | 000,000,132 | ---- | C] () -- C:\Users\Jul\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2014.10.03 01:11:56 | 003,826,628 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2014.05.13 17:44:48 | 000,000,253 | ---- | C] () -- C:\Windows\System32\Setup.dll
[2014.05.13 17:15:21 | 000,921,600 | ---- | C] () -- C:\Windows\vorbisenc.dll
[2014.05.13 17:15:21 | 000,237,568 | ---- | C] () -- C:\Windows\OggDS.dll
[2014.05.13 17:15:21 | 000,188,416 | ---- | C] () -- C:\Windows\vorbis.dll
[2014.05.13 17:15:21 | 000,045,056 | ---- | C] () -- C:\Windows\ogg.dll
[2014.05.13 17:15:20 | 000,066,048 | ---- | C] () -- C:\Windows\MP4.dll
[2014.05.13 17:15:20 | 000,023,552 | ---- | C] () -- C:\Windows\mkunicode.dll
[2014.03.01 16:18:02 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2014.02.20 18:14:02 | 000,179,377 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2013.12.20 23:09:42 | 000,012,005 | ---- | C] () -- C:\Users\Jul\AppData\Roaming\alsoft.ini
[2013.09.29 17:07:27 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2013.09.01 12:24:16 | 001,341,859 | ---- | C] () -- C:\Users\Jul\AppData\Local\Tempmusic.ogg
[2013.08.24 11:31:09 | 031,194,939 | ---- | C] () -- C:\Users\Jul\Direwolf20_Server.zip
[2013.08.17 15:48:52 | 002,346,942 | ---- | C] () -- C:\Users\Jul\TechnicLauncher.exe
[2013.08.05 07:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2013.08.05 07:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2013.07.29 14:34:00 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\LAGARITH.DLL
[2013.04.07 13:15:40 | 000,272,292 | ---- | C] () -- C:\ProgramData\firstlsp.reg.dat
[2013.03.14 20:25:07 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2013.02.23 19:43:45 | 000,000,121 | ---- | C] () -- C:\Users\Jul\AppData\Roaming\D2Info0
[2013.02.23 19:43:45 | 000,000,008 | ---- | C] () -- C:\Users\Jul\AppData\Roaming\DofusAppId0_2
[2013.02.15 21:20:36 | 001,065,984 | ---- | C] () -- C:\Users\Jul\AppData\Local\file__0.localstorage
[2013.02.04 14:05:31 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.01.23 15:51:21 | 000,703,104 | ---- | C] () -- C:\Users\Jul\AppData\Roaming\technic-launcher.jar
[2013.01.22 17:15:53 | 000,000,475 | ---- | C] () -- C:\Users\Jul\server.properties
[2013.01.21 13:51:49 | 000,011,418 | ---- | C] () -- C:\Users\Jul\ChunkFixer.jar
[2012.12.22 00:19:43 | 000,000,091 | ---- | C] () -- C:\Users\Jul\AppData\Local\fusioncache.dat
[2012.12.17 05:06:28 | 000,000,337 | ---- | C] () -- C:\Users\Jul\AppData\Local\Perfmon.PerfmonCfg
[2012.10.01 00:14:25 | 112,327,261 | ---- | C] () -- C:\Users\Jul\VTS_01_1.mp4
[2012.07.30 07:25:04 | 000,138,056 | ---- | C] () -- C:\Users\Jul\AppData\Roaming\PnkBstrK.sys
[2012.07.05 23:36:16 | 000,006,144 | ---- | C] () -- C:\Users\Jul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.12 17:34:08 | 000,003,202 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.06.09 13:15:29 | 000,000,004 | ---- | C] () -- C:\Users\Jul\AppData\Roaming\steam_md5.dat
[2012.05.26 12:10:52 | 000,007,601 | ---- | C] () -- C:\Users\Jul\AppData\Local\Resmon.ResmonCfg
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014.11.23 18:27:35 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\.minecraft
[2014.05.29 15:33:49 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\.technic
[2013.01.23 18:26:58 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\.techniclauncher
[2012.07.19 20:04:48 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Activision
[2012.09.29 19:17:58 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\AnvSoft
[2013.02.23 19:43:47 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\app
[2014.07.26 16:41:51 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Arrowhead
[2014.11.15 23:37:29 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Audacity
[2014.11.15 23:37:29 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\avidemux
[2013.04.06 23:14:08 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Avnex
[2015.01.06 21:07:47 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Awesomium
[2013.07.29 14:20:39 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\BabSolution
[2012.10.23 17:05:18 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Babylon
[2014.06.22 14:28:49 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\BANDISOFT
[2013.03.17 11:58:59 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\BigHugeEngine
[2015.01.30 21:25:51 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Bioshock
[2015.01.06 04:05:14 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\BitTorrent
[2013.03.16 16:17:08 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Blender Foundation
[2015.02.02 12:10:36 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Booster-Web
[2014.11.18 13:55:36 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\BrawlhallaAir
[2012.09.29 17:17:26 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Canneverbe Limited
[2014.04.05 18:52:06 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Craften Terminal
[2014.12.29 14:38:18 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Curse Client
[2012.06.09 09:06:49 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\DAEMON Tools Lite
[2012.05.22 14:05:34 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\dclogs
[2013.03.06 12:53:26 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\DisneyInteractiveStudios
[2013.02.23 20:09:20 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Dofus2
[2014.06.21 23:39:29 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\DVDVideoSoft
[2013.06.12 21:13:21 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Electronic Arts
[2013.03.01 12:38:39 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Fatshark
[2014.06.27 13:17:15 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\FEZ
[2014.08.18 16:41:26 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\FiestaOnline
[2013.11.01 23:23:05 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\fltk.org
[2013.08.17 12:43:20 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\ftblauncher
[2012.10.28 13:36:40 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\GetRightToGo
[2014.11.04 19:14:21 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Ice-Pick Lodge
[2012.10.28 13:38:49 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\ImTOO
[2014.10.01 15:09:46 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Injustice
[2013.10.10 15:33:07 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Internet-Manager
[2014.04.25 16:06:08 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\IsolatedStorage
[2013.07.17 12:46:56 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\JAM Software
[2014.08.15 18:25:21 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Kalypso Media
[2012.06.18 10:48:21 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Leadertech
[2012.09.11 16:01:51 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\LEGO Company
[2014.12.07 00:07:14 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\library_dir
[2013.01.23 18:26:50 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\logs
[2015.01.24 17:57:29 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\LolClient
[2012.11.10 20:32:14 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\LucasArts
[2012.06.17 21:35:46 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\m2-multiplayer.com
[2014.10.25 21:35:59 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\MAXON
[2014.11.15 23:37:29 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2014.11.15 23:37:29 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2014.04.25 16:40:02 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\MilkShape 3D 1.x.x
[2014.10.20 17:22:29 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Minecraft Skin Viewer
[2014.10.15 17:10:47 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\MMFApplications
[2015.02.01 19:49:00 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\moters
[2013.01.08 20:08:15 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Mount&Blade
[2013.01.13 15:28:00 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Mount&Blade Warband
[2014.10.05 15:01:11 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\mp3DirectCut
[2015.01.13 22:26:55 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\MusE
[2013.08.15 20:37:27 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\NCSOFT
[2014.06.26 15:25:21 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Nidhogg
[2012.07.20 19:03:31 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Notepad++
[2014.11.04 14:54:08 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\olliolli
[2013.02.08 21:09:12 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Omerta Demo
[2012.09.25 15:46:50 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\OnLive App
[2012.05.07 17:43:07 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\OpenOffice.org
[2012.07.04 21:46:56 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Opera
[2014.12.07 00:25:31 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Origin
[2013.01.27 15:58:37 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Petroglyph
[2012.07.20 16:39:41 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\ProtectDISC
[2013.07.15 14:27:20 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\PunkBuster
[2015.02.02 17:56:36 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Raptr
[2013.06.19 19:26:51 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\runic games
[2012.09.29 12:01:55 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\S.A.D
[2014.11.15 23:39:53 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Screaming Bee
[2012.12.25 01:16:43 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\SEE
[2014.04.25 16:49:17 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\SketchUp
[2015.02.01 19:55:35 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\SoftwareUpdater
[2014.03.19 21:53:57 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Sony
[2015.02.01 20:50:00 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Sony Network Entertainment International LLC
[2014.11.15 23:37:28 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\SpaceEngineers
[2015.02.02 19:15:48 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Spotify
[2015.01.16 07:31:24 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\streamWriter
[2014.11.15 23:39:53 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Subversion
[2015.01.25 15:40:09 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Synthesia
[2013.06.19 23:19:35 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\TeamViewer
[2013.03.15 22:00:32 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\TechSmith
[2013.04.23 16:42:21 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\TERA
[2014.09.26 22:31:31 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\The Creative Assembly
[2014.05.23 16:22:44 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Thunderbird
[2014.11.15 23:37:28 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Tropico 4 Demo
[2015.02.01 16:11:21 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\TS3Client
[2012.05.27 09:39:42 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\TuneUp Software
[2014.11.18 20:59:24 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Tunngle
[2013.03.23 14:52:47 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Ubisoft
[2012.12.20 23:06:50 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Unity
[2014.11.04 21:44:19 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Vertical_Drop_Heroes_HD
[2015.02.02 17:15:03 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\VOPackage
[2014.04.07 16:47:01 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\Warner Bros. Interactive Entertainment
[2012.10.25 18:39:15 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\WB Games
[2012.07.06 01:20:08 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\WebApp
[2014.02.05 19:50:01 | 000,000,000 | ---D | M] -- C:\Users\Jul\AppData\Roaming\WizardWars
[2012.06.13 20:01:55 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\DAEMON Tools Lite
[2014.11.15 23:39:52 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\DVDVideoSoft
[2012.05.27 14:13:33 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.05.27 10:43:48 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Opera
[2012.05.27 14:16:56 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\PunkBuster
[2012.06.13 18:37:28 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Tunngle
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:EBAA0CD9
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:FB1B13D8
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

Zubato · 09.02.2015, 18:20

Code:

ATTFilter

OTL Extras logfile created on: 02.02.2015 18:19:18 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jul\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,80 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 56,33% Memory free
5,60 Gb Paging File | 2,74 Gb Available in Paging File | 48,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 275,86 Gb Total Space | 37,98 Gb Free Space | 13,77% Space Free | Partition Type: NTFS
Drive D: | 7,78 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1862,55 Gb Total Space | 942,87 Gb Free Space | 50,62% Space Free | Partition Type: FAT32
Drive X: | 917,07 Gb Total Space | 241,22 Gb Free Space | 26,30% Space Free | Partition Type: NTFS
 
