Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.06.2015, 17:32   #1
rayleigh
 
Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



hi
Habe ein großes problem jedes mal wenn irgendwie mein lapi heruntergefahren wurde.
Und neugestartet wurde dann starte ich gerne Firefox und google nach ca 5min kommen plötzlich 10-15 programme die sich aufploppen .
wie z.B GData aber irgendwie nichts sozusagen zeigt es nichts an also ein durchsichtiges bild.
Habe mehrmals ein Viren Scan laufen lassen und nichts gefunden mit GData
Vielleicht hilft das bild weiter


Manche anwendungen sind im explorer drin also ist halt der explorer wie z.b
Default IME

Adcleaner habe ich schon mal durchscannen lassen und manche gefunden und gelöscht
Malwarebytes Anti-Malware läuft gerade dauer warscheinlich 10st

Alt 30.06.2015, 17:45   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 30.06.2015, 17:56   #3
rayleigh
 
Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



Dauert warscheinlich noch 1-2st
aber gerade hat Malwarebytes Anti-Malware was gefunden das irgendwie schlimm nach ein trojaner aussieht ??
Und youtube downloader& converter ?? warum das youtube weiß ich nicht weil eigentlich sollte es garnicht auftauchen da ich es von chip gedownload habe dann sollte es doch sicher sein ??


Und irgendwie sollte es doch gdata finden oder ??

