atiedxx.exe, csrss.exe und winlogon.exe Trojaner gefunden.

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 02:52 on 20/07/2015 (Markus Meyer)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-07-2015 01
Ran by Markus Meyer (administrator) on MARKUSMEYER-HP on 20-07-2015 03:12:03
Running from C:\Users\Markus Meyer\Desktop
Loaded Profiles: Markus Meyer (Available Profiles: Markus Meyer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmcore.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Blabbers Communications Ltd) C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dxtory Software) C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Program Files (x86)\Jittery Application\0a9e7e87.ftf.ftf
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Aztec Media Inc) C:\Program Files (x86)\Assets Manager\smdmf\SmdmFService.exe
() C:\Program Files (x86)\Spotless Awareness\Spotless Awareness.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Spotify Ltd) C:\Users\Markus Meyer\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Markus Meyer\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Markus Meyer\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Markus Meyer\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Markus Meyer\AppData\Roaming\Spotify\Spotify.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-03-11] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-02-04] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [455680 2012-06-25] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2012-06-25] (Saitek)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-15] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2011-01-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [MFARestart] => C:\ProgramData\MFAData\pack\avgrunasx.exe [247136 2011-08-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-30] (Easybits)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-07-11] (Nullsoft, Inc.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-03-17] (CyberLink Corp.)
HKLM-x32\...\Run: [cmsc] => c:\program files (x86)\cmcm\Clean Master\cmtray.exe [771912 2015-04-01] (Kingsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-07-14] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2895552 2015-07-16] (Valve Corporation)
HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-07-09] (Overwolf LTD)
HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\Run: [Spotify Web Helper] => C:\Users\Markus Meyer\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2008632 2015-07-13] (Spotify Ltd)
HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\Run: [Spotify] => C:\Users\Markus Meyer\AppData\Roaming\Spotify\Spotify.exe [7334968 2015-07-13] (Spotify Ltd)
HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\Run: [Dropbox Update] => C:\Users\Markus Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-21] (Dropbox, Inc.)
AppInit_DLLs: C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL => C:\ProgramData\Assistant\Assistant_x64.dll [4319744 2014-03-27] ()
AppInit_DLLs-x32: c:\progra~3\assist~1\assist~1.dll => c:\ProgramData\Assistant\Assistant.dll [4114944 2014-03-27] ()
Startup: C:\Users\Markus Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-05-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1660394222-742470415-1346051432-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1660394222-742470415-1346051432-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=146&itype=n&ver=15586&tm=621&src=ds&p={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM -> {E9622797-9614-413F-9EC6-9AFE59DC98BC} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=146&itype=n&ver=15586&tm=621&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchannel.info/?l=1&q={searchTerms}&pid=576&r=2013/07/11&hid=2721309486&lg=EN&cc=AT&unqvl=24
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {E9622797-9614-413F-9EC6-9AFE59DC98BC} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1660394222-742470415-1346051432-1000 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1660394222-742470415-1346051432-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1660394222-742470415-1346051432-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=110819&babsrc=SP_ss&mntrId=acc2592f000000000000bc7737ce8124
SearchScopes: HKU\S-1-5-21-1660394222-742470415-1346051432-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-1660394222-742470415-1346051432-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=146&itype=n&ver=15586&tm=621&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1660394222-742470415-1346051432-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1660394222-742470415-1346051432-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1660394222-742470415-1346051432-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1660394222-742470415-1346051432-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1660394222-742470415-1346051432-1000 -> {E9622797-9614-413F-9EC6-9AFE59DC98BC} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1660394222-742470415-1346051432-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll [2013-02-18] (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll [2013-02-18] (Blabbers Communications Ltd)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll [2013-02-18] (Blabbers Communications Ltd)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-04-09] (EasyBits Software Corp.)
Tcpip\..\Interfaces\{62C90C10-94BE-4F98-98B8-118772EDD064}: [DhcpNameServer] 212.33.36.155 212.33.55.5
Tcpip\..\Interfaces\{657FB976-8DE4-48CC-9072-2DD379F15991}: [DhcpNameServer] 212.33.36.155 212.33.55.5