Computer Name: JUL-01 | User Name: Jul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{086A87BA-9A03-4F97-A676-A263730E501E}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe | 
"{0D906E4F-C648-4169-BA02-7C44A106A755}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{15C39DE4-C837-49C0-9B5C-A79C72864AB9}" = rport=445 | protocol=6 | dir=out | app=system | 
"{181ADE41-5D29-47E5-877E-DA273BBF9B57}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{2E3D1287-9058-4C69-B693-1357B8A12F41}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{30AB84EF-EDA5-4DFF-871E-654BDFD296B5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{346E9BAE-593E-4833-85D1-7C08E0610238}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe | 
"{37E75F0F-3B96-4DBF-9FBA-AA5A480E3F7C}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe | 
"{38D2D3A4-C314-4600-AED6-D3DEDED7B51B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3C65D7A4-4FC7-4F80-BC4B-4BC35F5F2864}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{41E83956-FD56-46F7-816F-7DC2764126B0}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{43A8F9E0-4B15-4F4E-BD07-980C2CDDD322}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{4538D0B8-65F5-4D86-B315-F5B59DF23DBF}" = lport=138 | protocol=17 | dir=in | app=system | 
"{481A5D61-2303-4C72-849A-0C74B7A7F97F}" = rport=137 | protocol=17 | dir=out | app=system | 
"{4A5DB7C2-4F40-4561-BD2D-FCFFC4E948A9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{514C1C34-0D9D-44C8-B598-61F2D71D75A4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{53487FDC-9368-423B-930A-901FD3F5FA0C}" = lport=58307 | protocol=6 | dir=in | name=pando media booster | 
"{57B05DE7-F74F-4575-B642-33D4784CAEA9}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{5DEA33C2-55A6-43DE-9214-A616285040AD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{6DCE1A31-7775-4990-A445-A862FA74AFA0}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{70AD81DC-6D4D-43E5-BDE0-7B4C6147CB91}" = lport=137 | protocol=17 | dir=in | app=system | 
"{745AC74C-F0E7-4E10-82BE-EF57249036D9}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe | 
"{75E70BE2-CD78-4289-918C-9928D0E9A7D5}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{7766D55B-10C7-435D-BCEB-EF1FA32D3B96}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7A3C1480-B099-4F21-9F32-4EBD861015C4}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{7D1B4ABB-02F6-455F-B26E-FBBA2533EDB8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{855A40C7-1EA0-4777-8D10-94F57B2F6B3B}" = lport=8317 | protocol=6 | dir=in | name=techsmith camtasia studio | 
"{89A22FCF-F2B9-41E9-A398-02D97D615B6A}" = lport=2987 | protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe | 
"{8AA64FFD-9873-483F-8197-29DE6CC36921}" = lport=68 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{8E614D89-04A7-4C7B-B8F9-07E74CAD5EE8}" = lport=3389 | protocol=6 | dir=in | app=system | 
"{90C62A77-A028-4CFA-9451-1BAA2CDD9550}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{90E61766-7912-49FA-862F-8C3DEB4ED17C}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{9473B834-4DEF-41A4-94E1-B7B18EE24FAD}" = rport=139 | protocol=6 | dir=out | app=system | 
"{9916B656-EC09-4C87-A336-1752A5B9368F}" = lport=445 | protocol=6 | dir=in | app=system | 
"{9BE2862C-EF72-4E36-A36A-80758DCDFB3B}" = lport=58307 | protocol=17 | dir=in | name=pando media booster | 
"{9D41DD29-A7CF-46FF-A535-3A2DA4A0DF02}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9DF2D3AE-DD4C-43A3-8BE5-3583EA806661}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{9E6373C5-C0AF-4E37-A497-3233C39763F8}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{A4633DF6-D260-4882-98C7-4F57A175E8F7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A6940935-9517-45DF-A620-EACB6638DFA1}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{AA247614-6679-4C0A-902A-F6187748C1DF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{ACEFFE87-8967-4DBE-9221-5523BD139524}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{B84DD61A-D4B2-47CE-B035-164AE8A3639A}" = lport=58307 | protocol=17 | dir=in | name=pando media booster | 
"{BD852CA4-1A9D-4919-ACBC-1D6E95D7741E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe | 
"{BE40949D-1F61-4230-B8D6-37F85CB4BD1C}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe | 
"{BE74C6E0-35A4-4401-A808-57527A7AE4F3}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{C0F54A11-9417-40CA-A915-E42CC6337C83}" = lport=139 | protocol=6 | dir=in | app=system | 
"{D493D0E2-FB5A-4086-97C9-8D00233CAF90}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D9AF6720-94AD-4C9B-8D64-1C3D0FA86DB8}" = lport=58307 | protocol=6 | dir=in | name=pando media booster | 
"{DA76070E-3003-437F-BA36-B58BFA0C909B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{DE0B322C-F44A-400D-AF17-B95C45105747}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{DF8BB58D-CA52-4D12-9E39-B4C4BAA8D790}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E3EC956B-BB62-4249-BF38-2627E962B31A}" = rport=138 | protocol=17 | dir=out | app=system | 
"{E75514FA-9BE4-43ED-A255-87331DEF1244}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{E78053CA-8A60-4541-92FC-2664C117B53B}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{F697BE65-6583-4F6D-ACDE-5B4E175D67D7}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe | 
"{FFFE2B97-E18D-4731-B4E7-DB5DF60A6C07}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00590CA7-6C0F-459F-98E9-62EA6649113A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\wanderlust rebirth\wanderlust.exe | 
"{005F299B-C14A-4E0A-95DD-410DB1F618A6}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\slender - the arrival\slender - the arrival.exe | 
"{008C64C6-5772-4E74-A4EA-7FDB9CFCF85E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{00ABE271-D4FB-4BD7-86C5-5094BC76473B}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\batman arkham origins\singleplayer\binaries\win32\batmanorigins.exe | 
"{01239675-025D-4819-924F-2A0EDA78E74C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe | 
"{01DCDA7B-FB95-4A2A-930E-53D7D94D5869}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\payday 2\payday2_win32_release.exe | 
"{036F65F0-98F1-4717-9463-F623C00660CA}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\binary domain\binarydomain.exe | 
"{041D341D-F20D-486D-B181-AE1ADD773260}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\passing pineview forest\.autorun\autorun.exe | 
"{04DF3C47-DF1F-44DF-8806-52DC6A252AB6}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\reus\reus.exe | 
"{06FB25CE-91D3-478A-A233-C60DE0A48D23}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{0706E1F0-46FD-4074-BDF0-C1C4EF227106}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\antichamber\binaries\win32\udk.exe | 
"{072CCA18-8104-4088-A643-AED34A4C36B1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\far cry 3\bin\fc3editor.exe | 
"{073E08D9-DAA9-4DE4-AC26-C6075364434A}" = dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\sendafax.exe | 
"{076E9DB3-21A7-4B0A-A76D-CCCCB4D3569D}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\magickawizardwars\wizardwarslauncher.exe | 
"{08E69D2A-E8C5-48B0-B516-9E2DAF298B9A}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\bioshock\builds\release\bioshock.exe | 
"{09006F7F-9EA6-46F4-9B78-21AAA2B8A0D2}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\risen 2\system\risen2.exe | 
"{09CABDB0-C60B-4206-BB53-24605764E4B8}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{0A7569E3-FE88-44E0-BBB9-7F1D89EE33BE}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe | 
"{0AF0CB39-1D7D-48A6-8029-B7514E903EE9}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\portal 2\portal2.exe | 
"{0B153F25-C946-4FD1-A39C-163E12878409}" = protocol=6 | dir=in | app=c:\program files\wb games\batman arkham city\binaries\win32\batmanac.exe | 
"{0B42551D-C3DC-47F0-932B-080E92B56D7A}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr.exe | 
"{0C5CE82B-B93E-4116-8B50-817EDAEA9D24}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\surgeon simulator 2013\ss2013.exe | 
"{0C85495D-3788-4B4B-8F1A-6649B6531B59}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\gotham city impostors f2p\engine.exe | 
"{0DBD1813-9B72-4674-83F6-C9DC89977429}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\home\home-win-eng.exe | 
"{0E25B796-8787-496B-BA02-8A971FA02282}" = protocol=6 | dir=in | app=c:\users\jul\appdata\roaming\bittorrent\bittorrent.exe | 
"{0F953EAF-F0C3-44A7-A572-1ED42B8D820B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\surgeon simulator 2013\ss2013.exe | 
"{0F984CE7-64DF-497C-AEC3-83623F12C21F}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\rocketbirds_hardboiled\game.exe | 
"{0FE5EB5B-1B0C-4A6D-85A4-50E00CA1B8D6}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{10F1F8BE-83F2-484B-A94B-C012149CB738}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\eldritch\eldritch.exe | 
"{12F3864B-DEE8-4AFE-91B4-8E9A507D0F27}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\fez\fez_launchoptions.exe | 
"{135FF3EA-58A1-4CD1-AEC0-A2CA8743C0A1}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\age2hd\launcher.exe | 
"{15479FE7-1067-4725-B3D7-9C50DCC8ADA1}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\insanely twisted shadow planet\fcengine.exe | 
"{15CF3EA2-2066-4D96-9970-533D30A8A112}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe | 
"{15F38285-7753-4538-B56D-F2814EFE4934}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\risk of rain\risk of rain.exe | 
"{16470DD2-2D05-4254-A3D9-0C1E04BF5CC0}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\odp\ourdarkerpurpose.exe | 
"{16D7AB7D-BDFD-4954-B4D5-87A86646CF20}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe | 
"{16D8BDF3-D07A-4FE7-9229-8FBAC88FEC13}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\sanctum2\binaries\win32\sanctumgame-win32-shipping.exe | 
"{17C0A414-B783-49CD-9269-FC0D2C0AAF75}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\killingfloor\system\killingfloor.exe | 
"{17C7A06A-1665-424F-9E20-4391EB015840}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{1813203F-DF5D-422F-9C21-CFE60BD06B9A}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\binary domain\binarydomainconfiguration.exe | 
"{18607325-B9D5-4AD9-8C07-34605BCF6972}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\crysis wars\bin32\crysis.exe | 
"{191B3A7B-09A3-42F1-864A-89483C936CC0}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\jazzpunk\windows\jazzpunk.exe | 
"{1963EFC8-5BC9-4CDD-8EE4-C846184F8DD5}" = protocol=6 | dir=in | app=e:\oirgin games\fifa 13\game\fifa13.exe | 
"{1C003F83-411F-4DA4-90C6-0921E554C3CF}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{1CFDFF59-4486-4A22-A432-7D12D96ABAC6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\warframe\tools\launcher.exe | 
"{1D439841-9D09-49D0-B40F-EC85F956A400}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) | 
"{1E166C8E-979D-4E39-AE56-026B2F62F672}" = dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe | 
"{1E875A69-E2EE-4F6A-9671-0564DC918021}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1EEDB1B2-34C0-456B-BA9F-9386B8B2CCAC}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{2086F79A-2767-41EC-B6C9-492D4C2CCFC6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\the binding of isaac\isaac.exe | 
"{211A7051-0919-45D9-A497-DDA615E35203}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{22BA99A9-47F2-46FA-ACC1-942F02C18BF0}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{232BB6F4-2085-415C-8199-160B9A36C498}" = protocol=6 | dir=in | app=c:\program files\electronic arts\aufstieg des hexenkönigs\game.dat | 
"{23F703AF-5543-4AEC-8BFA-59E7CD95E9C6}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{24495D3B-A959-47B3-A466-50AC961E7165}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe | 
"{2460C728-CD8B-4E63-9114-2E0E966773CB}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\lego marvel super heroes\legomarvel.exe | 
"{24B11ECA-62F1-4B35-93F1-5900630A7B4C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe | 
"{24FDD6AE-3D70-44B8-B96B-E34955DD809F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\you have to win the game\thegame.exe | 
"{25D8F9DB-DD6B-4A2B-9CD0-9D5F1144FFCE}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\batman arkham origins blackgate hd\bin\game.exe | 
"{27A387E9-7EF0-4261-8D07-09BB66C004DF}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\amnesia the dark descent\launcher.exe | 
"{27EAE0E1-E2B0-438E-B3BE-FE5DDACCD61C}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\machine for pigs\launcher.exe | 
"{28CA8C88-E7EA-487B-A010-426883402856}" = protocol=6 | dir=in | app=c:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | 
"{28EEB11F-758B-4BF9-B93B-678C3213D7C5}" = protocol=6 | dir=in | app=c:\program files\opera next\opera.exe | 
"{291C135B-2F25-481F-936A-0BA776B37555}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\knock-knock\knock.cfg.exe | 
"{2944E995-4E20-4203-9D5C-4A963DE476C3}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\anna\anna.exe | 
"{294A4FBF-2584-42EA-837A-16E23E16008B}" = protocol=17 | dir=in | app=c:\program files\ubisoft\die abenteuer von tim und struppi - das geheimnis der einhorn - spieldemo\tintin.exe | 
"{2A0F33B8-1FE0-4226-94C7-DAA15D32E685}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr_im.exe | 
"{2A35B1CC-095A-4D9C-8D78-7C0B1D486B2A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\aces wild\aces wild.exe | 
"{2A4F7644-B7BD-4EB7-824F-C6402A606701}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{2A898D72-F7E5-48D7-B77E-0671374E30A8}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{2B653DB2-5D6B-430F-9859-87B9C8F9FFBF}" = protocol=17 | dir=in | app=c:\program files\electronic arts\aufstieg des hexenkönigs\game.dat | 
"{2C04CC0B-2A29-4604-88B9-BD8BEEDB0D2D}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\uplaybrowser.exe | 
"{2C5B6C01-4C30-4C30-B9CF-FEFD6531DF25}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\portal 2\portal2.exe | 
"{2CEB097B-FB38-479D-BEB6-A8900439A84C}" = protocol=6 | dir=in | app=c:\program files\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe | 
"{2D173BAA-F89B-4283-9CE1-BAFFA9A4D2B7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alan wake\alanwake.exe | 
"{2D3979C1-5151-428E-AE0D-66E56EA4F8A0}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\towerofguns\binaries\win32\udk.exe | 
"{2D3D6438-86CE-48FF-A505-97A8A7A9B144}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"{2D3E74A7-B3C4-452B-8CE8-9A3D888822F0}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe | 
"{2D8AC598-1DFA-40EC-9DD5-B5A90C262343}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\rbs\really big sky.exe | 
"{2DCE65C7-6BCC-458B-AE59-5D812264C2AF}" = protocol=6 | dir=in | app=c:\program files\opera next\pluginwrapper\opera_plugin_wrapper.exe | 
"{2DFCB34F-4308-467A-8AB9-73523C93EB3A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{2E4192D1-F2C5-45E7-9022-0A15EB5A0C91}" = protocol=6 | dir=out | app=system | 
"{2E8F6B79-B7F5-449B-A661-C0541761D05F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{2F38A37A-390D-4F1A-964F-E1BCB6BCD3AD}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\diriptide\deadislandgame_x86_rwdi.exe | 
"{306A77B1-7EE4-4FDE-9E3C-3D151376C3D8}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe | 
"{3077B5FF-0690-47AC-BD7A-2E1109CA666D}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\dlc quest\dlc.exe | 
"{308466C1-88AC-458C-86E9-F59A65BE6708}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\3dmark\bin\x86_steam_beta\3dmark.exe | 
"{30DAAEF2-1559-4E3A-8B94-1F63A8080F04}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{30DB80EC-4482-4E25-9244-EC8A990FAF6F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{31F48C7D-8AE3-4561-ACF5-85D089F9B8C6}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\receiver\receiver.exe | 
"{324FFF0C-FCD7-4AF1-853A-5E17A459431D}" = protocol=6 | dir=in | app=e:\spiele\origin\fifa world\fifaworld.exe | 
"{32E90672-68F5-43AE-BE14-FFECBBA43350}" = protocol=17 | dir=in | app=c:\program files\origin games\fifa 13\game\fifa13.exe | 
"{33341E9A-4E2A-46C4-A833-006E1E70ED31}" = dir=in | app=c:\windows\system32\mpk\mpk.exe | 
"{348D8829-6CC6-40D7-8D9D-9F2658220A4C}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{35464C36-9A37-4031-98DF-B0698A412437}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr.exe | 
"{369C3B35-B709-4AF9-B4E0-590FB6AA6616}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\assassin's creed 3\ac3mp.exe | 
"{36F3C854-BC22-4DB8-A74E-A4C980E4277D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe | 
"{371CC920-049A-44CF-8668-29F7478A913E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{3824815C-E511-4450-8257-E7410CFA893C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{38A4D451-8F45-452B-B6ED-9F4BB695E8E2}" = protocol=17 | dir=in | app=e:\spiele\origin\the sims 2 ultimate collection\fun with pets\sp9\tsbin\sims2ep9.exe | 
"{38FE3EF9-42C2-4555-AAE9-65B165429F73}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\assassin's creed 3\ac3sp.exe | 
"{390785C6-F596-4D3C-97A2-21A86BBD13B7}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\batman arkham origins\singleplayer\binaries\win32\batmanorigins.exe | 
"{39172ECD-2C6C-4060-ADC5-EA41EBEDA717}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{3982CA99-98A5-40BA-BDC5-78CA638E936E}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe | 
"{3A5165A2-2556-4664-A0AE-BA7BD9CFF98A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\terraria\terraria.exe | 
"{3A927196-4D43-4FE0-B760-587409F9B4D7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\aces wild\aces wild.exe | 
"{3B257F11-3491-43E4-9C6B-56982CF6C753}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{3BA95731-978D-4F8F-BE0B-9EECCB961775}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\hawken\binaries\win32\hawkengame-win32-shipping.exe | 
"{3D095B02-929B-4F11-8349-E1B744D4C227}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\odp\ourdarkerpurpose.exe | 
"{3D6756BC-1071-414A-999E-97A2FBDF1D08}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\rocketbirds_hardboiled\game.exe | 
"{3D681E1B-42F0-4E19-B193-FE508A20D009}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{3EA974A7-1282-4FB1-BCA8-3BE4C321AF86}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\coj gunslinger\cojgunslinger.exe | 
"{3F46CF10-C70B-4AC3-99B0-F5BAF6F0F668}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\battleblock theater\battleblocktheater.exe | 
"{3F48F530-39C3-459B-B612-51B9442A92CD}" = dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\faxapplications.exe | 
"{4055DDA1-C98E-4ED2-804F-91BC30FCB256}" = protocol=17 | dir=in | app=c:\program files\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe | 
"{4073AD5A-A900-4021-867B-20E6C2EDB938}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\vertical drop heroes hd\vertical drop heroes hd.exe | 
"{40F2E2D1-2BC6-48D3-8776-F289C9AC9BC7}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{431F2179-2DDB-467F-AFD0-630774523898}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\among the sleep\among the sleep.exe | 
"{43CA23EB-3294-4737-8F85-21BC63F34017}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\far cry 3\bin\farcry3.exe | 
"{448F9475-13BA-4674-BE6F-6BF9049B3A36}" = protocol=6 | dir=in | app=c:\program files\sony mobile\update engine\sony mobile update engine.exe | 
"{4587BBCA-B166-4BBD-8CC4-5F0897028AE3}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\thecatlady\the cat lady.exe | 
"{46E11ABB-0AE9-45F7-8189-2C9BE4F1E9DA}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr_im.exe | 
"{46F29C73-4EA5-4075-BE92-E0D70480196F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{46FC10DB-FEEA-4B4A-8195-0034B85DE11A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\3dmark\bin\x86_steam_beta\3dmark.exe | 
"{47697964-8931-4E62-B56B-33F0CCE8E4D4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe | 
"{47809D79-36A2-4D80-ACAA-F657D016B1F1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{479AA82C-9077-4617-94F2-A0D63B2851B7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{480AC637-AFB2-4B09-B83E-BF6EFC9055FB}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\the novelist\the novelist.exe | 
"{487EBE60-EF32-411F-985D-FC34B73C800A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\garrysmod\hl2.exe | 
"{49189C27-4E6A-4348-9D8C-5EC2C0C33AD6}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe | 
"{4ACC3047-7A16-4265-8F95-19AA03A414AE}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{4B635685-2AA6-45F1-9E74-687B4A7F114E}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe | 
"{4B698316-4B76-42AA-A2DC-994FFFFAEFF4}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\dlc quest\dlc.exe | 
"{4BF582F5-288E-4B33-A643-8DD1E4F02256}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\sanctum2\binaries\win32\sanctumgame-win32-shipping.exe | 
"{4C970AF6-5537-43A1-A885-6D651E108F68}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\brawlhalla\brawlhalla.exe | 
"{4DC9B500-C16F-442E-9DE6-07F335C43280}" = protocol=6 | dir=in | app=c:\program files\origin games\mirrors edge\binaries\mirrorsedge.exe | 
"{4E426D19-078A-4041-B56A-8646D9AEBE72}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{4E8FCE71-E1AC-450A-A9E1-37643A2AA2ED}" = protocol=6 | dir=in | app=e:\spiele\origin\fifa world\fifaworld.exe | 
"{501F3951-4709-48A1-82B0-25BA357B48F4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{5033651B-144D-4774-A1CF-8F2A426325DB}" = protocol=17 | dir=in | app=c:\program files\origin games\mirrors edge\binaries\mirrorsedge.exe | 
"{50B089D6-DFFA-4EA8-803B-61AF2ED344DF}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\the novelist\the novelist.exe | 
"{50F73764-3861-43EC-8F4A-BBBBB8CCB63B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe | 
"{5108EC5A-7834-4883-A082-A9977A41D998}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe | 
"{519C5671-381A-45BC-9F1D-FE71D57F6ACD}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe | 
"{51B46193-97BB-49A6-824A-D665DA4208B3}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\insanely twisted shadow planet\fcengine.exe | 
"{524216FC-49AA-484C-AD55-B26B0055995B}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\warlock - master of the arcane\game.exe | 
"{52FBE7A7-0222-4FE8-B2EA-1768685EC2DD}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\fez\fez_launchoptions.exe | 
"{5319E646-F779-49B4-A0A9-60CACCDBFE03}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\starbound\win32\launcher\launcher.exe | 
"{5346AC83-8771-4095-922B-2E57C6E67181}" = dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicatorcom.exe | 
"{53DCAC01-74FD-44A1-B1B6-3C101F65743B}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\hawken\binaries\win32\hawkengame-win32-shipping.exe | 
"{54BA29D7-A3B9-4F41-890E-D16A87440701}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\five nights at freddy's\fivenightsatfreddys.exe | 
"{58063A63-B632-4B1C-ADAE-CC445B437C69}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{5822ADD8-D063-4BBB-8FD6-659C022103B4}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\assassin's creed 3\ac3mp.exe | 
"{593C8606-D8FA-4E00-BE12-EEAB710FA451}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\among the sleep\among the sleep.exe | 
"{59586049-A756-439A-8469-BA0694572105}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\gotham city impostors f2p\engine.exe | 
"{598B5B95-5657-4AE0-A94D-1959ECE89241}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\the swapper\theswapper.exe | 
"{59C29C18-9527-48CF-8FAD-A2AB14665C3E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe | 
"{5A85EF1D-7BD7-4E12-B47D-FBE5CF06E39E}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\thecatlady\the cat lady.exe | 
"{5B54B046-5CFB-4C5B-B5FA-E99BCB57C041}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\scribblenauts unmasked\scribble.exe | 
"{5B566C92-4D33-4798-B6AD-0916E930D56C}" = protocol=17 | dir=in | app=e:\spiele\origin\fifa world\fifaworld.exe | 
"{5BB087BC-8110-45CC-ACEC-2DE84100A7BB}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe | 
"{5C322F2C-D23D-4200-81CC-4A9792C89C33}" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars empire at war\gamedata\sweaw.exe | 
"{5C6D0381-FE5F-455C-BFB0-5596C7920200}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe | 
"{5C7A0FF1-DF0D-475E-9409-AA0E099D1AE0}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\the ship\ship.exe | 
"{5C8B0376-8092-4A9E-B0AD-F459C6209AB5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\terraria\terraria.exe | 
"{5D31D727-7570-4EC2-A40F-42D475624DC4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\super meat boy\supermeatboy.exe | 
"{5D524F4C-9ED8-4970-890C-11E470D9CF72}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\betrayer\binaries\win32\betrayer.exe | 
"{5F52D6DA-86CD-437F-B02C-00371D3E0356}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\dead island epidemic\dead island epidemic - launcher.exe | 
"{5FB25B3D-6B25-418B-80E1-26AC11C7A633}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{5FBC330E-A124-419F-A253-FCC4B46AC07C}" = protocol=17 | dir=in | app=c:\program files\sony mobile\update engine\sony mobile update engine.exe | 
"{5FD52BAD-FE38-452D-8AC8-6E5043767232}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\five nights at freddy's\fivenightsatfreddys.exe | 
"{6082E326-A377-476C-9B12-88E060F5D354}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\garrysmod\hl2.exe | 
"{60C54420-7FE9-4339-8E81-B843255FD43B}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{613A4BC6-9A1A-49F2-A5C2-ACCB232BFAF0}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{61E9E72C-9BE6-4913-A992-3B1A433A6043}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{61FC2431-95A1-47A9-B479-A12B13F6B97D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe | 
"{62103283-AC1B-4447-9F30-23CCDF9408CB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 3 blood dragon\bin\fc3_blooddragon.exe | 
"{6242E6D5-D2E8-4DF1-AB2B-B3121A6B3760}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe | 
"{6251A152-EE63-4D02-A824-84ACB9BB74C6}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{63693FA5-6FB4-43EB-816E-A984EBEC8FBD}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{641B4E98-0A62-4863-BD7E-C8D8F6C6D05B}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\machine for pigs\aamfp.exe | 
"{651789D6-AB94-465A-B8C0-842A10721437}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe | 
"{658E5C77-E3F8-42DF-AC50-F393557709D1}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{65ECA7DF-3211-4DDC-80A4-C477792D4FA7}" = protocol=6 | dir=in | app=c:\program files\wb games\batman arkham city\binaries\win32\batmanac.exe | 
"{67076B5F-8ECA-4A63-8786-4B44B16BA6F7}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{67A8C4FF-958A-45B6-A858-7097C2AA6205}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{6836FA4E-29C8-441A-AD86-8EBCD4A1C3E5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{68559823-1469-4D0C-9779-3668B1E1FB12}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"{6864F7EF-047B-42E3-AD7B-D60B4F262147}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{6893F978-D7EA-41E3-B00B-1B0F8CFEAAA0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{68CE5FEB-3460-4101-996E-A3EFFAC8334A}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\payday the heist\payday_win32_release.exe | 
"{69EC3056-B61F-492B-B81A-02ABDA08CA4F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\brawlhalla\brawlhalla.exe | 
"{6B701835-7A3F-43B1-90AE-4C719F54C3D7}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{6BA39118-9DB0-4B3C-B9D5-B2CC09F5B57F}" = protocol=6 | dir=in | app=c:\program files\sony mobile\update engine\sony mobile update engine.exe | 
"{6C402E00-A354-4B68-9F9C-5961D26A2BB3}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"{6E7F2ECB-7B4C-431A-9992-3838A2481576}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe | 
"{6F6E0D45-65B2-4260-A78B-B786E91574E0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\super meat boy\supermeatboy.exe | 
"{6FB1576C-6C4D-4D45-970E-82FCF4A10AA0}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe | 
"{6FEF3AEA-1C9C-4A18-B03A-52FE1701F926}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe | 
"{6FF79A16-0562-4EB9-9C16-D5DA923AA161}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe | 
"{704358D9-B137-4BB9-8ED2-C33F2DF9752E}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe | 
"{70497469-7CCF-4CBA-A662-F8524BFBD56E}" = protocol=17 | dir=in | app=c:\udk\once i was blind\binaries\win32\udk.exe | 
"{7195A293-0BA3-4477-9126-0AAD307C7E13}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe | 
"{71E7BD87-1F1C-4355-8E31-950724D834F9}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\3dmark\bin\x64\3dmark.exe | 
"{71F9C8FE-3C6D-4933-8421-46973E5962F3}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe | 
"{72EF100B-65D8-4CAE-900F-ED2ED7F4C2DA}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{734DA84C-2EE1-4358-AF54-EAFA07FD5086}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{73CDACED-D409-4135-A74E-13709BB5DC3E}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{73E63A9B-60CA-4F0D-AD09-FA439E79C1BF}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\binary domain\binarydomainconfiguration.exe | 
"{74A337B9-411B-4D8D-88C4-0DB86FC08671}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{74B6EA0C-7227-4A3D-817C-0D18199F5BA3}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\slender - the arrival\slender - the arrival.exe | 
"{7541ECBD-90AD-4FC3-BFB6-0873102610BE}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{76A38E2E-A705-4DFE-B3CF-04AD40E16B3C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{76EE7765-1D46-4C61-ACC7-73A5610694D1}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\antichamber\binaries\win32\udk.exe | 
"{76F1E2D9-4227-42C0-A09D-191C04418D4E}" = protocol=17 | dir=in | app=e:\oirgin games\fifa 13\game\fifa13.exe | 
"{77AA613F-AA35-4486-A080-4C270CF3576B}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\bioshock\builds\release\bioshock.exe | 
"{77B76FB0-5C91-477A-87A8-C83D654B458C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\iron sky invasion demo\isi_dx11.exe | 
"{78A6541A-A1F1-4F67-AA86-4FF2733D6613}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{78A6D617-F6F2-4A41-B553-B2C4BDEAF4E8}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe | 
"{7A08C71E-675C-4A50-ADB3-553CE320634A}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\tales from space mutant blobs attack\game.exe | 
"{7A3069D1-37A5-4DF2-BC8E-5E5427251BBC}" = protocol=17 | dir=in | app=e:\spiele\origin\fifa world\fifaworld.exe | 
"{7AA1977A-03AC-4969-9F20-FB8902035364}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe | 
"{7AB83781-4773-4FE2-AF23-59DD83D5DC1A}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\velvet assassin\launcher.exe | 
"{7C212A4F-1458-423B-83C4-480587A52170}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\spaceengineers\bin\spaceengineers.exe | 
"{7C2E5737-3E38-4456-839C-C6739B350002}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{7DA0DB3E-67E5-49FC-9669-D33C0C3A064B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{7DDABA4D-6971-4816-8337-BB14D0B33688}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\velvet assassin\launcher.exe | 
"{7DEB7B5F-82AB-437E-BF62-95FD26B1EC7D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\risk of rain\risk of rain.exe | 
"{7E722E00-54D7-46BE-B61D-C7E8C67B9EC0}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr8.exe | 
"{7EBC82DC-06BB-4543-A591-4410AA7D0C43}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\batman arkham origins\online\binaries\win32\batmanoriginsonline.exe | 
"{7EBF70E6-C57C-408E-979B-2331F17343BC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\super meat boy\supermeatboy.exe | 
"{8019E518-D388-4DEC-8515-C7D24071CB9F}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\coj gunslinger\cojgunslinger.exe | 
"{801B1B1B-4E07-46EC-A518-EE6B3B847C85}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\the ship\ship.exe | 
"{801C14D0-61FE-40A1-A00D-400C78E8C8CF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\surgeon simulator 2013\ss2013.exe | 
"{818C18E3-5D36-41AF-ADBC-9EF685363571}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{81CA4832-9A9B-4E9F-8FE0-7B83ADD5FD00}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe | 
"{822C57C8-A54B-4578-9E8C-1E5EB283E422}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe | 
"{826F596A-5849-425F-8BD8-31282A099498}" = protocol=17 | dir=in | app=c:\program files\sony mobile\update engine\sony mobile update engine.exe | 
"{82D4A06B-DE11-468B-B5A2-A94FE74B14C8}" = protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvidia updatus\daemonu.exe | 
"{82EFF0DE-1C40-49F5-8247-D505D538B9F9}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\mountblade warband\mb_warband.exe | 
"{830241BC-1091-4E78-9301-C08B007F2A79}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\sid meier's civilization v\launcher.exe | 
"{835983B7-1563-4949-A599-641CE5F9F2F3}" = protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvidia updatus\daemonu.exe | 
"{835D48CF-5A18-43F6-A998-E671ED80F50F}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\lego marvel super heroes\legomarvel.exe | 
"{835FA063-D5B7-4559-B6BD-6843E9BAB06B}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"{85AAF0D2-B2BA-4C63-AB44-6056AEF3212F}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr_im.exe | 
"{86760600-F8F8-4C75-B65C-0AED00B48903}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\thief\binaries\win32\shipping-thiefgame.exe | 
"{86799A5E-C699-4304-9AE9-DA3CDE34D5A5}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\betrayer\binaries\win32\betrayer.exe | 
"{875499BE-FEA4-4AA6-94D9-D4CFC05B90FD}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\knock-knock\knock.exe | 
"{87EBA924-EFF1-4EEB-B25C-A747D47C5AD0}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{890D1789-1C9A-4991-BF23-FC0DE10E7BAB}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\cry of fear\coflaunchapp.exe | 
"{899EE000-6A0A-4A6B-8DCD-07AEB7E5A0E0}" = protocol=6 | dir=in | app=c:\program files\origin games\fifa 13\game\fifa13.exe | 
"{8A3238DE-BFA3-4757-A835-D25278F58970}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\scribblenauts unmasked\scribble.exe | 
"{8B73AFA9-5F12-471B-B9CC-AB5768C3B5F1}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\tales from space mutant blobs attack\game.exe | 
"{8B94360D-7BFD-4EC9-AA31-D4E905C2605F}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe | 
"{8CAC464B-5CD5-42AF-A3D0-B7A815EC1905}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{8DB697C7-A443-4CFB-8F1C-84B3C421A0D8}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe | 
"{8EA95E77-ACE8-4287-83A0-2CB0ECE1C75F}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\canyon capers\canyoncapers.exe | 
"{8EEF9F5B-4086-4D2E-85FE-1F923248DEB2}" = protocol=17 | dir=in | app=c:\program files\wb games\batman arkham city\binaries\win32\batmanac.exe | 
"{8F13654F-960E-4FBE-84C6-B73044EFD18E}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\crysis\bin32\crysis.exe | 
"{8F652E37-7717-4816-B342-9005DD189E02}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe | 
"{908756FB-A32D-4E39-9F47-17E1BC279792}" = protocol=17 | dir=in | app=c:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | 
"{90A6CBFC-5EAB-4E10-B043-410C4B7E5D6A}" = protocol=17 | dir=in | app=c:\program files\opera next\pluginwrapper\opera_plugin_wrapper.exe | 
"{92743319-EE40-4492-B895-D80438E75029}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe | 
"{928726F3-DD48-479A-B6E9-9348C4CD45C6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\iron sky invasion demo\isi_dx9.exe | 
"{931CE33E-418B-4A18-A91B-F80E1BB91B1C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe | 
"{93A1460C-2E9C-4338-8574-5005F7D4B04D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe | 
"{93DB0B3C-E100-4713-96BF-63EEDC9A11EA}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe | 
"{951B3198-2AEF-452B-95E5-2C54F46DDE1F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\iron sky invasion demo\isi_dx11.exe | 
"{953A3C26-315B-46C8-B719-50C444C2B680}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\the swapper\theswapper.exe | 
"{95559644-F455-4507-8596-61C89C66570F}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\risen 2\system\risen2.exe | 
"{958E6006-BFC5-440F-9B4D-E4D4D189719F}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe | 
"{95B44D03-5925-4143-8060-D80A5565F541}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\total war rome ii\launcher\launcher.exe | 
"{969659B4-C91F-4704-B458-0DC04E5AA5B9}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\hawken\binaries\win32\hawkengame-win32-shipping.exe | 
"{971200E2-82EF-42CD-A95C-711864007D30}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\crysis\bin32\crysis.exe | 
"{975A5574-D828-4822-BB60-FBE1DC1A48C2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{9767C38B-A8A9-4121-A031-F788F48FABEF}" = protocol=6 | dir=in | app=e:\spiele\origin\the sims 2 ultimate collection\fun with pets\sp9\tsbin\sims2ep9.exe | 
"{988E0E15-B4BD-4775-9689-210518FD53F1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\garrysmod\hl2.exe | 
"{995E9C93-719D-48C9-9EFC-7501D6B1BABB}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe | 
"{9A26E38E-43DC-41AA-B469-8C5E74397FC5}" = protocol=6 | dir=in | app=c:\program files\steam\bin\steamwebhelper.exe | 
"{9B8763AA-4C22-487E-AD72-C02306497476}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{9B8EE74D-6D17-40DF-9C12-43C8DF4C750C}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{9DE27963-1FEE-43D2-A55C-A990C8F3F030}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\far cry 3\bin\farcry3.exe | 
"{9E960966-16B6-479B-B677-86FA069B695E}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\anna\anna.exe | 
"{9F61B5B1-3259-4027-A3E9-9799463DAE24}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9FE94874-E6DE-4FC8-BBD3-E1A1FC369FC6}" = dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe | 
"{9FEB169B-8928-4892-B05F-32C45C930529}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe | 
"{A1234788-2F04-42F9-907C-8FA82D1603B0}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe | 
"{A2263FD1-C412-4174-8A43-BAC879679536}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe | 
"{A2CB5D11-E399-47F4-989D-670FC5825B37}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\far cry 3\bin\fc3editor.exe | 
"{A305CC72-1ED5-4327-A2E5-0D7FAFE43C29}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\knock-knock\knock.cfg.exe | 
"{A550D900-C079-4080-B934-3B1493809820}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe | 
"{A6923EA4-23EB-407B-B3FF-2A8FC6331958}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 3 blood dragon\bin\fc3bdupdater.exe | 
"{A80C1A75-876B-48E3-A0BB-C8D75AB16D55}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A88BD3B9-076D-4C91-9E6B-C4EFCD14046C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe | 
"{A8E7848B-C0EA-43ED-BAB2-05D0C0831857}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{A9086F6D-D1AB-48B6-890C-D0E98DEA9510}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\torchlight ii\modlauncher.exe | 
"{A9653010-863D-4D89-AD63-6FA02FF1A858}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe | 
"{A9BDBA5C-D0EC-40E3-8EFC-38628B4ACF57}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{A9D44AB1-77F1-42E2-9263-748D22813A8B}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\total war rome ii\launcher\launcher.exe | 
"{AAE09F80-AC32-45E1-9EB4-733741490D08}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\garrysmod\hl2.exe | 
"{AB0C0F5C-A274-401D-9CFE-1CD77ACE56DE}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\olliolli\bin\olliolli.exe | 
"{AB120366-C46B-4DEA-9E76-0E6035387E0D}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\tomb raider\tombraider.exe | 
"{AB2B17FF-6EBD-4FD5-A8BB-A1DE66DF49E0}" = dir=out | app=c:\windows\system32\svchost.exe | 
"{ABCB38C9-A94E-4EF3-80F3-3AD7BE466F78}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\yet another zombie defense\yetanotherzombiedefense.exe | 
"{AC4F404A-507E-4B95-B6E7-1BC7C7176ACA}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\rbs\really big sky.exe | 
"{ACC6965E-E93F-4867-AEEC-98A889188168}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\home\home-win-eng.exe | 
"{AD4221DB-396A-4C6F-9EB4-3551223954CC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe | 
"{AD6872BE-FF22-4300-BFDE-159314EA8591}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"{AEBFFB72-013F-404C-BD33-EFDFA3D2A8E2}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\payday 2\payday2_win32_release.exe | 
"{AED3630F-4519-42E7-BAE2-B14E465DF322}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{AF2B102F-7B34-4905-8F41-45E495730C70}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\dead island epidemic\dead island epidemic - launcher.exe | 
"{AFB187DD-88A7-40D2-AB65-7BB45E789050}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\deadlight\binaries\win32\lotdgame.exe | 
"{B045A02E-FB38-4975-A18F-3148CF80B602}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{B05DEAA8-1FA8-4789-B1F1-A7903ACF3069}" = protocol=17 | dir=in | app=c:\program files\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe | 
"{B17D46B7-319E-40F8-98A9-FE658CD05E5F}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\diriptide\deadislandgame_x86_rwdi.exe | 
"{B23455C5-3F60-4387-8616-22B10EF69FDA}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\deadlight\binaries\win32\lotdgame.exe | 
"{B23A7210-BAD7-4395-BB82-B48EFAC9AD4C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\3dmark\bin\x86\3dmark.exe | 
"{B248D1B7-C533-4148-90A0-1D2D985C6B3B}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\machine for pigs\aamfp.exe | 
"{B26D9E1C-1251-469B-933A-D213153EA66F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\super meat boy\supermeatboy.exe | 
"{B27A7ED3-3E6C-4CB8-A402-57765A9C0A95}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe | 
"{B2979B74-FC17-4674-80BD-F6C6078DA2C2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{B3C06735-A430-4D25-88BC-9750B95F2A59}" = dir=in | app=c:\program files\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 
"{B597DE30-2FF9-43D6-BF66-34AECF259429}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\far cry 3\bin\farcry3.exe | 
"{B5B93DCA-4CCD-4B2A-9092-E62A3875B655}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B621C992-E687-41EF-8CDD-18749954E865}" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat | 
"{B6615EC0-5431-4C18-9076-4DF4F10EFE26}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr_im.exe | 
"{B6B59349-6679-40C9-982A-8450F1B57D69}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alan wake\alanwake.exe | 
"{B762EE0A-CFEB-487D-84F2-92D645FE3D46}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\3dmark\bin\x86\3dmark.exe | 
"{B8933C27-6431-4B5D-8EC2-E82B1497C8BD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{B9C6417C-A523-4435-87A7-CAE4024643F5}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\3dmark\bin\x64_steam_beta\3dmark.exe | 
"{B9D9271B-7128-4FBB-AFAA-95C1B32825AF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\far cry 3\bin\farcry3.exe | 
"{BB0001D9-835D-4E86-9C19-E2DA440C426C}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\fez\fez.exe | 
"{BBAE3FF4-A27E-4DD1-A443-753D30E468C6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\3dmark\bin\x64_steam_beta\3dmark.exe | 
"{BBBBF30B-4975-4D85-85A6-299D34C310EC}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\killingfloor\system\killingfloor.exe | 
"{BC54D7D9-6376-4D4F-B2A9-A34641D88E0C}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\cry of fear\coflaunchapp.exe | 
"{BD14C0C1-E041-4DDD-9A5A-C79F9EF4D0D8}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\battleblock theater\battleblocktheater.exe | 
"{BDD384E5-D79D-4874-A417-39AE72DEA5AE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{BE037E09-A13B-4C4E-B456-B21D7D774E10}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\uplaybrowser.exe | 
"{BEA5690E-37EF-4DA9-97BC-22405B086237}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe | 
"{BFB85ABC-23D3-4B59-88CC-92DCDE205BF1}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{C099D21D-FDBA-4987-814D-50C90DBC4636}" = dir=in | app=c:\program files\cyberlink\powerdvd10\powerdvd10.exe | 
"{C0E1082E-952A-4F41-B039-A2F4119D7992}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\receiver\receiver.exe | 
"{C0F1A3A6-80CB-48E5-9271-91933AAF519F}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{C1465869-C462-4785-87CB-3DBEF99B8D2C}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\thief\binaries\win32\shipping-thiefgame.exe | 
"{C1AA3DF3-5363-4636-9C06-F64E59313EA8}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\towerofguns\binaries\win32\udk.exe | 
"{C1EB6FD5-D2A4-4BE5-88FE-9C8A3C2EDEF6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\3dmark\bin\x64\3dmark.exe | 
"{C238336E-0492-4AE8-B2F8-3E5691F71754}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\wanderlust rebirth\wanderlust.exe | 
"{C256D08B-F519-4131-A998-1D82D0C7E6A9}" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 3 blood dragon\bin\fc3_blooddragon.exe | 
"{C2A5377C-BC62-4CCC-BDD2-C9441C76D1D8}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\knock-knock\knock.exe | 
"{C2C3186D-83A1-42E6-A493-42FAFA88E233}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\yet another zombie defense\yetanotherzombiedefense.exe | 
"{C357A4A6-4813-4D2F-8764-6AB6716DD646}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C3C1BAA3-EE15-4961-B5BC-8AD8F11BC7B8}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{C514B961-7DFA-4FDB-A526-E76274F6CE3C}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{C58C5BEA-1B9A-4185-9D7B-BB86FC3270BE}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\octodad dadliest catch\octodaddadliestcatch.exe | 
"{C59D21ED-BA69-47FD-9B7B-6113AB05B418}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe | 
"{C6362574-D8D1-4F54-AAFB-98330B1F2E9E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{C697B862-8C3B-49D0-9CF9-80D23244877E}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr.exe | 
"{C74B79F4-1A96-46B1-A274-8348448848EB}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\batman arkham origins blackgate hd\bin\game.exe | 
"{C77D55D4-D34C-4576-BFA2-C9CF0950DDF1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C7B07629-6E26-44F2-B634-2A4966177AD5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\the binding of isaac\isaac.exe | 
"{C7D278E3-EDAA-4AD5-9939-BD7F830C4B14}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe | 
"{C84D2BE3-9CBD-4644-A371-857D2A9BB012}" = dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\digitalwizards.exe | 
"{C89B30C7-4DBA-4793-AEC7-E9D4F706F29A}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{C91215F4-A513-4678-8BD3-4339ABC396BA}" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars empire at war forces of corruption\swfoc.exe | 
"{C943F21E-AFF1-4C2E-AE5B-E638E492E719}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{C9C0E3C1-2A22-4A5E-99D6-A7C758405676}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CB9A4475-C7AD-4FDE-B320-6978D87AD453}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\spaceengineers\bin\spaceengineers.exe | 
"{CBADCD3E-D594-4597-8E25-3D1F97A8F7AA}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{CD95447C-9A41-4B01-A2CB-C9FC76D1BF8C}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr.exe | 
"{CDAA9B88-3F79-438F-9864-793C428D13F0}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\montas\binaries\win32\udk.exe | 
"{CE8A3FC2-EC26-49BB-B092-CC3995AEAE09}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe | 
"{CFAE688A-B199-48E4-B22C-23C1CEE1C174}" = protocol=6 | dir=in | app=c:\udk\once i was blind\binaries\win32\udk.exe | 
"{D09422B6-1F44-4BDE-978C-43B0D2D9E4D3}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe | 
"{D0CBF83D-2DA2-4CD4-AB17-AE82B2EBE77C}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{D0D91079-CEF7-4F3D-A19F-1CA28A663239}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe | 
"{D0E2EA62-EA1C-42AA-B224-73C3AF639B6F}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\sid meier's civilization v\launcher.exe | 
"{D106AF18-3CBE-4264-8B57-F67A452E6CF1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe | 
"{D141A36E-AB6B-40FD-A701-CCA6BAB59F5B}" = protocol=58 | dir=in | app=system | 
"{D15A3D35-4E03-43B9-944A-C91B065B3F66}" = protocol=17 | dir=in | app=c:\udk\memoryleakalpha1\binaries\win32\udk.exe | 
"{D16DD818-2224-425B-9F61-5B8B93A4F1CF}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"{D18C1E6A-FC30-48BE-B0DE-3C24CC657395}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbsp.exe | 
"{D1A0EB01-25C8-4ACE-AF08-C6C0ABF00001}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe | 
"{D1EF4542-6557-4727-AE20-6542A5DF8E38}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\fez\fez.exe | 
"{D23A3A7D-41B0-448D-AFEB-2110AD097864}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe | 
"{D3204804-5B5C-4F26-A2C7-6EE3B124C4A5}" = protocol=6 | dir=in | app=c:\program files\reality pump\two worlds ii\twoworlds2.exe | 
"{D3536C49-D077-487E-BF48-79A5E6040CFB}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\crysis wars\bin32\crysis.exe | 
"{D388E854-316C-41DE-9F9A-3E30485F8E97}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"{D485CB5D-CAA5-4465-B3B8-7EFD8D6ADFC9}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe | 
"{D55761C2-6ED8-49E1-BD2C-AA38C3D47AA5}" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars empire at war\gamedata\sweaw.exe | 
"{D78A15FD-AB44-458D-9ACF-E32DD75F7D1A}" = protocol=6 | dir=in | app=c:\udk\memoryleakalpha1\binaries\win32\udk.exe | 
"{D7EE0196-2702-465D-8D9B-8157AE8B4A94}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\assassin's creed 3\ac3sp.exe | 
"{D86569C2-1C21-4494-8DE7-D59C940D3080}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\you have to win the game\thegame.exe | 
"{D8B296D3-9406-41A7-8042-F09266A47308}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe | 
"{DA6CAF04-53D0-477F-AC09-2A98CBCD9278}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\amnesia the dark descent\launcher.exe | 
"{DAA52395-4B37-4F20-9B81-BD7A52CABBC3}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe | 
"{DACFB65B-405D-4C96-8874-79088880048A}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\vertical drop heroes hd\vertical drop heroes hd.exe | 
"{DC270EC0-694E-40B2-BA3F-1E4B94937EAA}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\starbound\win32\launcher\launcher.exe | 
"{DC4184AD-ECC3-4192-9AFC-D982A4FB6CBC}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{DC96D299-208D-4680-80D5-D0EC0777870A}" = protocol=17 | dir=in | app=c:\program files\wb games\batman arkham city\binaries\win32\batmanac.exe | 
"{DCA0C7E7-165D-498A-9224-2EBCC7F5E204}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sourcesdk\bin\sdklauncher.exe | 
"{DCBF8EE7-644C-446B-9B3C-464CCB58FCBD}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe | 
"{DDA24AD5-6F86-4C4A-9909-34C13FE8C635}" = protocol=17 | dir=in | app=e:\spiele\origin\battlefield 3\bf3.exe | 
"{DDB8D696-DABB-4473-AD60-154848148348}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{DF47E6A7-CB2C-4E67-A011-2C43883408ED}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\payday the heist\payday_win32_release.exe | 
"{DF59C54E-1802-4883-B33C-F88F158FE493}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DFD20C44-8584-44EA-82CD-39EC82E809B7}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\canyon capers\canyoncapers.exe | 
"{E0E419B9-6D95-471A-B272-F23A1CC764A8}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"{E2108407-B638-47E5-9114-F2AA44405A30}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\legend of grimrock\grimrock.exe | 
"{E2841256-D3A7-403F-9387-79F739D14F51}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\thebridge\the bridge.exe | 
"{E2CCE934-030F-484B-8FEA-D53AAA56D359}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\trackmania nations forever\tmforever.exe | 
"{E2E6F4DA-5F9E-4DFE-BF02-7D21D5799B6E}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\octodad dadliest catch\octodaddadliestcatch.exe | 
"{E3426B11-91B5-47D0-B83A-4D50F42FADBA}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\torchlight ii\modlauncher.exe | 
"{E3B7ADF7-766A-4AAF-B640-63B416547E86}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{E4CACA80-159B-4383-92ED-5C502E0A4425}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\trackmania nations forever\tmforever.exe | 
"{E557C9EC-80E3-447B-85B5-C427CA9567D5}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\hawken\binaries\win32\hawkengame-win32-shipping.exe | 
"{E561E119-B766-4D38-8247-86A831A8638F}" = protocol=6 | dir=in | app=c:\program files\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe | 
"{E6A5641C-AE0F-4ED8-BE1D-A9C35B0B1B8A}" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars empire at war forces of corruption\swfoc.exe | 
"{E83E0CDA-2BEF-4A1A-8DAB-4832A667A76B}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\tomb raider\tombraider.exe | 
"{E8CB884A-1122-4CE9-B7C2-7DF5FF46FA39}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{E97807C6-3EF3-4F76-9496-CC2858BD50C1}" = protocol=6 | dir=in | app=c:\program files\ubisoft\die abenteuer von tim und struppi - das geheimnis der einhorn - spieldemo\tintin.exe | 
"{E9B5E6C8-E688-4BBB-93B2-D3F5F53A7210}" = protocol=6 | dir=in | app=e:\spiele\origin\battlefield 3\bf3.exe | 
"{EA12A9B6-07C7-49D4-B845-D5736A574E61}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\montas\binaries\win32\udk.exe | 
"{EC9D9355-3304-422E-9BE4-13325C6AA6E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EDDF2D1F-4551-4C2A-8C8E-EC0EC415BBA3}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe | 
"{EE5DB215-9451-4AC4-B98B-C9196BB02CAF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{EE785215-9026-4A64-A4E0-83A6540DAB65}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\age2hd\launcher.exe | 
"{EF0D9E60-AD62-4500-A1A2-E7403EA35E06}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\eldritch\eldritch.exe | 
"{F1660048-9022-470D-8CDF-07DD66D61742}" = dir=in | app=c:\windows\system32\mpk\mpkview.exe | 
"{F1A660AF-6B67-4D65-A1D1-DB40947CE34F}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\magickawizardwars\wizardwarslauncher.exe | 
"{F2026143-5195-4A0C-9BB9-664A5D5F9267}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe | 
"{F22B57FF-F38D-4BD6-94E6-1D88E11F1B48}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\machine for pigs\launcher.exe | 
"{F268CCDE-6DB8-46FB-B933-79D4A2BEB90A}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\starbound\win32\launcher\launcher.exe | 
"{F2C9F371-EB1D-4930-9C44-E86561328339}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\starbound\win32\launcher\launcher.exe | 
"{F32C562C-D77C-4842-8A89-5A45617B4224}" = protocol=17 | dir=in | app=c:\program files\opera next\opera.exe | 
"{F35ADA29-A4AE-4AB0-9745-07D0BD0D3901}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\binary domain\binarydomain.exe | 
"{F4EE2B2E-EFFF-4621-B365-29A48B72D6E1}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\thebridge\the bridge.exe | 
"{F56EB8EC-9360-48A4-A997-294D74FDC3DD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\warframe\tools\launcher.exe | 
"{F5B12271-AD62-487B-907E-A9F39AB898C0}" = protocol=17 | dir=in | app=c:\users\jul\appdata\roaming\bittorrent\bittorrent.exe | 
"{F6B7F62C-0BF9-43F6-B72B-D2641000F66C}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\passing pineview forest\.autorun\autorun.exe | 
"{F6BA2284-FE31-49CA-ACE5-341A3C2423EA}" = protocol=17 | dir=in | app=c:\program files\reality pump\two worlds ii\twoworlds2.exe | 
"{F77D1F12-7675-4111-AC3B-6F37244CA1B0}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\legend of grimrock\grimrock.exe | 
"{F79FA7ED-CFB8-4480-A08B-AB41E37506A9}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\surgeon simulator 2013\ss2013.exe | 
"{F7C5ED64-B4B0-4385-865B-8FE89A34F287}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{F7ECD01A-6214-4E6C-807E-13AD0CD31DC2}" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat | 
"{F7F3AF26-D0AA-4919-AF06-89150CBF0D9C}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\reus\reus.exe | 
"{F8B7AF1D-24B6-47C6-90D4-2236C9556BEB}" = protocol=17 | dir=in | app=c:\users\jul\appdata\roaming\spotify\spotify.exe | 
"{F8D36872-ECED-428F-9FE1-17AE3DA1FB23}" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 3 blood dragon\bin\fc3bdupdater.exe | 
"{F8E67E4F-326B-4AA6-9104-5D966DD4B834}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe | 
"{F9D58158-C88A-4049-B2CD-4524DD3E0D18}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe | 
"{FB9515E6-BC8F-4566-A98B-0DE689407BDE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe | 
"{FBBF3FFC-E35B-448D-92AA-A704B0491791}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\jazzpunk\windows\jazzpunk.exe | 
"{FC82A9E9-181A-4E7A-99C9-503F09DCB0AD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\iron sky invasion demo\isi_dx9.exe | 
"{FCE453E4-B852-4CC0-904A-358CD3B8EE6E}" = protocol=17 | dir=in | app=c:\program files\steam\bin\steamwebhelper.exe | 
"{FDDD2008-DDD6-4972-93A2-13374CC60B24}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe | 
"{FDFD3805-A7AC-44D0-96F0-0B7500C70CBF}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\olliolli\bin\olliolli.exe | 
"{FE64D880-CC0B-405A-B67D-A0D1649B96D9}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe | 
"{FE94B67C-3ACF-4648-A236-03D2384C565A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{FEA12313-46A6-4B2A-992F-39A885C88C73}" = protocol=6 | dir=in | app=c:\users\jul\appdata\roaming\spotify\spotify.exe | 
"{FED32983-EE9E-4B21-B415-B6299B5C668A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe | 
"{FEDA85AB-C418-4B85-B49A-367AEB650320}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbsp.exe | 
"{FF12E1E0-AA64-4592-8C1E-ACAFB18BD328}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\warlock - master of the arcane\game.exe | 
"{FFB4810E-BC27-4122-8C34-683BEC34F566}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\mountblade warband\mb_warband.exe | 
"{FFC493F3-33A3-4B3D-9D53-263572B252F0}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\batman arkham origins\online\binaries\win32\batmanoriginsonline.exe | 
"{FFD7E0BB-8709-4FB4-80F0-3965B6B5E9AE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sourcesdk\bin\sdklauncher.exe | 
"TCP Query User{088F8897-3A63-4808-9EFD-774087F26D8B}C:\users\jul\appdata\local\apps\2.0\thmvzd2h.blc\2rkj4wtl.3al\laun...app_59711684aa47878d_0001.001e_0f529f5f0ebfb750\launcher.exe" = protocol=6 | dir=in | app=c:\users\jul\appdata\local\apps\2.0\thmvzd2h.blc\2rkj4wtl.3al\laun...app_59711684aa47878d_0001.001e_0f529f5f0ebfb750\launcher.exe | 
"TCP Query User{0DA00527-780F-4A36-9421-725C282DDB7A}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{0EA1D09F-7EC8-4B3C-9325-F84E62969B74}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe | 
"TCP Query User{1A45475F-0534-4387-A2B5-22AE5B06C201}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe | 
"TCP Query User{308ED288-67A9-4423-BD99-95989D97D3C0}C:\program files\activions\call of duty - world at war\codwawmp.exe" = protocol=6 | dir=in | app=c:\program files\activions\call of duty - world at war\codwawmp.exe | 
"TCP Query User{37451B8E-7706-4F5F-9FC7-86274F156996}C:\program files\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe | 
"TCP Query User{402EF5BA-76FE-467A-9245-68B70571D8D6}C:\program files\ubisoft\splinter cell convition\src\system\conviction_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\splinter cell convition\src\system\conviction_game.exe | 
"TCP Query User{5FDCC51F-2FDC-4ABE-BE5B-F56E12E41808}C:\program files\1c company\men of war. assault squad\mow_assault_squad.exe" = protocol=6 | dir=in | app=c:\program files\1c company\men of war. assault squad\mow_assault_squad.exe | 
"TCP Query User{6A685F9F-69C8-4EE9-96F9-B01FBCF95C3D}C:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | 
"TCP Query User{6AA5B64E-8323-418D-8CBE-9B37E30F9D0B}C:\program files\activion\mw2mp\aiw-client\iw4mpold.exe" = protocol=6 | dir=in | app=c:\program files\activion\mw2mp\aiw-client\iw4mpold.exe | 
"TCP Query User{91A04352-6432-42EB-8AC4-61822EA1C837}C:\users\jul\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\jul\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{9A7F8C55-CDCB-4CA9-91B8-50F3E1CD2810}H:\isos\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=h:\isos\call of duty - world at war\codwaw.exe | 
"TCP Query User{A9394FC5-851B-483B-851C-770FFAA419C0}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{AF86A5E2-A49E-49B4-A8F4-FD77C071F8E3}C:\program files\activion\mw2mp\aiw-client\iw4mp.dat" = protocol=6 | dir=in | app=c:\program files\activion\mw2mp\aiw-client\iw4mp.dat | 
"TCP Query User{B1CAA872-7CD2-4C2A-A1B9-00BD042D13F7}C:\program files\activions\call of duty - world at war\codwaw lanfixed.exe" = protocol=6 | dir=in | app=c:\program files\activions\call of duty - world at war\codwaw lanfixed.exe | 
"TCP Query User{B4AD1A2E-29E5-47DB-822D-25254B3B1550}C:\program files\lucasarts\kotf jedi academy expansion pack\gamedata\jamp.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\kotf jedi academy expansion pack\gamedata\jamp.exe | 
"TCP Query User{C0BF2CA3-D8C6-4046-9388-45A3CB7A0C16}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"TCP Query User{D25FE7AA-78F5-4CBA-A08C-F345064F6014}C:\users\jul\appdata\local\apps\2.0\thmvzd2h.blc\2rkj4wtl.3al\laun...app_59711684aa47878d_0001.001b_817f604b896cb110\launcher.exe" = protocol=6 | dir=in | app=c:\users\jul\appdata\local\apps\2.0\thmvzd2h.blc\2rkj4wtl.3al\laun...app_59711684aa47878d_0001.001b_817f604b896cb110\launcher.exe | 
"TCP Query User{EDA9EB38-6326-4095-951C-16453282BBD6}C:\program files\activions\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files\activions\call of duty - world at war\codwaw.exe | 
"TCP Query User{FDEC1BF3-0EF7-47E9-AC63-653F6BD85691}C:\program files\activion\mw2mp\aiw-client\iw4mp.exe" = protocol=6 | dir=in | app=c:\program files\activion\mw2mp\aiw-client\iw4mp.exe | 
"TCP Query User{FE03F61D-18A4-44BF-940F-6749377CD6C3}H:\isos\call of duty - world at war\codwawmp.exe" = protocol=6 | dir=in | app=h:\isos\call of duty - world at war\codwawmp.exe | 
"UDP Query User{016359B7-8882-4248-AA11-3C30EDF87C0E}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"UDP Query User{016550E8-E055-4071-9164-B7380C374226}C:\program files\activion\mw2mp\aiw-client\iw4mp.dat" = protocol=17 | dir=in | app=c:\program files\activion\mw2mp\aiw-client\iw4mp.dat | 
"UDP Query User{4A923C07-0DB9-40D6-AF0A-874B2A1B67DE}C:\users\jul\appdata\local\apps\2.0\thmvzd2h.blc\2rkj4wtl.3al\laun...app_59711684aa47878d_0001.001e_0f529f5f0ebfb750\launcher.exe" = protocol=17 | dir=in | app=c:\users\jul\appdata\local\apps\2.0\thmvzd2h.blc\2rkj4wtl.3al\laun...app_59711684aa47878d_0001.001e_0f529f5f0ebfb750\launcher.exe | 
"UDP Query User{4FEFDDF3-A6E1-4102-A0DC-1EFF60148021}C:\program files\lucasarts\kotf jedi academy expansion pack\gamedata\jamp.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\kotf jedi academy expansion pack\gamedata\jamp.exe | 
"UDP Query User{6630D362-7D36-45DE-AED2-22CC0C4C06B1}C:\program files\activion\mw2mp\aiw-client\iw4mpold.exe" = protocol=17 | dir=in | app=c:\program files\activion\mw2mp\aiw-client\iw4mpold.exe | 
"UDP Query User{74E52C20-C069-44C9-9D9E-64456952D8D2}C:\program files\1c company\men of war. assault squad\mow_assault_squad.exe" = protocol=17 | dir=in | app=c:\program files\1c company\men of war. assault squad\mow_assault_squad.exe | 
"UDP Query User{80160ADC-A9FF-43EE-86B2-A1E51E9C7635}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe | 
"UDP Query User{8122EDBF-FD95-458B-ADB5-1B1DD2F2EE2E}H:\isos\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=h:\isos\call of duty - world at war\codwaw.exe | 
"UDP Query User{83D00639-0B5A-42D6-9CE5-0C5E70281DAF}C:\program files\activions\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files\activions\call of duty - world at war\codwaw.exe | 
"UDP Query User{874454D2-0ADA-4BC5-8669-CBD0C22515D1}C:\program files\activions\call of duty - world at war\codwawmp.exe" = protocol=17 | dir=in | app=c:\program files\activions\call of duty - world at war\codwawmp.exe | 
"UDP Query User{8880397E-F8C1-41FE-8FD9-E548C2DA25FF}C:\program files\activions\call of duty - world at war\codwaw lanfixed.exe" = protocol=17 | dir=in | app=c:\program files\activions\call of duty - world at war\codwaw lanfixed.exe | 
"UDP Query User{8ACE112C-45E9-44D7-B2CA-65DBB6BED0AA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{8B4572DF-B941-45BD-BAD7-C6FAF622983D}C:\users\jul\appdata\local\apps\2.0\thmvzd2h.blc\2rkj4wtl.3al\laun...app_59711684aa47878d_0001.001b_817f604b896cb110\launcher.exe" = protocol=17 | dir=in | app=c:\users\jul\appdata\local\apps\2.0\thmvzd2h.blc\2rkj4wtl.3al\laun...app_59711684aa47878d_0001.001b_817f604b896cb110\launcher.exe | 
"UDP Query User{91CCD8DF-CDED-4E2F-99C8-42209E510A94}C:\program files\activion\mw2mp\aiw-client\iw4mp.exe" = protocol=17 | dir=in | app=c:\program files\activion\mw2mp\aiw-client\iw4mp.exe | 
"UDP Query User{93077A3D-B6A3-4C3F-9280-AD9AB7DA078D}C:\program files\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe | 
"UDP Query User{9795E986-1765-4C46-B8AF-4314A2534019}C:\program files\ubisoft\splinter cell convition\src\system\conviction_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\splinter cell convition\src\system\conviction_game.exe | 
"UDP Query User{A0011943-E6D7-4E9B-BE79-84D5D88ACCD0}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{E0A7E430-640A-4D35-B2F6-80271D463D7C}H:\isos\call of duty - world at war\codwawmp.exe" = protocol=17 | dir=in | app=h:\isos\call of duty - world at war\codwawmp.exe | 
"UDP Query User{E46A53EF-8F04-4C20-814C-9627DD3BCE33}C:\users\jul\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\jul\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{F62EFD24-511D-4BD1-B1F1-94377DB8DA17}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe | 
"UDP Query User{FCA70F75-5DC0-4ED9-B948-D3544CD32FE8}C:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{04450C18-F039-4B81-A621-70C3B0F523D5}" = The Sims 2: Ultimate Collection
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DBF3265-57F1-4D8A-87EA-332B2A669BDE}" = Indiana Jones and the Emperors Tomb
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{130E5108-547F-4482-91EE-F45C784E08C7}" = HP Officejet 6500 E710n-z Hilfe
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{19F81C0C-D0DB-453D-9C1C-AD26C4140E7E}" = Camtasia Studio 8
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}" = Curse
"{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{2551B1D3-30D3-409B-B905-751A70B26C03}" = Tom Clancy's Ghost Recon Advanced Warfighter® 2 DEMO SP
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{2998191E-A35E-47E2-BE38-7702C731D722}" = SRS Premium Sound Control Panel
"{29C042AB-059B-414C-840E-94775E3F24A8}" = Personality Voices
"{2a4e052f-156b-41d3-84c5-1de2d1157670}" = osu!
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars®: Knights of the Old Republic (TM)
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}" = Adobe Photoshop CC
"{2DDC70C1-C77A-4D08-89D2-9AB648504533}" = Easy Content Share
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{37476589-E48E-439E-A706-56189E2ED4C4}_is1" = Red AdBlocker
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}" = NeixtCoupp
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}" = Microsoft Games for Windows - LIVE Redistributable
"{476D78C4-1DB0-2D88-7FCC-AA6559F59A8D}" = Websavee
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E2EA555-3DAE-4BE1-96BF-6A632ACFE8DE}" = LEGO® Batman™ 2: DC Super Heroes
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1" = Craften Terminal 3.5.5
"{51417852-174C-88D4-34A0-D0FE7858BE47}" = JoNiCoUpeoun
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{57520FA0-A73E-4165-BCA2-D71000038301}" = Batman: Arkham City™
"{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5F189DF5-2D05-472B-9091-84D9848AE48B}{5837205}" = Browser faster
"{5F189DF5-2D05-472B-9091-84D9848AE48B}{916e5338}" = Install Supporter 1.80
"{5F189DF5-2D05-472B-9091-84D9848AE48B}{c67abfdb}" = SW-Sustainer 1.80
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{64958DA4-79D3-43FD-AF06-720DAD044F9E}" = LEGO® Pirates of the Caribbean Das Videospiel
"{64A4ABCA-CF3D-C548-2DC4-72A55DC5882A}" = GGoSave
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{653C1B5A-3287-47B1-8613-0745D4E771C4}" = Kaspersky Internet Security
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73FA7631-3015-4EEC-A002-09488C47A07C}" = Media Go Network Downloader
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}" = Sonos Controller
"{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1" = Cinema 4D version R12
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8061C2C9-C2A3-4550-A3FC-585B646840CB}" = Fantasy Voice Pack
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}" = EA Sports™ FIFA World
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E871D09-064D-3BC9-963B-3AB8ABE1273D}" = Microsoft .NET Framework 4.5.1 (DEU)
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A071F478-73E0-4143-AE55-4DD6BABD74F5}" = Far Cry 3 Blood Dragon
"{A25A7B10-75EA-4208-AAF1-0E3841C444F1}" = MorphVOX Pro
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A695893E-A5C7-2E5C-6953-52B0E61E4C1A}" = SavveMAss
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Deutsch
"{AF06B8FA-B916-4001-AE51-6645488DEF09}" = Media Go
"{B0C00181-ECF5-4124-A6DE-14EA663D4799}" = Blue Satin Skin
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{B33EDF25-91DF-40FC-B2F7-FA19E3F0489F}}_is1" = Gunpoint version v1.1
"{B3808FA6-2354-47D2-AC62-ECE7D1952E7E}_is1" = Mafia 2 version 1.0
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = Aufstieg des Hexenkönigs™
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C5A8DF48-580B-44D3-B2B2-E965A9368F28}" = LEGO® Harry Potter™: Die Jahre 1-4
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}" = LEGO® Der Herr der Ringe™
"{c8730ca5-3f82-41cc-65e2-01b87600cd89}" = moters
"{CA1838EF-A497-194E-3850-37A62CEE398B}" = MinimumPrice
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{CF830981-8F31-C561-C7A0-FE2CE1878B40}" = YoutubeAdblocker
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4B85288-879E-4D57-B4CD-9303A75DF301}" = S4 League_EU
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: The Complete Saga
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D6D1DA54-531F-4FA0-B683-CE66ACE3543F}_is1" = Galaxy Client
"{D84F41A8-33E6-402A-8DD6-D2244235BCB8}" = LogMeIn Hamachi
"{D8B5C1BB-5951-422D-A4D5-451675614956}_update2.0.11.0" = Update 2.0.11.0 for "Men of War: Assault Squad"
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}" = Star Wars Republic Commando
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5360B00-4DEF-4F6E-8ED9-B2C31875D813}" = HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile-Gerätecenter: Treiberupdate
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.245
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FC091743-5193-2B65-E49E-E03BC9E8B728}" = Media Go Video Playback Engine 2.12.108.06300
"{FC123EEA-330A-4685-911C-95B8F5E9DE68}" = Thief - Deadly Shadows
"{FE600607-335B-4CC2-A50D-90EECE0356ED}_is1" = Tunngle - Brio HD Skin Version 1.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1207665883_is1" = Aliens vs Predator Classic 2000
"5513-1208-7298-9440" = JDownloader 0.9
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"99C882A44FD971DC797FE21420A3099DECE89966" = Windows-Treiberpaket - Qualcomm