Kann leider keine dateien größer als " maximale Dateigröße für diesen Dateityp beträgt 97,7 KB. Ihre Datei ist 108,3 KB groß."
hochladen
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Rayleigh (administrator) on RAYLEIGH-PC on 30-06-2015 18:52:13
Running from C:\Users\Rayleigh\Downloads
Loaded Profiles: Rayleigh &  (Available Profiles: Rayleigh)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(UPEK Inc.) C:\Program Files\Protector Suite\upeksvr.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\Prio\prio_svc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(SecureW2 B.V.) C:\Program Files (x86)\SecureW2\sw2_service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Unity Technologies ApS) C:\Program Files (x86)\Unityfree\Editor\Unity.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [431224 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2013-12-13] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe [901632 2015-01-08] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [477064 2013-12-22] (Autodesk Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-06-23] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2584240 2015-04-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114368 2015-02-06] (VMware, Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SecureW2 Tray] => C:\Program Files (x86)\SecureW2\sw2_tray.exe [224600 2014-03-24] (SecureW2 B.V.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\Protector Suite\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-06] (Google Inc.)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-06] (Google Inc.)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-06] (Google Inc.)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\Run: [Vidalia] => C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe [6239727 2014-07-29] ()
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\Run: [Hide.me] => [X]
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-03] (CyberGhost S.R.L.)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\Run: [uTorrent] => C:\Users\Rayleigh\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-25] (BitTorrent Inc.)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-06] (Google Inc.)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Vidalia] => C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe [6239727 2014-07-29] ()
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Hide.me] => [X]
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-03] (CyberGhost S.R.L.)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => C:\Users\Rayleigh\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-25] (BitTorrent Inc.)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-06] (Google Inc.)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-06] (Google Inc.)
HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-06-17] (NVIDIA Corporation)
AppInit_DLLs:  prio.dll => C:\Program Files\Prio\prio.dll [17264 2012-11-08] (O&K Software)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155280 2015-06-17] (NVIDIA Corporation)
AppInit_DLLs-x32:  prio32.dll => C:\Program Files\Prio\prio32.dll [15216 2012-11-08] (O&K Software)
Lsa: [Notification Packages] scecli C:\Program Files\Protector Suite\psqlpwd.dll
Startup: C:\Users\Rayleigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-01-03] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
ShellIconOverlayIdentifiers: [UEAFOverlay] -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => C:\Program Files\Protector Suite\farchns.dll [2010-12-10] (UPEK Inc.)
ShellIconOverlayIdentifiers: [UEAFOverlayOpen] -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => C:\Program Files\Protector Suite\farchns.dll [2010-12-10] (UPEK Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
BootExecute: autocheck autochk /p \??\C:autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
URLSearchHook: HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File
URLSearchHook: HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File
URLSearchHook: HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File
URLSearchHook: HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {724F629D-0E1F-49EA-A0C2-DC9A8390F439} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {724F629D-0E1F-49EA-A0C2-DC9A8390F439} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {724F629D-0E1F-49EA-A0C2-DC9A8390F439} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {724F629D-0E1F-49EA-A0C2-DC9A8390F439} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002 -> {724F629D-0E1F-49EA-A0C2-DC9A8390F439} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {724F629D-0E1F-49EA-A0C2-DC9A8390F439} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {724F629D-0E1F-49EA-A0C2-DC9A8390F439} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {724F629D-0E1F-49EA-A0C2-DC9A8390F439} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {724F629D-0E1F-49EA-A0C2-DC9A8390F439} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {724F629D-0E1F-49EA-A0C2-DC9A8390F439} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-08-20] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-25] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Password Depot 6 -> {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} -> C:\Program Files (x86)\AceBIT\Password Depot 6\pdIEAddOn64.dll [2012-06-05] (AceBIT)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-25] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-08-20] (Internet Download Manager, Tonec Inc.)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-19] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Password Depot 6 -> {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} -> C:\Program Files (x86)\AceBIT\Password Depot 6\pdIEAddOn32.dll [2012-06-05] ()