FireFox:
========
FF ProfilePath: C:\Users\Markus Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\8g60e7l1.default-1418240712063
FF SearchEngineOrder.1: default-search.net
FF SelectedSearchEngine: default-search.net
FF Homepage: about:home
FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=146&itype=n&ver=15586&tm=621&src=ds&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=10.6.2 -> C:\Windows\system32\npDeployJava1.dll [2012-09-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-12-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-12-07] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2010-12-08] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1660394222-742470415-1346051432-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Markus Meyer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1660394222-742470415-1346051432-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-06-08] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-07-11] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Markus Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\8g60e7l1.default-1418240712063\searchplugins\default-search.xml [2015-02-12]
FF SearchPlugin: C:\Users\Markus Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\8g60e7l1.default-1418240712063\searchplugins\youtube-videosuche.xml [2015-03-06]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml [2015-02-12]
FF Extension: Ginyas Browser Companion - C:\Users\Markus Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\8g60e7l1.default-1418240712063\Extensions\bbrs_002@blabbers.com [2015-07-09]
FF Extension: Extreme Blocker - C:\Users\Markus Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\8g60e7l1.default-1418240712063\Extensions\uikamptjhnmg@xsczfmjpgxmivd.org [2015-07-18]
FF Extension: TinyURL Generator - C:\Users\Markus Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\8g60e7l1.default-1418240712063\Extensions\tinyurl.addon@fast-chat.co.uk.xpi [2015-07-15]
FF Extension: Adblock Plus - C:\Users\Markus Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\8g60e7l1.default-1418240712063\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-08]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2015-07-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-03]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Browser Companion Helper) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf [2012-11-12]
CHR Extension: (No Name) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\boiegokgnfcjbkeijinpemhfoekfmaik [2014-04-24]
CHR Extension: (Adblock Plus) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-24]
CHR Extension: (SAverExtension) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkefnjfpgnpgpkkkpflkcimgikhgkbnb [2013-12-30]
CHR Extension: (SMSnetwork for Chrome) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlkmhlkkbjgbjpiidobibnckobfagpbd [2014-06-05]
CHR Extension: (Ponyhoof) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjjgphedlaihnlgaibiaihhmhaejjdd [2014-04-24]
CHR Extension: (GGreeaotSAvue4U) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnhfmahopbelmaoeooelbgnhhfpelhc [2014-02-27]
CHR Extension: (Myibidder Auction Bid Sniper for eBay) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmebanjjkaohcmifehogijfgcoieefnp [2015-07-08]
CHR Extension: (AdBlock) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-24]
CHR Extension: (1click timer) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\igloknlllonknnbkfgggfkigmeegmakf [2014-07-03]
CHR Extension: (No Name) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkpahjicmehopmlkbenbkmckcedlcmhk [2014-12-09]
CHR Extension: (DIsCounTExxtensi) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kapefjkjbamjahejjngoffibmgemngom [2014-05-21]
CHR Extension: (Facebook Color Changer Enhancer) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbdkclmnkbjelpeddibimjmgofgkdagn [2014-06-11]
CHR Extension: (Skype Click to Call) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-11-06]
CHR Extension: (No Name) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmiagjknjjfockcklibjlfdojojaffff [2012-12-01]
CHR Extension: (No Name) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhhflamheoandbibgflojkjccnenjbda [2015-01-07]
CHR Extension: (FunDealsu) - C:\Users\Markus Meyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\olofjkgoajokennbpnmfcpkiapegnhlp [2014-05-21]
CHR HKU\S-1-5-21-1660394222-742470415-1346051432-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]
CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx [2012-03-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 699fd52f; c:\ProgramData\Assistant\AssistantSvc.dll [178000 2014-03-27] () [File not signed]
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2011-01-24] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2011-01-24] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [991296 2011-01-24] (Intel Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 cmcore; c:\program files (x86)\cmcm\Clean Master\cmcore.exe [315208 2015-04-01] (Kingsoft Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Jittery Application; C:\Program Files (x86)\Jittery Application\0a9e7e87.ftf.ftf [7491827 2015-05-15] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-04] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-09] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-30] ()
R2 SmdmFService; C:\Program Files (x86)\Assets Manager\smdmf\SmdmFService.exe [3570704 2015-02-03] (Aztec Media Inc)
R2 Spotless Awareness; C:\Program Files (x86)\Spotless Awareness\Spotless Awareness.exe [8016410 2015-06-11] () [File not signed] <==== ATTENTION
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 SeaPort; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]
S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files (x86)\Assets Manager\smdmf\x64\smdmfmgrc3.cfg [45968 2015-02-03] (Aztec Media Inc)
R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2015-02-12] (Kingsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 Said505F; C:\Windows\System32\DRIVERS\Said505F.sys [25920 2012-05-11] (Saitek)
S3 SaiK0CD0; C:\Windows\System32\DRIVERS\SaiK0CD0.sys [181608 2012-08-06] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-06-26] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-06-26] (Saitek)
S3 SaiU0CD0; C:\Windows\System32\DRIVERS\SaiU0CD0.sys [47208 2012-08-06] (Saitek)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-03-17] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-20 03:12 - 2015-07-20 03:13 - 00033488 _____ C:\Users\Markus Meyer\Desktop\FRST.txt
2015-07-20 03:11 - 2015-07-20 03:12 - 00000000 ____D C:\FRST
2015-07-20 03:11 - 2015-07-20 03:11 - 02134528 _____ (Farbar) C:\Users\Markus Meyer\Desktop\FRST64.exe
2015-07-20 02:52 - 2015-07-20 02:52 - 00000486 _____ C:\Users\Markus Meyer\Desktop\defogger_disable.log
2015-07-20 02:52 - 2015-07-20 02:52 - 00000000 _____ C:\Users\Markus Meyer\defogger_reenable
2015-07-20 02:51 - 2015-07-20 02:51 - 00050477 _____ C:\Users\Markus Meyer\Desktop\Defogger.exe
2015-07-20 01:03 - 2015-07-20 01:03 - 00071632 _____ C:\Users\Markus Meyer\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-17 16:33 - 2015-07-17 16:33 - 00562784 _____ (Oracle Corporation) C:\Users\Markus Meyer\Downloads\jxpiinstall.exe