Zubato · 09.02.2015, 18:21

Code:

ATTFilter

"9F26BE7C257739D7488254A1B5CBFE820E44E902" = Windows-Treiberpaket - Qualcomm Atheros Communications Inc. Net  (03/11/2013 10.0.0.234)
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Audacity_is1" = Audacity 2.0.3
"Avidemux 2.6" = Avidemux 2.6 (32-bit)
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"Blender" = Blender
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"Cheat Engine 6.4_is1" = Cheat Engine 6.4
"CinemaP-1.9cV02.02" = CinemaP-1.9cV02.02
"Connectify" = Connectify
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.61.3
"CyberGhost 5_is1" = CyberGhost 5
"DAEMON Tools Lite" = DAEMON Tools Lite
"doubleTwist" = doubleTwist Sync
"Elantech" = ETDWare PS/2-X86 8.0.7.1_WHQL
"Eldritch" = Eldritch
"Fraps" = Fraps (remove only)
"Free YouTube Download_is1" = Free YouTube Download version 3.2.39.604
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.12.2.430
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.430
"Game Cam" = Game Cam 2.2
"GCFScape_is1" = GCFScape 1.3.1
"GFWL_{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"GIMP-2_is1" = GIMP 2.8.4
"Glyph" = Glyph
"InfiniteCrisis_0B203096692B" = InfiniteCrisis_0B203096692B
"InfiniteCrisis_6EDD581C692E" = InfiniteCrisis_6EDD581C692E
"InfiniteCrisis_76B7D2EE4D73" = InfiniteCrisis_76B7D2EE4D73
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{9208F706-6528-4591-A997-F41395FBD8A7}" = Spider-Man(TM) - Web of Shadows 1.1 Patch
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}" = LEGO® Star Wars™: Die Komplette Saga
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}" = Kaspersky Internet Security
"LAME_is1" = LAME v3.99.3 (for Windows)
"LetsTrade" = LetsTrade Komponenten
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.0.4.1028
"ManiaPlanet_is1" = ManiaPlanet
"MassiveThirdAgeTranslator 3.1" = MassiveThirdAgeTranslator 3.1
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"MiKTeX 2.9" = MiKTeX 2.9
"MilkShape 3D 1.8.4" = MilkShape 3D 1.8.4
"Mozilla Firefox 35.0.1 (x86 de)" = Mozilla Firefox 35.0.1 (x86 de)
"Mozilla Thunderbird 31.3.0 (x86 de)" = Mozilla Thunderbird 31.3.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MuseScore" = MuseScore 1.3
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA.Updatus" = NVIDIA Updatus
"Office14.SingleImage" = Microsoft Office Professional 2010
"OpenAL" = OpenAL
"Opera 12.00.1467" = Opera 12.00
"Opera 12.50.1497" = Opera Next 12.50 internal build 1497
"Origin" = Origin
"pepakura_viewer3en" = Pepakura Viewer 3
"PunkBusterSvc" = PunkBuster Services
"Raptr" = Raptr
"Razer Game Booster_is1" = Razer Game Booster
"Razer Surround" = Razer Surround
"Rockstar Games Social Club" = Rockstar Games Social Club
"S-1750791845" = Upd Inst
"S-1824435291" = GS.Enabler
"S-792098896" = SW-Booster
"S-815932687" = WS_Enabler
"SecurityUtility" = SecurityUtility
"SoftwareUpdater" = Software Updater
"SP_ad635a31" = Ss_Helper 1.74
"SP_ecec6af5" = SK.Helper 1.74
"Steam App 105600" = Terraria
"Steam App 108710" = Alan Wake
"Steam App 11020" = TrackMania Nations Forever
"Steam App 113200" = The Binding of Isaac
"Steam App 1250" = Killing Floor
"Steam App 16720" = Velvet Assassin
"Steam App 17300" = Crysis
"Steam App 17340" = Crysis Wars
"Steam App 200510" = XCOM: Enemy Unknown
"Steam App 200710" = Torchlight II
"Steam App 201570" = Really Big Sky
"Steam App 201790" = Orcs Must Die! 2
"Steam App 202090" = Magicka: Wizard Wars
"Steam App 203160" = Tomb Raider
"Steam App 203630" = Warlock - Master of the Arcane
"Steam App 203750" = Binary Domain
"Steam App 204100" = Max Payne 3
"Steam App 204240" = The Bridge
"Steam App 204300" = Awesomenauts
"Steam App 204450" = Call of Juarez Gunslinger
"Steam App 205100" = Dishonored
"Steam App 205730" = Insanely Twisted Shadow Planet
"Steam App 206370" = Tales from Space: Mutant Blobs Attack
"Steam App 207170" = Legend of Grimrock
"Steam App 208480" = Assassin’s Creed® III
"Steam App 209000" = Batman™: Arkham Origins
"Steam App 210770" = Sanctum 2
"Steam App 211" = Source SDK
"Steam App 211400" = Deadlight
"Steam App 211420" = Dark Souls: Prepare to Die Edition
"Steam App 211580" = Wanderlust: Rebirth
"Steam App 211820" = Starbound
"Steam App 214950" = Total War: ROME II - Emperor Edition
"Steam App 215510" = Rocketbirds: Hardboiled Chicken
"Steam App 215670" = Home
"Steam App 216250" = Dead Island Riptide
"Steam App 217690" = Anna - Extended Edition
"Steam App 218620" = PAYDAY 2
"Steam App 219740" = Don't Starve
"Steam App 219890" = Antichamber
"Steam App 220240" = Far Cry® 3
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 222730" = Reus
"Steam App 222900" = Dead Island: Epidemic
"Steam App 223710" = Cry of Fear
"Steam App 224480" = Octodad: Dadliest Catch
"Steam App 224760" = FEZ
"Steam App 230050" = DLC Quest
"Steam App 231160" = The Swapper
"Steam App 233720" = Surgeon Simulator 2013
"Steam App 234190" = Receiver
"Steam App 238460" = BattleBlock Theater
"Steam App 239160" = Thief
"Steam App 239200" = Amnesia: A Machine for Pigs
"Steam App 2400" = The Ship
"Steam App 24240" = PAYDAY: The Heist
"Steam App 243120" = Betrayer
"Steam App 244850" = Space Engineers
"Steam App 245150" = The Novelist
"Steam App 248820" = Risk of Rain
"Steam App 249130" = LEGO MARVEL Super Heroes
"Steam App 249870" = Scribblenauts Unmasked
"Steam App 250260" = Jazzpunk
"Steam App 250380" = Knock-knock
"Steam App 250620" = Among the Sleep
"Steam App 252330" = Slender: The Arrival
"Steam App 252630" = Eldritch
"Steam App 253110" = The Cat Lady
"Steam App 262790" = Our Darker Purpose
"Steam App 266110" = Tower of Guns
"Steam App 267490" = Batman™: Arkham Origins Blackgate - Deluxe Edition
"Steam App 269230" = Aces Wild: Manic Brawling Action!
"Steam App 269350" = Montas
"Steam App 270550" = Yet Another Zombie Defense
"Steam App 271290" = HAWKEN
"Steam App 273350" = Evolve
"Steam App 274250" = OlliOlli
"Steam App 275490" = Canyon Capers
"Steam App 286100" = You Have to Win the Game
"Steam App 291550" = Brawlhalla
"Steam App 311480" = Vertical Drop Heroes HD
"Steam App 319510" = Five Nights at Freddy's
"Steam App 329960" = The Evil Within Demo
"Steam App 331120" = Passing Pineview Forest
"Steam App 4000" = Garry's Mod
"Steam App 40390" = Risen 2 - Dark Waters
"Steam App 40800" = Super Meat Boy
"Steam App 48700" = Mount & Blade: Warband
"Steam App 49520" = Borderlands 2
"Steam App 550" = Left 4 Dead 2
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 620" = Portal 2
"Steam App 63380" = Sniper Elite V2
"Steam App 644" = Portal 2 Publishing Tool
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 7670" = BioShock
"Steam App 8850" = BioShock 2
"Steam App 8870" = BioShock Infinite
"Steam App 8930" = Sid Meier's Civilization V
"streamWriter_is1" = streamWriter
"Synthesia" = Synthesia
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TAP-Windows" = TAP-Windows 9.9.2
"TeamViewer 8" = TeamViewer 8
"TeXnicCenter_is1" = TeXnicCenter Version 1 Beta 7.01 (Greengrass)
"The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version PLus UPDATE 10 1.00" = The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version PLus UPDATE 10 1.00
"The Elder Scrolls V Skyrim Dragonborn DLC Deutsche Version 1.00" = The Elder Scrolls V Skyrim Dragonborn DLC Deutsche Version 1.00
"The Elder Scrolls V Skyrim Update 11 (1.8.151.0.7) Deutsche Version 1.00" = The Elder Scrolls V Skyrim Update 11 (1.8.151.0.7) Deutsche Version 1.00
"The Lord of the Rings - Conquest_is1" = The Lord of the Rings - Conquest
"The Train 1.0" = The Train 1.0
"TmlkaG9nZw==_is1" = Nidhogg
"Tom Clancy's Splinter Cell Conviction_is1" = Tom Clancy's Splinter Cell Conviction v1.04
"TreeSize Free_is1" = TreeSize Free V2.7
"Tunatic" = Tunatic
"Tunngle_is1" = Tunngle Version Tunngle
"Two Worlds II" = Two Worlds II
"UDK-0acfabc9-568c-4a84-999d-e0556bca7d6b" = MemoryLeakAlpha1
"UDK-5f3d63f7-bcb4-41d2-8abc-ca5e433e0d56" = My Game Long Name
"UDK-9f1c6fcf-0541-47e3-bb42-0f85fbc9e43d" = Unreal Development Kit: 2012-10
"UDK-e9df117c-1a25-47d7-83ef-8f8b8dd82c26" = My Game Long Name
"Update Engine" = Sony Mobile Update Engine
"Uplay" = Uplay
"VLC media player" = VLC media player 2.0.7
"VTFEdit_is1" = VTFEdit 1.2.5
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
"Wubi" = Ubuntu
"Xilisoft ISO Maker" = Xilisoft ISO Maker
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2741185204-2122887262-4188245074-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"EA SPORTS Game Face Browser Plugin" = EA SPORTS Game Face Browser Plugin 1.8.0.0
"fiestaonline_de" = Fiesta Online DE
"HappyCloud" = Happy Cloud Client
"SOE Web Installer" = SOE Web Installer
"Spotify" = Spotify
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Third Age - Total War 3.0 (Part 1of2)" = Third Age - Total War 3.0 (Part 1of2)
"Third Age - Total War 3.0 (Part 2of2)" = Third Age - Total War 3.0 (Part 2of2)
"UnityWebPlayer" = Unity Web Player
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2741185204-2122887262-4188245074-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"EA SPORTS Game Face Browser Plugin" = EA SPORTS Game Face Browser Plugin 1.8.0.0
"fiestaonline_de" = Fiesta Online DE
"HappyCloud" = Happy Cloud Client
"SOE Web Installer" = SOE Web Installer
"Spotify" = Spotify
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Third Age - Total War 3.0 (Part 1of2)" = Third Age - Total War 3.0 (Part 1of2)
"Third Age - Total War 3.0 (Part 2of2)" = Third Age - Total War 3.0 (Part 2of2)
"UnityWebPlayer" = Unity Web Player
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2741185204-2122887262-4188245074-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SOE-DC Universe Online Live" = DC Universe Online Live
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.02.2015 12:13:33 | Computer Name = Jul-01 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 0.0.0.0,
 Zeitstempel: 0x54cf0568  Name des fehlerhaften Moduls: Uninstall.exe, Version: 0.0.0.0,
 Zeitstempel: 0x54cf0568  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00003e1f  ID des fehlerhaften
 Prozesses: 0x3044  Startzeit der fehlerhaften Anwendung: 0x01d03f032ea5f11b  Pfad der
 fehlerhaften Anwendung: C:\Program Files\CinemaP-1.9cV02.02\Uninstall.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\CinemaP-1.9cV02.02\Uninstall.exe  Berichtskennung:
 6ebbf38f-aaf6-11e4-937b-e811324622ab
 
Error - 02.02.2015 12:16:38 | Computer Name = Jul-01 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 0.0.0.0,
 Zeitstempel: 0x54cf0568  Name des fehlerhaften Moduls: Uninstall.exe, Version: 0.0.0.0,
 Zeitstempel: 0x54cf0568  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00003e1f  ID des fehlerhaften
 Prozesses: 0x327c  Startzeit der fehlerhaften Anwendung: 0x01d03f039d035bbe  Pfad der
 fehlerhaften Anwendung: C:\Program Files\CinemaP-1.9cV02.02\Uninstall.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\CinemaP-1.9cV02.02\Uninstall.exe  Berichtskennung:
 dd14f151-aaf6-11e4-937b-e811324622ab
 
Error - 02.02.2015 12:20:08 | Computer Name = Jul-01 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Au_.exe, Version: 3.0.0.2, Zeitstempel:
 0x4b1ae3cc  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409,
 Zeitstempel: 0x531599f6  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000086d8  ID des fehlerhaften
 Prozesses: 0x240c  Startzeit der fehlerhaften Anwendung: 0x01d03f03f30c3d1d  Pfad der
 fehlerhaften Anwendung: C:\Users\Jul\AppData\Local\Temp\~nsu.tmp\Au_.exe  Pfad des
 fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 5a4e97c7-aaf7-11e4-937b-e811324622ab
 
Error - 02.02.2015 12:23:52 | Computer Name = Jul-01 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 0.0.0.0,
 Zeitstempel: 0x54cf0568  Name des fehlerhaften Moduls: Uninstall.exe, Version: 0.0.0.0,
 Zeitstempel: 0x54cf0568  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00003e1f  ID des fehlerhaften
 Prozesses: 0x648  Startzeit der fehlerhaften Anwendung: 0x01d03f04a1354ef2  Pfad der
 fehlerhaften Anwendung: C:\Program Files\CinemaP-1.9cV02.02\Uninstall.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\CinemaP-1.9cV02.02\Uninstall.exe  Berichtskennung:
 dffcac6f-aaf7-11e4-937b-e811324622ab
 
Error - 02.02.2015 12:25:33 | Computer Name = Jul-01 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 0.0.0.0,
 Zeitstempel: 0x54cf0568  Name des fehlerhaften Moduls: Uninstall.exe, Version: 0.0.0.0,
 Zeitstempel: 0x54cf0568  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00003e1f  ID des fehlerhaften
 Prozesses: 0x22d4  Startzeit der fehlerhaften Anwendung: 0x01d03f04dda0806b  Pfad der
 fehlerhaften Anwendung: C:\Program Files\CinemaP-1.9cV02.02\Uninstall.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\CinemaP-1.9cV02.02\Uninstall.exe  Berichtskennung:
 1be76167-aaf8-11e4-937b-e811324622ab
 
Error - 02.02.2015 12:29:06 | Computer Name = Jul-01 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 0.0.0.0,
 Zeitstempel: 0x54cf0568  Name des fehlerhaften Moduls: Uninstall.exe, Version: 0.0.0.0,
 Zeitstempel: 0x54cf0568  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00003e1f  ID des fehlerhaften
 Prozesses: 0x3444  Startzeit der fehlerhaften Anwendung: 0x01d03f055c9794d7  Pfad der
 fehlerhaften Anwendung: C:\Program Files\CinemaP-1.9cV02.02\Uninstall.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\CinemaP-1.9cV02.02\Uninstall.exe  Berichtskennung:
 9b223691-aaf8-11e4-937b-e811324622ab
 
Error - 02.02.2015 12:35:04 | Computer Name = Jul-01 | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats
 von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4.crt>.
 Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.  .
 
Error - 02.02.2015 12:35:04 | Computer Name = Jul-01 | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats
 von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4.crt>.
 Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.  .
 