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-19] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog5 09 C:\Windows\SysWOW64\PrxerNsp.dll [56424 2013-12-21] ()
Winsock: Catalog5-x64 09 C:\Windows\system32\PrxerNsp.dll [57448 2013-12-21] ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{326B9AAC-9B06-4A9E-A8F6-EF3DB57B2F2C}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{481CA0B3-3527-49BF-8223-584041526B5B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{777A9917-4D4A-4966-94D3-69D539E8B6BE}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8CF10BEE-AFFB-4749-BBE5-E3602F6F075A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{921CF0E0-800E-41D9-B5D1-CE384A07DF45}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9391A38C-4362-45CC-93E3-875C2A1CA39E}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{95FA03BA-0793-4A49-A764-EF53DC7DBC21}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B0E5909F-F7FA-4E8C-8AB1-70410E8B1A59}: [NameServer] 0.0.0.0
Tcpip\..\Interfaces\{B38A08E0-E1FF-4B3B-8D72-B34AE640FB43}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E5269A84-6B08-402B-A572-5B1BC3943EDD}: [NameServer] 192.168.178.2,192.168.178.12
Tcpip\..\Interfaces\{E96F2198-3F62-4D75-B01E-B7718B5B93BF}: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Rayleigh\AppData\Roaming\Mozilla\Firefox\Profiles\qgxwtkeg.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://forums.makingmoneywithandroid.com/buy-sell/20937-awesome-unity3d-source-codes-%3D%3D50%25-discount-3.html|https://play.google.com/apps/publish/
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF NetworkProxy: "backup.ftp", "92.242.59.230"
FF NetworkProxy: "backup.ftp_port", 80
FF NetworkProxy: "backup.socks", "92.242.59.230"
FF NetworkProxy: "backup.socks_port", 80
FF NetworkProxy: "backup.ssl", "92.242.59.230"
FF NetworkProxy: "backup.ssl_port", 80
FF NetworkProxy: "ftp", "185.2.32.210"
FF NetworkProxy: "ftp_port", 1080
FF NetworkProxy: "http", "185.2.32.210"
FF NetworkProxy: "http_port", 1080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "185.2.32.210"
FF NetworkProxy: "socks_port", 1080
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "185.2.32.210"
FF NetworkProxy: "ssl_port", 1080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-13] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [2014-08-27] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-04-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-13] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [2014-08-27] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-19] (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-04-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2704303720-1333551685-4236009739-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Rayleigh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2704303720-1333551685-4236009739-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-19] (Pando Networks)
FF Plugin HKU\S-1-5-21-2704303720-1333551685-4236009739-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-05-27] ()
FF Plugin HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Rayleigh\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-19] (Pando Networks)
FF Plugin HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-05-27] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Extension: Cookies Manager+ - C:\Users\Rayleigh\AppData\Roaming\Mozilla\Firefox\Profiles\qgxwtkeg.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2015-06-02]
FF Extension: anonymoX - C:\Users\Rayleigh\AppData\Roaming\Mozilla\Firefox\Profiles\qgxwtkeg.default\Extensions\client@anonymox.net.xpi [2012-11-01]
FF Extension: MEGA - C:\Users\Rayleigh\AppData\Roaming\Mozilla\Firefox\Profiles\qgxwtkeg.default\Extensions\firefox@mega.co.nz.xpi [2015-01-11]
FF Extension: FlashGot - C:\Users\Rayleigh\AppData\Roaming\Mozilla\Firefox\Profiles\qgxwtkeg.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-04-07]
FF Extension: Adblock Plus - C:\Users\Rayleigh\AppData\Roaming\Mozilla\Firefox\Profiles\qgxwtkeg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-26]
FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de [2015-06-03]
FF HKLM-x32\...\Firefox\Extensions: [passworddepot@acebit.com] - C:\Program Files (x86)\AceBIT\Password Depot 6\Firefox
FF Extension: Password Depot Extension - C:\Program Files (x86)\AceBIT\Password Depot 6\Firefox [2012-09-25]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2012-11-07]
FF HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Rayleigh\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Rayleigh\AppData\Roaming\IDM\idmmzcc5 [2014-09-04]
FF HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-23]
FF HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Rayleigh\AppData\Roaming\IDM\idmmzcc5
FF HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Rayleigh\AppData\Roaming\IDM\idmmzcc5
FF HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Rayleigh\AppData\Roaming\IDM\idmmzcc5