2015-07-17 16:33 - 2015-07-17 16:33 - 00000000 ____D C:\Users\Markus Meyer\AppData\Roaming\Oracle
2015-07-17 16:32 - 2015-07-17 16:35 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-17 16:32 - 2015-07-17 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-17 16:32 - 2015-07-17 16:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-07-17 16:32 - 2015-07-17 16:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-07-15 15:19 - 2015-07-15 15:19 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-15 15:16 - 2015-07-17 16:48 - 00000000 ____D C:\ProgramData\Oracle
2015-07-15 15:15 - 2015-07-15 15:16 - 43221600 _____ (Oracle Corporation) C:\Users\Markus Meyer\Downloads\jre-8u51-windows-x64.exe
2015-07-15 15:10 - 2015-07-15 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-07-15 15:10 - 2015-07-15 15:10 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-14 16:12 - 2015-07-14 16:12 - 00000000 ____D C:\Users\Markus Meyer\Desktop\Ritterfest Linz 2015
2015-07-12 08:46 - 2015-07-12 08:46 - 00000000 ____D C:\Users\Markus Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-08 17:05 - 2015-07-20 02:32 - 00514799 _____ C:\Windows\WindowsUpdate.log
2015-07-08 16:51 - 2015-07-09 06:54 - 00000000 ____D C:\Program Files (x86)\AollCheaepPriice
2015-07-08 16:51 - 2015-07-08 16:51 - 00000000 ____D C:\Program Files (x86)\AllChheapPriceo
2015-07-08 16:50 - 2015-07-08 16:50 - 00000000 ____D C:\Program Files (x86)\Myibidder Auction Bid Sniper for eBay
2015-07-08 16:49 - 2015-07-09 06:54 - 00000000 ____D C:\Program Files (x86)\AlluCCheapPrice
2015-07-04 17:06 - 2015-07-04 17:08 - 00000000 ____D C:\Users\Markus Meyer\AppData\Roaming\TEdit
2015-07-04 17:06 - 2015-07-04 17:06 - 00000000 ____D C:\Users\Markus Meyer\AppData\Local\TEditXna
2015-07-03 23:42 - 2015-07-03 23:42 - 00000000 ____D C:\Users\Markus Meyer\AppData\Local\CEF
2015-07-03 17:04 - 2015-07-17 16:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-01 20:15 - 2015-07-01 20:15 - 02157552 _____ C:\Users\Apps\glue-resources-pre-vis-2.spa
2015-06-21 18:35 - 2015-07-20 02:46 - 00001252 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1660394222-742470415-1346051432-1000UA.job
2015-06-21 18:35 - 2015-07-19 09:46 - 00001200 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1660394222-742470415-1346051432-1000Core.job
2015-06-21 18:35 - 2015-07-18 09:41 - 00004236 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1660394222-742470415-1346051432-1000UA
2015-06-21 18:35 - 2015-07-18 09:41 - 00003840 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1660394222-742470415-1346051432-1000Core
2015-06-21 18:35 - 2015-06-21 18:35 - 00000000 ____D C:\Users\Markus Meyer\AppData\Local\Dropbox
2015-06-21 18:35 - 2015-06-21 18:35 - 00000000 ____D C:\ProgramData\Dropbox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-20 03:10 - 2015-02-12 21:34 - 00000000 ____D C:\Users\Markus Meyer\AppData\Local\Spotify
2015-07-20 03:10 - 2015-02-12 21:33 - 00000000 ____D C:\Users\Markus Meyer\AppData\Roaming\Spotify
2015-07-20 03:07 - 2011-08-20 20:48 - 00000000 ____D C:\Users\Markus Meyer\AppData\Roaming\Skype
2015-07-20 02:58 - 2013-02-18 20:45 - 00001052 _____ C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job
2015-07-20 02:54 - 2012-11-12 20:02 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-20 02:54 - 2012-11-12 20:02 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-20 02:52 - 2011-08-20 17:36 - 00000000 ____D C:\Users\Markus Meyer
2015-07-20 02:45 - 2013-02-18 20:45 - 00001004 _____ C:\Windows\Tasks\GinyasBrowserCompanion Runner.job
2015-07-20 02:17 - 2012-04-05 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-20 02:00 - 2014-08-22 15:28 - 00000000 ____D C:\Users\Markus Meyer\AppData\Local\Adobe
2015-07-20 01:14 - 2014-08-18 19:12 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-07-20 00:02 - 2015-04-08 21:59 - 00000000 ____D C:\Users\Markus Meyer\AppData\Local\LogMeIn Hamachi
2015-07-20 00:02 - 2013-03-13 19:44 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-19 22:11 - 2011-08-22 16:19 - 00000000 ____D C:\Users\Markus Meyer\AppData\Roaming\TS3Client
2015-07-19 20:58 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-19 20:58 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-19 20:46 - 2015-02-12 19:21 - 00000000 ____D C:\ProgramData\smdmf
2015-07-19 20:45 - 2013-07-11 17:15 - 00000430 ____H C:\Windows\Tasks\schedule!3036567561.job
2015-07-19 20:45 - 2013-02-18 20:45 - 00001004 _____ C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
2015-07-19 20:45 - 2013-02-18 20:45 - 00001004 _____ C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
2015-07-19 20:45 - 2013-02-18 20:45 - 00000936 _____ C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job
2015-07-19 20:44 - 2015-04-25 18:20 - 00000000 ____D C:\Users\locales
2015-07-19 20:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-19 20:38 - 2011-08-20 17:44 - 00003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{49C7B74D-76DF-493E-A649-6842D00EE0E9}
2015-07-19 06:10 - 2014-03-10 23:50 - 00000000 ____D C:\ProgramData\FindBestDeala
2015-07-18 22:43 - 2012-08-30 18:37 - 00000000 ___RD C:\Users\Markus Meyer\Dropbox
2015-07-18 22:43 - 2012-08-30 18:35 - 00000000 ____D C:\Users\Markus Meyer\AppData\Roaming\Dropbox
2015-07-18 22:42 - 2014-08-18 19:10 - 00000000 ____D C:\Users\Markus Meyer\AppData\Local\Overwolf
2015-07-17 16:43 - 2011-04-09 20:51 - 00000000 ____D C:\Program Files\Java
2015-07-17 16:35 - 2011-04-09 20:51 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-15 15:48 - 2011-08-20 21:10 - 00000000 ___RD C:\Users\Markus Meyer\Desktop\Stuff
2015-07-15 15:20 - 2015-01-02 21:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 15:19 - 2011-04-09 20:48 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-15 15:17 - 2011-04-09 20:48 - 00000000 ____D C:\ProgramData\Adobe
2015-07-15 03:17 - 2012-04-05 13:47 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 03:17 - 2012-04-05 13:46 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 03:17 - 2011-08-20 21:20 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 11:44 - 2012-01-02 15:44 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-13 16:05 - 2015-05-30 00:13 - 00352095 _____ C:\Users\Apps\local-files-desktop.spa
2015-07-13 16:05 - 2015-05-23 20:20 - 00158566 _____ C:\Users\Apps\hub.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 41287224 _____ C:\Users\libcef.dll
2015-07-13 16:05 - 2015-04-25 18:20 - 10457856 _____ C:\Users\icudtl.dat
2015-07-13 16:05 - 2015-04-25 18:20 - 07334968 _____ (Spotify Ltd) C:\Users\Spotify.exe
2015-07-13 16:05 - 2015-04-25 18:20 - 04253463 _____ C:\Users\devtools_resources.pak
2015-07-13 16:05 - 2015-04-25 18:20 - 03457592 _____ (Microsoft Corporation) C:\Users\d3dcompiler_47.dll
2015-07-13 16:05 - 2015-04-25 18:20 - 02332541 _____ C:\Users\Apps\musixmatch-lyrics.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 02157552 _____ C:\Users\Apps\glue-resources.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 02106424 _____ (Microsoft Corporation) C:\Users\d3dcompiler_43.dll
2015-07-13 16:05 - 2015-04-25 18:20 - 02018406 _____ C:\Users\cef.pak
2015-07-13 16:05 - 2015-04-25 18:20 - 02008632 _____ (Spotify Ltd) C:\Users\SpotifyWebHelper.exe