Error - 02.02.2015 12:39:41 | Computer Name = Jul-01 | Source = Application Hang | ID = 1002
Description = Programm otl.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 3de8    Startzeit:
 01d03f06a66d64f6    Endzeit: 5    Anwendungspfad: C:\Users\Jul\Desktop\otl.exe    Berichts-ID:
   
 
Error - 02.02.2015 12:49:01 | Computer Name = Jul-01 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500,
 Zeitstempel: 0x54c1f9f3  Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500,
 Zeitstempel: 0x54c1f224  Ausnahmecode: 0x80000003  Fehleroffset: 0x00001425  ID des fehlerhaften
 Prozesses: 0x1f08  Startzeit der fehlerhaften Anwendung: 0x01d03f07e017df18  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\plugin-container.exe  Pfad
 des fehlerhaften Moduls: C:\Program Files\Mozilla Firefox\mozalloc.dll  Berichtskennung:
 62f93f6c-aafb-11e4-937b-e811324622ab
 
[ Broadcom Wireless LAN Events ]
Error - 10.01.2015 09:17:20 | Computer Name = Jul-01 | Source = WLAN-Tray | ID = 0
Description = 14:17:20, Sat, Jan 10, 15 Error - Unable to gain access to user store

 
Error - 11.01.2015 11:56:05 | Computer Name = Jul-01 | Source = WLAN-Tray | ID = 0
Description = 16:56:05, Sun, Jan 11, 15 Error - Unable to gain access to user store

 
Error - 15.01.2015 10:13:51 | Computer Name = Jul-01 | Source = WLAN-Tray | ID = 0
Description = 15:13:51, Thu, Jan 15, 15 Error - Unable to gain access to user store

 
Error - 17.01.2015 10:18:35 | Computer Name = Jul-01 | Source = WLAN-Tray | ID = 0
Description = 15:18:35, Sat, Jan 17, 15 Error - Unable to gain access to user store

 
Error - 18.01.2015 09:49:11 | Computer Name = Jul-01 | Source = WLAN-Tray | ID = 0
Description = 14:49:11, Sun, Jan 18, 15 Error - Unable to gain access to user store

 
Error - 24.01.2015 07:58:11 | Computer Name = Jul-01 | Source = WLAN-Tray | ID = 0
Description = 12:58:11, Sat, Jan 24, 15 Error - Unable to gain access to user store

 
Error - 25.01.2015 08:55:57 | Computer Name = Jul-01 | Source = WLAN-Tray | ID = 0
Description = 13:55:57, Sun, Jan 25, 15 Error - Unable to gain access to user store

 
Error - 29.01.2015 15:36:58 | Computer Name = Jul-01 | Source = WLAN-Tray | ID = 0
Description = 20:36:58, Thu, Jan 29, 15 Error - Unable to gain access to user store

 
Error - 30.01.2015 09:30:25 | Computer Name = Jul-01 | Source = WLAN-Tray | ID = 0
Description = 14:30:25, Fri, Jan 30, 15 Error - Unable to gain access to user store

 
Error - 02.02.2015 06:50:22 | Computer Name = Jul-01 | Source = WLAN-Tray | ID = 0
Description = 11:50:22, Mon, Feb 02, 15 Error - Unable to gain access to user store

 
[ Media Center Events ]
Error - 12.10.2013 20:02:44 | Computer Name = Jul-01 | Source = MCUpdate | ID = 0
Description = 02:02:38 - Fehler beim Herstellen der Internetverbindung.  02:02:38 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 13.10.2013 06:37:22 | Computer Name = Jul-01 | Source = MCUpdate | ID = 0
Description = 12:37:05 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die 
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
 konnte keine Vertrauensstellung hergestellt werden..)  
 
Error - 16.10.2013 17:35:12 | Computer Name = Jul-01 | Source = MCUpdate | ID = 0
Description = 23:35:12 - Fehler beim Herstellen der Internetverbindung.  23:35:12 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.10.2013 17:35:46 | Computer Name = Jul-01 | Source = MCUpdate | ID = 0
Description = 23:35:41 - Fehler beim Herstellen der Internetverbindung.  23:35:41 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.10.2013 18:36:34 | Computer Name = Jul-01 | Source = MCUpdate | ID = 0
Description = 00:36:34 - Fehler beim Herstellen der Internetverbindung.  00:36:34 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.10.2013 18:37:09 | Computer Name = Jul-01 | Source = MCUpdate | ID = 0
Description = 00:37:03 - Fehler beim Herstellen der Internetverbindung.  00:37:03 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.10.2013 19:37:51 | Computer Name = Jul-01 | Source = MCUpdate | ID = 0
Description = 01:37:51 - Fehler beim Herstellen der Internetverbindung.  01:37:51 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.10.2013 19:38:21 | Computer Name = Jul-01 | Source = MCUpdate | ID = 0
Description = 01:38:20 - Fehler beim Herstellen der Internetverbindung.  01:38:20 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.10.2013 20:39:03 | Computer Name = Jul-01 | Source = MCUpdate | ID = 0
Description = 02:39:03 - Fehler beim Herstellen der Internetverbindung.  02:39:03 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 16.10.2013 20:39:33 | Computer Name = Jul-01 | Source = MCUpdate | ID = 0
Description = 02:39:32 - Fehler beim Herstellen der Internetverbindung.  02:39:32 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 02.02.2015 14:00:21 | Computer Name = Jul-01 | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 02.02.2015 14:02:28 | Computer Name = Jul-01 | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 02.02.2015 14:04:34 | Computer Name = Jul-01 | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 02.02.2015 14:06:36 | Computer Name = Jul-01 | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 02.02.2015 14:08:38 | Computer Name = Jul-01 | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 02.02.2015 14:10:53 | Computer Name = Jul-01 | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 02.02.2015 14:13:16 | Computer Name = Jul-01 | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 02.02.2015 14:15:05 | Computer Name = Jul-01 | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 02.02.2015 14:17:15 | Computer Name = Jul-01 | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 02.02.2015 14:19:19 | Computer Name = Jul-01 | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
 
< End of report >

cosinus · 09.02.2015, 21:38

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Browser faster
Internet Explorer Toolbar 4.6 by SweetPacks
JoNiCoUpeoun
moters
Rocketbirds: Hardboiled Chicken
SW-Booster
WS_Enabler
Yontoo 1.10.02
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Danach:

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Zubato · 10.02.2015, 21:35

Code:

ATTFilter

# AdwCleaner v4.110 - Bericht erstellt 10/02/2015 um 21:09:10
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-05.2 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x86)
# Benutzername : Jul - JUL-01
# Gestarted von : C:\Users\Jul\Desktop\AdwCleaner_4.110.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : ColorMedia

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Device
Ordner Gelöscht : C:\ProgramData\House Of Soft
Ordner Gelöscht : C:\ProgramData\SetApp
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Trusted Publisher
Ordner Gelöscht : C:\ProgramData\DownloadManager
Ordner Gelöscht : C:\ProgramData\SecurityUtility
Ordner Gelöscht : C:\ProgramData\BesttSeaveForrYOu
Ordner Gelöscht : C:\ProgramData\BueesstSaveForYou
Ordner Gelöscht : C:\ProgramData\DownnloAd keePera
Ordner Gelöscht : C:\ProgramData\Downnload keepoeer
Ordner Gelöscht : C:\ProgramData\DownSave
Ordner Gelöscht : C:\ProgramData\GGoSave
Ordner Gelöscht : C:\ProgramData\GreatSave4U
Ordner Gelöscht : C:\ProgramData\JoNiCoUpeoun
Ordner Gelöscht : C:\ProgramData\JoniCouupon
Ordner Gelöscht : C:\ProgramData\NeixtCoupp
Ordner Gelöscht : C:\ProgramData\The AdBlocker
Ordner Gelöscht : C:\ProgramData\UoTubbeNoAdds
Ordner Gelöscht : C:\ProgramData\Websavee
Ordner Gelöscht : C:\ProgramData\weebsAvee
Ordner Gelöscht : C:\ProgramData\YTBloockerApp
Ordner Gelöscht : C:\ProgramData\5b28cf244c4964be
Ordner Gelöscht : C:\ProgramData\6568727811325519038UL
Ordner Gelöscht : C:\Program Files\globalUpdate
Ordner Gelöscht : C:\Program Files\OApps
Ordner Gelöscht : C:\Program Files\Sk.Enhancer
Ordner Gelöscht : C:\Program Files\Booster-Web
Ordner Gelöscht : C:\Program Files\NeixtCoupp
Ordner Gelöscht : C:\Program Files\Websavee
Ordner Gelöscht : C:\Program Files\weebsAvee
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\torch
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\torch
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Gast\AppData\Local\torch
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\torch
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Jul\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Mail.Ru
Ordner Gelöscht : C:\Users\Jul\AppData\Local\MailRu
Ordner Gelöscht : C:\Users\Jul\AppData\Local\torch
Ordner Gelöscht : C:\Users\Jul\AppData\Local\FileViewPro
Ordner Gelöscht : C:\Users\Jul\AppData\LocalLow\Booster-Web
Ordner Gelöscht : C:\Users\Jul\AppData\LocalLow\DownnloAd keePera
Ordner Gelöscht : C:\Users\Jul\AppData\LocalLow\Downnload keepoeer
Ordner Gelöscht : C:\Users\Jul\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Jul\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Jul\AppData\Roaming\Booster-Web
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\torch
Ordner Gelöscht : C:\Users\Stefan\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\ProgramData\dmhgolipefccdonoakkendijofamdnae
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bmhlanjfkgondmacjiblbpfdfcoodilh
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehnhaghcldkafffleemcljghemladjfj
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fbegidfhkbodcbinnolknilbilhjnpfl
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fnbpfkjfmmmohioafnkjeekhefekaadh
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaacabhnljnjkimljhecncgipodpkhbk
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lgjnkbabjbckcmllmkmhdflpaillglea
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mgpabfiaijgjahdfhpmofnpmdcbolmjk
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\Jul\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Ordner Gelöscht : C:\Users\Stefan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mknhkcengbahfkmdighoblmabchefjlg
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\system32\roboot.exe
Datei Gelöscht : C:\Windows\system32\abengine.dll
Datei Gelöscht : C:\Users\Jul\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\Jul\AppData\Roaming\LiveSupport.exe_log.txt
Datei Gelöscht : C:\Users\Jul\AppData\Roaming\regsvr32.exe_log.txt
Datei Gelöscht : C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\b3izpfhg.default\user.js
Datei Gelöscht : C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608\user.js

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : HKCU\Software\MozillaPlugins\pokki.com/PokkiDownloadHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\.
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\..9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P104c6270_1cbc_4b65_8f90_ea6cd02ccda2_.P104c6270_1cbc_4b65_8f90_ea6cd02ccda2_
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P104c6270_1cbc_4b65_8f90_ea6cd02ccda2_.P104c6270_1cbc_4b65_8f90_ea6cd02ccda2_.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CheaopMe.CheaopMe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CheaopMe.CheaopMe.5.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\NextCoup.NextCoup
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\NextCoup.NextCoup.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\JoniCoouppoon.JoniCoouppoon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\JoniCoouppoon.JoniCoouppoon.7.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GraeaaatSave4U.GraeaaatSave4U
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GraeaaatSave4U.GraeaaatSave4U.2.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DownSAve.DownSAve
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DownSAve.DownSAve.5.2
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveMassi.SaveMassi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveMassi.SaveMassi.2.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pb1e87602_fbdc_4bbb_9052_cadc1b5d03ee_.Pb1e87602_fbdc_4bbb_9052_cadc1b5d03ee_
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pb1e87602_fbdc_4bbb_9052_cadc1b5d03ee_.Pb1e87602_fbdc_4bbb_9052_cadc1b5d03ee_.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BestSSaveFoRYou.BestSSaveFoRYou
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BestSSaveFoRYou.BestSSaveFoRYou.2.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GreatSave4U.GreatSave4U
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GreatSave4U.GreatSave4U.2.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CheapME.CheapME
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CheapME.CheapME.5.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\UTuiBeoNNoAoDs.UTuiBeoNNoAoDs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\UTuiBeoNNoAoDs.UTuiBeoNNoAoDs.1.8
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\..10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AdRemoVVErUTubbe.AdRemoVVErUTubbe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AdRemoVVErUTubbe.AdRemoVVErUTubbe.1.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BestSavEForYou.BestSavEForYou
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BestSavEForYou.BestSavEForYou.2.3
Schlüssel Gelöscht : HKCU\Software\f4dadab03bec43
Schlüssel Gelöscht : HKLM\SOFTWARE\f4dadab03bec43
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-161304646
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_ad635a31
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_ecec6af5
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0b9d5c64-bc13-4a4c-a8e3-31a97804cde3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{104c6270-1cbc-4b65-8f90-ea6cd02ccda2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1e3e9624-c991-4665-a716-32a5d08b0715}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5AE3D285-EEE5-F3B5-FB58-049CCC475930}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5F703E27-42DC-7840-7072-C182E97A4645}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6A8117DC-2C0E-646C-DF10-4564E1668817}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6aa8c5bb-e4a3-428e-9de7-ded2ad6a25f1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79904437-C635-6DA9-C2B4-5E56EE47A1C2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85E0AB95-4957-4C0E-D550-B7EC09C4A1F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A92E936C-9720-C091-B018-E13F42FA0317}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{b1e87602-fbdc-4bbb-9052-cadc1b5d03ee}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC85BF72-B913-8BD3-C87E-7A9B286D78F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D78659F3-D594-5857-AD8A-ED78A1031C72}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DEDAD8C3-5BCD-350E-519E-DB373C87440C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E43BC032-489B-C2E2-CE36-E05CF4AF767C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{e7d5e3d4-ee40-4971-8616-73b3db5b867b}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EDADABFE-4DAB-5FAF-5897-CFFCA01F5E22}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{f0ec0293-834d-45e5-ae60-d6b6e7d67070}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F5B6943B-BD1D-BBB7-6089-2E07470A128E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B00FE392-639D-4688-976E-A1BFF368CB96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{104c6270-1cbc-4b65-8f90-ea6cd02ccda2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b1e87602-fbdc-4bbb-9052-cadc1b5d03ee}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0b9d5c64-bc13-4a4c-a8e3-31a97804cde3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{104c6270-1cbc-4b65-8f90-ea6cd02ccda2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AE3D285-EEE5-F3B5-FB58-049CCC475930}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5F703E27-42DC-7840-7072-C182E97A4645}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6A8117DC-2C0E-646C-DF10-4564E1668817}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6aa8c5bb-e4a3-428e-9de7-ded2ad6a25f1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{79904437-C635-6DA9-C2B4-5E56EE47A1C2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A92E936C-9720-C091-B018-E13F42FA0317}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b1e87602-fbdc-4bbb-9052-cadc1b5d03ee}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC85BF72-B913-8BD3-C87E-7A9B286D78F3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D78659F3-D594-5857-AD8A-ED78A1031C72}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E43BC032-489B-C2E2-CE36-E05CF4AF767C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e7d5e3d4-ee40-4971-8616-73b3db5b867b}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EDADABFE-4DAB-5FAF-5897-CFFCA01F5E22}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5B6943B-BD1D-BBB7-6089-2E07470A128E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0b9d5c64-bc13-4a4c-a8e3-31a97804cde3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{104c6270-1cbc-4b65-8f90-ea6cd02ccda2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AE3D285-EEE5-F3B5-FB58-049CCC475930}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5F703E27-42DC-7840-7072-C182E97A4645}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6A8117DC-2C0E-646C-DF10-4564E1668817}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6aa8c5bb-e4a3-428e-9de7-ded2ad6a25f1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{79904437-C635-6DA9-C2B4-5E56EE47A1C2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A92E936C-9720-C091-B018-E13F42FA0317}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b1e87602-fbdc-4bbb-9052-cadc1b5d03ee}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BC85BF72-B913-8BD3-C87E-7A9B286D78F3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D78659F3-D594-5857-AD8A-ED78A1031C72}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E43BC032-489B-C2E2-CE36-E05CF4AF767C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e7d5e3d4-ee40-4971-8616-73b3db5b867b}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EDADABFE-4DAB-5FAF-5897-CFFCA01F5E22}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F5B6943B-BD1D-BBB7-6089-2E07470A128E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0b9d5c64-bc13-4a4c-a8e3-31a97804cde3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{104c6270-1cbc-4b65-8f90-ea6cd02ccda2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1e3e9624-c991-4665-a716-32a5d08b0715}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5AE3D285-EEE5-F3B5-FB58-049CCC475930}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5F703E27-42DC-7840-7072-C182E97A4645}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6A8117DC-2C0E-646C-DF10-4564E1668817}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6aa8c5bb-e4a3-428e-9de7-ded2ad6a25f1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{79904437-C635-6DA9-C2B4-5E56EE47A1C2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{85E0AB95-4957-4C0E-D550-B7EC09C4A1F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A92E936C-9720-C091-B018-E13F42FA0317}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b1e87602-fbdc-4bbb-9052-cadc1b5d03ee}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BC85BF72-B913-8BD3-C87E-7A9B286D78F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D78659F3-D594-5857-AD8A-ED78A1031C72}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DEDAD8C3-5BCD-350E-519E-DB373C87440C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E43BC032-489B-C2E2-CE36-E05CF4AF767C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e7d5e3d4-ee40-4971-8616-73b3db5b867b}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EDADABFE-4DAB-5FAF-5897-CFFCA01F5E22}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f0ec0293-834d-45e5-ae60-d6b6e7d67070}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F5B6943B-BD1D-BBB7-6089-2E07470A128E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\LiveSupport
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\foxydeal
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\foxydeal
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyrixeeker
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\SP Global
Schlüssel Gelöscht : HKLM\SOFTWARE\SProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\Upd Inst
Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia
Schlüssel Gelöscht : HKLM\SOFTWARE\yuna software
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BD55A6D5-24CD-6379-E828-CFEB9F240FE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\calcitapp.info
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\trovi.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\websearch.calcitapp.info
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.trovi.com
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17496

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v35.0.1 (x86 de)


-\\ Google Chrome v


-\\ Chromium v


-\\ Comodo Dragon v


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [44376 Bytes] - [10/02/2015 21:03:51]
AdwCleaner[S0].txt - [43312 Bytes] - [10/02/2015 21:09:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [43372  Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Professional x86
Ran by Jul on 10.02.2015 at 21:22:57,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\messengerplusforskypeservice