Chrome: 
=======
CHR Profile: C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-03-16]
CHR Extension: (Google Translate) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-09-13]
CHR Extension: (YouTube) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-12]
CHR Extension: (Adblock Plus) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-28]
CHR Extension: (Google Search) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-12]
CHR Extension: (Tampermonkey) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-01-17]
CHR Extension: (AdBlock) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (No Name) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-06-27]
CHR Extension: (Google Wallet) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-12]
CHR Profile: C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-20]
CHR Extension: (Google Drive) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-20]
CHR Extension: (YouTube) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-20]
CHR Extension: (Google Search) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-20]
CHR Extension: (Password Depot Browser Extension for Google Chrome) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\imkcgcjpeajeajpcpbdbgbknfaijnpdc [2013-01-20]
CHR Extension: (No Name) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\licjnkifamhpbaefhdpacpmihicfbomb [2013-07-26]
CHR Extension: (Savings-Slider) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2013-01-20]
CHR Extension: (Norton Identity Protection) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-07-14]
CHR Extension: (Gmail) - C:\Users\Rayleigh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-20]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-09-03]
CHR HKLM-x32\...\Chrome\Extension: [imkcgcjpeajeajpcpbdbgbknfaijnpdc] - C:\Program Files (x86)\AceBIT\Password Depot 6\crx.crx [2012-09-25]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-09-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [603312 2015-04-20] (Adobe Systems Incorporated)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-05-26] () [File not signed]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [406288 2014-06-23] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-06-23] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-06-23] (BlueStack Systems, Inc.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S2 DAZContentManagementService; C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] () [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-05-02] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [159752 2010-10-07] ()
S2 HiPatchService; H:\Agenda\HiPatchService.exe [9216 2015-02-16] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [335872 2006-07-12] (Microsoft Corporation) [File not signed]
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
S2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [57820696 2008-07-11] (Microsoft Corporation)
S2 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14254 2013-05-18] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4687672 2012-05-15] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-03] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-24] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-11-11] (Overwolf Ltd)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-30] ()
R2 prio_svc; C:\Program Files\Prio\prio_svc.exe [12656 2012-11-08] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [430616 2008-07-11] (Microsoft Corporation)
S2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 SW2SVC; C:\Program Files (x86)\SecureW2\sw2_service.exe [108376 2014-03-24] (SecureW2 B.V.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2015-01-17] (Tunngle.net GmbH)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12730048 2015-02-06] ()
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
S2 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [File not signed]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [File not signed]
S2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-06-23] (BlueStack Systems)
S3 busenum; C:\Windows\System32\DRIVERS\SteelBus64.sys [112128 2012-05-23] (SteelSeries Corporation) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-27] (Disc Soft Ltd)
S3 fspad_wlh64; C:\Windows\system32\drivers\fspad_wlh64.sys [68608 2010-11-08] (Sentelic Corporation) [File not signed]
S3 fspad_xp64; C:\Windows\system32\drivers\fspad_xp64.sys [68608 2010-11-08] (Sentelic Corporation) [File not signed]
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-05-05] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [135168 2014-05-05] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [68608 2014-05-05] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-05-05] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-05-05] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65024 2014-05-05] (G Data Software AG)
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel  Corporation)
R3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2012-01-17] (hxxp://libusb-win32.sourceforge.net)