2015-07-13 16:05 - 2015-04-25 18:20 - 01488440 _____ C:\Users\libGLESv2.dll
2015-07-13 16:05 - 2015-04-25 18:20 - 00968248 _____ (The Chromium Authors) C:\Users\ffmpegsumo.dll
2015-07-13 16:05 - 2015-04-25 18:20 - 00838200 _____ (Spotify Ltd) C:\Users\SpotifyCrashService.exe
2015-07-13 16:05 - 2015-04-25 18:20 - 00723187 _____ C:\Users\Apps\browse.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00661932 _____ C:\Users\Apps\zlink.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00598403 _____ C:\Users\cef_200_percent.pak
2015-07-13 16:05 - 2015-04-25 18:20 - 00536796 _____ C:\Users\Apps\notification-center.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00528578 _____ C:\Users\Apps\collection.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00512001 _____ C:\Users\Apps\genre.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00508698 _____ C:\Users\Apps\collection-artist.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00493494 _____ C:\Users\Apps\discover.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00466223 _____ C:\Users\Apps\collection-album.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00444515 _____ C:\Users\cef_100_percent.pak
2015-07-13 16:05 - 2015-04-25 18:20 - 00443181 _____ C:\Users\Apps\article.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00420097 _____ C:\Users\Apps\messages.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00416475 _____ C:\Users\Apps\album.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00386535 _____ C:\Users\Apps\social-feed.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00383644 _____ C:\Users\Apps\collection-songs.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00368227 _____ C:\Users\Apps\charts.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00363479 _____ C:\Users\Apps\artist.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00356839 _____ C:\Users\Apps\playlist-desktop.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00346718 _____ C:\Users\Apps\social-chart.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00342668 _____ C:\Users\Apps\buddy-list.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00300863 _____ C:\Users\Apps\radio.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00299055 _____ C:\Users\Apps\folder.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00294773 _____ C:\Users\Apps\settings.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00255357 _____ C:\Users\Apps\profile.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00248623 _____ C:\Users\Apps\share.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00244653 _____ C:\Users\Apps\zlink-queue.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00236396 _____ C:\Users\Apps\chart.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00216723 _____ C:\Users\Apps\search.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00210562 _____ C:\Users\Apps\findfriends.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00196416 _____ C:\Users\Apps\suggest.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00160044 _____ C:\Users\Apps\zlogin.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00158229 _____ C:\Users\Apps\follow.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00098360 _____ (Spotify Ltd) C:\Users\SpotifyLauncher.exe
2015-07-13 16:05 - 2015-04-25 18:20 - 00096206 _____ C:\Users\Apps\about.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00079928 _____ C:\Users\libEGL.dll
2015-07-13 16:05 - 2015-04-25 18:20 - 00073272 _____ C:\Users\wow_helper.exe
2015-07-13 16:05 - 2015-04-25 18:20 - 00053462 _____ C:\Users\Apps\ad.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00040241 _____ C:\Users\Apps\licenses.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00038320 _____ C:\Users\Apps\error.spa
2015-07-13 16:05 - 2015-04-25 18:20 - 00013506 _____ C:\Users\locales\en-US.pak
2015-07-13 16:05 - 2015-04-25 18:20 - 00008009 _____ C:\Users\locales\el.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00007791 _____ C:\Users\locales\ru.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00007076 _____ C:\Users\locales\ja.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006969 _____ C:\Users\locales\hu.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006950 _____ C:\Users\locales\fr-CA.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006899 _____ C:\Users\locales\fr.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006876 _____ C:\Users\locales\fi.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006875 _____ C:\Users\locales\pl.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006808 _____ C:\Users\locales\es-419.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006793 _____ C:\Users\locales\nl.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006756 _____ C:\Users\locales\de.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006740 _____ C:\Users\locales\zsm.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006739 _____ C:\Users\locales\it.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006731 _____ C:\Users\locales\es.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006726 _____ C:\Users\locales\tr.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006719 _____ C:\Users\locales\zh-Hant.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006717 _____ C:\Users\locales\pt-BR.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006672 _____ C:\Users\locales\sv.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006540 _____ C:\Users\locales\arb.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00006469 _____ C:\Users\locales\en.mo
2015-07-13 16:05 - 2015-04-25 18:20 - 00000020 _____ C:\Users\inst_ver.dat
2015-07-13 16:05 - 2015-04-25 18:20 - 00000000 _____ C:\Users\Markus.redir
2015-07-08 17:00 - 2013-06-30 21:02 - 00000000 ____D C:\ProgramData\Mozilla
2015-07-08 16:51 - 2015-04-16 22:45 - 00000079 _____ C:\Program Files (x86)\prefs.js
2015-07-08 16:51 - 2015-03-02 19:30 - 00000000 ____D C:\ProgramData\2676599837052602665UL
2015-07-08 08:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2015-07-07 16:53 - 2013-06-30 21:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-05 16:14 - 2011-08-20 20:48 - 00000000 ____D C:\ProgramData\Skype
2015-07-05 12:08 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-04 19:04 - 2013-02-01 20:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-02 17:45 - 2015-06-11 10:27 - 00000000 ____D C:\Program Files (x86)\Spotless Awareness
2015-06-29 04:29 - 2015-06-05 11:59 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-06-29 04:29 - 2011-08-21 11:57 - 00000000 ____D C:\Users\Markus Meyer\AppData\Local\CrashDumps
2015-06-28 20:44 - 2012-01-26 19:03 - 00000000 ____D C:\Windows\Minidump
2015-06-28 20:22 - 2015-04-27 22:35 - 00000000 __SHD C:\Users\Markus Meyer\AppData\Local\EmieBrowserModeList
2015-06-28 20:22 - 2014-08-18 19:11 - 00000000 __SHD C:\Users\Markus Meyer\AppData\Local\EmieUserList
2015-06-28 20:22 - 2014-08-18 19:11 - 00000000 __SHD C:\Users\Markus Meyer\AppData\Local\EmieSiteList
2015-06-28 16:05 - 2015-06-05 11:59 - 00000000 ____D C:\Users\Markus Meyer\AppData\Roaming\Notepad++
2015-06-28 15:48 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-28 05:55 - 2014-08-20 19:28 - 00000000 ____D C:\Users\Markus Meyer\AppData\Roaming\Winamp