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Jul\AppData\Roaming\getrighttogo"



~~~ FireFox

Emptied folder: C:\Users\Jul\AppData\Roaming\mozilla\firefox\profiles\nes3ylsu.default-1422974112608\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.02.2015 at 21:29:25,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-02-2015
Ran by Jul (administrator) on JUL-01 on 10-02-2015 21:30:29
Running from C:\Users\Jul\Desktop\Gegen Ihn
Loaded Profiles: Jul (Available profiles: Jul & Stefan)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Razer Inc.) C:\Program Files\Razer\Razer Game Booster\RzKLService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Spotify Ltd) C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(streamwriter.org) C:\Program Files\streamWriter\streamwriter.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Spotify Ltd) C:\Users\Jul\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9874024 2010-11-16] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1806728 2010-08-30] (ELAN Microelectronics Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1770792 2010-05-20] (Synaptics Incorporated)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [RemoteControl10] => C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM\...\Run: [ChicoSys] => C:\Windows\system32\cc32\webtmr.exe [5992896 2009-07-14] (Salfeld Computer)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [4928512 2010-07-07] (Broadcom Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3813200 2014-01-23] (LogMeIn Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [Raptr] => C:\Program Files\Raptr\raptrstub.exe [55568 2015-01-30] (Raptr, Inc)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [RGSC] => C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [SkypeVoiceChanger] => C:\Program Files\AthTek\Voice Changer for Skype\SkypeVoiceChanger.exe /auto
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [MailRuUpdater] => C:\Users\Jul\AppData\Local\MailRu\MailRuUpdater.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [Spotify Web Helper] => C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-08] (Spotify Ltd)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {054dd5e1-af97-11e3-9437-9b94ad7f775b} - F:\Startme.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {5aa476c5-bd20-11e1-af23-e811324622ab} - F:\Launcher.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {832b2e42-96ac-11e1-a9af-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {9c0303b7-be8b-11e1-8911-e811324622ab} - F:\Launcher.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {b2466843-f486-11e3-a8c2-e811324622ab} - F:\Startme.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {ec4c2c5b-31a1-11e3-a38a-8a2832f57e22} - E:\windows\Data\setup.exe
HKU\S-1-5-18\...\Run: [CCWinTray] => C:\Windows\tray\wintmr.exe [6107072 2009-07-14] (Salfeld Computer)
AppInit_DLLs: c:\windows\system32\nvinit.dll => c:\windows\system32\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs:  c:\windows\system32\nvinit.dll => c:\windows\system32\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinit.dll => C:\Windows\system32\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\streamWriter.lnk
ShortcutTarget: streamWriter.lnk -> C:\Program Files\streamWriter\streamwriter.exe (streamwriter.org)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.mail.ru/?ieverfix=1&fr=ieverfix_sg
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSS&chn=retail&geo=DE&ver=2014&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> {310E121A-788D-4D56-94F0-AFC6468A7852} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> {5BCDEDD9-641B-4373-830C-8F6997D12DBC} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?q={SearchTerms}&ieverfix=1&fr=ieverfix_dse
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Booster-Web helper -> {B5147546-9359-4D9B-8B36-F54C54555799} -> C:\Program Files\Booster-Web\Booster-Web.dll No File
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKU\.DEFAULT -> No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI_v415.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 15 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Hosts: Hosts file not detected in the default directory

FireFox:
========
FF ProfilePath: C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin: @kaspersky.com/online_banking -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin: @kaspersky.com/virtual_keyboard -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files\OnLive\Plugin\npolgdet.dll No File
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Jul\AppData\LocalLow\Sony Online Entertainment\npsoe.dll No File
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: electronicarts.com/GameFacePlugin -> C:\Users\Jul\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Booster Web - C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack [2015-02-05]
FF Extension: Adblock Plus - C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-03]
FF Extension: myCoups - C:\Program Files\Mozilla Firefox\extensions\agjqcacdnhemgjev@hclmgodt.org [2013-01-27]
FF HKLM\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.6.0.73\coFFFw
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions:  - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-02-01]

Chrome: 
=======
CHR Profile: C:\Users\Jul\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S3 Connectify; C:\Program Files\Connectify\ConnectifyService.exe [487936 2013-12-23] (Connectify) [File not signed]
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [107552 2014-06-22] (EasyAntiCheat Ltd)
S3 GalaxyService; C:\Program Files\GalaxyClient\GalaxyService.exe [2191648 2014-09-18] (GOG.com)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1677136 2014-01-23] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-12-13] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [17536800 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2014-12-07] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-09-13] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2012-05-05] () [File not signed]
R2 RzKLService; C:\Program Files\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [3665408 2013-09-18] (A-Volute) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [4261888 2010-07-07] (Broadcom Corporation) [File not signed]
S3 Futuremark SystemInfo Service; "C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe" [X]
S2 SecurityUtility Service; C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe -p "Covus" -c "Covus_Coupons" -s "CCC9" -i "1952011" -g "" [X]
S2 ZAtheros Wlan Agent; C:\Program Files\Atheros\Ath_WlanAgent.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [295432 2010-01-20] (Protect Software GmbH)
S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [143360 2012-07-17] (Windows (R) Win 7 DDK provider)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2910720 2012-05-01] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2012-05-06] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18496 2010-07-07] (Broadcom Corporation)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [29672 2014-01-09] (Connectify)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-05-27] (DT Soft Ltd)
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [100744 2010-08-30] (ELAN Microelectronics Corp.)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135264 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112136 2015-02-02] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [34400 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [644808 2015-02-02] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24672 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145888 2014-03-26] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-05-06] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-10] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [28120 2014-07-02] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [33016 2013-09-18] (Windows (R) Win 7 DDK provider)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [25896 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [23840 2007-08-08] (RapidSolution Software AG)
R3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34384 2009-11-25] (Screaming Bee LLC)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-06-23] (Duplex Secure Ltd.)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-04-07] (Symantec Corporation)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [20664 2012-07-20] (Hajo Krabbenhöft)
S3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x32.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [X]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]
S3 XDva402; \??\C:\Windows\system32\XDva402.sys [X]
S3 XDva404; \??\C:\Windows\system32\XDva404.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 21:29 - 2015-02-10 21:29 - 00001611 _____ () C:\Users\Jul\Desktop\JRT.txt
2015-02-10 21:21 - 2015-02-10 21:22 - 01388274 _____ (Thisisu) C:\Users\Jul\Desktop\JRT.exe
2015-02-10 21:03 - 2015-02-10 21:11 - 00000000 ____D () C:\AdwCleaner
2015-02-10 21:01 - 2015-02-10 21:01 - 02112512 _____ () C:\Users\Jul\Desktop\AdwCleaner_4.110.exe
2015-02-10 20:40 - 2015-02-10 20:40 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\InstallShield
2015-02-10 17:39 - 2015-02-10 17:39 - 00000000 ____D () C:\Users\Jul\Downloads\RevoUninstallerPortable
2015-02-10 17:38 - 2015-02-10 17:39 - 02785665 _____ (PortableApps.com) C:\Users\Jul\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2015-02-10 17:06 - 2015-02-10 17:06 - 00000000 ____D () C:\Users\Jul\AppData\Local\VS Revo Group
2015-02-10 17:03 - 2015-02-10 17:03 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-02-10 17:03 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-02-10 17:01 - 2015-02-10 17:02 - 10801480 _____ (VS Revo Group ) C:\Users\Jul\Downloads\RevoUninProSetup.exe
2015-02-09 16:22 - 2015-02-09 16:22 - 00003288 ____N () C:\bootsqm.dat
2015-02-08 21:55 - 2015-02-09 16:25 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1E6B3B9F.sys
2015-02-08 21:43 - 2015-02-10 21:30 - 00000000 ____D () C:\FRST
2015-02-08 21:40 - 2015-02-10 21:30 - 00000000 ____D () C:\Users\Jul\Desktop\Gegen Ihn
2015-02-08 21:37 - 2015-02-08 21:37 - 00050477 _____ () C:\Users\Jul\Downloads\Defogger(1).exe
2015-02-08 00:12 - 2015-02-08 12:46 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-02-06 22:36 - 2015-02-06 22:36 - 00000578 _____ () C:\Users\Jul\Downloads\defogger_disable.log
2015-02-06 22:36 - 2015-02-06 22:36 - 00000020 _____ () C:\Users\Jul\defogger_reenable
2015-02-05 19:03 - 2015-02-05 19:03 - 00002403 _____ () C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixsta.lnk
2015-02-05 19:02 - 2015-02-05 19:02 - 02756424 _____ (Pokki) C:\Users\Jul\Downloads\PokkiInstaller (2).exe
2015-02-05 19:01 - 2015-02-05 19:01 - 00002276 _____ () C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-05 19:00 - 2015-02-05 19:00 - 00002105 _____ () C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
2015-02-05 18:48 - 2015-02-05 18:48 - 02756424 _____ (Pokki) C:\Users\Jul\Downloads\PokkiInstaller.exe
2015-02-05 18:47 - 2015-02-10 16:42 - 00000000 ____D () C:\Users\Jul\AppData\Local\Pokki
2015-02-05 18:47 - 2015-02-05 18:47 - 00796936 _____ (Pokki) C:\Users\Jul\Downloads\Pokki_PixstaSetup.exe
2015-02-05 17:44 - 2015-02-05 17:44 - 00000000 ____D () C:\Users\Jul\AppData\Local\Steam
2015-02-05 14:09 - 2015-02-05 14:09 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\514D6CB0.sys
2015-02-05 13:12 - 2015-02-10 16:41 - 00005408 _____ () C:\Windows\system32\ColorMedia.ini
2015-02-02 17:48 - 2015-02-10 21:15 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 17:46 - 2015-02-02 17:47 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-02-02 17:46 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-02 17:46 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-02 17:46 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-02 17:18 - 2015-02-02 17:18 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-02-02 15:19 - 2015-02-02 15:19 - 00018475 _____ () C:\Users\Jul\Downloads\saints-row-the-third-wallpaper-1600x900.shtml
2015-02-02 15:13 - 2015-02-10 21:13 - 00001326 _____ () C:\Windows\Tasks\MTSO.job
2015-02-02 15:13 - 2015-02-10 21:13 - 00001324 _____ () C:\Windows\Tasks\NUB.job
2015-02-02 15:10 - 2015-02-02 15:10 - 00000000 ____D () C:\Users\Jul\AppData\Local\Pirates
2015-02-02 15:09 - 2015-02-02 15:09 - 00000000 ____D () C:\Users\Jul\AppData\Local\Sparta
2015-02-01 21:00 - 2015-02-01 21:17 - 35648512 _____ () C:\Users\Jul\Downloads\PhysX-9.12.0613-SystemSoftware.msi
2015-02-01 20:52 - 2015-02-01 20:52 - 00000000 ____D () C:\Users\Jul\AppData\Local\Macromedia
2015-02-01 20:50 - 2015-02-01 20:50 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Sony Network Entertainment International LLC
2015-02-01 20:49 - 2015-02-01 20:49 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-02-01 20:49 - 2015-02-01 20:49 - 00000000 ____D () C:\Program Files\Kaspersky Lab
2015-02-01 20:48 - 2015-02-02 12:37 - 00644808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-02-01 20:48 - 2015-02-02 12:37 - 00112136 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-02-01 20:48 - 2014-04-10 17:25 - 00034400 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-02-01 20:35 - 2015-02-01 20:35 - 00000000 ____D () C:\Users\Jul\AppData\Local\Mozilla
2015-02-01 19:54 - 2015-01-27 17:31 - 00301168 _____ (CartCrunch Israel Ltd.) C:\Windows\system32\ColorMedia.dll
2015-02-01 19:45 - 2015-02-10 21:13 - 00001678 _____ () C:\Windows\Tasks\OZTQSYNJ.job
2015-02-01 19:44 - 2015-02-02 17:19 - 00000000 ____D () C:\Program Files\TabNav
2015-02-01 19:26 - 2015-02-01 19:26 - 00000000 ____D () C:\Windows\81C42533F5A846CE9013ECF783A4CBD4.TMP
2015-01-25 17:12 - 2015-01-25 17:12 - 00002086 _____ () C:\Users\Jul\AppData\Roaming\NUB
2015-01-25 17:12 - 2015-01-25 17:12 - 00001248 _____ () C:\Users\Jul\AppData\Roaming\OZTQSYNJ
2015-01-25 17:12 - 2015-01-25 17:12 - 00001248 _____ () C:\Users\Jul\AppData\Roaming\MTSO
2015-01-24 17:57 - 2015-01-24 17:57 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\LolClient
2015-01-15 15:30 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 15:30 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 15:30 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-15 15:30 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-15 15:30 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-15 15:30 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 22:55 - 2015-01-16 20:42 - 00000000 ____D () C:\Users\Jul\Documents\MuseScore
2015-01-13 22:26 - 2015-01-13 22:26 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\MusE
2015-01-13 22:26 - 2015-01-13 22:26 - 00000000 ____D () C:\Users\Jul\AppData\Local\MusE
2015-01-13 21:29 - 2015-01-13 21:29 - 00000000 ____D () C:\Program Files\MuseScore

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 21:25 - 2014-07-14 12:39 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Spotify
2015-02-10 21:24 - 2012-05-12 00:03 - 00000000 ____D () C:\Users\Jul\AppData\Local\CrashDumps
2015-02-10 21:23 - 2009-07-14 05:34 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-10 21:23 - 2009-07-14 05:34 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-10 21:21 - 2012-05-04 20:23 - 01870704 _____ () C:\Windows\WindowsUpdate.log
2015-02-10 21:19 - 2014-07-14 12:40 - 00000000 ____D () C:\Users\Jul\AppData\Local\Spotify
2015-02-10 21:16 - 2014-10-21 14:02 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Raptr
2015-02-10 21:16 - 2014-09-05 20:57 - 00000000 ____D () C:\Program Files\streamWriter
2015-02-10 21:16 - 2013-12-03 17:25 - 00000000 ____D () C:\Users\Jul\AppData\Local\LogMeIn Hamachi
2015-02-10 21:15 - 2015-01-04 19:13 - 00000013 _____ () C:\NET.INI
2015-02-10 21:13 - 2014-01-23 13:50 - 00000460 ____H () C:\Windows\Tasks\GS.Enabler-S-1824435291.job
2015-02-10 21:13 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-10 21:13 - 2009-07-14 05:39 - 00206461 _____ () C:\Windows\setupact.log
2015-02-10 20:59 - 2012-05-06 00:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-10 20:45 - 2012-05-05 19:56 - 02194334 _____ () C:\Windows\PFRO.log
2015-02-10 20:43 - 2012-05-05 13:34 - 00000000 ____D () C:\Program Files\Steam
2015-02-10 20:14 - 2013-04-15 19:34 - 00002552 _____ () C:\Windows\fpuninstall.log
2015-02-10 20:13 - 2014-11-28 22:29 - 00000000 ____D () C:\UDK
2015-02-10 20:12 - 2012-05-05 13:34 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-02-09 20:46 - 2013-12-18 07:19 - 00000000 ____D () C:\Users\Jul\Documents\Schule
2015-02-09 19:22 - 2012-05-07 16:14 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Skype
2015-02-08 20:17 - 2014-09-05 20:57 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\streamWriter
2015-02-08 20:00 - 2014-10-20 13:30 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Curse Client
2015-02-08 19:37 - 2014-05-23 16:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-02-07 15:39 - 2012-05-05 07:21 - 00000000 ____D () C:\Users\Jul
2015-02-05 13:59 - 2012-05-06 00:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 13:59 - 2012-05-06 00:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 13:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Help
2015-02-03 14:44 - 2014-11-06 19:08 - 00000000 ____D () C:\Users\Jul\Desktop\Spiele
2015-02-02 20:54 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\twain_32
2015-02-02 17:19 - 2013-10-03 19:59 - 00000000 ____D () C:\Program Files\Ss_Helper
2015-02-02 15:13 - 2013-08-23 20:39 - 00000000 ____D () C:\Program Files\Google
2015-02-02 15:10 - 2012-09-15 07:11 - 00000000 ____D () C:\Users\Jul\AppData\Local\Google
2015-02-01 20:35 - 2012-10-23 17:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-01 19:26 - 2012-06-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-02-01 19:26 - 2012-05-11 23:44 - 00000000 ____D () C:\Users\Jul\Documents\My Games
2015-02-01 19:26 - 2012-05-05 20:19 - 00307239 _____ () C:\Windows\DirectX.log
2015-02-01 16:11 - 2013-05-24 17:58 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\TS3Client
2015-01-31 15:42 - 2014-05-23 16:22 - 00000000 ____D () C:\Users\Jul\AppData\Local\Thunderbird
2015-01-31 13:45 - 2014-10-21 14:02 - 00000000 ____D () C:\Program Files\Raptr
2015-01-30 21:25 - 2014-07-27 22:39 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Bioshock
2015-01-30 16:11 - 2012-05-05 07:26 - 01651678 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-29 20:35 - 2009-07-14 05:33 - 03942608 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-27 19:19 - 2012-05-05 11:54 - 00153840 _____ () C:\Users\Jul\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-25 15:40 - 2013-05-15 18:24 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Synthesia
2015-01-24 13:21 - 2012-05-05 13:26 - 00566200 _____ () C:\Windows\DPINST.LOG
2015-01-24 13:20 - 2012-05-05 11:52 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-16 03:11 - 2013-07-18 11:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 03:02 - 2012-05-06 08:03 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 16:52 - 2014-10-26 18:32 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Adobe
2015-01-13 16:52 - 2012-12-20 15:22 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-13 06:36 - 2014-12-17 07:31 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2015-01-12 22:36 - 2014-11-22 16:00 - 00000000 ____D () C:\Users\Jul\AppData\Local\Adobe

==================== Files in the root of some directories =======

2014-10-26 21:15 - 2014-12-31 23:34 - 0000132 _____ () C:\Users\Jul\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-12-20 23:09 - 2013-12-20 21:23 - 0012005 _____ () C:\Users\Jul\AppData\Roaming\alsoft.ini
2013-02-23 19:43 - 2013-02-23 19:43 - 0000121 _____ () C:\Users\Jul\AppData\Roaming\D2Info0
2013-02-23 19:43 - 2013-02-23 20:09 - 0000008 _____ () C:\Users\Jul\AppData\Roaming\DofusAppId0_2
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Jul\AppData\Roaming\MTSO
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Jul\AppData\Roaming\NUB
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Jul\AppData\Roaming\OZTQSYNJ
2012-07-30 07:25 - 2014-05-30 19:59 - 0138056 _____ () C:\Users\Jul\AppData\Roaming\PnkBstrK.sys
2012-06-09 13:15 - 2012-06-09 13:15 - 0000004 _____ () C:\Users\Jul\AppData\Roaming\steam_md5.dat
2013-01-23 15:51 - 2013-01-23 15:51 - 0703104 _____ () C:\Users\Jul\AppData\Roaming\technic-launcher.jar
2012-07-05 23:36 - 2014-06-22 15:20 - 0006144 _____ () C:\Users\Jul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-15 21:20 - 2013-02-15 21:20 - 1065984 _____ () C:\Users\Jul\AppData\Local\file__0.localstorage
2012-12-22 00:19 - 2012-12-22 00:19 - 0000091 _____ () C:\Users\Jul\AppData\Local\fusioncache.dat
2012-12-17 05:06 - 2012-12-17 05:06 - 0000337 _____ () C:\Users\Jul\AppData\Local\Perfmon.PerfmonCfg
2014-12-06 17:15 - 2014-12-06 17:15 - 0001590 _____ () C:\Users\Jul\AppData\Local\recently-used.xbel
2012-05-26 12:10 - 2013-05-26 14:20 - 0007601 _____ () C:\Users\Jul\AppData\Local\Resmon.ResmonCfg
2013-09-01 12:24 - 2013-09-13 16:03 - 1341859 ____N () C:\Users\Jul\AppData\Local\Tempmusic.ogg
2013-02-04 14:05 - 2013-02-04 14:05 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-04-07 13:15 - 2013-04-07 13:15 - 0272292 _____ () C:\ProgramData\firstlsp.reg.dat
2013-09-29 17:07 - 2013-07-31 17:07 - 0000032 ____R () C:\ProgramData\hash.dat
2012-05-05 19:41 - 2012-05-05 19:41 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-05 19:36 - 2012-05-05 19:36 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-05-05 19:38 - 2012-05-05 19:39 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-05 19:36 - 2012-05-05 19:38 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-05-05 19:39 - 2012-05-05 19:41 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Files to move or delete:
====================
C:\Users\Jul\InstallHiRezGamesEnglish.exe
C:\Users\Jul\libgtk-win32-2.0-0.dll
C:\Users\Jul\TechnicLauncher.exe


Some content of TEMP:
====================
C:\Users\Jul\AppData\Local\Temp\1_Offer_7.exe
C:\Users\Jul\AppData\Local\Temp\7z.dll
C:\Users\Jul\AppData\Local\Temp\7z.exe
C:\Users\Jul\AppData\Local\Temp\AdobeAIRInstaller.exe
C:\Users\Jul\AppData\Local\Temp\app.exe
C:\Users\Jul\AppData\Local\Temp\AutoRun.exe
C:\Users\Jul\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Jul\AppData\Local\Temp\BASSMOD.dll
C:\Users\Jul\AppData\Local\Temp\bdfilters.dll
C:\Users\Jul\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Jul\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Jul\AppData\Local\Temp\cbcabfbbbbd.exe
C:\Users\Jul\AppData\Local\Temp\ccittfax3.exe
C:\Users\Jul\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Jul\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Jul\AppData\Local\Temp\down.2900.OptimizerProInstaller.exe
C:\Users\Jul\AppData\Local\Temp\drm_dyndata_7350008.dll
C:\Users\Jul\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Jul\AppData\Local\Temp\dtkill.exe
C:\Users\Jul\AppData\Local\Temp\EAInstall.dll
C:\Users\Jul\AppData\Local\Temp\eauninstall.exe
C:\Users\Jul\AppData\Local\Temp\Executor.exe
C:\Users\Jul\AppData\Local\Temp\farcry3_1.02.exe
C:\Users\Jul\AppData\Local\Temp\fbt0gci4.dll
C:\Users\Jul\AppData\Local\Temp\FH311E.tmp.exe
C:\Users\Jul\AppData\Local\Temp\FH6D91.tmp.exe
C:\Users\Jul\AppData\Local\Temp\FHB8D3.tmp.exe
C:\Users\Jul\AppData\Local\Temp\ForteDependencies.exe
C:\Users\Jul\AppData\Local\Temp\GameuxInstallHelper.dll
C:\Users\Jul\AppData\Local\Temp\GLF7641.tmp.dll
C:\Users\Jul\AppData\Local\Temp\GLFB9A8.tmp.dll
C:\Users\Jul\AppData\Local\Temp\GLFD781.tmp.dll
C:\Users\Jul\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jul\AppData\Local\Temp\install.exe
C:\Users\Jul\AppData\Local\Temp\InstallerBT.exe
C:\Users\Jul\AppData\Local\Temp\instloffer.exe
C:\Users\Jul\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Jul\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Jul\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\Jul\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Jul\AppData\Local\Temp\LiveSupport_update.exe
C:\Users\Jul\AppData\Local\Temp\MouseKeyboardCenterx86_1031.exe
C:\Users\Jul\AppData\Local\Temp\mpegc.dll
C:\Users\Jul\AppData\Local\Temp\mpegm.dll
C:\Users\Jul\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\Jul\AppData\Local\Temp\Nexus%20Mod%20Manager-0.44.1.exe
C:\Users\Jul\AppData\Local\Temp\Nexus%20Mod%20Manager-0.44.2.exe
C:\Users\Jul\AppData\Local\Temp\NGMDll.dll
C:\Users\Jul\AppData\Local\Temp\NGMResource.dll
C:\Users\Jul\AppData\Local\Temp\nsuF2A0.exe
C:\Users\Jul\AppData\Local\Temp\p200.exe
C:\Users\Jul\AppData\Local\Temp\printpdfsetup.exe
C:\Users\Jul\AppData\Local\Temp\pyl2BB3.tmp.exe
C:\Users\Jul\AppData\Local\Temp\pyl85B.tmp.exe
C:\Users\Jul\AppData\Local\Temp\pylB396.tmp.exe
C:\Users\Jul\AppData\Local\Temp\pylC10F.tmp.exe
C:\Users\Jul\AppData\Local\Temp\pylEDAB.tmp.exe
C:\Users\Jul\AppData\Local\Temp\Quarantine.exe
C:\Users\Jul\AppData\Local\Temp\rnbssv.exe
C:\Users\Jul\AppData\Local\Temp\runprog.exe
C:\Users\Jul\AppData\Local\Temp\SetupO.exe
C:\Users\Jul\AppData\Local\Temp\sgtvim.exe
C:\Users\Jul\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Jul\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jul\AppData\Local\Temp\SpOrder.dll
C:\Users\Jul\AppData\Local\Temp\sqlite3.dll
C:\Users\Jul\AppData\Local\Temp\Stp7937_TMP.EXE
C:\Users\Jul\AppData\Local\Temp\StpCE58_TMP.EXE
C:\Users\Jul\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Jul\AppData\Local\Temp\The Lord of the Rings, The Rise of the Witch-king_uninst.exe
C:\Users\Jul\AppData\Local\Temp\tmd_34014327.exe
C:\Users\Jul\AppData\Local\Temp\tnvhwn.exe
C:\Users\Jul\AppData\Local\Temp\Tsu47F522EB.dll
C:\Users\Jul\AppData\Local\Temp\TsuD589FF05.dll
C:\Users\Jul\AppData\Local\Temp\TW_autoskip.exe
C:\Users\Jul\AppData\Local\Temp\ubi9C8D.tmp.exe
C:\Users\Jul\AppData\Local\Temp\ubiE024.tmp.exe
C:\Users\Jul\AppData\Local\Temp\unicows.dll
C:\Users\Jul\AppData\Local\Temp\uninst1.exe
C:\Users\Jul\AppData\Local\Temp\Uninstaller-704.exe
C:\Users\Jul\AppData\Local\Temp\Uninstaller-8220.exe
C:\Users\Jul\AppData\Local\Temp\Uninstall_2.exe
C:\Users\Jul\AppData\Local\Temp\uttA8BA.tmp.exe
C:\Users\Jul\AppData\Local\Temp\vcredist_x86-2010.exe
C:\Users\Jul\AppData\Local\Temp\vcredist_x86-2012.exe
C:\Users\Jul\AppData\Local\Temp\VirtualRouterPlusSetup.exe
C:\Users\Jul\AppData\Local\Temp\wmfdist.exe
C:\Users\Jul\AppData\Local\Temp\wvc1dmo.exe
C:\Users\Jul\AppData\Local\Temp\xuninst.exe
C:\Users\Jul\AppData\Local\Temp\_is13B5.exe
C:\Users\Jul\AppData\Local\Temp\_is14B2.exe
C:\Users\Jul\AppData\Local\Temp\_is153A.exe
C:\Users\Jul\AppData\Local\Temp\_is15FF.exe
C:\Users\Jul\AppData\Local\Temp\_is16F9.exe
C:\Users\Jul\AppData\Local\Temp\_is17B7.exe
C:\Users\Jul\AppData\Local\Temp\_is1F6F.exe
C:\Users\Jul\AppData\Local\Temp\_is229E.exe
C:\Users\Jul\AppData\Local\Temp\_is3E20.exe
C:\Users\Jul\AppData\Local\Temp\_is44D4.exe
C:\Users\Jul\AppData\Local\Temp\_is5290.exe
C:\Users\Jul\AppData\Local\Temp\_is56BD.exe
C:\Users\Jul\AppData\Local\Temp\_is5864.exe
C:\Users\Jul\AppData\Local\Temp\_is5BEC.exe
C:\Users\Jul\AppData\Local\Temp\_is84AF.exe
C:\Users\Jul\AppData\Local\Temp\_is8828.exe
C:\Users\Jul\AppData\Local\Temp\_is892A.exe
C:\Users\Jul\AppData\Local\Temp\_is9D6E.exe
C:\Users\Jul\AppData\Local\Temp\_isA2C3.exe
C:\Users\Jul\AppData\Local\Temp\_isA3ED.exe
C:\Users\Jul\AppData\Local\Temp\_isA72E.exe
C:\Users\Jul\AppData\Local\Temp\_isC002.exe
C:\Users\Jul\AppData\Local\Temp\_isC9E7.exe
C:\Users\Jul\AppData\Local\Temp\_isCEA5.exe
C:\Users\Jul\AppData\Local\Temp\_isD647.exe
C:\Users\Jul\AppData\Local\Temp\_isDE89.exe
C:\Users\Jul\AppData\Local\Temp\_isE53E.exe
C:\Users\Jul\AppData\Local\Temp\_isF100.exe
C:\Users\Jul\AppData\Local\Temp\_isFAD2.exe
C:\Users\Stefan\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Stefan\AppData\Local\Temp\drm_dyndata_7400006.dll
C:\Users\Stefan\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Stefan\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Stefan\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 00:17

==================== End Of Log ============================

--- --- ---

--- --- ---

Zubato · 10.02.2015, 21:36

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-02-2015
Ran by Jul at 2015-02-08 21:49:29
Running from C:\Users\Jul\Desktop\Gegen Ihn
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aces Wild: Manic Brawling Action! (HKLM\...\Steam App 269230) (Version:  - Culture Attack Studio)
Active@ ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alan Wake (HKLM\...\Steam App 108710) (Version:  - Remedy Entertainment)
Aliens vs Predator Classic 2000 (HKLM\...\1207665883_is1) (Version: 2.0.0.22 - GOG.com)
Amnesia: A Machine for Pigs (HKLM\...\Ste
FRST Logfile:

	Code: 

 ATTFilter

  
	Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-02-2015
Ran by Jul (administrator) on JUL-01 on 10-02-2015 21:30:29
Running from C:\Users\Jul\Desktop\Gegen Ihn
Loaded Profiles: Jul (Available profiles: Jul & Stefan)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Razer Inc.) C:\Program Files\Razer\Razer Game Booster\RzKLService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Spotify Ltd) C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(streamwriter.org) C:\Program Files\streamWriter\streamwriter.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Spotify Ltd) C:\Users\Jul\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9874024 2010-11-16] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1806728 2010-08-30] (ELAN Microelectronics Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1770792 2010-05-20] (Synaptics Incorporated)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [RemoteControl10] => C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM\...\Run: [ChicoSys] => C:\Windows\system32\cc32\webtmr.exe [5992896 2009-07-14] (Salfeld Computer)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [4928512 2010-07-07] (Broadcom Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3813200 2014-01-23] (LogMeIn Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [Raptr] => C:\Program Files\Raptr\raptrstub.exe [55568 2015-01-30] (Raptr, Inc)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [RGSC] => C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [SkypeVoiceChanger] => C:\Program Files\AthTek\Voice Changer for Skype\SkypeVoiceChanger.exe /auto
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [MailRuUpdater] => C:\Users\Jul\AppData\Local\MailRu\MailRuUpdater.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [Spotify Web Helper] => C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-08] (Spotify Ltd)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {054dd5e1-af97-11e3-9437-9b94ad7f775b} - F:\Startme.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {5aa476c5-bd20-11e1-af23-e811324622ab} - F:\Launcher.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {832b2e42-96ac-11e1-a9af-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {9c0303b7-be8b-11e1-8911-e811324622ab} - F:\Launcher.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {b2466843-f486-11e3-a8c2-e811324622ab} - F:\Startme.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {ec4c2c5b-31a1-11e3-a38a-8a2832f57e22} - E:\windows\Data\setup.exe
HKU\S-1-5-18\...\Run: [CCWinTray] => C:\Windows\tray\wintmr.exe [6107072 2009-07-14] (Salfeld Computer)
AppInit_DLLs: c:\windows\system32\nvinit.dll => c:\windows\system32\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs:  c:\windows\system32\nvinit.dll => c:\windows\system32\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinit.dll => C:\Windows\system32\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\streamWriter.lnk
ShortcutTarget: streamWriter.lnk -> C:\Program Files\streamWriter\streamwriter.exe (streamwriter.org)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.mail.ru/?ieverfix=1&fr=ieverfix_sg
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSS&chn=retail&geo=DE&ver=2014&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> {310E121A-788D-4D56-94F0-AFC6468A7852} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> {5BCDEDD9-641B-4373-830C-8F6997D12DBC} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?q={SearchTerms}&ieverfix=1&fr=ieverfix_dse
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Booster-Web helper -> {B5147546-9359-4D9B-8B36-F54C54555799} -> C:\Program Files\Booster-Web\Booster-Web.dll No File
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKU\.DEFAULT -> No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI_v415.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 15 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Hosts: Hosts file not detected in the default directory

FireFox:
========
FF ProfilePath: C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin: @kaspersky.com/online_banking -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin: @kaspersky.com/virtual_keyboard -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files\OnLive\Plugin\npolgdet.dll No File
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Jul\AppData\LocalLow\Sony Online Entertainment\npsoe.dll No File
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: electronicarts.com/GameFacePlugin -> C:\Users\Jul\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Booster Web - C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack [2015-02-05]
FF Extension: Adblock Plus - C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-03]
FF Extension: myCoups - C:\Program Files\Mozilla Firefox\extensions\agjqcacdnhemgjev@hclmgodt.org [2013-01-27]
FF HKLM\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.6.0.73\coFFFw
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions:  - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-02-01]

Chrome: 
=======
CHR Profile: C:\Users\Jul\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S3 Connectify; C:\Program Files\Connectify\ConnectifyService.exe [487936 2013-12-23] (Connectify) [File not signed]
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [107552 2014-06-22] (EasyAntiCheat Ltd)
S3 GalaxyService; C:\Program Files\GalaxyClient\GalaxyService.exe [2191648 2014-09-18] (GOG.com)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1677136 2014-01-23] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-12-13] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [17536800 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2014-12-07] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-09-13] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2012-05-05] () [File not signed]
R2 RzKLService; C:\Program Files\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [3665408 2013-09-18] (A-Volute) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [4261888 2010-07-07] (Broadcom Corporation) [File not signed]
S3 Futuremark SystemInfo Service; "C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe" [X]
S2 SecurityUtility Service; C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe -p "Covus" -c "Covus_Coupons" -s "CCC9" -i "1952011" -g "" [X]
S2 ZAtheros Wlan Agent; C:\Program Files\Atheros\Ath_WlanAgent.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [295432 2010-01-20] (Protect Software GmbH)
S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [143360 2012-07-17] (Windows (R) Win 7 DDK provider)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2910720 2012-05-01] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2012-05-06] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18496 2010-07-07] (Broadcom Corporation)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [29672 2014-01-09] (Connectify)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-05-27] (DT Soft Ltd)
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [100744 2010-08-30] (ELAN Microelectronics Corp.)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135264 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112136 2015-02-02] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [34400 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [644808 2015-02-02] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24672 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145888 2014-03-26] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-05-06] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-10] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [28120 2014-07-02] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [33016 2013-09-18] (Windows (R) Win 7 DDK provider)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [25896 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [23840 2007-08-08] (RapidSolution Software AG)
R3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34384 2009-11-25] (Screaming Bee LLC)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-06-23] (Duplex Secure Ltd.)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-04-07] (Symantec Corporation)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [20664 2012-07-20] (Hajo Krabbenhöft)
S3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x32.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [X]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]
S3 XDva402; \??\C:\Windows\system32\XDva402.sys [X]
S3 XDva404; \??\C:\Windows\system32\XDva404.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 21:29 - 2015-02-10 21:29 - 00001611 _____ () C:\Users\Jul\Desktop\JRT.txt
2015-02-10 21:21 - 2015-02-10 21:22 - 01388274 _____ (Thisisu) C:\Users\Jul\Desktop\JRT.exe
2015-02-10 21:03 - 2015-02-10 21:11 - 00000000 ____D () C:\AdwCleaner
2015-02-10 21:01 - 2015-02-10 21:01 - 02112512 _____ () C:\Users\Jul\Desktop\AdwCleaner_4.110.exe