==================== Files in the root of some directories =======

2015-04-16 22:45 - 2015-07-08 16:51 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-03-18 01:54 - 2015-03-18 01:54 - 0000020 _____ () C:\Users\Markus Meyer\AppData\Roaming\appdataFr3.bin
2013-06-14 13:29 - 2013-06-14 13:30 - 0047104 ___SH () C:\Users\Markus Meyer\AppData\Roaming\Thumbs.db
2011-11-22 22:59 - 2014-02-05 00:06 - 0006144 _____ () C:\Users\Markus Meyer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-13 23:16 - 2015-06-13 23:16 - 0000000 _____ () C:\Users\Markus Meyer\AppData\Local\Temp.dat
2012-06-28 15:33 - 2012-04-29 15:33 - 0000032 ____R () C:\ProgramData\hash.dat
2011-08-22 16:13 - 2011-08-22 16:13 - 0000003 _____ () C:\ProgramData\MusicStation.log
2011-08-22 16:13 - 2011-08-22 16:13 - 0000243 _____ () C:\ProgramData\MusicStation.xml

Files to move or delete:
====================
C:\ProgramData\hash.dat


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-16 06:39

==================== End of log ============================
         

Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-07-2015 01
Ran by Markus Meyer at 2015-07-20 03:15:04
Running from C:\Users\Markus Meyer\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1660394222-742470415-1346051432-500 - Administrator - Disabled)
Gast (S-1-5-21-1660394222-742470415-1346051432-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1660394222-742470415-1346051432-1002 - Limited - Enabled)
Markus Meyer (S-1-5-21-1660394222-742470415-1346051432-1000 - Administrator - Enabled) => C:\Users\Markus Meyer

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Action Replay Code Manager (HKLM-x32\...\Action Replay Code Manager_is1) (Version:  - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
AdPunisher (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - AdPunisher) <==== ATTENTION
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AION Free-To-Play (HKLM-x32\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge) Hidden
AllChheapPriceo (HKLM-x32\...\{5A1D3F9E-73B5-95EC-1233-6646E1358965}) (Version:  - "") <==== ATTENTION
Amazon Cloud Player (HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\Amazon Amazon Cloud Player) (Version: 2.2.0.399 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Assets Manager (HKLM-x32\...\Assets Manager) (Version: 5.0.0.15586 - Aztec Media Inc) <==== ATTENTION
Assistant (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{699fd52f}) (Version:  - Verified Publisher) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{DA0D8FDA-D538-1145-8BA2-6F22C4EB4F75}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden
AVG 2012 (Version: 12.0.2114 - AVG Technologies) Hidden
Batman: Arkham Asylum (HKLM-x32\...\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}) (Version: 1.0.0.0 - Eidos Interactive Limited)
Batman: Arkham City™ (HKLM-x32\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (x32 Version: 1.0.0000.131 - WB Games) Hidden
Batman: Arkham City™ (x32 Version: 1.0.0001.131 - WB Games) Hidden
Batman: Arkham City™ (x32 Version: 1.0.0003.131 - WB Games) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version:  - ) <==== ATTENTION
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (x32 Version: 1.3 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Clean Master (HKLM-x32\...\Clean Master) (Version: 1.0 - Cheetah Mobile)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3917.58 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3908 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0001.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dxtory 2.0.104 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.104 - Dxtory Software)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden
Five Nights at Freddy's (HKLM-x32\...\Steam App 319510) (Version:  - Scott Cawthon)
Free YouTube Download version 3.2.2.430 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.2.430 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.17.1127 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1127 - DVDVideoSoft Ltd.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
GinyasBrowserCompanion (HKLM-x32\...\GinyasBrowserCompanion) (Version:  - Ginyas) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HP 3D DriveGuard (HKLM\...\{76785052-9E6A-4403-B06A-929B6BF9D742}) (Version: 4.1.5.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{795AADBF-58C2-42D0-B779-E730702A247E}) (Version: 4.0.45.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{3C5AB11A-2DDB-49E6-9FC0-CFD88A7DDFE4}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP On Screen Display (HKLM-x32\...\{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}) (Version: 1.1.2 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13231.3673 - Hewlett-Packard Company)
HP SimplePass 2011 (HKLM-x32\...\{BCFAA37D-A6DB-43BF-A351-43F183E52D07}) (Version: 5.1.0.495 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{CE4551E8-8D09-4126-A39B-B7DF82C5EB83}) (Version: 4.0.110.1 - Hewlett-Packard Company)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6329.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0511 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{794E5C90-96E5-4413-B3F5-C803205AE30C}) (Version: 14.0.3000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel(R) Wireless Display (HKLM-x32\...\{5B46CEC7-DAD0-46A2-BCD6-B46A3CFD9B61}) (Version: 2.0.30.0 - Intel Corporation)
Java 7 Update 79 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kingdoms of Amalur: Reckoning (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.377 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.377 - LogMeIn, Inc.) Hidden
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.1.4 - www.leaguereplays.com)
Lorem Ipsum Generator Default Text (HKLM-x32\...\{35E13884-BAC3-5F4A-799B-05F882E0BD9F}) (Version:  - "") <==== ATTENTION
M.M.O.7 Update Tool (HKLM-x32\...\{24521E5B-24F2-4E84-AA44-8D1BB13140E2}) (Version: 1.1.1 - Mad Catz)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version:  - )
Microsoft Age of Empires Expansion (HKLM-x32\...\Age of Empires Expansion 1.0) (Version:  - )
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Version 1.6.6 BETA (HKLM-x32\...\{ED3219B0-8C17-452A-AF77-FFF11F03FE50}_is1) (Version: 1.6.6 BETA - Copyright 2009-2011 Mojang AB)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MusicStation (HKLM-x32\...\{E74E7F63-E70F-43f2-873F-35FB66F263B2}) (Version: 2.0.5.71 - Omnifone)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version:  - NCsoft)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera 12.10 (HKLM-x32\...\Opera 12.10.1652) (Version: 12.10.1652 - Opera Software ASA)
OptimizerPro (HKLM\...\OptimizerPro) (Version: 1.0 - BetterSoft) <==== ATTENTION
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.87.22.0 - Overwolf Ltd.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Smart Technology Programming Software 7.0.17.2 (HKLM\...\{EF483420-4184-4E11-A8BE-B6921549BE58}) (Version: 7.0.17.2 - Mad Catz)
Spotify (HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\Spotify) (Version: 1.0.9.133.gcedaee38 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version:  - )
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.100 - Firefly Studios)
Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version:  - )
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version:  - )
Tomb Raider: Legend 1.2 (HKLM-x32\...\Tomb Raider: Legend) (Version:  - )
Two Worlds (HKLM-x32\...\Two Worlds) (Version: 1.7.0 - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{7C54D017-21BB-43AE-9746-33E78AF4A425}) (Version: 4.3.118.0 - Validity Sensors, Inc.)
Vegas Pro 12.0 (64-bit) (HKLM\...\{8858A840-1D35-11E2-A8C7-F04DA23A5C58}) (Version: 12.0.394 - Sony)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.31 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.621  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.8-0 - Bitnami)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1660394222-742470415-1346051432-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1660394222-742470415-1346051432-1000_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1660394222-742470415-1346051432-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1660394222-742470415-1346051432-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1660394222-742470415-1346051432-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1660394222-742470415-1346051432-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1660394222-742470415-1346051432-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1660394222-742470415-1346051432-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1660394222-742470415-1346051432-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1660394222-742470415-1346051432-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1660394222-742470415-1346051432-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

14-07-2015 10:53:23 Geplanter Prüfpunkt
17-07-2015 16:29:20 Removed Java(TM) 6 Update 35
17-07-2015 16:31:21 Installed Java 7 Update 79