2015-02-10 20:40 - 2015-02-10 20:40 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\InstallShield
2015-02-10 17:39 - 2015-02-10 17:39 - 00000000 ____D () C:\Users\Jul\Downloads\RevoUninstallerPortable
2015-02-10 17:38 - 2015-02-10 17:39 - 02785665 _____ (PortableApps.com) C:\Users\Jul\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2015-02-10 17:06 - 2015-02-10 17:06 - 00000000 ____D () C:\Users\Jul\AppData\Local\VS Revo Group
2015-02-10 17:03 - 2015-02-10 17:03 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-02-10 17:03 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-02-10 17:01 - 2015-02-10 17:02 - 10801480 _____ (VS Revo Group ) C:\Users\Jul\Downloads\RevoUninProSetup.exe
2015-02-09 16:22 - 2015-02-09 16:22 - 00003288 ____N () C:\bootsqm.dat
2015-02-08 21:55 - 2015-02-09 16:25 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1E6B3B9F.sys
2015-02-08 21:43 - 2015-02-10 21:30 - 00000000 ____D () C:\FRST
2015-02-08 21:40 - 2015-02-10 21:30 - 00000000 ____D () C:\Users\Jul\Desktop\Gegen Ihn
2015-02-08 21:37 - 2015-02-08 21:37 - 00050477 _____ () C:\Users\Jul\Downloads\Defogger(1).exe
2015-02-08 00:12 - 2015-02-08 12:46 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-02-06 22:36 - 2015-02-06 22:36 - 00000578 _____ () C:\Users\Jul\Downloads\defogger_disable.log
2015-02-06 22:36 - 2015-02-06 22:36 - 00000020 _____ () C:\Users\Jul\defogger_reenable
2015-02-05 19:03 - 2015-02-05 19:03 - 00002403 _____ () C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixsta.lnk
2015-02-05 19:02 - 2015-02-05 19:02 - 02756424 _____ (Pokki) C:\Users\Jul\Downloads\PokkiInstaller (2).exe
2015-02-05 19:01 - 2015-02-05 19:01 - 00002276 _____ () C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-05 19:00 - 2015-02-05 19:00 - 00002105 _____ () C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
2015-02-05 18:48 - 2015-02-05 18:48 - 02756424 _____ (Pokki) C:\Users\Jul\Downloads\PokkiInstaller.exe
2015-02-05 18:47 - 2015-02-10 16:42 - 00000000 ____D () C:\Users\Jul\AppData\Local\Pokki
2015-02-05 18:47 - 2015-02-05 18:47 - 00796936 _____ (Pokki) C:\Users\Jul\Downloads\Pokki_PixstaSetup.exe
2015-02-05 17:44 - 2015-02-05 17:44 - 00000000 ____D () C:\Users\Jul\AppData\Local\Steam
2015-02-05 14:09 - 2015-02-05 14:09 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\514D6CB0.sys
2015-02-05 13:12 - 2015-02-10 16:41 - 00005408 _____ () C:\Windows\system32\ColorMedia.ini
2015-02-02 17:48 - 2015-02-10 21:15 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 17:46 - 2015-02-02 17:47 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-02-02 17:46 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-02 17:46 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-02 17:46 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-02 17:18 - 2015-02-02 17:18 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-02-02 15:19 - 2015-02-02 15:19 - 00018475 _____ () C:\Users\Jul\Downloads\saints-row-the-third-wallpaper-1600x900.shtml
2015-02-02 15:13 - 2015-02-10 21:13 - 00001326 _____ () C:\Windows\Tasks\MTSO.job
2015-02-02 15:13 - 2015-02-10 21:13 - 00001324 _____ () C:\Windows\Tasks\NUB.job
2015-02-02 15:10 - 2015-02-02 15:10 - 00000000 ____D () C:\Users\Jul\AppData\Local\Pirates
2015-02-02 15:09 - 2015-02-02 15:09 - 00000000 ____D () C:\Users\Jul\AppData\Local\Sparta
2015-02-01 21:00 - 2015-02-01 21:17 - 35648512 _____ () C:\Users\Jul\Downloads\PhysX-9.12.0613-SystemSoftware.msi
2015-02-01 20:52 - 2015-02-01 20:52 - 00000000 ____D () C:\Users\Jul\AppData\Local\Macromedia
2015-02-01 20:50 - 2015-02-01 20:50 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Sony Network Entertainment International LLC
2015-02-01 20:49 - 2015-02-01 20:49 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-02-01 20:49 - 2015-02-01 20:49 - 00000000 ____D () C:\Program Files\Kaspersky Lab
2015-02-01 20:48 - 2015-02-02 12:37 - 00644808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-02-01 20:48 - 2015-02-02 12:37 - 00112136 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-02-01 20:48 - 2014-04-10 17:25 - 00034400 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-02-01 20:35 - 2015-02-01 20:35 - 00000000 ____D () C:\Users\Jul\AppData\Local\Mozilla
2015-02-01 19:54 - 2015-01-27 17:31 - 00301168 _____ (CartCrunch Israel Ltd.) C:\Windows\system32\ColorMedia.dll
2015-02-01 19:45 - 2015-02-10 21:13 - 00001678 _____ () C:\Windows\Tasks\OZTQSYNJ.job
2015-02-01 19:44 - 2015-02-02 17:19 - 00000000 ____D () C:\Program Files\TabNav
2015-02-01 19:26 - 2015-02-01 19:26 - 00000000 ____D () C:\Windows\81C42533F5A846CE9013ECF783A4CBD4.TMP
2015-01-25 17:12 - 2015-01-25 17:12 - 00002086 _____ () C:\Users\Jul\AppData\Roaming\NUB
2015-01-25 17:12 - 2015-01-25 17:12 - 00001248 _____ () C:\Users\Jul\AppData\Roaming\OZTQSYNJ
2015-01-25 17:12 - 2015-01-25 17:12 - 00001248 _____ () C:\Users\Jul\AppData\Roaming\MTSO
2015-01-24 17:57 - 2015-01-24 17:57 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\LolClient
2015-01-15 15:30 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 15:30 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 15:30 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-15 15:30 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-15 15:30 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-15 15:30 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 22:55 - 2015-01-16 20:42 - 00000000 ____D () C:\Users\Jul\Documents\MuseScore
2015-01-13 22:26 - 2015-01-13 22:26 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\MusE
2015-01-13 22:26 - 2015-01-13 22:26 - 00000000 ____D () C:\Users\Jul\AppData\Local\MusE
2015-01-13 21:29 - 2015-01-13 21:29 - 00000000 ____D () C:\Program Files\MuseScore

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 21:25 - 2014-07-14 12:39 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Spotify
2015-02-10 21:24 - 2012-05-12 00:03 - 00000000 ____D () C:\Users\Jul\AppData\Local\CrashDumps
2015-02-10 21:23 - 2009-07-14 05:34 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-10 21:23 - 2009-07-14 05:34 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-10 21:21 - 2012-05-04 20:23 - 01870704 _____ () C:\Windows\WindowsUpdate.log
2015-02-10 21:19 - 2014-07-14 12:40 - 00000000 ____D () C:\Users\Jul\AppData\Local\Spotify
2015-02-10 21:16 - 2014-10-21 14:02 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Raptr
2015-02-10 21:16 - 2014-09-05 20:57 - 00000000 ____D () C:\Program Files\streamWriter
2015-02-10 21:16 - 2013-12-03 17:25 - 00000000 ____D () C:\Users\Jul\AppData\Local\LogMeIn Hamachi
2015-02-10 21:15 - 2015-01-04 19:13 - 00000013 _____ () C:\NET.INI
2015-02-10 21:13 - 2014-01-23 13:50 - 00000460 ____H () C:\Windows\Tasks\GS.Enabler-S-1824435291.job
2015-02-10 21:13 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-10 21:13 - 2009-07-14 05:39 - 00206461 _____ () C:\Windows\setupact.log
2015-02-10 20:59 - 2012-05-06 00:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-10 20:45 - 2012-05-05 19:56 - 02194334 _____ () C:\Windows\PFRO.log
2015-02-10 20:43 - 2012-05-05 13:34 - 00000000 ____D () C:\Program Files\Steam
2015-02-10 20:14 - 2013-04-15 19:34 - 00002552 _____ () C:\Windows\fpuninstall.log
2015-02-10 20:13 - 2014-11-28 22:29 - 00000000 ____D () C:\UDK
2015-02-10 20:12 - 2012-05-05 13:34 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-02-09 20:46 - 2013-12-18 07:19 - 00000000 ____D () C:\Users\Jul\Documents\Schule
2015-02-09 19:22 - 2012-05-07 16:14 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Skype
2015-02-08 20:17 - 2014-09-05 20:57 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\streamWriter
2015-02-08 20:00 - 2014-10-20 13:30 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Curse Client
2015-02-08 19:37 - 2014-05-23 16:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-02-07 15:39 - 2012-05-05 07:21 - 00000000 ____D () C:\Users\Jul
2015-02-05 13:59 - 2012-05-06 00:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 13:59 - 2012-05-06 00:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 13:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Help
2015-02-03 14:44 - 2014-11-06 19:08 - 00000000 ____D () C:\Users\Jul\Desktop\Spiele
2015-02-02 20:54 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\twain_32
2015-02-02 17:19 - 2013-10-03 19:59 - 00000000 ____D () C:\Program Files\Ss_Helper
2015-02-02 15:13 - 2013-08-23 20:39 - 00000000 ____D () C:\Program Files\Google
2015-02-02 15:10 - 2012-09-15 07:11 - 00000000 ____D () C:\Users\Jul\AppData\Local\Google
2015-02-01 20:35 - 2012-10-23 17:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-01 19:26 - 2012-06-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-02-01 19:26 - 2012-05-11 23:44 - 00000000 ____D () C:\Users\Jul\Documents\My Games
2015-02-01 19:26 - 2012-05-05 20:19 - 00307239 _____ () C:\Windows\DirectX.log
2015-02-01 16:11 - 2013-05-24 17:58 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\TS3Client
2015-01-31 15:42 - 2014-05-23 16:22 - 00000000 ____D () C:\Users\Jul\AppData\Local\Thunderbird
2015-01-31 13:45 - 2014-10-21 14:02 - 00000000 ____D () C:\Program Files\Raptr
2015-01-30 21:25 - 2014-07-27 22:39 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Bioshock
2015-01-30 16:11 - 2012-05-05 07:26 - 01651678 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-29 20:35 - 2009-07-14 05:33 - 03942608 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-27 19:19 - 2012-05-05 11:54 - 00153840 _____ () C:\Users\Jul\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-25 15:40 - 2013-05-15 18:24 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Synthesia
2015-01-24 13:21 - 2012-05-05 13:26 - 00566200 _____ () C:\Windows\DPINST.LOG
2015-01-24 13:20 - 2012-05-05 11:52 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-16 03:11 - 2013-07-18 11:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 03:02 - 2012-05-06 08:03 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 16:52 - 2014-10-26 18:32 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Adobe
2015-01-13 16:52 - 2012-12-20 15:22 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-13 06:36 - 2014-12-17 07:31 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2015-01-12 22:36 - 2014-11-22 16:00 - 00000000 ____D () C:\Users\Jul\AppData\Local\Adobe

==================== Files in the root of some directories =======

2014-10-26 21:15 - 2014-12-31 23:34 - 0000132 _____ () C:\Users\Jul\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-12-20 23:09 - 2013-12-20 21:23 - 0012005 _____ () C:\Users\Jul\AppData\Roaming\alsoft.ini
2013-02-23 19:43 - 2013-02-23 19:43 - 0000121 _____ () C:\Users\Jul\AppData\Roaming\D2Info0
2013-02-23 19:43 - 2013-02-23 20:09 - 0000008 _____ () C:\Users\Jul\AppData\Roaming\DofusAppId0_2
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Jul\AppData\Roaming\MTSO
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Jul\AppData\Roaming\NUB
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Jul\AppData\Roaming\OZTQSYNJ
2012-07-30 07:25 - 2014-05-30 19:59 - 0138056 _____ () C:\Users\Jul\AppData\Roaming\PnkBstrK.sys
2012-06-09 13:15 - 2012-06-09 13:15 - 0000004 _____ () C:\Users\Jul\AppData\Roaming\steam_md5.dat
2013-01-23 15:51 - 2013-01-23 15:51 - 0703104 _____ () C:\Users\Jul\AppData\Roaming\technic-launcher.jar
2012-07-05 23:36 - 2014-06-22 15:20 - 0006144 _____ () C:\Users\Jul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-15 21:20 - 2013-02-15 21:20 - 1065984 _____ () C:\Users\Jul\AppData\Local\file__0.localstorage
2012-12-22 00:19 - 2012-12-22 00:19 - 0000091 _____ () C:\Users\Jul\AppData\Local\fusioncache.dat
2012-12-17 05:06 - 2012-12-17 05:06 - 0000337 _____ () C:\Users\Jul\AppData\Local\Perfmon.PerfmonCfg
2014-12-06 17:15 - 2014-12-06 17:15 - 0001590 _____ () C:\Users\Jul\AppData\Local\recently-used.xbel
2012-05-26 12:10 - 2013-05-26 14:20 - 0007601 _____ () C:\Users\Jul\AppData\Local\Resmon.ResmonCfg
2013-09-01 12:24 - 2013-09-13 16:03 - 1341859 ____N () C:\Users\Jul\AppData\Local\Tempmusic.ogg
2013-02-04 14:05 - 2013-02-04 14:05 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-04-07 13:15 - 2013-04-07 13:15 - 0272292 _____ () C:\ProgramData\firstlsp.reg.dat
2013-09-29 17:07 - 2013-07-31 17:07 - 0000032 ____R () C:\ProgramData\hash.dat
2012-05-05 19:41 - 2012-05-05 19:41 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-05 19:36 - 2012-05-05 19:36 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-05-05 19:38 - 2012-05-05 19:39 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-05 19:36 - 2012-05-05 19:38 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-05-05 19:39 - 2012-05-05 19:41 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Files to move or delete:
====================
C:\Users\Jul\InstallHiRezGamesEnglish.exe
C:\Users\Jul\libgtk-win32-2.0-0.dll
C:\Users\Jul\TechnicLauncher.exe


Some content of TEMP:
====================
C:\Users\Jul\AppData\Local\Temp\1_Offer_7.exe
C:\Users\Jul\AppData\Local\Temp\7z.dll
C:\Users\Jul\AppData\Local\Temp\7z.exe
C:\Users\Jul\AppData\Local\Temp\AdobeAIRInstaller.exe
C:\Users\Jul\AppData\Local\Temp\app.exe
C:\Users\Jul\AppData\Local\Temp\AutoRun.exe
C:\Users\Jul\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Jul\AppData\Local\Temp\BASSMOD.dll
C:\Users\Jul\AppData\Local\Temp\bdfilters.dll
C:\Users\Jul\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Jul\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Jul\AppData\Local\Temp\cbcabfbbbbd.exe
C:\Users\Jul\AppData\Local\Temp\ccittfax3.exe
C:\Users\Jul\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Jul\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Jul\AppData\Local\Temp\down.2900.OptimizerProInstaller.exe
C:\Users\Jul\AppData\Local\Temp\drm_dyndata_7350008.dll
C:\Users\Jul\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Jul\AppData\Local\Temp\dtkill.exe
C:\Users\Jul\AppData\Local\Temp\EAInstall.dll
C:\Users\Jul\AppData\Local\Temp\eauninstall.exe
C:\Users\Jul\AppData\Local\Temp\Executor.exe
C:\Users\Jul\AppData\Local\Temp\farcry3_1.02.exe
C:\Users\Jul\AppData\Local\Temp\fbt0gci4.dll
C:\Users\Jul\AppData\Local\Temp\FH311E.tmp.exe
C:\Users\Jul\AppData\Local\Temp\FH6D91.tmp.exe
C:\Users\Jul\AppData\Local\Temp\FHB8D3.tmp.exe
C:\Users\Jul\AppData\Local\Temp\ForteDependencies.exe
C:\Users\Jul\AppData\Local\Temp\GameuxInstallHelper.dll
C:\Users\Jul\AppData\Local\Temp\GLF7641.tmp.dll
C:\Users\Jul\AppData\Local\Temp\GLFB9A8.tmp.dll
C:\Users\Jul\AppData\Local\Temp\GLFD781.tmp.dll
C:\Users\Jul\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jul\AppData\Local\Temp\install.exe
C:\Users\Jul\AppData\Local\Temp\InstallerBT.exe
C:\Users\Jul\AppData\Local\Temp\instloffer.exe
C:\Users\Jul\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Jul\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Jul\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jul\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\Jul\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Jul\AppData\Local\Temp\LiveSupport_update.exe
C:\Users\Jul\AppData\Local\Temp\MouseKeyboardCenterx86_1031.exe
C:\Users\Jul\AppData\Local\Temp\mpegc.dll
C:\Users\Jul\AppData\Local\Temp\mpegm.dll
C:\Users\Jul\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\Jul\AppData\Local\Temp\Nexus%20Mod%20Manager-0.44.1.exe
C:\Users\Jul\AppData\Local\Temp\Nexus%20Mod%20Manager-0.44.2.exe
C:\Users\Jul\AppData\Local\Temp\NGMDll.dll
C:\Users\Jul\AppData\Local\Temp\NGMResource.dll
C:\Users\Jul\AppData\Local\Temp\nsuF2A0.exe
C:\Users\Jul\AppData\Local\Temp\p200.exe
C:\Users\Jul\AppData\Local\Temp\printpdfsetup.exe
C:\Users\Jul\AppData\Local\Temp\pyl2BB3.tmp.exe
C:\Users\Jul\AppData\Local\Temp\pyl85B.tmp.exe
C:\Users\Jul\AppData\Local\Temp\pylB396.tmp.exe
C:\Users\Jul\AppData\Local\Temp\pylC10F.tmp.exe
C:\Users\Jul\AppData\Local\Temp\pylEDAB.tmp.exe
C:\Users\Jul\AppData\Local\Temp\Quarantine.exe
C:\Users\Jul\AppData\Local\Temp\rnbssv.exe
C:\Users\Jul\AppData\Local\Temp\runprog.exe
C:\Users\Jul\AppData\Local\Temp\SetupO.exe
C:\Users\Jul\AppData\Local\Temp\sgtvim.exe
C:\Users\Jul\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Jul\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jul\AppData\Local\Temp\SpOrder.dll
C:\Users\Jul\AppData\Local\Temp\sqlite3.dll
C:\Users\Jul\AppData\Local\Temp\Stp7937_TMP.EXE
C:\Users\Jul\AppData\Local\Temp\StpCE58_TMP.EXE
C:\Users\Jul\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Jul\AppData\Local\Temp\The Lord of the Rings, The Rise of the Witch-king_uninst.exe
C:\Users\Jul\AppData\Local\Temp\tmd_34014327.exe
C:\Users\Jul\AppData\Local\Temp\tnvhwn.exe
C:\Users\Jul\AppData\Local\Temp\Tsu47F522EB.dll
C:\Users\Jul\AppData\Local\Temp\TsuD589FF05.dll
C:\Users\Jul\AppData\Local\Temp\TW_autoskip.exe
C:\Users\Jul\AppData\Local\Temp\ubi9C8D.tmp.exe
C:\Users\Jul\AppData\Local\Temp\ubiE024.tmp.exe
C:\Users\Jul\AppData\Local\Temp\unicows.dll
C:\Users\Jul\AppData\Local\Temp\uninst1.exe
C:\Users\Jul\AppData\Local\Temp\Uninstaller-704.exe
C:\Users\Jul\AppData\Local\Temp\Uninstaller-8220.exe
C:\Users\Jul\AppData\Local\Temp\Uninstall_2.exe
C:\Users\Jul\AppData\Local\Temp\uttA8BA.tmp.exe
C:\Users\Jul\AppData\Local\Temp\vcredist_x86-2010.exe
C:\Users\Jul\AppData\Local\Temp\vcredist_x86-2012.exe
C:\Users\Jul\AppData\Local\Temp\VirtualRouterPlusSetup.exe
C:\Users\Jul\AppData\Local\Temp\wmfdist.exe
C:\Users\Jul\AppData\Local\Temp\wvc1dmo.exe
C:\Users\Jul\AppData\Local\Temp\xuninst.exe
C:\Users\Jul\AppData\Local\Temp\_is13B5.exe
C:\Users\Jul\AppData\Local\Temp\_is14B2.exe
C:\Users\Jul\AppData\Local\Temp\_is153A.exe
C:\Users\Jul\AppData\Local\Temp\_is15FF.exe
C:\Users\Jul\AppData\Local\Temp\_is16F9.exe
C:\Users\Jul\AppData\Local\Temp\_is17B7.exe
C:\Users\Jul\AppData\Local\Temp\_is1F6F.exe
C:\Users\Jul\AppData\Local\Temp\_is229E.exe
C:\Users\Jul\AppData\Local\Temp\_is3E20.exe
C:\Users\Jul\AppData\Local\Temp\_is44D4.exe
C:\Users\Jul\AppData\Local\Temp\_is5290.exe
C:\Users\Jul\AppData\Local\Temp\_is56BD.exe
C:\Users\Jul\AppData\Local\Temp\_is5864.exe
C:\Users\Jul\AppData\Local\Temp\_is5BEC.exe
C:\Users\Jul\AppData\Local\Temp\_is84AF.exe
C:\Users\Jul\AppData\Local\Temp\_is8828.exe
C:\Users\Jul\AppData\Local\Temp\_is892A.exe
C:\Users\Jul\AppData\Local\Temp\_is9D6E.exe
C:\Users\Jul\AppData\Local\Temp\_isA2C3.exe
C:\Users\Jul\AppData\Local\Temp\_isA3ED.exe
C:\Users\Jul\AppData\Local\Temp\_isA72E.exe
C:\Users\Jul\AppData\Local\Temp\_isC002.exe
C:\Users\Jul\AppData\Local\Temp\_isC9E7.exe
C:\Users\Jul\AppData\Local\Temp\_isCEA5.exe
C:\Users\Jul\AppData\Local\Temp\_isD647.exe
C:\Users\Jul\AppData\Local\Temp\_isDE89.exe
C:\Users\Jul\AppData\Local\Temp\_isE53E.exe
C:\Users\Jul\AppData\Local\Temp\_isF100.exe
C:\Users\Jul\AppData\Local\Temp\_isFAD2.exe
C:\Users\Stefan\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Stefan\AppData\Local\Temp\drm_dyndata_7400006.dll
C:\Users\Stefan\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Stefan\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Stefan\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 00:17

==================== End Of Log ============================
         
 --- --- ---
am App 239200) (Version:  - The Chinese Room)
Amnesia: The Dark Descent (HKLM\...\Steam App 57300) (Version:  - Frictional Games)
Among the Sleep (HKLM\...\Steam App 250620) (Version:  - Krillbite Studio)
Anna - Extended Edition (HKLM\...\Steam App 217690) (Version:  - Dreampainters)
Antichamber (HKLM\...\Steam App 219890) (Version:  - Alexander Bruce)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin’s Creed® III (HKLM\...\Steam App 208480) (Version:  - Ubisoft Montreal)
Assassin's Creed Brotherhood (HKLM\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Aufstieg des Hexenkönigs™ (HKLM\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version:  - )
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Awesomenauts (HKLM\...\Steam App 204300) (Version:  - Ronimo Games)
Bandicam (HKLM\...\Bandicam) (Version: 2.0.0.637 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)
Batman: Arkham Asylum (HKLM\...\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}) (Version: 1.0.0.0 - Eidos Interactive Limited)
Batman: Arkham City™ (HKLM\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (Version: 1.0.0000.131 - WB Games) Hidden
Batman: Arkham City™ (Version: 1.0.0003.131 - WB Games) Hidden
Batman™: Arkham Origins (HKLM\...\Steam App 209000) (Version:  - WB Games Montreal)
Batman™: Arkham Origins Blackgate - Deluxe Edition (HKLM\...\Steam App 267490) (Version:  - Armature Studio)
BattleBlock Theater (HKLM\...\Steam App 238460) (Version:  - The Behemoth)
Battlefield 3™ (HKLM\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Betrayer (HKLM\...\Steam App 243120) (Version:  - Blackpowder Games)
Binary Domain (HKLM\...\Steam App 203750) (Version:  - Devil's Details)
BioShock (HKLM\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM\...\Steam App 8870) (Version:  - Irrational Games)
BitTorrent (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\BitTorrent) (Version: 7.9.2.35704 - BitTorrent Inc.)
Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
Blue Satin Skin (HKLM\...\{B0C00181-ECF5-4124-A6DE-14EA663D4799}) (Version: 2.2.0 - Screaming Bee)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.60.48.55 - Broadcom Corporation)
Browser faster (HKLM\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{5837205}) (Version:  - GTgroup) <==== ATTENTION
Call of Juarez Gunslinger (HKLM\...\Steam App 204450) (Version:  - Techland)
Camtasia Studio 8 (HKLM\...\{19F81C0C-D0DB-453D-9C1C-AD26C4140E7E}) (Version: 8.4.0.1691 - TechSmith Corporation)
Canyon Capers (HKLM\...\Steam App 275490) (Version:  - Crazy Moo Games)
Cheat Engine 6.4 (HKLM\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cinema 4D version R12 (HKLM\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Connectify (HKLM\...\Connectify) (Version: 7.2.1.29658 - Connectify)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.61.3 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Craften Terminal 3.5.5 (HKLM\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.5.5 - Craften.de)
Cry of Fear (HKLM\...\Steam App 223710) (Version:  - Team Psykskallar)
Crysis (HKLM\...\Steam App 17300) (Version:  - Crytek)
Crysis Wars (HKLM\...\Steam App 17340) (Version:  - Crytek)
Curse (HKLM\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
CyberLink Media Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3806.02 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
Dead Island Riptide (HKLM\...\Steam App 216250) (Version:  - Techland)
Dead Island: Epidemic (HKLM\...\Steam App 222900) (Version:  - Stunlock Studios)
Deadlight (HKLM\...\Steam App 211400) (Version:  - Tequila Works, S.L.)
Die Schlacht um Mittelerde™ II (HKLM\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
Dishonored (HKLM\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DLC Quest (HKLM\...\Steam App 230050) (Version:  - Going Loud Studios)
Don't Starve (HKLM\...\Steam App 219740) (Version:  - Klei Entertainment)
doubleTwist Sync (HKLM\...\doubleTwist) (Version: 4.0.4.19767 - doubleTwist Corporation)
Dual-Core Optimizer (HKLM\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
EA Sports™ FIFA World (HKLM\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.0.0.47449 - Electronic Arts, Inc.)
Easy Content Share (HKLM\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
EAX4 Unified Redist (HKLM\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Eldritch (HKLM\...\Eldritch) (Version:  - )
Eldritch (HKLM\...\Steam App 252630) (Version:  - Minor Key Games)
ETDWare PS/2-X86 8.0.7.1_WHQL (HKLM\...\Elantech) (Version: 8.0.7.1 - ELAN Microelectronic Corp.)
Evolve (HKLM\...\Steam App 273350) (Version:  - Turtle Rock Studios)
Fantasy Voice Pack (HKLM\...\{8061C2C9-C2A3-4550-A3FC-585B646840CB}) (Version: 1.3.0 - Screaming Bee)
Far Cry 3 Blood Dragon (HKLM\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FEZ (HKLM\...\Steam App 224760) (Version:  - Polytron Corporation)
Fiesta Online DE (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\fiestaonline_de) (Version: 1.0.0.1 - Gamigo Games)
FIFA 11 (HKLM\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 13 (HKLM\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.8.0.0 - Electronic Arts)
Five Nights at Freddy's (HKLM\...\Steam App 319510) (Version:  - Scott Cawthon)
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Free YouTube Download version 3.2.39.604 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.39.604 - DVDVideoSoft Ltd.)
Free YouTube to iPhone Converter version 2.12.2.430 (HKLM\...\Free YouTube to iPhone Converter_is1) (Version: 2.12.2.430 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Galaxy Client (HKLM\...\{D6D1DA54-531F-4FA0-B683-CE66ACE3543F}_is1) (Version: 0.1.0.456 - GOG.com)
Game Cam 2.2 (HKLM\...\Game Cam) (Version: 2.2 - Planet Game Cam, Inc.)
GameSpy Comrade (HKLM\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Garry)
GCFScape 1.3.1 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
GGoSave (HKLM\...\{64A4ABCA-CF3D-C548-2DC4-72A55DC5882A}) (Version:  - "")
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Glyph (HKLM\...\Glyph) (Version:  - Trion Worlds, Inc.)
Gunpoint version v1.1 (HKLM\...\{B33EDF25-91DF-40FC-B2F7-FA19E3F0489F}}_is1) (Version: v1.1 - )
Happy Cloud Client (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\HappyCloud) (Version: 5.24 - Happy Cloud, Inc.)
HAWKEN (HKLM\...\Steam App 271290) (Version:  - Adhesive Games)
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Home (HKLM\...\Steam App 215670) (Version:  - Benjamin Rivers)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{E5360B00-4DEF-4F6E-8ED9-B2C31875D813}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
Indiana Jones and the Emperors Tomb (HKLM\...\{0DBF3265-57F1-4D8A-87EA-332B2A669BDE}) (Version:  - )
InfiniteCrisis_0B203096692B (HKLM\...\InfiniteCrisis_0B203096692B) (Version:  - Turbine, Inc)
InfiniteCrisis_6EDD581C692E (HKLM\...\InfiniteCrisis_6EDD581C692E) (Version:  - Turbine, Inc)
InfiniteCrisis_76B7D2EE4D73 (HKLM\...\InfiniteCrisis_76B7D2EE4D73) (Version:  - Turbine, Inc)
Insanely Twisted Shadow Planet (HKLM\...\Steam App 205730) (Version:  - Shadow Planet Productions)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Internet Explorer Toolbar 4.6 by SweetPacks (HKLM\...\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}) (Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Jazzpunk (HKLM\...\Steam App 250260) (Version:  - Necrophone Games)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JoNiCoUpeoun (HKLM\...\{51417852-174C-88D4-34A0-D0FE7858BE47}) (Version:  - "") <==== ATTENTION
Kaspersky Internet Security (HKLM\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (Version: 15.0.0.463 - Kaspersky Lab) Hidden
Killing Floor (HKLM\...\Steam App 1250) (Version:  - Tripwire Interactive)
Knock-knock (HKLM\...\Steam App 250380) (Version:  - Ice-pick Lodge)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Legend of Grimrock (HKLM\...\Steam App 207170) (Version:  - Almost Human Games)
LEGO MARVEL Super Heroes (HKLM\...\Steam App 249130) (Version:  - Traveller's Tales)
LEGO® Batman™ 2: DC Super Heroes (HKLM\...\{4E2EA555-3DAE-4BE1-96BF-6A632ACFE8DE}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® Der Herr der Ringe™ (HKLM\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® Harry Potter™: Die Jahre 1-4 (HKLM\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games)
LEGO® Pirates of the Caribbean Das Videospiel (HKLM\...\{64958DA4-79D3-43FD-AF06-720DAD044F9E}) (Version: 1.0.0.0 - Disney Interactive Studios)
LEGO® Star Wars™: Die Komplette Saga (HKLM\...\InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}) (Version: 1.00.0000 - LucasArts)
LEGO® Star Wars™: The Complete Saga (Version: 1.00.0000 - LucasArts) Hidden
LetsTrade Komponenten (HKLM\...\LetsTrade) (Version:  - )
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Mafia 2 version 1.0 (HKLM\...\{B3808FA6-2354-47D2-AC62-ECE7D1952E7E}_is1) (Version: 1.0 - Huaker)
Magicka: Wizard Wars (HKLM\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManiaPlanet (HKLM\...\ManiaPlanet_is1) (Version:  - Nadeo)
MassiveThirdAgeTranslator 3.1 (HKLM\...\MassiveThirdAgeTranslator 3.1) (Version: 3.1 - ecozone)
Max Payne 3 (HKLM\...\Steam App 204100) (Version:  - Rockstar)
Media Go (HKLM\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM\...\{73FA7631-3015-4EEC-A002-09488C47A07C}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.108.06300 (HKLM\...\{FC091743-5193-2B65-E49E-E03BC9E8B728}) (Version: 2.12.108.06300 - Sony)
Medieval II Total War (HKLM\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
MemoryLeakAlpha1 (HKLM\...\UDK-0acfabc9-568c-4a84-999d-e0556bca7d6b) (Version:  - Epic Games, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MilkShape 3D 1.8.4 (HKLM\...\MilkShape 3D 1.8.4) (Version: 1.8.4 - chUmbaLum sOft)
MinimumPrice (HKLM\...\{CA1838EF-A497-194E-3850-37A62CEE398B}) (Version:  - "")
Montas (HKLM\...\Steam App 269350) (Version:  - Organic Humans)
MorphVOX Pro (HKLM\...\{A25A7B10-75EA-4208-AAF1-0E3841C444F1}) (Version: 4.3.3 - Screaming Bee)
moters (HKLM\...\{c8730ca5-3f82-41cc-65e2-01b87600cd89}) (Version: 1.0.0 - ningsup) <==== ATTENTION!
Mount & Blade: Warband (HKLM\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
My Game Long Name (HKLM\...\UDK-5f3d63f7-bcb4-41d2-8abc-ca5e433e0d56) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-e9df117c-1a25-47d7-83ef-8f8b8dd82c26) (Version:  - Epic Games, Inc.)
NeixtCoupp (HKLM\...\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}) (Version: 2.1.0.1434 - NextCoup)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.44.2 - Black Tree Gaming)
Nidhogg (HKLM\...\TmlkaG9nZw==_is1) (Version: 1 - )
Norton Internet Security (Version: 18.1.0.37 - Symantec Corporation) Hidden
Notepad++ (HKLM\...\Notepad++) (Version: 6.1.5 - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.6123 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Octodad: Dadliest Catch (HKLM\...\Steam App 224480) (Version:  - Young Horses)
OlliOlli (HKLM\...\Steam App 274250) (Version:  - Roll7)
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.00 (HKLM\...\Opera 12.00.1467) (Version: 12.00.1467 - Opera Software ASA)
Opera Next 12.50 internal build 1497 (HKLM\...\Opera 12.50.1497) (Version: 12.50.1497 - Opera Software ASA)
Orcs Must Die! 2 (HKLM\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
osu! (HKLM\...\{2a4e052f-156b-41d3-84c5-1de2d1157670}) (Version: latest - ppy Pty Ltd)
Our Darker Purpose (HKLM\...\Steam App 262790) (Version:  - Avidly Wild Games)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Passing Pineview Forest (HKLM\...\Steam App 331120) (Version:  - VIS - Visual Imagination Software)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM\...\Steam App 24240) (Version:  - OVERKILL Software)
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Pepakura Viewer 3 (HKLM\...\pepakura_viewer3en) (Version:  - TamaSoftware)
Personality Voices (HKLM\...\{29C042AB-059B-414C-840E-94775E3F24A8}) (Version: 1.0.0 - Screaming Bee)
Pixsta (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Pokki_83453a3d886e527a470b5bb8291dd338de4b1e44) (Version: 2.5.3.4 - Pokki)
Pokki (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Pokki) (Version: 0.269.5.460 - Pokki)
Pokki Download Helper (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM\...\Steam App 644) (Version:  - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raptr (HKLM\...\Raptr) (Version:  - )
Razer Game Booster (HKLM\...\Razer Game Booster_is1) (Version: 4.0.68.0 - Razer Inc.)
Razer Surround (HKLM\...\Razer Surround) (Version: 1.04.07 - Razer Inc.)
Really Big Sky (HKLM\...\Steam App 201570) (Version:  - Boss Baddie)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.33.1125.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6246 - Realtek Semiconductor Corp.)
Receiver (HKLM\...\Steam App 234190) (Version:  - Wolfire Games)
Reus (HKLM\...\Steam App 222730) (Version:  - Abbey Games)
Risen 2 - Dark Waters (HKLM\...\Steam App 40390) (Version:  - Piranha Bytes)
Risk of Rain (HKLM\...\Steam App 248820) (Version:  - )
Rocketbirds: Hardboiled Chicken (HKLM\...\Steam App 215510) (Version:  - Ratloop Asia) <==== ATTENTION!
Rockstar Games Social Club (HKLM\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
S4 League_EU (HKLM\...\{D4B85288-879E-4D57-B4CD-9303A75DF301}) (Version: 1.00.0000 - )
Saints Row: The Third (HKLM\...\Steam App 55230) (Version:  - Volition)
Samsung Recovery Solution 5 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.2.4 - Samsung)
Sanctum 2 (HKLM\...\Steam App 210770) (Version:  - Coffee Stain Studios)
SavveMAss (HKLM\...\{A695893E-A5C7-2E5C-6953-52B0E61E4C1A}) (Version:  - SaveMassi)
Scribblenauts Unmasked (HKLM\...\Steam App 249870) (Version:  - 5th Cell Media)
SecurityUtility (HKLM\...\SecurityUtility) (Version: 1.0.0.1940 - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SK.Helper 1.74 (HKLM\...\SP_ecec6af5) (Version:  - Verified Publisher)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slender: The Arrival (HKLM\...\Steam App 252330) (Version:  - Blue Isle Studios)
Smite (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2533.0 - Hi-Rez Studios)
Sniper Elite V2 (HKLM\...\Steam App 63380) (Version:  - Rebellion)
SOE Web Installer (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
Sonos Controller (HKLM\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 17.5.51200 - Sonos, Inc.)
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.7.201405202226 - Sony Mobile Communications AB)
Sony PC Companion 2.10.245 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.245 - Sony)
Source SDK (HKLM\...\Steam App 211) (Version:  - Valve)
Space Engineers (HKLM\...\Steam App 244850) (Version:  - )
Spider-Man(TM) - Web of Shadows 1.1 Patch (Version:  - ) Hidden
Spotify (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.0301 - SRS Labs, Inc.)
Ss_Helper 1.74 (HKLM\...\SP_ad635a31) (Version:  - )
Star Wars Battlefront II (HKLM\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars Republic Commando (HKLM\...\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}) (Version: 1.0 - )
Star Wars®: Knights of the Old Republic (TM) (HKLM\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version:  - )
Starbound (HKLM\...\Steam App 211820) (Version:  - )
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
streamWriter (HKLM\...\streamWriter_is1) (Version:  - )
Super Meat Boy (HKLM\...\Steam App 40800) (Version:  - Team Meat)
Surgeon Simulator 2013 (HKLM\...\Steam App 233720) (Version:  - Bossa Studios)
SW-Booster (HKLM\...\S-792098896) (Version: 1.1.0.1233 - PremiumSoft) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.22.0 - Synaptics Incorporated)
Synthesia (HKLM\...\Synthesia) (Version: 8.5 - Synthesia LLC)
Tales from Space: Mutant Blobs Attack (HKLM\...\Steam App 206370) (Version:  - DrinkBox Studios)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.17396 - TeamViewer)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
TeXnicCenter Version 1 Beta 7.01 (Greengrass) (HKLM\...\TeXnicCenter_is1) (Version: Version 1 Beta 7.01 - TeXnicCenter.org)
The Binding of Isaac (HKLM\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Bridge (HKLM\...\Steam App 204240) (Version:  - Ty Taylor and Mario Castañeda)
The Cat Lady (HKLM\...\Steam App 253110) (Version:  - Harvester Games)
The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version PLus UPDATE 10 1.00 (HKLM\...\The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version PLus UPDATE 10 1.00) (Version:  - )
The Elder Scrolls V Skyrim Dragonborn DLC Deutsche Version 1.00 (HKLM\...\The Elder Scrolls V Skyrim Dragonborn DLC Deutsche Version 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
The Elder Scrolls V Skyrim Update 11 (1.8.151.0.7) Deutsche Version 1.00 (HKLM\...\The Elder Scrolls V Skyrim Update 11 (1.8.151.0.7) Deutsche Version 1.00) (Version:  - )
The Evil Within Demo (HKLM\...\Steam App 329960) (Version:  - Tango Gameworks)
The Lord of the Rings - Conquest (HKLM\...\The Lord of the Rings - Conquest_is1) (Version:  - )
The Novelist (HKLM\...\Steam App 245150) (Version:  - Orthogonal Games)
The Ship (HKLM\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Sims 2: Ultimate Collection (HKLM\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Swapper (HKLM\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Train 1.0 (HKLM\...\The Train 1.0) (Version: 1.0 - Cat-A-Cat)
Thief - Deadly Shadows (HKLM\...\{FC123EEA-330A-4685-911C-95B8F5E9DE68}) (Version: 1.0 - )
Thief (HKLM\...\Steam App 239160) (Version:  - Eidos-Montréal)
Third Age - Total War 3.0 (Part 1of2) (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
Titan Quest (HKLM\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Tom Clancy's Ghost Recon Advanced Warfighter® 2 DEMO SP (HKLM\...\{2551B1D3-30D3-409B-B905-751A70B26C03}) (Version: 1.00.0000 - UBISOFT)
Tom Clancy's Splinter Cell Conviction v1.04 (HKLM\...\Tom Clancy's Splinter Cell Conviction_is1) (Version:  - Spieler)
Tomb Raider (HKLM\...\Steam App 203160) (Version:  - Crystal Dynamics)
Torchlight II (HKLM\...\Steam App 200710) (Version:  - Runic Games)
Total War: ROME II - Emperor Edition (HKLM\...\Steam App 214950) (Version:  - Creative Assembly)
Tower of Guns (HKLM\...\Steam App 266110) (Version:  - Terrible Posture Games)
TrackMania Nations Forever (HKLM\...\Steam App 11020) (Version:  - Nadeo)
TreeSize Free V2.7 (HKLM\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Tunatic (HKLM\...\Tunatic) (Version:  - )
Tunngle - Brio HD Skin Version 1.0 (HKLM\...\{FE600607-335B-4CC2-A50D-90EECE0356ED}_is1) (Version: 1.0 - Brioche for the Tunngle.Net Community)
Tunngle Version Tunngle (HKLM\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Two Worlds II (HKLM\...\Two Worlds II) (Version: 1.3.0.0 - )
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ubuntu (HKLM\...\Wubi) (Version: 12.04.1-rev273 - Ubuntu)
Unity Web Player (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-9f1c6fcf-0541-47e3-bb42-0f85fbc9e43d) (Version:  - Epic Games, Inc.)
Update 2.0.11.0 for "Men of War: Assault Squad" (HKLM\...\{D8B5C1BB-5951-422D-A4D5-451675614956}_update2.0.11.0) (Version: 2.0.11.0 - )
Uplay (HKLM\...\Uplay) (Version: 2.0 - Ubisoft)
Velvet Assassin (HKLM\...\Steam App 16720) (Version:  - Replay Studios)
Vertical Drop Heroes HD (HKLM\...\Steam App 311480) (Version:  - Nerdook Productions)
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VTFEdit 1.2.5 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wanderlust: Rebirth (HKLM\...\Steam App 211580) (Version:  - Yeti Trunk)
Warlock - Master of the Arcane (HKLM\...\Steam App 203630) (Version:  - Ino-Co Plus)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net  (03/11/2013 10.0.0.234) (HKLM\...\99C882A44FD971DC797FE21420A3099DECE89966) (Version: 03/11/2013 10.0.0.234 - Qualcomm Atheros Communications Inc.)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. Net  (03/11/2013 10.0.0.234) (HKLM\...\9F26BE7C257739D7488254A1B5CBFE820E44E902) (Version: 03/11/2013 10.0.0.234 - Qualcomm Atheros Communications Inc.)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WS_Enabler (HKLM\...\S-815932687) (Version: 3.1.0.1226 - PremiumSoft) <==== ATTENTION
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)
Xilisoft ISO Maker (HKLM\...\Xilisoft ISO Maker) (Version: 1.0.21.0112 - Xilisoft)
Yet Another Zombie Defense (HKLM\...\Steam App 270550) (Version:  - Awesome Games Studio)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION
You Have to Win the Game (HKLM\...\Steam App 286100) (Version:  - Minor Key Games)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{22848257-6a2d-4d2a-8d56-c886d25b8b58}\InprocServer32 -> C:\Users\Jul\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Jul\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Jul\AppData\Roaming\moters\mentste.dll () <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{cbd32acd-3033-5dc4-af3e-a32955785032}\InprocServer32 -> C:\Users\Jul\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb.dll ()
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Jul\AppData\Local\Temp\f4f17353B0.exe No File
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

==================== Restore Points  =========================

03-02-2015 09:51:59 Windows Update

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0FE75F76-05CE-4C92-8F16-4321286179D1} - System32\Tasks\advSRS5 => C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-01-28] (SEC)
Task: {105CCC59-C844-479E-8E75-A0137BB80D96} - System32\Tasks\{049A1C24-D2D8-4567-9D6D-F8383BAB2C44} => pcalua.exe -a "C:\Program Files\Electronic Arts\Die Schlacht um Mittelerde II\extra_uninst.exe" -d "C:\Program Files\Electronic Arts\Die Schlacht um Mittelerde II"
Task: {1542D16C-E5F9-40A6-95D6-A4574B382F46} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {1AC19D3E-BCC1-4F79-98BF-B2D82A7DDC7C} - \zufap3002 No Task File <==== ATTENTION
Task: {21CBA4EA-F1FB-4D45-9AE5-FD9F0D058E27} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {2CF3ACEC-8748-4821-BC59-23F099383378} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {32CB7AE5-68B5-4228-96F5-3DA3AFB66F65} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {32F0DD72-0817-490A-A0B2-31823A06F504} - System32\Tasks\{0CCE2ECC-9086-44A1-82A3-8F5C6FC71B73} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{2551B1D3-30D3-409B-B905-751A70B26C03}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {353DD8CF-A31E-457C-A30B-73E39FDA367B} - System32\Tasks\{827E2852-7706-4B91-9EBE-DBEF32649C4A} => c:\program files\opera next\opera.exe [2012-07-09] (Opera Software)
Task: {398B32FA-7848-4FB1-8A83-20DEFBCE40BC} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {39C7300E-1ACA-4204-97CC-1CC243CB1B8C} - System32\Tasks\{D92DC94D-6E95-4A36-A1E2-365CA1106C24} => pcalua.exe -a E:\setup.exe -d E:\
Task: {4479EEFA-0A9E-4F38-8E46-B140635A481F} - \GS.Enabler-S-1824435291 No Task File <==== ATTENTION
Task: {5661A87A-EA9C-4989-8047-AEB64A1811D6} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel.exe [2010-11-15] (SRS Labs, Inc.)
Task: {65A65475-8924-4FAF-8505-545D14BE4FDD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {935DE525-6405-43B7-B56A-7C5AD2330D0A} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe
Task: {9C8BA281-4907-40DE-806C-9E582E7E43A6} - System32\Tasks\{696500DC-1ACD-4AD7-B092-4C9731F67AD6} => pcalua.exe -a "C:\Program Files\Maxis\SimCity 4\eauninstall.exe" -d "C:\Program Files\Maxis\SimCity 4"
Task: {AD2D0C22-8C7C-4A9F-845E-48069C5D3605} - System32\Tasks\WifiManager => C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {B53EC1DA-B551-4F80-9FAA-32D716ABAE92} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe
Task: {CDC268C6-9FD0-4E0B-979C-59A1A50607A6} - System32\Tasks\{9A380426-921D-4A51-8EEE-F4769519B85C} => pcalua.exe -a "C:\Program Files\Electronic Arts\Die Schlacht um Mittelerde II\EAUninstall.exe"
Task: {D1C20394-7C93-45C2-9ABC-3F7E4284F8AF} - System32\Tasks\{67E70911-626E-4DAC-B71A-413A8E801400} => pcalua.exe -a "E:\urban terror\unins000.exe" -d "E:\urban terror"
Task: {D8DEEB7E-769F-48D0-9286-4ADD61682A99} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe
Task: {E3C1D5A4-F5A1-4BFF-88A1-168BEF1A0AD3} - System32\Tasks\{378434CA-B7EE-44F1-A2F7-2DB1D6962527} => pcalua.exe -a C:\Users\Jul\Desktop\basic-miktex-2.9.4521.exe -d C:\Users\Jul\Desktop
Task: {E83B894C-BB09-45DA-8A2E-016EE395F50B} - System32\Tasks\AdobeAAMUpdater-1.0-Jul-01-Jul => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {EB804975-3CD0-421F-AE16-F0C25A85FD48} - System32\Tasks\OZTQSYNJ => C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe <==== ATTENTION
Task: {F536A8EA-9A6B-43C4-B70C-8570A38C27CE} - System32\Tasks\MTSO => C:\Users\Jul\AppData\Roaming\MTSO.exe <==== ATTENTION
Task: {F936E3B7-E1AC-48A3-BBAE-65E7CBEE2226} - System32\Tasks\sondhschedule => C:\Users\Jul\AppData\Roaming\Booster-Web\Booster-Web-Installer.exe [2015-01-27] ()
Task: {FC9F52B2-4770-4387-A152-286293AB3BE5} - System32\Tasks\NUB => C:\Users\Jul\AppData\Roaming\NUB.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GS.Enabler-S-1824435291.job => c:\programdata\house of soft\gs.enabler\GS.Enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\MTSO.job => C:\Users\Jul\AppData\Roaming\MTSO.exe <==== ATTENTION
Task: C:\Windows\Tasks\NUB.job => C:\Users\Jul\AppData\Roaming\NUB.exe <==== ATTENTION
Task: C:\Windows\Tasks\OZTQSYNJ.job => C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2014-10-03 01:01 - 2014-07-02 21:54 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-03 01:11 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2015-02-01 19:54 - 2015-01-27 17:31 - 00177808 _____ () C:\ProgramData\SecurityUtility\ColorMediaCrt.dll
2012-05-27 14:17 - 2014-09-13 21:25 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2012-05-05 19:38 - 2012-05-05 19:29 - 00244904 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2015-02-01 19:54 - 2015-01-30 16:02 - 00615936 _____ () C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe
2014-03-20 10:23 - 2014-03-20 10:23 - 00691360 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
2012-05-21 19:01 - 2012-02-17 19:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2014-10-07 21:27 - 2014-10-07 21:27 - 00117760 _____ () C:\Users\Jul\AppData\Roaming\moters\mentste.dll
2014-10-16 20:37 - 2014-10-16 20:37 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\17c296575fad30d021e6370dc70cf800\IsdiInterop.ni.dll
2012-05-05 11:52 - 2011-02-18 07:16 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2009-11-02 13:20 - 2009-11-02 13:20 - 00619816 _____ () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 13:23 - 2009-11-02 13:23 - 00013096 _____ () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2012-05-05 19:27 - 2006-08-12 11:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files\Steam\libavcodec-56.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files\Steam\libavformat-56.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2013-04-07 15:22 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files\Steam\SDL2.dll
2014-12-07 18:14 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files\Steam\v8.dll
2014-12-07 18:14 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files\Steam\icui18n.dll
2014-12-07 18:14 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files\Steam\icuuc.dll
2014-05-22 18:37 - 2015-02-06 23:03 - 02357952 _____ () C:\Program Files\Steam\video.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2013-04-07 15:22 - 2015-02-06 23:03 - 00701632 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2014-12-07 18:14 - 2015-02-06 23:03 - 03924160 _____ () C:\Program Files\Steam\bin\panorama\panorama.dll
2013-04-07 15:22 - 2015-02-06 23:03 - 00138432 _____ () C:\Program Files\Steam\bin\audio.dll
2013-04-07 15:22 - 2014-11-11 19:48 - 00071680 _____ () C:\Program Files\Steam\bin\mssmp3.asi
2013-07-15 13:17 - 2014-11-11 19:48 - 00153088 _____ () C:\Program Files\Steam\bin\mssvoice.asi
2015-02-01 20:34 - 2015-01-23 11:37 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00347328 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2014-04-20 01:42 - 2015-02-01 20:58 - 00642344 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-07-14 12:40 - 2014-12-08 14:06 - 36966968 _____ () C:\Users\Jul\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-14 12:40 - 2014-12-08 14:06 - 00374840 _____ () C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-07-14 12:44 - 2014-12-08 14:06 - 00867896 _____ () C:\Users\Jul\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-07-14 12:40 - 2014-12-08 14:06 - 00886840 _____ () C:\Users\Jul\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-07-14 12:40 - 2014-12-08 14:06 - 00108600 _____ () C:\Users\Jul\AppData\Roaming\Spotify\Data\libegl.dll
2013-04-07 15:22 - 2015-01-28 02:30 - 34641288 _____ () C:\Program Files\Steam\bin\libcef.dll
2014-08-14 22:02 - 2015-01-28 02:30 - 01709960 _____ () C:\Program Files\Steam\bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2741185204-2122887262-4188245074-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2741185204-2122887262-4188245074-1011 - Limited - Enabled)
Gast (S-1-5-21-2741185204-2122887262-4188245074-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2741185204-2122887262-4188245074-1003 - Limited - Enabled)
Jul (S-1-5-21-2741185204-2122887262-4188245074-1000 - Administrator - Enabled) => C:\Users\Jul
Stefan (S-1-5-21-2741185204-2122887262-4188245074-1004 - Administrator - Enabled) => C:\Users\Stefan

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/08/2015 01:42:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ColorMedia.exe, Version: 2.3.2.2, Zeitstempel: 0x54c1cd71
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x531599f6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0x4648
Startzeit der fehlerhaften Anwendung: 0xColorMedia.exe0
Pfad der fehlerhaften Anwendung: ColorMedia.exe1
Pfad des fehlerhaften Moduls: ColorMedia.exe2
Berichtskennung: ColorMedia.exe3

Error: (02/07/2015 06:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ColorMedia.exe, Version: 2.3.2.2, Zeitstempel: 0x54c1cd71
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x531599f6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0x804
Startzeit der fehlerhaften Anwendung: 0xColorMedia.exe0
Pfad der fehlerhaften Anwendung: ColorMedia.exe1
Pfad des fehlerhaften Moduls: ColorMedia.exe2
Berichtskennung: ColorMedia.exe3

Error: (02/06/2015 07:01:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29188

Error: (02/06/2015 07:01:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29188

Error: (02/06/2015 07:01:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/06/2015 07:01:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 28190

Error: (02/06/2015 07:01:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 28190

Error: (02/06/2015 07:01:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/06/2015 07:01:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27176

Error: (02/06/2015 07:01:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27176


System errors:
=============
Error: (02/08/2015 08:46:52 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (02/08/2015 08:24:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (02/08/2015 08:24:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (02/08/2015 08:24:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (02/08/2015 08:24:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (02/08/2015 08:24:20 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (02/08/2015 08:24:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (02/08/2015 08:24:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (02/08/2015 08:24:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (02/08/2015 08:24:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (02/08/2015 01:42:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ColorMedia.exe2.3.2.254c1cd71KERNELBASE.dll6.1.7601.18409531599f6e06d73630000812f464801d042fc5876446aC:\ProgramData\SecurityUtility\ColorMedia.exeC:\Windows\system32\KERNELBASE.dll51de9deb-af2b-11e4-ac9c-e811324622ab

Error: (02/07/2015 06:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ColorMedia.exe2.3.2.254c1cd71KERNELBASE.dll6.1.7601.18409531599f6e06d73630000812f80401d042caad197e9eC:\ProgramData\SecurityUtility\ColorMedia.exeC:\Windows\system32\KERNELBASE.dll6854bc80-aeef-11e4-ac9c-e811324622ab

Error: (02/06/2015 07:01:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29188

Error: (02/06/2015 07:01:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29188

Error: (02/06/2015 07:01:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/06/2015 07:01:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 28190

Error: (02/06/2015 07:01:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 28190

Error: (02/06/2015 07:01:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/06/2015 07:01:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27176

Error: (02/06/2015 07:01:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27176


CodeIntegrity Errors:
===================================
  Date: 2014-08-13 15:05:42.495
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.492
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.489
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.482
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.479
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.476
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.460
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.457
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.454
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.447
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 90%
Total physical RAM: 2868.49 MB
Available physical RAM: 260.68 MB
Total Pagefile: 5735.27 MB
Available Pagefile: 1266.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1868.99 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:275.86 GB) (Free:37.74 GB) NTFS
Drive d: (ACB) (CDROM) (Total:7.78 GB) (Free:0 GB) CDFS
Drive e: (INTENSO) (Fixed) (Total:1862.55 GB) (Free:932.32 GB) FAT32
Drive x: () (Network) (Total:917.07 GB) (Free:241.22 GB) 

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 3EC49987)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=275.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22.1 GB) - (Type=27)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 8A40FF20)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0C)

==================== End Of Log ============================

--- --- ---

cosinus · 10.02.2015, 23:18

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSS&chn=retail&geo=DE&ver=2014&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKU\.DEFAULT -> No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
Winsock: Catalog9 01 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 15 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" [Not Found]
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Jul\AppData\Roaming\moters\mentste.dll () <==== ATTENTION
Task: {1AC19D3E-BCC1-4F79-98BF-B2D82A7DDC7C} - \zufap3002 No Task File <==== ATTENTION
Task: {4479EEFA-0A9E-4F38-8E46-B140635A481F} - \GS.Enabler-S-1824435291 No Task File <==== ATTENTION
Task: {EB804975-3CD0-421F-AE16-F0C25A85FD48} - System32\Tasks\OZTQSYNJ => C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe <==== ATTENTION
Task: {F536A8EA-9A6B-43C4-B70C-8570A38C27CE} - System32\Tasks\MTSO => C:\Users\Jul\AppData\Roaming\MTSO.exe <==== ATTENTION
Task: {FC9F52B2-4770-4387-A152-286293AB3BE5} - System32\Tasks\NUB => C:\Users\Jul\AppData\Roaming\NUB.exe <==== ATTENTION
Task: C:\Windows\Tasks\GS.Enabler-S-1824435291.job => c:\programdata\house of soft\gs.enabler\GS.Enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\MTSO.job => C:\Users\Jul\AppData\Roaming\MTSO.exe <==== ATTENTION
Task: C:\Windows\Tasks\NUB.job => C:\Users\Jul\AppData\Roaming\NUB.exe <==== ATTENTION
Task: C:\Windows\Tasks\OZTQSYNJ.job => C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe <==== ATTENTION
C:\Windows\system32\ColorMedia.dll
C:\Windows\Tasks\MTSO.job
C:\Windows\Tasks\NUB.job
c:\programdata\house of soft
C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe
C:\Users\Jul\AppData\Roaming\MTSO.exe
C:\Users\Jul\AppData\Roaming\NUB.exe
EmptyTemp:
Hosts:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Zubato · 11.02.2015, 17:29

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-02-2015 01
Ran by Jul at 2015-02-11 16:59:59 Run:1
Running from C:\Users\Jul\Desktop\Gegen Ihn
Loaded Profiles: Jul (Available profiles: Jul & Stefan)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSS&chn=retail&geo=DE&ver=2014&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKU\.DEFAULT -> No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
Winsock: Catalog9 01 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
Winsock: Catalog9 15 C:\Windows\system32\ColorMedia.dll [301168] (CartCrunch Israel Ltd.)
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" [Not Found]
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Jul\AppData\Roaming\moters\mentste.dll () <==== ATTENTION
Task: {1AC19D3E-BCC1-4F79-98BF-B2D82A7DDC7C} - \zufap3002 No Task File <==== ATTENTION
Task: {4479EEFA-0A9E-4F38-8E46-B140635A481F} - \GS.Enabler-S-1824435291 No Task File <==== ATTENTION
Task: {EB804975-3CD0-421F-AE16-F0C25A85FD48} - System32\Tasks\OZTQSYNJ => C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe <==== ATTENTION
Task: {F536A8EA-9A6B-43C4-B70C-8570A38C27CE} - System32\Tasks\MTSO => C:\Users\Jul\AppData\Roaming\MTSO.exe <==== ATTENTION
Task: {FC9F52B2-4770-4387-A152-286293AB3BE5} - System32\Tasks\NUB => C:\Users\Jul\AppData\Roaming\NUB.exe <==== ATTENTION
Task: C:\Windows\Tasks\GS.Enabler-S-1824435291.job => c:\programdata\house of soft\gs.enabler\GS.Enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\MTSO.job => C:\Users\Jul\AppData\Roaming\MTSO.exe <==== ATTENTION
Task: C:\Windows\Tasks\NUB.job => C:\Users\Jul\AppData\Roaming\NUB.exe <==== ATTENTION
Task: C:\Windows\Tasks\OZTQSYNJ.job => C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe <==== ATTENTION
C:\Windows\system32\ColorMedia.dll
C:\Windows\Tasks\MTSO.job
C:\Windows\Tasks\NUB.job
c:\programdata\house of soft
C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe
C:\Users\Jul\AppData\Roaming\MTSO.exe
C:\Users\Jul\AppData\Roaming\NUB.exe
EmptyTemp:
Hosts:
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => Key deleted successfully.
HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key not found. 
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}" => Key deleted successfully.
HKCR\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => Key not found. 
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A13C2648-91D4-4BF3-BC6D-0079707C4389} => value deleted successfully.
HKCR\CLSID\{A13C2648-91D4-4BF3-BC6D-0079707C4389} => Key not found. 
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001" => Key deleted successfully.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002" => Key deleted successfully.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003" => Key deleted successfully.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004" => Key deleted successfully.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\ihenkjeihefokohmemphikjnjbmegdik" => Key deleted successfully.
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1AC19D3E-BCC1-4F79-98BF-B2D82A7DDC7C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AC19D3E-BCC1-4F79-98BF-B2D82A7DDC7C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\zufap3002" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4479EEFA-0A9E-4F38-8E46-B140635A481F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4479EEFA-0A9E-4F38-8E46-B140635A481F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GS.Enabler-S-1824435291" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EB804975-3CD0-421F-AE16-F0C25A85FD48}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB804975-3CD0-421F-AE16-F0C25A85FD48}" => Key deleted successfully.
C:\Windows\System32\Tasks\OZTQSYNJ => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OZTQSYNJ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F536A8EA-9A6B-43C4-B70C-8570A38C27CE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F536A8EA-9A6B-43C4-B70C-8570A38C27CE}" => Key deleted successfully.
C:\Windows\System32\Tasks\MTSO => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MTSO" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FC9F52B2-4770-4387-A152-286293AB3BE5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC9F52B2-4770-4387-A152-286293AB3BE5}" => Key deleted successfully.
C:\Windows\System32\Tasks\NUB => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NUB" => Key deleted successfully.
C:\Windows\Tasks\GS.Enabler-S-1824435291.job => Moved successfully.
C:\Windows\Tasks\MTSO.job => Moved successfully.
C:\Windows\Tasks\NUB.job => Moved successfully.
C:\Windows\Tasks\OZTQSYNJ.job => Moved successfully.
C:\Windows\system32\ColorMedia.dll => Moved successfully.
"C:\Windows\Tasks\MTSO.job" => File/Directory not found.
"C:\Windows\Tasks\NUB.job" => File/Directory not found.
"c:\programdata\house of soft" => File/Directory not found.
"C:\Users\Jul\AppData\Roaming\OZTQSYNJ.exe" => File/Directory not found.
"C:\Users\Jul\AppData\Roaming\MTSO.exe" => File/Directory not found.
"C:\Users\Jul\AppData\Roaming\NUB.exe" => File/Directory not found.
Hosts was reset successfully.
EmptyTemp: => Removed 12 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 17:16:42 ====

cosinus · 11.02.2015, 17:31

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

Zubato · 11.02.2015, 17:58

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-02-2015 01
Ran by Jul at 2015-02-11 17:51:44
Running from C:\Users\Jul\Desktop\Gegen Ihn
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aces Wild: Manic Brawling Action! (HKLM\...\Steam App 269230) (Version:  - Culture Attack Studio)
Active@ ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alan Wake (HKLM\...\Steam App 108710) (Version:  - Remedy Entertainment)
Aliens vs Predator Classic 2000 (HKLM\...\1207665883_is1) (Version: 2.0.0.22 - GOG.com)
Amnesia: A Machine for Pigs (HKLM\...\Steam App 239200) (Version:  - The Chinese Room)
Amnesia: The Dark Descent (HKLM\...\Steam App 57300) (Version:  - Frictional Games)
Among the Sleep (HKLM\...\Steam App 250620) (Version:  - Krillbite Studio)
Anna - Extended Edition (HKLM\...\Steam App 217690) (Version:  - Dreampainters)
Antichamber (HKLM\...\Steam App 219890) (Version:  - Alexander Bruce)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin’s Creed® III (HKLM\...\Steam App 208480) (Version:  - Ubisoft Montreal)
Assassin's Creed Brotherhood (HKLM\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Aufstieg des Hexenkönigs™ (HKLM\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version:  - )
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Awesomenauts (HKLM\...\Steam App 204300) (Version:  - Ronimo Games)
Bandicam (HKLM\...\Bandicam) (Version: 2.0.0.637 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)
Batman: Arkham Asylum (HKLM\...\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}) (Version: 1.0.0.0 - Eidos Interactive Limited)
Batman: Arkham City™ (HKLM\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (Version: 1.0.0000.131 - WB Games) Hidden
Batman: Arkham City™ (Version: 1.0.0003.131 - WB Games) Hidden
Batman™: Arkham Origins (HKLM\...\Steam App 209000) (Version:  - WB Games Montreal)
Batman™: Arkham Origins Blackgate - Deluxe Edition (HKLM\...\Steam App 267490) (Version:  - Armature Studio)
BattleBlock Theater (HKLM\...\Steam App 238460) (Version:  - The Behemoth)
Battlefield 3™ (HKLM\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Betrayer (HKLM\...\Steam App 243120) (Version:  - Blackpowder Games)
Binary Domain (HKLM\...\Steam App 203750) (Version:  - Devil's Details)
BioShock (HKLM\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM\...\Steam App 8870) (Version:  - Irrational Games)
BitTorrent (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\BitTorrent) (Version: 7.9.2.35704 - BitTorrent Inc.)
Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
Blue Satin Skin (HKLM\...\{B0C00181-ECF5-4124-A6DE-14EA663D4799}) (Version: 2.2.0 - Screaming Bee)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.60.48.55 - Broadcom Corporation)
Call of Juarez Gunslinger (HKLM\...\Steam App 204450) (Version:  - Techland)
Camtasia Studio 8 (HKLM\...\{19F81C0C-D0DB-453D-9C1C-AD26C4140E7E}) (Version: 8.4.0.1691 - TechSmith Corporation)
Canyon Capers (HKLM\...\Steam App 275490) (Version:  - Crazy Moo Games)
Cheat Engine 6.4 (HKLM\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cinema 4D version R12 (HKLM\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Connectify (HKLM\...\Connectify) (Version: 7.2.1.29658 - Connectify)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.61.3 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Craften Terminal 3.5.5 (HKLM\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.5.5 - Craften.de)
Cry of Fear (HKLM\...\Steam App 223710) (Version:  - Team Psykskallar)
Crysis (HKLM\...\Steam App 17300) (Version:  - Crytek)
Crysis Wars (HKLM\...\Steam App 17340) (Version:  - Crytek)
Curse (HKLM\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
CyberLink Media Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3806.02 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
Dead Island Riptide (HKLM\...\Steam App 216250) (Version:  - Techland)
Dead Island: Epidemic (HKLM\...\Steam App 222900) (Version:  - Stunlock Studios)
Deadlight (HKLM\...\Steam App 211400) (Version:  - Tequila Works, S.L.)
Die Schlacht um Mittelerde™ II (HKLM\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
Dishonored (HKLM\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DLC Quest (HKLM\...\Steam App 230050) (Version:  - Going Loud Studios)
Don't Starve (HKLM\...\Steam App 219740) (Version:  - Klei Entertainment)
doubleTwist Sync (HKLM\...\doubleTwist) (Version: 4.0.4.19767 - doubleTwist Corporation)
Dual-Core Optimizer (HKLM\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
EA Sports™ FIFA World (HKLM\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.0.0.47449 - Electronic Arts, Inc.)
Easy Content Share (HKLM\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
EAX4 Unified Redist (HKLM\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Eldritch (HKLM\...\Eldritch) (Version:  - )
Eldritch (HKLM\...\Steam App 252630) (Version:  - Minor Key Games)
ETDWare PS/2-X86 8.0.7.1_WHQL (HKLM\...\Elantech) (Version: 8.0.7.1 - ELAN Microelectronic Corp.)
Evolve (HKLM\...\Steam App 273350) (Version:  - Turtle Rock Studios)
Fantasy Voice Pack (HKLM\...\{8061C2C9-C2A3-4550-A3FC-585B646840CB}) (Version: 1.3.0 - Screaming Bee)
Far Cry 3 Blood Dragon (HKLM\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FEZ (HKLM\...\Steam App 224760) (Version:  - Polytron Corporation)
Fiesta Online DE (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\fiestaonline_de) (Version: 1.0.0.1 - Gamigo Games)
FIFA 11 (HKLM\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 13 (HKLM\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.8.0.0 - Electronic Arts)
Five Nights at Freddy's (HKLM\...\Steam App 319510) (Version:  - Scott Cawthon)
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Free YouTube Download version 3.2.39.604 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.39.604 - DVDVideoSoft Ltd.)
Free YouTube to iPhone Converter version 2.12.2.430 (HKLM\...\Free YouTube to iPhone Converter_is1) (Version: 2.12.2.430 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Galaxy Client (HKLM\...\{D6D1DA54-531F-4FA0-B683-CE66ACE3543F}_is1) (Version: 0.1.0.456 - GOG.com)
Game Cam 2.2 (HKLM\...\Game Cam) (Version: 2.2 - Planet Game Cam, Inc.)
GameSpy Comrade (HKLM\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Garry)
GCFScape 1.3.1 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Glyph (HKLM\...\Glyph) (Version:  - Trion Worlds, Inc.)
Gunpoint version v1.1 (HKLM\...\{B33EDF25-91DF-40FC-B2F7-FA19E3F0489F}}_is1) (Version: v1.1 - )
Happy Cloud Client (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\HappyCloud) (Version: 5.24 - Happy Cloud, Inc.)
HAWKEN (HKLM\...\Steam App 271290) (Version:  - Adhesive Games)
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Home (HKLM\...\Steam App 215670) (Version:  - Benjamin Rivers)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{E5360B00-4DEF-4F6E-8ED9-B2C31875D813}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
Indiana Jones and the Emperors Tomb (HKLM\...\{0DBF3265-57F1-4D8A-87EA-332B2A669BDE}) (Version:  - )
InfiniteCrisis_0B203096692B (HKLM\...\InfiniteCrisis_0B203096692B) (Version:  - Turbine, Inc)
InfiniteCrisis_6EDD581C692E (HKLM\...\InfiniteCrisis_6EDD581C692E) (Version:  - Turbine, Inc)
InfiniteCrisis_76B7D2EE4D73 (HKLM\...\InfiniteCrisis_76B7D2EE4D73) (Version:  - Turbine, Inc)
Insanely Twisted Shadow Planet (HKLM\...\Steam App 205730) (Version:  - Shadow Planet Productions)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Jazzpunk (HKLM\...\Steam App 250260) (Version:  - Necrophone Games)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kaspersky Internet Security (HKLM\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (Version: 15.0.0.463 - Kaspersky Lab) Hidden
Killing Floor (HKLM\...\Steam App 1250) (Version:  - Tripwire Interactive)
Knock-knock (HKLM\...\Steam App 250380) (Version:  - Ice-pick Lodge)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Legend of Grimrock (HKLM\...\Steam App 207170) (Version:  - Almost Human Games)
LEGO MARVEL Super Heroes (HKLM\...\Steam App 249130) (Version:  - Traveller's Tales)
LEGO® Batman™ 2: DC Super Heroes (HKLM\...\{4E2EA555-3DAE-4BE1-96BF-6A632ACFE8DE}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® Der Herr der Ringe™ (HKLM\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® Harry Potter™: Die Jahre 1-4 (HKLM\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games)
LEGO® Pirates of the Caribbean Das Videospiel (HKLM\...\{64958DA4-79D3-43FD-AF06-720DAD044F9E}) (Version: 1.0.0.0 - Disney Interactive Studios)
LEGO® Star Wars™: Die Komplette Saga (HKLM\...\InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}) (Version: 1.00.0000 - LucasArts)
LEGO® Star Wars™: The Complete Saga (Version: 1.00.0000 - LucasArts) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Mafia 2 version 1.0 (HKLM\...\{B3808FA6-2354-47D2-AC62-ECE7D1952E7E}_is1) (Version: 1.0 - Huaker)
Magicka: Wizard Wars (HKLM\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManiaPlanet (HKLM\...\ManiaPlanet_is1) (Version:  - Nadeo)
MassiveThirdAgeTranslator 3.1 (HKLM\...\MassiveThirdAgeTranslator 3.1) (Version: 3.1 - ecozone)
Max Payne 3 (HKLM\...\Steam App 204100) (Version:  - Rockstar)
Media Go (HKLM\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM\...\{73FA7631-3015-4EEC-A002-09488C47A07C}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.108.06300 (HKLM\...\{FC091743-5193-2B65-E49E-E03BC9E8B728}) (Version: 2.12.108.06300 - Sony)
Medieval II Total War (HKLM\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MilkShape 3D 1.8.4 (HKLM\...\MilkShape 3D 1.8.4) (Version: 1.8.4 - chUmbaLum sOft)
Montas (HKLM\...\Steam App 269350) (Version:  - Organic Humans)
MorphVOX Pro (HKLM\...\{A25A7B10-75EA-4208-AAF1-0E3841C444F1}) (Version: 4.3.3 - Screaming Bee)
Mount & Blade: Warband (HKLM\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
My Game Long Name (HKLM\...\UDK-5f3d63f7-bcb4-41d2-8abc-ca5e433e0d56) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-e9df117c-1a25-47d7-83ef-8f8b8dd82c26) (Version:  - Epic Games, Inc.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.44.2 - Black Tree Gaming)
Nidhogg (HKLM\...\TmlkaG9nZw==_is1) (Version: 1 - )
Norton Internet Security (Version: 18.1.0.37 - Symantec Corporation) Hidden
Notepad++ (HKLM\...\Notepad++) (Version: 6.1.5 - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.6123 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Octodad: Dadliest Catch (HKLM\...\Steam App 224480) (Version:  - Young Horses)
OlliOlli (HKLM\...\Steam App 274250) (Version:  - Roll7)
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.00 (HKLM\...\Opera 12.00.1467) (Version: 12.00.1467 - Opera Software ASA)
Opera Next 12.50 internal build 1497 (HKLM\...\Opera 12.50.1497) (Version: 12.50.1497 - Opera Software ASA)
Orcs Must Die! 2 (HKLM\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
osu! (HKLM\...\{2a4e052f-156b-41d3-84c5-1de2d1157670}) (Version: latest - ppy Pty Ltd)
Our Darker Purpose (HKLM\...\Steam App 262790) (Version:  - Avidly Wild Games)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Passing Pineview Forest (HKLM\...\Steam App 331120) (Version:  - VIS - Visual Imagination Software)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM\...\Steam App 24240) (Version:  - OVERKILL Software)
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Pepakura Viewer 3 (HKLM\...\pepakura_viewer3en) (Version:  - TamaSoftware)
Personality Voices (HKLM\...\{29C042AB-059B-414C-840E-94775E3F24A8}) (Version: 1.0.0 - Screaming Bee)
Pixsta (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Pokki_83453a3d886e527a470b5bb8291dd338de4b1e44) (Version: 2.5.3.4 - Pokki)
Pokki Download Helper (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM\...\Steam App 644) (Version:  - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raptr (HKLM\...\Raptr) (Version:  - )
Razer Game Booster (HKLM\...\Razer Game Booster_is1) (Version: 4.0.68.0 - Razer Inc.)
Razer Surround (HKLM\...\Razer Surround) (Version: 1.04.07 - Razer Inc.)
Really Big Sky (HKLM\...\Steam App 201570) (Version:  - Boss Baddie)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.33.1125.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6246 - Realtek Semiconductor Corp.)
Receiver (HKLM\...\Steam App 234190) (Version:  - Wolfire Games)
Reus (HKLM\...\Steam App 222730) (Version:  - Abbey Games)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Risen 2 - Dark Waters (HKLM\...\Steam App 40390) (Version:  - Piranha Bytes)
Risk of Rain (HKLM\...\Steam App 248820) (Version:  - )
Rockstar Games Social Club (HKLM\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
S4 League_EU (HKLM\...\{D4B85288-879E-4D57-B4CD-9303A75DF301}) (Version: 1.00.0000 - )
Saints Row: The Third (HKLM\...\Steam App 55230) (Version:  - Volition)
Samsung Recovery Solution 5 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.2.4 - Samsung)
Sanctum 2 (HKLM\...\Steam App 210770) (Version:  - Coffee Stain Studios)
Scribblenauts Unmasked (HKLM\...\Steam App 249870) (Version:  - 5th Cell Media)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slender: The Arrival (HKLM\...\Steam App 252330) (Version:  - Blue Isle Studios)
Smite (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.0.2573.3 - Hi-Rez Studios)
Sniper Elite V2 (HKLM\...\Steam App 63380) (Version:  - Rebellion)
SOE Web Installer (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
Sonos Controller (HKLM\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 17.5.51200 - Sonos, Inc.)
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.7.201405202226 - Sony Mobile Communications AB)
Sony PC Companion 2.10.245 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.245 - Sony)
Source SDK (HKLM\...\Steam App 211) (Version:  - Valve)
Space Engineers (HKLM\...\Steam App 244850) (Version:  - )
Spider-Man(TM) - Web of Shadows 1.1 Patch (Version:  - ) Hidden
Spotify (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.0301 - SRS Labs, Inc.)
Star Wars Battlefront II (HKLM\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars Republic Commando (HKLM\...\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}) (Version: 1.0 - )
Star Wars®: Knights of the Old Republic (TM) (HKLM\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version:  - )
Starbound (HKLM\...\Steam App 211820) (Version:  - )
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
streamWriter (HKLM\...\streamWriter_is1) (Version:  - )
Super Meat Boy (HKLM\...\Steam App 40800) (Version:  - Team Meat)
Surgeon Simulator 2013 (HKLM\...\Steam App 233720) (Version:  - Bossa Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.22.0 - Synaptics Incorporated)