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08623E46-E8FE-4532-B513-B0646A8B7FBB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {117DE90C-0830-46AA-ACD0-481530A8C194} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-08] (CyberLink)
Task: {1ABED571-0AF9-4E87-8418-4468F79F7351} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-07-09] (Overwolf LTD)
Task: {2C57DE8A-84F9-4BBC-9C4A-C2FE3FE9C318} - System32\Tasks\{F60309C7-7CF9-4318-8D91-31A0A2242D57} => pcalua.exe -a "C:\Users\Markus Meyer\Desktop\Arena106.exe" -d "C:\Users\Markus Meyer\Desktop"
Task: {2CC9563D-6111-4E3B-AF82-6ACDB946DDB5} - System32\Tasks\GinyasBrowserCompanion FireFox Watcher => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {314131D1-7C8E-4B57-9D52-F4B1D1224A58} - System32\Tasks\{2E17ED8E-A591-458D-A5FA-FAE7166DAC42} => pcalua.exe -a C:\ProgramData\AdPunisher\AdPunisher.exe -c /progname=AdPunisher /progver=3.4.2 /progpub=AdPunisher /proguninstallurl=asdahjka.com /deleteappfolder=0 /VERYSILENT
Task: {46D8A9B9-E912-46BC-B6B2-96675425DEAF} - System32\Tasks\GinyasBrowserCompanion Runner => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {521C7B71-B0A6-407E-B9C6-749C8FCA1051} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.)
Task: {54EB32FE-6FF4-4B07-B11E-8007A74190F4} - System32\Tasks\{3FD75532-4316-436E-9E65-2BB91D155993} => pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\Transistor\TransistorVideoSetup.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\Transistor"
Task: {5DD50B57-0028-4F9E-AAA6-4A6876DBAE9F} - System32\Tasks\schedule!3036567561 => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe [2013-01-23] () <==== ATTENTION
Task: {75ED7687-6079-4735-ACAC-75E4CCF5976A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.)
Task: {7C3DF70B-AC4C-427B-B09A-AD6C0F2CD592} - System32\Tasks\Tomb Raider - Anniversary => C:\Program Files (x86)\Tomb Raider - Anniversary\TRA.exe [2011-09-24] (Eidos Inc.)
Task: {7F6ACBDD-DDA1-42C5-902C-048DF8E51C25} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1660394222-742470415-1346051432-1000UA => C:\Users\Markus Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {869F8BC2-E27C-44CE-B6B0-1F3B0E17D288} - System32\Tasks\GinyasBrowserCompanion Chrome Watcher => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {9F63F88D-F14A-4E5C-B04B-64632CDAAE22} - System32\Tasks\{797958D8-E0BA-4F78-9BFC-C4E1BA415660} => pcalua.exe -a E:\setup.exe -d E:\
Task: {A4F61D8B-8831-41F8-85DE-44D1B3CE45FF} - System32\Tasks\AdobeAAMUpdater-1.0-MarkusMeyer-HP-Markus Meyer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {A826D457-BBD4-4F24-8F6A-485487368B0F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1660394222-742470415-1346051432-1000Core => C:\Users\Markus Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {A99EC303-D644-4B34-A2BA-2A120E7C957C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {ABDBFA35-B35F-4C73-B9C5-08855DA08479} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {B38F290A-7DC4-482A-8A7D-F8C251CD01B7} - System32\Tasks\GinyasBrowserCompanion Update Checker => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {C4E5FAC1-F645-43CB-8ED0-6B74676145C5} - System32\Tasks\GinyasBrowserCompanion Stats Report => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {DB23210D-4AA5-4174-B657-70300463B7E1} - System32\Tasks\{345CD035-6703-45B2-B378-C1CFFEE25BBA} => pcalua.exe -a "C:\Users\Markus Meyer\Desktop\Spiele\MINECRAFT\minecraft mods\Sonic Ether's Unbelievable Shaders v08 (Windows)\INSTALLER.exe" -d "C:\Users\Markus Meyer\Desktop\Spiele\MINECRAFT\minecraft mods\Sonic Ether's Unbelievable Shaders v08 (Windows)"
Task: {F8B73193-7F01-49F7-98A7-C154628257D5} - System32\Tasks\{458F4FE3-4B96-4165-B41A-489C0EA926D8} => pcalua.exe -a C:\ProgramData\MFAData\pack\avgmfapx.exe -d C:\Windows\SysWOW64 -c /ResumeInstallation="C:\ProgramData\MFAData\state.dat"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1660394222-742470415-1346051432-1000Core.job => C:\Users\Markus Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1660394222-742470415-1346051432-1000UA.job => C:\Users\Markus Meyer\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GinyasBrowserCompanion Runner.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\schedule!3036567561.job => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exeK/schedule /profile c:\programdata\bettersoft\optimizerpro\3036567561.ini <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2011-02-04 15:42 - 2011-02-04 15:42 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-03-27 22:31 - 2014-03-27 22:31 - 04319744 _____ () C:\ProgramData\Assistant\Assistant_x64.dll
2011-02-04 15:42 - 2011-02-04 15:42 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-07-11 17:15 - 2013-01-23 21:58 - 00348160 ____N () C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
2011-07-14 23:45 - 2011-01-27 18:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-05-15 12:53 - 2015-05-15 12:53 - 07491827 _____ () C:\Program Files (x86)\Jittery Application\0a9e7e87.ftf.ftf
2012-03-17 22:22 - 2014-05-30 19:33 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-11 10:27 - 2015-06-11 10:27 - 08016410 _____ () C:\Program Files (x86)\Spotless Awareness\Spotless Awareness.exe
2011-03-14 14:21 - 2011-03-14 14:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-15 09:57 - 2011-03-15 09:57 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-24 02:21 - 2010-06-24 02:21 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2014-03-27 22:31 - 2014-03-27 22:31 - 04114944 _____ () c:\ProgramData\Assistant\Assistant.dll
2014-03-23 21:19 - 2014-03-27 22:31 - 00178000 _____ () c:\ProgramData\Assistant\AssistantSvc.dll
2010-06-24 02:19 - 2010-06-24 02:19 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-10-18 00:11 - 2014-10-18 00:11 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll
2011-07-14 23:44 - 2011-01-13 03:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-03-12 20:03 - 2015-07-13 16:05 - 41287224 _____ () C:\Users\Markus Meyer\AppData\Roaming\Spotify\libcef.dll
2015-03-12 20:03 - 2015-07-13 16:05 - 01488440 _____ () C:\Users\Markus Meyer\AppData\Roaming\Spotify\libglesv2.dll
2015-03-12 20:03 - 2015-07-13 16:05 - 00079928 _____ () C:\Users\Markus Meyer\AppData\Roaming\Spotify\libegl.dll
2015-03-12 20:03 - 2015-03-21 14:13 - 09305656 _____ () C:\Users\Markus Meyer\AppData\Roaming\Spotify\pdf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1660394222-742470415-1346051432-1000\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1660394222-742470415-1346051432-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Markus Meyer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.33.36.155 - 212.33.55.5