Synthesia (HKLM\...\Synthesia) (Version: 8.5 - Synthesia LLC)
Tales from Space: Mutant Blobs Attack (HKLM\...\Steam App 206370) (Version:  - DrinkBox Studios)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.17396 - TeamViewer)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
TeXnicCenter Version 1 Beta 7.01 (Greengrass) (HKLM\...\TeXnicCenter_is1) (Version: Version 1 Beta 7.01 - TeXnicCenter.org)
The Binding of Isaac (HKLM\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Bridge (HKLM\...\Steam App 204240) (Version:  - Ty Taylor and Mario Castañeda)
The Cat Lady (HKLM\...\Steam App 253110) (Version:  - Harvester Games)
The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version PLus UPDATE 10 1.00 (HKLM\...\The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version PLus UPDATE 10 1.00) (Version:  - )
The Elder Scrolls V Skyrim Dragonborn DLC Deutsche Version 1.00 (HKLM\...\The Elder Scrolls V Skyrim Dragonborn DLC Deutsche Version 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
The Elder Scrolls V Skyrim Update 11 (1.8.151.0.7) Deutsche Version 1.00 (HKLM\...\The Elder Scrolls V Skyrim Update 11 (1.8.151.0.7) Deutsche Version 1.00) (Version:  - )
The Evil Within Demo (HKLM\...\Steam App 329960) (Version:  - Tango Gameworks)
The Lord of the Rings - Conquest (HKLM\...\The Lord of the Rings - Conquest_is1) (Version:  - )
The Novelist (HKLM\...\Steam App 245150) (Version:  - Orthogonal Games)
The Ship (HKLM\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Sims 2: Ultimate Collection (HKLM\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Swapper (HKLM\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Train 1.0 (HKLM\...\The Train 1.0) (Version: 1.0 - Cat-A-Cat)
Thief - Deadly Shadows (HKLM\...\{FC123EEA-330A-4685-911C-95B8F5E9DE68}) (Version: 1.0 - )
Thief (HKLM\...\Steam App 239160) (Version:  - Eidos-Montréal)
Third Age - Total War 3.0 (Part 1of2) (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
Titan Quest (HKLM\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Tom Clancy's Splinter Cell Conviction v1.04 (HKLM\...\Tom Clancy's Splinter Cell Conviction_is1) (Version:  - Spieler)
Tomb Raider (HKLM\...\Steam App 203160) (Version:  - Crystal Dynamics)
Torchlight II (HKLM\...\Steam App 200710) (Version:  - Runic Games)
Total War: ROME II - Emperor Edition (HKLM\...\Steam App 214950) (Version:  - Creative Assembly)
Tower of Guns (HKLM\...\Steam App 266110) (Version:  - Terrible Posture Games)
TrackMania Nations Forever (HKLM\...\Steam App 11020) (Version:  - Nadeo)
TreeSize Free V2.7 (HKLM\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Tunatic (HKLM\...\Tunatic) (Version:  - )
Tunngle - Brio HD Skin Version 1.0 (HKLM\...\{FE600607-335B-4CC2-A50D-90EECE0356ED}_is1) (Version: 1.0 - Brioche for the Tunngle.Net Community)
Tunngle Version Tunngle (HKLM\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Two Worlds II (HKLM\...\Two Worlds II) (Version: 1.3.0.0 - )
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ubuntu (HKLM\...\Wubi) (Version: 12.04.1-rev273 - Ubuntu)
Unity Web Player (HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-9f1c6fcf-0541-47e3-bb42-0f85fbc9e43d) (Version:  - Epic Games, Inc.)
Update 2.0.11.0 for "Men of War: Assault Squad" (HKLM\...\{D8B5C1BB-5951-422D-A4D5-451675614956}_update2.0.11.0) (Version: 2.0.11.0 - )
Uplay (HKLM\...\Uplay) (Version: 2.0 - Ubisoft)
Velvet Assassin (HKLM\...\Steam App 16720) (Version:  - Replay Studios)
Vertical Drop Heroes HD (HKLM\...\Steam App 311480) (Version:  - Nerdook Productions)
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VTFEdit 1.2.5 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wanderlust: Rebirth (HKLM\...\Steam App 211580) (Version:  - Yeti Trunk)
Warlock - Master of the Arcane (HKLM\...\Steam App 203630) (Version:  - Ino-Co Plus)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net  (03/11/2013 10.0.0.234) (HKLM\...\99C882A44FD971DC797FE21420A3099DECE89966) (Version: 03/11/2013 10.0.0.234 - Qualcomm Atheros Communications Inc.)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. Net  (03/11/2013 10.0.0.234) (HKLM\...\9F26BE7C257739D7488254A1B5CBFE820E44E902) (Version: 03/11/2013 10.0.0.234 - Qualcomm Atheros Communications Inc.)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)
Xilisoft ISO Maker (HKLM\...\Xilisoft ISO Maker) (Version: 1.0.21.0112 - Xilisoft)
Yet Another Zombie Defense (HKLM\...\Steam App 270550) (Version:  - Awesome Games Studio)
You Have to Win the Game (HKLM\...\Steam App 286100) (Version:  - Minor Key Games)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{22848257-6a2d-4d2a-8d56-c886d25b8b58}\InprocServer32 -> C:\Users\Jul\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Jul\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{cbd32acd-3033-5dc4-af3e-a32955785032}\InprocServer32 -> C:\Users\Jul\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb.dll ()
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Jul\AppData\Local\Temp\f4f17353B0.exe No File
CustomCLSID: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-02-11 17:00 - 2015-02-11 17:00 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0FE75F76-05CE-4C92-8F16-4321286179D1} - System32\Tasks\advSRS5 => C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-01-28] (SEC)
Task: {105CCC59-C844-479E-8E75-A0137BB80D96} - System32\Tasks\{049A1C24-D2D8-4567-9D6D-F8383BAB2C44} => pcalua.exe -a "C:\Program Files\Electronic Arts\Die Schlacht um Mittelerde II\extra_uninst.exe" -d "C:\Program Files\Electronic Arts\Die Schlacht um Mittelerde II"
Task: {1542D16C-E5F9-40A6-95D6-A4574B382F46} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {21CBA4EA-F1FB-4D45-9AE5-FD9F0D058E27} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {2CF3ACEC-8748-4821-BC59-23F099383378} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {32CB7AE5-68B5-4228-96F5-3DA3AFB66F65} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {32F0DD72-0817-490A-A0B2-31823A06F504} - System32\Tasks\{0CCE2ECC-9086-44A1-82A3-8F5C6FC71B73} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{2551B1D3-30D3-409B-B905-751A70B26C03}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {353DD8CF-A31E-457C-A30B-73E39FDA367B} - System32\Tasks\{827E2852-7706-4B91-9EBE-DBEF32649C4A} => c:\program files\opera next\opera.exe [2012-07-09] (Opera Software)
Task: {398B32FA-7848-4FB1-8A83-20DEFBCE40BC} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {39C7300E-1ACA-4204-97CC-1CC243CB1B8C} - System32\Tasks\{D92DC94D-6E95-4A36-A1E2-365CA1106C24} => pcalua.exe -a E:\setup.exe -d E:\
Task: {5661A87A-EA9C-4989-8047-AEB64A1811D6} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel.exe [2010-11-15] (SRS Labs, Inc.)
Task: {65A65475-8924-4FAF-8505-545D14BE4FDD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {935DE525-6405-43B7-B56A-7C5AD2330D0A} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe
Task: {9C8BA281-4907-40DE-806C-9E582E7E43A6} - System32\Tasks\{696500DC-1ACD-4AD7-B092-4C9731F67AD6} => pcalua.exe -a "C:\Program Files\Maxis\SimCity 4\eauninstall.exe" -d "C:\Program Files\Maxis\SimCity 4"
Task: {AD2D0C22-8C7C-4A9F-845E-48069C5D3605} - System32\Tasks\WifiManager => C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {B53EC1DA-B551-4F80-9FAA-32D716ABAE92} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe
Task: {CDC268C6-9FD0-4E0B-979C-59A1A50607A6} - System32\Tasks\{9A380426-921D-4A51-8EEE-F4769519B85C} => pcalua.exe -a "C:\Program Files\Electronic Arts\Die Schlacht um Mittelerde II\EAUninstall.exe"
Task: {D1C20394-7C93-45C2-9ABC-3F7E4284F8AF} - System32\Tasks\{67E70911-626E-4DAC-B71A-413A8E801400} => pcalua.exe -a "E:\urban terror\unins000.exe" -d "E:\urban terror"
Task: {D8DEEB7E-769F-48D0-9286-4ADD61682A99} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe
Task: {E3C1D5A4-F5A1-4BFF-88A1-168BEF1A0AD3} - System32\Tasks\{378434CA-B7EE-44F1-A2F7-2DB1D6962527} => pcalua.exe -a C:\Users\Jul\Desktop\basic-miktex-2.9.4521.exe -d C:\Users\Jul\Desktop
Task: {E83B894C-BB09-45DA-8A2E-016EE395F50B} - System32\Tasks\AdobeAAMUpdater-1.0-Jul-01-Jul => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {F936E3B7-E1AC-48A3-BBAE-65E7CBEE2226} - System32\Tasks\sondhschedule => C:\Users\Jul\AppData\Roaming\Booster-Web\Booster-Web-Installer.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2014-10-03 01:01 - 2014-07-02 21:54 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-03 01:11 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2012-05-27 14:17 - 2014-09-13 21:25 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2012-05-05 19:38 - 2012-05-05 19:29 - 00244904 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-03-20 10:23 - 2014-03-20 10:23 - 00691360 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll
2012-05-05 19:27 - 2006-08-12 11:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2009-11-02 13:20 - 2009-11-02 13:20 - 00619816 _____ () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 13:23 - 2009-11-02 13:23 - 00013096 _____ () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2012-05-05 13:37 - 2011-09-08 18:40 - 01645056 _____ () C:\Program Files\Samsung\Samsung Recovery Solution 5\Resdll.dll
2014-10-16 20:37 - 2014-10-16 20:37 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\17c296575fad30d021e6370dc70cf800\IsdiInterop.ni.dll
2012-05-05 11:52 - 2011-02-18 07:16 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00783360 _____ () C:\Program Files\Opera Next\gstreamer\gstreamer.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00098816 _____ () C:\Program Files\Opera Next\gstreamer\plugins\gstaudioconvert.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00098816 _____ () C:\Program Files\Opera Next\gstreamer\plugins\gstaudioresample.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00064000 _____ () C:\Program Files\Opera Next\gstreamer\plugins\gstautodetect.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00099840 _____ () C:\Program Files\Opera Next\gstreamer\plugins\gstcoreplugins.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00068608 _____ () C:\Program Files\Opera Next\gstreamer\plugins\gstdecodebin2.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00076800 _____ () C:\Program Files\Opera Next\gstreamer\plugins\gstdirectsound.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00168448 _____ () C:\Program Files\Opera Next\gstreamer\plugins\gstffmpegcolorspace.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00316928 _____ () C:\Program Files\Opera Next\gstreamer\plugins\gstoggdec.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00045568 _____ () C:\Program Files\Opera Next\gstreamer\plugins\gsttypefindfunctions.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00046592 _____ () C:\Program Files\Opera Next\gstreamer\plugins\gstwaveform.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00078336 _____ () C:\Program Files\Opera Next\gstreamer\plugins\gstwavparse.dll
2012-07-04 21:46 - 2012-07-09 11:02 - 00276480 _____ () C:\Program Files\Opera Next\gstreamer\plugins\gstwebmdec.dll
2015-02-05 13:59 - 2015-02-05 13:59 - 16852144 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files\Steam\libavcodec-56.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files\Steam\libavformat-56.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2013-04-07 15:22 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files\Steam\SDL2.dll
2014-12-07 18:14 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files\Steam\v8.dll
2014-12-07 18:14 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files\Steam\icui18n.dll
2014-12-07 18:14 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files\Steam\icuuc.dll
2014-05-22 18:37 - 2015-02-11 01:06 - 02356928 _____ () C:\Program Files\Steam\video.dll
2014-08-29 20:22 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2013-04-07 15:22 - 2015-02-11 01:05 - 00702656 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2013-04-07 15:22 - 2015-01-28 02:30 - 34641288 _____ () C:\Program Files\Steam\bin\libcef.dll
2014-08-14 22:02 - 2015-01-28 02:30 - 01709960 _____ () C:\Program Files\Steam\bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2741185204-2122887262-4188245074-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2741185204-2122887262-4188245074-1011 - Limited - Enabled)
Gast (S-1-5-21-2741185204-2122887262-4188245074-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2741185204-2122887262-4188245074-1003 - Limited - Enabled)
Jul (S-1-5-21-2741185204-2122887262-4188245074-1000 - Administrator - Enabled) => C:\Users\Jul
Stefan (S-1-5-21-2741185204-2122887262-4188245074-1004 - Administrator - Enabled) => C:\Users\Stefan

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/11/2015 01:28:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/10/2015 11:01:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (02/11/2015 05:24:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (02/11/2015 05:24:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (02/11/2015 05:24:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (02/11/2015 05:24:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (02/11/2015 05:24:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (02/11/2015 05:24:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (02/11/2015 05:24:53 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (02/11/2015 05:24:53 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (02/11/2015 05:24:53 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (02/11/2015 05:24:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (02/11/2015 01:28:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe

Error: (02/10/2015 11:01:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe


CodeIntegrity Errors:
===================================
  Date: 2014-08-13 15:05:42.495
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.492
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.489
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.482
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.479
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.476
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.460
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.457
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.454
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:05:42.447
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 64%
Total physical RAM: 2868.49 MB
Available physical RAM: 1011.59 MB
Total Pagefile: 5735.27 MB
Available Pagefile: 2813.67 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:275.86 GB) (Free:52.95 GB) NTFS
Drive d: (ACB) (CDROM) (Total:7.78 GB) (Free:0 GB) CDFS
Drive e: (INTENSO) (Fixed) (Total:1862.55 GB) (Free:932.85 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 3EC49987)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=275.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22.1 GB) - (Type=27)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 8A40FF20)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0C)

==================== End Of Log ============================

--- --- ---

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-02-2015 01
Ran by Jul (administrator) on JUL-01 on 11-02-2015 17:50:03
Running from C:\Users\Jul\Desktop\Gegen Ihn
Loaded Profiles: Jul (Available profiles: Jul & Stefan)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Razer Inc.) C:\Program Files\Razer\Razer Game Booster\RzKLService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Spotify Ltd) C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(streamwriter.org) C:\Program Files\streamWriter\streamwriter.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files\Opera Next\opera.exe
(Opera Software) C:\Program Files\Opera Next\pluginwrapper\opera_plugin_wrapper.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9874024 2010-11-16] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1806728 2010-08-30] (ELAN Microelectronics Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1770792 2010-05-20] (Synaptics Incorporated)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM\...\Run: [RemoteControl10] => C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM\...\Run: [ChicoSys] => C:\Windows\system32\cc32\webtmr.exe [5992896 2009-07-14] (Salfeld Computer)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [4928512 2010-07-07] (Broadcom Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3813200 2014-01-23] (LogMeIn Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [Raptr] => C:\Program Files\Raptr\raptrstub.exe [55568 2015-01-30] (Raptr, Inc)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [RGSC] => C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [SkypeVoiceChanger] => C:\Program Files\AthTek\Voice Changer for Skype\SkypeVoiceChanger.exe /auto
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [MailRuUpdater] => C:\Users\Jul\AppData\Local\MailRu\MailRuUpdater.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Run: [Spotify Web Helper] => C:\Users\Jul\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-08] (Spotify Ltd)
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {054dd5e1-af97-11e3-9437-9b94ad7f775b} - F:\Startme.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {5aa476c5-bd20-11e1-af23-e811324622ab} - F:\Launcher.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {832b2e42-96ac-11e1-a9af-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {9c0303b7-be8b-11e1-8911-e811324622ab} - F:\Launcher.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {b2466843-f486-11e3-a8c2-e811324622ab} - F:\Startme.exe
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\...\MountPoints2: {ec4c2c5b-31a1-11e3-a38a-8a2832f57e22} - E:\windows\Data\setup.exe
HKU\S-1-5-18\...\Run: [CCWinTray] => C:\Windows\tray\wintmr.exe [6107072 2009-07-14] (Salfeld Computer)
AppInit_DLLs: c:\windows\system32\nvinit.dll => c:\windows\system32\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs:  c:\windows\system32\nvinit.dll => c:\windows\system32\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinit.dll => C:\Windows\system32\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\streamWriter.lnk
ShortcutTarget: streamWriter.lnk -> C:\Program Files\streamWriter\streamwriter.exe (streamwriter.org)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-2741185204-2122887262-4188245074-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.mail.ru/?ieverfix=1&fr=ieverfix_sg
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> {310E121A-788D-4D56-94F0-AFC6468A7852} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> {5BCDEDD9-641B-4373-830C-8F6997D12DBC} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2741185204-2122887262-4188245074-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?q={SearchTerms}&ieverfix=1&fr=ieverfix_dse
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI_v415.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin: @kaspersky.com/online_banking -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin: @kaspersky.com/virtual_keyboard -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files\OnLive\Plugin\npolgdet.dll No File
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Jul\AppData\LocalLow\Sony Online Entertainment\npsoe.dll No File
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: electronicarts.com/GameFacePlugin -> C:\Users\Jul\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-2741185204-2122887262-4188245074-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Adblock Plus - C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\nes3ylsu.default-1422974112608\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-03]
FF Extension: myCoups - C:\Program Files\Mozilla Firefox\extensions\agjqcacdnhemgjev@hclmgodt.org [2013-01-27]
FF HKLM\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.6.0.73\coFFFw
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions:  - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-02-01]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-02-01]

Chrome: 
=======
CHR Profile: C:\Users\Jul\AppData\Local\Google\Chrome\User Data\Default

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S3 Connectify; C:\Program Files\Connectify\ConnectifyService.exe [487936 2013-12-23] (Connectify) [File not signed]
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [107552 2014-06-22] (EasyAntiCheat Ltd)
S3 GalaxyService; C:\Program Files\GalaxyClient\GalaxyService.exe [2191648 2014-09-18] (GOG.com)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1677136 2014-01-23] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-09] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-12-13] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [17536800 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2014-12-07] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-09-13] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2012-05-05] () [File not signed]
R2 RzKLService; C:\Program Files\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [3665408 2013-09-18] (A-Volute) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [4261888 2010-07-07] (Broadcom Corporation) [File not signed]
S3 Futuremark SystemInfo Service; "C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe" [X]
S2 SecurityUtility Service; C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe -p "Covus" -c "Covus_Coupons" -s "CCC9" -i "1952011" -g "" [X]
S2 ZAtheros Wlan Agent; C:\Program Files\Atheros\Ath_WlanAgent.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [295432 2010-01-20] (Protect Software GmbH)
S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [143360 2012-07-17] (Windows (R) Win 7 DDK provider)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2910720 2012-05-01] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2012-05-06] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18496 2010-07-07] (Broadcom Corporation)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [29672 2014-01-09] (Connectify)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-05-27] (DT Soft Ltd)
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [100744 2010-08-30] (ELAN Microelectronics Corp.)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135264 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112136 2015-02-02] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [34400 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [644808 2015-02-02] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24672 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145888 2014-03-26] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-05-06] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [28120 2014-07-02] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [33016 2013-09-18] (Windows (R) Win 7 DDK provider)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [25896 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [23840 2007-08-08] (RapidSolution Software AG)
R3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34384 2009-11-25] (Screaming Bee LLC)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-06-23] (Duplex Secure Ltd.)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-04-07] (Symantec Corporation)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [20664 2012-07-20] (Hajo Krabbenhöft)
S3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x32.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [X]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]
S3 XDva402; \??\C:\Windows\system32\XDva402.sys [X]
S3 XDva404; \??\C:\Windows\system32\XDva404.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 21:03 - 2015-02-10 21:11 - 00000000 ____D () C:\AdwCleaner
2015-02-10 20:40 - 2015-02-10 20:40 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\InstallShield
2015-02-10 17:39 - 2015-02-10 17:39 - 00000000 ____D () C:\Users\Jul\Downloads\RevoUninstallerPortable
2015-02-10 17:38 - 2015-02-10 17:39 - 02785665 _____ (PortableApps.com) C:\Users\Jul\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2015-02-10 17:06 - 2015-02-10 17:06 - 00000000 ____D () C:\Users\Jul\AppData\Local\VS Revo Group
2015-02-10 17:03 - 2015-02-10 17:03 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-02-10 17:03 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-02-10 17:01 - 2015-02-10 17:02 - 10801480 _____ (VS Revo Group ) C:\Users\Jul\Downloads\RevoUninProSetup.exe
2015-02-08 21:55 - 2015-02-09 16:25 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1E6B3B9F.sys
2015-02-08 21:43 - 2015-02-11 17:50 - 00000000 ____D () C:\FRST
2015-02-08 21:40 - 2015-02-11 17:50 - 00000000 ____D () C:\Users\Jul\Desktop\Gegen Ihn
2015-02-08 21:37 - 2015-02-08 21:37 - 00050477 _____ () C:\Users\Jul\Downloads\Defogger(1).exe
2015-02-08 00:12 - 2015-02-08 12:46 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-02-06 22:36 - 2015-02-06 22:36 - 00000578 _____ () C:\Users\Jul\Downloads\defogger_disable.log
2015-02-06 22:36 - 2015-02-06 22:36 - 00000020 _____ () C:\Users\Jul\defogger_reenable
2015-02-05 19:03 - 2015-02-05 19:03 - 00002403 _____ () C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixsta.lnk
2015-02-05 19:02 - 2015-02-05 19:02 - 02756424 _____ (Pokki) C:\Users\Jul\Downloads\PokkiInstaller (2).exe
2015-02-05 19:01 - 2015-02-05 19:01 - 00002276 _____ () C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-05 19:00 - 2015-02-05 19:00 - 00002105 _____ () C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
2015-02-05 18:48 - 2015-02-05 18:48 - 02756424 _____ (Pokki) C:\Users\Jul\Downloads\PokkiInstaller.exe
2015-02-05 18:47 - 2015-02-10 16:42 - 00000000 ____D () C:\Users\Jul\AppData\Local\Pokki
2015-02-05 18:47 - 2015-02-05 18:47 - 00796936 _____ (Pokki) C:\Users\Jul\Downloads\Pokki_PixstaSetup.exe
2015-02-05 17:44 - 2015-02-05 17:44 - 00000000 ____D () C:\Users\Jul\AppData\Local\Steam
2015-02-05 14:09 - 2015-02-05 14:09 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\514D6CB0.sys
2015-02-02 17:48 - 2015-02-11 17:21 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 17:46 - 2015-02-02 17:47 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-02-02 17:46 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-02 17:46 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-02 17:46 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-02 17:18 - 2015-02-02 17:18 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-02-02 15:19 - 2015-02-02 15:19 - 00018475 _____ () C:\Users\Jul\Downloads\saints-row-the-third-wallpaper-1600x900.shtml
2015-02-02 15:10 - 2015-02-02 15:10 - 00000000 ____D () C:\Users\Jul\AppData\Local\Pirates
2015-02-02 15:09 - 2015-02-02 15:09 - 00000000 ____D () C:\Users\Jul\AppData\Local\Sparta
2015-02-01 21:00 - 2015-02-01 21:17 - 35648512 _____ () C:\Users\Jul\Downloads\PhysX-9.12.0613-SystemSoftware.msi
2015-02-01 20:52 - 2015-02-01 20:52 - 00000000 ____D () C:\Users\Jul\AppData\Local\Macromedia
2015-02-01 20:50 - 2015-02-01 20:50 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Sony Network Entertainment International LLC
2015-02-01 20:49 - 2015-02-01 20:49 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-02-01 20:49 - 2015-02-01 20:49 - 00000000 ____D () C:\Program Files\Kaspersky Lab
2015-02-01 20:48 - 2015-02-02 12:37 - 00644808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-02-01 20:48 - 2015-02-02 12:37 - 00112136 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-02-01 20:48 - 2014-04-10 17:25 - 00034400 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-02-01 20:35 - 2015-02-01 20:35 - 00000000 ____D () C:\Users\Jul\AppData\Local\Mozilla
2015-02-01 19:44 - 2015-02-02 17:19 - 00000000 ____D () C:\Program Files\TabNav
2015-02-01 19:26 - 2015-02-01 19:26 - 00000000 ____D () C:\Windows\81C42533F5A846CE9013ECF783A4CBD4.TMP
2015-01-25 17:12 - 2015-01-25 17:12 - 00002086 _____ () C:\Users\Jul\AppData\Roaming\NUB
2015-01-25 17:12 - 2015-01-25 17:12 - 00001248 _____ () C:\Users\Jul\AppData\Roaming\OZTQSYNJ
2015-01-25 17:12 - 2015-01-25 17:12 - 00001248 _____ () C:\Users\Jul\AppData\Roaming\MTSO
2015-01-24 17:57 - 2015-01-24 17:57 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\LolClient
2015-01-15 15:30 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 15:30 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 15:30 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-15 15:30 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-15 15:30 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-15 15:30 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 22:55 - 2015-01-16 20:42 - 00000000 ____D () C:\Users\Jul\Documents\MuseScore
2015-01-13 22:26 - 2015-01-13 22:26 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\MusE
2015-01-13 22:26 - 2015-01-13 22:26 - 00000000 ____D () C:\Users\Jul\AppData\Local\MusE
2015-01-13 21:29 - 2015-01-13 21:29 - 00000000 ____D () C:\Program Files\MuseScore

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 17:39 - 2012-05-04 20:23 - 01175694 _____ () C:\Windows\WindowsUpdate.log
2015-02-11 17:33 - 2014-09-05 20:57 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\streamWriter
2015-02-11 17:33 - 2012-05-05 13:34 - 00000000 ____D () C:\Program Files\Steam
2015-02-11 17:29 - 2009-07-14 05:34 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-11 17:29 - 2009-07-14 05:34 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-11 17:25 - 2013-12-03 17:25 - 00000000 ____D () C:\Users\Jul\AppData\Local\LogMeIn Hamachi
2015-02-11 17:23 - 2015-01-04 19:13 - 00000013 _____ () C:\NET.INI
2015-02-11 17:23 - 2014-10-21 14:02 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Raptr
2015-02-11 17:23 - 2014-09-05 20:57 - 00000000 ____D () C:\Program Files\streamWriter
2015-02-11 17:20 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-11 17:20 - 2009-07-14 05:39 - 00206797 _____ () C:\Windows\setupact.log
2015-02-11 17:16 - 2014-07-14 12:39 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Spotify
2015-02-11 17:02 - 2012-05-06 00:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-11 17:00 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-02-11 16:57 - 2014-07-14 12:40 - 00000000 ____D () C:\Users\Jul\AppData\Local\Spotify
2015-02-11 16:20 - 2014-12-17 07:31 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2015-02-10 21:24 - 2012-05-12 00:03 - 00000000 ____D () C:\Users\Jul\AppData\Local\CrashDumps
2015-02-10 20:45 - 2012-05-05 19:56 - 02194334 _____ () C:\Windows\PFRO.log
2015-02-10 20:14 - 2013-04-15 19:34 - 00002552 _____ () C:\Windows\fpuninstall.log
2015-02-10 20:13 - 2014-11-28 22:29 - 00000000 ____D () C:\UDK
2015-02-10 20:12 - 2012-05-05 13:34 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-02-09 20:46 - 2013-12-18 07:19 - 00000000 ____D () C:\Users\Jul\Documents\Schule
2015-02-09 19:22 - 2012-05-07 16:14 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Skype
2015-02-08 20:00 - 2014-10-20 13:30 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Curse Client
2015-02-08 19:37 - 2014-05-23 16:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-02-07 15:39 - 2012-05-05 07:21 - 00000000 ____D () C:\Users\Jul
2015-02-05 13:59 - 2012-05-06 00:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 13:59 - 2012-05-06 00:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 13:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Help
2015-02-03 14:44 - 2014-11-06 19:08 - 00000000 ____D () C:\Users\Jul\Desktop\Spiele
2015-02-02 20:54 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\twain_32
2015-02-02 17:19 - 2013-10-03 19:59 - 00000000 ____D () C:\Program Files\Ss_Helper
2015-02-02 15:13 - 2013-08-23 20:39 - 00000000 ____D () C:\Program Files\Google
2015-02-02 15:10 - 2012-09-15 07:11 - 00000000 ____D () C:\Users\Jul\AppData\Local\Google
2015-02-01 20:35 - 2012-10-23 17:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-01 19:26 - 2012-06-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-02-01 19:26 - 2012-05-11 23:44 - 00000000 ____D () C:\Users\Jul\Documents\My Games
2015-02-01 19:26 - 2012-05-05 20:19 - 00307239 _____ () C:\Windows\DirectX.log
2015-02-01 16:11 - 2013-05-24 17:58 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\TS3Client
2015-01-31 15:42 - 2014-05-23 16:22 - 00000000 ____D () C:\Users\Jul\AppData\Local\Thunderbird
2015-01-31 13:45 - 2014-10-21 14:02 - 00000000 ____D () C:\Program Files\Raptr
2015-01-30 21:25 - 2014-07-27 22:39 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Bioshock
2015-01-30 16:11 - 2012-05-05 07:26 - 01651678 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-29 20:35 - 2009-07-14 05:33 - 03942608 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-27 19:19 - 2012-05-05 11:54 - 00153840 _____ () C:\Users\Jul\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-25 15:40 - 2013-05-15 18:24 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Synthesia
2015-01-24 13:21 - 2012-05-05 13:26 - 00566200 _____ () C:\Windows\DPINST.LOG
2015-01-24 13:20 - 2012-05-05 11:52 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-16 03:11 - 2013-07-18 11:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 03:02 - 2012-05-06 08:03 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 16:52 - 2014-10-26 18:32 - 00000000 ____D () C:\Users\Jul\AppData\Roaming\Adobe
2015-01-13 16:52 - 2012-12-20 15:22 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-12 22:36 - 2014-11-22 16:00 - 00000000 ____D () C:\Users\Jul\AppData\Local\Adobe

==================== Files in the root of some directories =======

2014-10-26 21:15 - 2014-12-31 23:34 - 0000132 _____ () C:\Users\Jul\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-12-20 23:09 - 2013-12-20 21:23 - 0012005 _____ () C:\Users\Jul\AppData\Roaming\alsoft.ini
2013-02-23 19:43 - 2013-02-23 19:43 - 0000121 _____ () C:\Users\Jul\AppData\Roaming\D2Info0
2013-02-23 19:43 - 2013-02-23 20:09 - 0000008 _____ () C:\Users\Jul\AppData\Roaming\DofusAppId0_2
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Jul\AppData\Roaming\MTSO
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Jul\AppData\Roaming\NUB
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Jul\AppData\Roaming\OZTQSYNJ
2012-07-30 07:25 - 2014-05-30 19:59 - 0138056 _____ () C:\Users\Jul\AppData\Roaming\PnkBstrK.sys
2012-06-09 13:15 - 2012-06-09 13:15 - 0000004 _____ () C:\Users\Jul\AppData\Roaming\steam_md5.dat
2013-01-23 15:51 - 2013-01-23 15:51 - 0703104 _____ () C:\Users\Jul\AppData\Roaming\technic-launcher.jar
2012-07-05 23:36 - 2014-06-22 15:20 - 0006144 _____ () C:\Users\Jul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-15 21:20 - 2013-02-15 21:20 - 1065984 _____ () C:\Users\Jul\AppData\Local\file__0.localstorage
2012-12-22 00:19 - 2012-12-22 00:19 - 0000091 _____ () C:\Users\Jul\AppData\Local\fusioncache.dat
2012-12-17 05:06 - 2012-12-17 05:06 - 0000337 _____ () C:\Users\Jul\AppData\Local\Perfmon.PerfmonCfg
2014-12-06 17:15 - 2014-12-06 17:15 - 0001590 _____ () C:\Users\Jul\AppData\Local\recently-used.xbel
2012-05-26 12:10 - 2013-05-26 14:20 - 0007601 _____ () C:\Users\Jul\AppData\Local\Resmon.ResmonCfg
2013-09-01 12:24 - 2013-09-13 16:03 - 1341859 ____N () C:\Users\Jul\AppData\Local\Tempmusic.ogg
2013-02-04 14:05 - 2013-02-04 14:05 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-04-07 13:15 - 2013-04-07 13:15 - 0272292 _____ () C:\ProgramData\firstlsp.reg.dat
2013-09-29 17:07 - 2013-07-31 17:07 - 0000032 ____R () C:\ProgramData\hash.dat
2012-05-05 19:41 - 2012-05-05 19:41 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-05-05 19:36 - 2012-05-05 19:36 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-05-05 19:38 - 2012-05-05 19:39 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-05-05 19:36 - 2012-05-05 19:38 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-05-05 19:39 - 2012-05-05 19:41 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Files to move or delete:
====================
C:\Users\Jul\InstallHiRezGamesEnglish.exe
C:\Users\Jul\libgtk-win32-2.0-0.dll
C:\Users\Jul\TechnicLauncher.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 00:17

==================== End Of Log ============================

--- --- ---

--- --- ---

cosinus · 11.02.2015, 22:30

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Windows\81C42533F5A846CE9013ECF783A4CBD4.TMP
C:\Users\Jul\AppData\Roaming\NUB
C:\Users\Jul\AppData\Roaming\OZTQSYNJ
C:\Users\Jul\AppData\Roaming\MTSO
EmptyTemp:
Hosts:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Zubato · 12.02.2015, 08:49

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-02-2015 02
Ran by Jul at 2015-02-12 08:30:18 Run:2
Running from C:\Users\Jul\Desktop\Gegen Ihn
Loaded Profiles: Jul (Available profiles: Jul & Stefan)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Windows\81C42533F5A846CE9013ECF783A4CBD4.TMP
C:\Users\Jul\AppData\Roaming\NUB
C:\Users\Jul\AppData\Roaming\OZTQSYNJ
C:\Users\Jul\AppData\Roaming\MTSO
EmptyTemp:
Hosts:
         
*****************

C:\Windows\81C42533F5A846CE9013ECF783A4CBD4.TMP => Moved successfully.
C:\Users\Jul\AppData\Roaming\NUB => Moved successfully.
C:\Users\Jul\AppData\Roaming\OZTQSYNJ => Moved successfully.
C:\Users\Jul\AppData\Roaming\MTSO => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 16.6 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 08:30:31 ====

11.02.2015, 17:31	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 7: Laptop ist nur mit Internet langsam und ständige Sicherheitszertifikat nachfragen Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken __________________ Logfiles bitte immer in CODE-Tags posten

Windows 7: Laptop ist nur mit Internet langsam und ständige Sicherheitszertifikat nachfragen

Log-Analyse und Auswertung: Windows 7: Laptop ist nur mit Internet langsam und ständige Sicherheitszertifikat nachfragen