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge => "C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\Markus Meyer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: GoogleChromeAutoLaunch_6ED5A31595A188B8AF2E77AEACF8C4D2 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BACA2A57-9FFA-4A38-9C7C-275B4CD92C0F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A809C7A2-DCD5-405C-B400-4ABD95B7875B}] => (Allow) LPort=2869
FirewallRules: [{ED4A05C1-FBEC-45EC-AF8C-DE92AC93D3FE}] => (Allow) LPort=1900
FirewallRules: [{8982F64F-90F2-458F-92B6-DCA7C0637AC6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B684D451-7D9B-4EE1-B4A5-01F9B6E2A715}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{313F3F04-6F29-40DB-83E7-7C5A74BE6FAE}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{AC250745-93A9-4536-9CCC-F45733ABC6A1}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{DB54112C-E8D4-4FFE-91D0-F2534FD7775F}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{DBFBEAA2-E945-462E-99D6-2A6BED8333B1}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{214B763B-4A5A-49D6-A24C-329632A16B4C}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{28042633-DE5B-47DD-B17C-EE5CC03B8A11}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{FD881BD6-87C1-4839-B7C3-EBFDD80A421E}] => (Allow) C:\Program Files (x86)\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe
FirewallRules: [{CEBCF353-401B-4E69-8134-B30B6A0EC498}] => (Allow) C:\Program Files (x86)\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe
FirewallRules: [{BAE8617A-33BD-4E96-B015-93F2D7571DE1}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{0048D87C-D8C8-4A85-9267-E8BB52B42637}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{654B32F5-7FD5-41D8-8882-DFC25B29DD9D}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe
FirewallRules: [{1AD916F5-992A-4E72-8544-1755FB8DBBCE}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe
FirewallRules: [{A7F00BB6-1DFA-44A8-BF13-5407392C2E8A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{37642C87-343C-401A-9B3E-D8BEA813132C}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{4E79B68F-5C0E-4F6D-829E-4905B025C9DE}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{DC74CD3B-B2B2-471B-BE56-FA3FDA77CE80}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [TCP Query User{8AC48E9E-650F-4605-A86E-8C49B7693527}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{6F031619-5645-4937-BEEA-4F1137F71656}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{CBD0DD36-DCAE-4325-A3BE-FF71F4B88457}] => (Block) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{9F858C26-7966-472F-A0CE-C331F0963B25}] => (Block) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{EC0759B9-1B45-431F-80CB-B09E712174D8}C:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{8267D6D1-6F26-473E-8020-CC996F746528}C:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe
FirewallRules: [{BFFE86CF-6D5C-4751-8ABE-0411CFD391FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8D6A52EA-7B45-49C9-8AE0-B75FD55F1310}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5376A9E9-47F3-4C52-BA65-633C070937FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EDA6AF5D-AB9A-44EF-AA0B-52E14127EAAF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{88AD1242-1BA4-4C24-9544-935B79AAD5DB}] => (Allow) C:\Program Files (x86)\WB Games\Batman Arkham City\Binaries\Win32\BatmanAC.exe
FirewallRules: [{5DD28917-8672-4F9A-8593-6D86D09A46FC}] => (Allow) C:\Program Files (x86)\WB Games\Batman Arkham City\Binaries\Win32\BatmanAC.exe
FirewallRules: [TCP Query User{AFEF79B5-FE59-435D-BB5B-E42C27AD4807}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{1E4163F9-A7B3-40C4-8C7F-AD962E5B1655}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{BA360B98-9D2B-4FCA-87CF-D0E1B1CA3E7B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1340D14A-8A67-4DA2-BFCF-05B2FE2E9611}] => (Allow) C:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [{1559FB7A-0917-4ADD-906D-4C9CFEFC09B3}] => (Allow) C:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [TCP Query User{0C0C4DD6-EB84-4657-B88D-6A1D1DA1F248}C:\program files (x86)\origin games\kingdoms of amalur reckoning\reckoning.exe] => (Allow) C:\program files (x86)\origin games\kingdoms of amalur reckoning\reckoning.exe
FirewallRules: [UDP Query User{02D2E0BB-7555-49FB-9224-94795B69F8A6}C:\program files (x86)\origin games\kingdoms of amalur reckoning\reckoning.exe] => (Allow) C:\program files (x86)\origin games\kingdoms of amalur reckoning\reckoning.exe
FirewallRules: [{6D61B2F8-76AB-4CB6-84C3-C29F1908C855}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E021CA1F-C5F4-48BE-A30E-34B0A2A2FA37}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{777C899A-DA65-4A37-A33E-917E21FD5C21}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{085D7CCD-29BD-4AD9-A658-5DE2D7359376}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E3D0C886-32BF-4CE7-AF36-B50B2BB650E7}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{9372DFB6-4C01-4A2D-851B-66C4B2A30205}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{C19F8039-96C9-4B2F-BF66-90560287DA3B}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Block) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{787401E0-2419-4569-9D58-09578316D99A}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Block) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{57828FB8-380D-407A-BBF7-6673BCD28F37}] => (Allow) C:\Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{1BED526C-D126-462A-ABF8-59D3D999C4DA}] => (Allow) C:\Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{B4F261B2-1F67-4239-B185-B92945C438B1}] => (Allow) C:\Games\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{8891BE99-CA76-4CD7-AC7D-58D4D5371398}] => (Allow) C:\Games\Mass Effect\MassEffectLauncher.exe
FirewallRules: [TCP Query User{9B9CC903-E650-495B-AEE8-1AD8973A42C4}C:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{A03BC8BA-1836-42E5-8F69-5411B563D9D7}C:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{41FD964E-3B64-451A-BD22-DBF4FA025D7E}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{F0AAD9A7-5669-4956-9651-001A61FA7793}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{59DC7481-7E9E-4849-B927-876152B50B9C}C:\users\markus meyer\appdata\local\temp\gw2.exe] => (Allow) C:\users\markus meyer\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{F72605AA-96D8-45D1-B2B9-05EAE6CDBDCA}C:\users\markus meyer\appdata\local\temp\gw2.exe] => (Allow) C:\users\markus meyer\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{5A7A298E-93CD-4C27-A88E-2CB5A78332A1}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{6A314685-7D09-4D4D-874F-4A64B0B38ACC}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{EE3C1445-E233-4791-9E77-12E16F59ABA1}C:\users\markus meyer\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\markus meyer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{C6EC8A71-30F2-468E-94E0-D5B834312670}C:\users\markus meyer\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\markus meyer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{5A18065B-66EF-4D47-9791-92B82DEDF393}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{DE4CC7AA-A7BF-4192-878D-F3EBA7A8F8BF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{497B92D8-6095-4A82-A307-79AB2BE5E271}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{FACE1CF6-DB7D-43D1-ACAD-30828019D8D3}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [{D06F80C3-EB7F-4E01-8918-5FA6E962E649}] => (Allow) %SystemDrive%\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{2C816BF1-BB21-40E5-BEB8-CD87F4D7A516}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{E31F6B4F-403A-423D-85FD-0A04D61E97E4}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{F876B077-12B5-4E94-91BC-2E954DF518A3}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{0313DBC1-AA42-4B39-A8F8-B6823AEE45A5}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{58AC3ABE-29DC-4078-8E72-1A1521F235D3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A5DA3AE8-7AAF-45C7-8C24-83AA68D7BDF8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4FE6699-1DD9-4F1A-B766-171E4C2D8705}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{343E8237-8325-4AFF-A23E-470FF0492759}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{4E189CAD-1E66-4AC1-BE7B-B5C4EB226EEF}] => (Allow) C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AB14F9AA-1301-40AD-8806-AC847D5986F7}] => (Allow) C:\Users\Markus Meyer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{F033DB60-F66C-443C-A293-665EBFEDCE7D}C:\program files (x86)\namco bandai games\darksouls\data.exe] => (Allow) C:\program files (x86)\namco bandai games\darksouls\data.exe
FirewallRules: [UDP Query User{7F8E7F6F-BB42-4C8A-B81F-98A2AED1ABAB}C:\program files (x86)\namco bandai games\darksouls\data.exe] => (Allow) C:\program files (x86)\namco bandai games\darksouls\data.exe
FirewallRules: [{E143C52B-D96B-4E24-8989-9CDCB2BDE846}] => (Allow) C:\Program Files (x86)\Reality Pump\Two Worlds\TwoWorlds.exe
FirewallRules: [{74A07F70-2B21-4D95-BF7D-2F9F2752A0CE}] => (Allow) C:\Program Files (x86)\Reality Pump\Two Worlds\TwoWorlds.exe
FirewallRules: [{C7F74B36-7799-4570-948D-71C23979F0DD}] => (Allow) C:\Program Files (x86)\Reality Pump\Two Worlds\TwoWorlds_RADEON.exe
FirewallRules: [{9D3E4F18-618E-4518-A696-F5B8DE0F1A7E}] => (Allow) C:\Program Files (x86)\Reality Pump\Two Worlds\TwoWorlds_RADEON.exe
FirewallRules: [{9170FBF6-D58E-46BF-9504-C0A627408F69}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{2D119E35-288E-4758-A268-45D2C2D7D3F6}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{B5279D20-4D76-480B-B448-D78F676FA6DB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{153EE1D0-65F6-4E52-8362-8542C1B2AD64}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{4634ADFC-409F-454D-AECE-79C97E269C0D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{4457760F-3149-4D8D-BBF0-91F4C38B1943}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{6D795773-6FD1-495E-8E08-C437AF8D82D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A56DF3EF-769D-4643-9FA4-460F06B5FDE2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CCC2DA00-F924-46B7-9234-B9A37B5CB4BC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{49624E43-5681-42D6-8F66-EB737706839E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{11DC8B5E-FF9B-498D-AD8B-77B1FDEC9DA1}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{48FAB60F-3FD1-45F5-B761-BBB6B0979611}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{DA5A3292-70E7-4213-9726-B852C098794D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FB60AC18-7FE9-4957-B2A0-31B0A3908746}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1EDE3350-460A-4CFB-9719-1B66303B8024}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{35FD096F-9322-41D8-A738-570306EE2075}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{D64FC538-8D36-4887-B8BE-4CF56AE0E501}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{302FC150-F02A-4031-B6F1-0F5E508F6C92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{D43DF489-E33F-42AA-8B51-A4C01FF75659}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{D2C9115C-5B78-4663-9631-D47DAC6FB42F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{A0102207-1838-45F5-92AF-686B3E0B855E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [TCP Query User{6FCECB98-F56E-4CA3-88FA-B4DDA8FC2756}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{CDB562B6-748F-474A-8EE3-2A85FCBACF65}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{42168896-D7FC-4BD0-9525-92C7A083A401}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{7DC8DD08-FA28-4CEE-9B02-41B1F0C6526E}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{145200F7-0DDA-4307-8A15-52C4230D98EE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{549B94D0-198D-4C69-8995-2110233939D9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3CA54E62-6204-4440-AB00-4D1F937BD2EF}C:\users\markus meyer\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\markus meyer\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8A4E389A-6502-4B02-8782-51315DDD2192}C:\users\markus meyer\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\markus meyer\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C1193093-E5E7-4D76-8056-C15DBDBF3704}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{C3D206C9-A873-4A3D-8EF0-69AB5E4401D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{87FDE8AA-C71F-4BE6-A257-8EBD9C391DC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{BBE422EC-77E4-434A-B6F9-7C46DF7C9B6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [TCP Query User{08D71451-4E3C-403F-92D2-A73FAA9EC6EE}C:\users\markus meyer\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\markus meyer\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{44B9DA52-48B3-48B4-92AF-B48387C6A85E}C:\users\markus meyer\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\markus meyer\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E17FC18D-799B-4CCA-8888-F0609FDBBA06}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{30A5A31F-EAD6-45EC-AD96-8B2CB5ABB9A1}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{ED6FACF7-6DC9-4BF9-9863-0A0C2AA1D5B5}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{4F5638F6-62C1-40C6-8AC1-383D48829EB8}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{F9D649FD-765B-4962-AC90-D4223D473961}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{0352D893-BEC1-467C-922F-D318328BED67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{CB90298A-C4CF-41F7-993A-31DD7BA0FD05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe
FirewallRules: [{0D9318B1-DF5D-4F34-B708-2553081B8E5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe
FirewallRules: [{37342D0E-95B3-435F-97DC-969FF0093D03}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2015 08:47:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2015 08:45:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3fe
ID des fehlerhaften Prozesses: 0xa40
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (07/19/2015 08:45:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Ausnahmecode: 0x40000015
Fehleroffset: 0x00057738
ID des fehlerhaften Prozesses: 0xa24
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (07/19/2015 08:43:19 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (07/19/2015 08:43:19 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (07/19/2015 08:43:18 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (07/19/2015 08:43:13 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (07/19/2015 08:43:11 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (07/19/2015 08:43:10 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (07/19/2015 08:43:10 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC


System errors:
=============
Error: (07/20/2015 12:02:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/19/2015 08:57:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/19/2015 08:54:50 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/19/2015 08:52:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (07/19/2015 08:47:21 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: Fehler beim Starten des Assistenten für das Sprachpaket-Setup. Führen Sie einen Neustart des Systems aus, und führen Sie den Assistenten erneut aus.

Error: (07/19/2015 08:47:21 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80070002

Error: (07/19/2015 08:47:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TrustedInstaller" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/19/2015 08:47:21 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 2TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (07/19/2015 08:46:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst HPWMISVC erreicht.

Error: (07/19/2015 08:45:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 41%
Total physical RAM: 8139.86 MB
Available physical RAM: 4772 MB
Total Virtual: 16277.93 MB
Available Virtual: 12491.45 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:682.97 GB) (Free:164.61 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:15.37 GB) (Free:1.67 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: EAA2A155)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=683 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End of log ============================