R3 libusb0; C:\Windows\SysWOW64\DRIVERS\libusb0.sys [28672 2007-03-20] (hxxp://libusb-win32.sourceforge.net) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-06-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
S3 NSNDIS5; C:\Windows\SysWOW64\NSNDIS5.SYS [17280 2004-03-24] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-08-20] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-08-20] (RapidSolution Software AG)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31912 2014-12-30] (Razer Inc)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-03-15] (Oracle Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-12-13] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-01-07] (VMware, Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 RTL8187; system32\DRIVERS\rtl8187.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-30 18:52 - 2015-06-30 18:54 - 00063529 _____ C:\Users\Rayleigh\Downloads\FRST.txt
2015-06-30 18:51 - 2015-06-30 18:52 - 00000000 ____D C:\FRST
2015-06-30 18:51 - 2015-06-30 18:51 - 02112512 _____ (Farbar) C:\Users\Rayleigh\Downloads\FRST64.exe
2015-06-30 18:47 - 2015-06-30 18:47 - 00005962 _____ C:\Users\Rayleigh\Downloads\malware.txt
2015-06-30 18:22 - 2015-06-30 18:22 - 00001176 _____ C:\Users\Rayleigh\Downloads\Downloads - Verknüpfung.lnk
2015-06-30 18:22 - 2015-06-30 18:22 - 00000058 _____ C:\test.txt
2015-06-30 18:00 - 2015-06-30 18:00 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-30 18:00 - 2015-06-30 18:00 - 00001110 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-30 18:00 - 2015-06-30 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-30 17:59 - 2015-06-30 18:00 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-30 17:59 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-30 17:59 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-30 17:59 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-30 17:55 - 2015-06-30 17:56 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Rayleigh\Downloads\mbam-setup-2.1.8.1057.exe
2015-06-30 17:48 - 2015-06-30 17:48 - 00002097 _____ C:\Users\Rayleigh\Downloads\hjtscanlist.zip
2015-06-30 17:48 - 2015-06-30 17:48 - 00002097 _____ C:\Users\Rayleigh\Downloads\hjtscanlist (1).zip
2015-06-30 17:48 - 2015-06-30 17:48 - 00000000 ____D C:\Users\Rayleigh\Downloads\hjtscanlist
2015-06-30 17:10 - 2015-06-30 17:13 - 05252592 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-30 13:57 - 2015-06-30 13:57 - 00000772 _____ C:\Users\Rayleigh\Desktop\Total War Attila.lnk
2015-06-30 11:11 - 2015-06-30 11:12 - 264445916 _____ C:\Users\Rayleigh\Downloads\Unity Asset - TPSA - Third Person Shooter Template v1.3 (final)[AKD].zip
2015-06-30 11:08 - 2015-06-30 11:11 - 101867929 _____ C:\Users\Rayleigh\Documents\TPSA_Tutorial_setup_new_character_hd720.mp4
2015-06-30 11:08 - 2015-06-30 11:08 - 02110387 _____ C:\Users\Rayleigh\Documents\TPSA_Tutorial_setup_new_character_161k.webm
2015-06-29 21:41 - 2015-06-29 21:44 - 77988136 _____ C:\Users\Rayleigh\Documents\Let_s_Play_Batman_Arkham_Knight_Deutsch_09_Azrael_als_mein_Nachfolger_small.flv
2015-06-29 21:41 - 2015-06-29 21:44 - 62918518 _____ C:\Users\Rayleigh\Documents\Let_s_Play_ARK_Survival_Evolved_Deutsch_23_Langeweile_macht_dich_böse_small.flv
2015-06-29 21:41 - 2015-06-29 21:43 - 52978921 _____ C:\Users\Rayleigh\Documents\Let_s_Play_Dead_Rising_3_Deutsch_27_Verstörende_Erfahrung_small.flv
2015-06-29 15:48 - 2015-06-30 17:51 - 00000000 ____D C:\Users\Rayleigh\Downloads\zqc01qz812a4wed
2015-06-29 11:59 - 2015-06-29 11:59 - 00000000 ____D C:\Users\Rayleigh\Downloads\Neuer Ordner
2015-06-29 09:16 - 2015-06-29 09:16 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
2015-06-29 01:29 - 2015-06-30 17:14 - 00000224 _____ C:\Windows\setupact.log
2015-06-29 01:29 - 2015-06-29 01:29 - 00000000 _____ C:\Windows\setuperr.log
2015-06-29 01:06 - 2015-06-29 01:06 - 00177960 _____ C:\Users\Rayleigh\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-28 21:37 - 2015-06-28 21:39 - 149044823 _____ C:\Users\Rayleigh\Documents\WITCHER_3_042_Blutbesudeltes_Ahnenfest_★_Let_s_Play_The_Witcher_3_small(1).flv
2015-06-28 21:21 - 2015-06-28 21:23 - 104046718 _____ C:\Users\Rayleigh\Documents\WITCHER_3_043_Kinder_Kinder_Omnomnom_★_Let_s_Play_The_Witcher_3_small.flv
2015-06-28 19:00 - 2015-06-28 19:00 - 00081342 _____ C:\Users\Rayleigh\Downloads\UnknownRelease_[www.unknowncheats.me]_ (1).rar
2015-06-27 21:56 - 2015-06-27 21:56 - 00053974 _____ C:\Users\Rayleigh\Downloads\OnEachFrameExecutor_[www.unknowncheats.me]_ (1).zip
2015-06-27 21:33 - 2015-06-27 21:37 - 63808041 _____ C:\Users\Rayleigh\Documents\Let_s_Play_Batman_Arkham_Knight_Gameplay_German_Deutsch_14_Batman_am_Boden_small.flv
2015-06-27 21:33 - 2015-06-27 21:37 - 62870737 _____ C:\Users\Rayleigh\Documents\Let_s_Play_Batman_Arkham_Knight_Gameplay_German_Deutsch_13_Lucius_Fox_Wayne_Tower_small.flv
2015-06-27 21:33 - 2015-06-27 21:37 - 53159287 _____ C:\Users\Rayleigh\Documents\Let_s_Play_Batman_Arkham_Knight_Gameplay_German_Deutsch_12_Firefly_small.flv
2015-06-27 21:32 - 2015-06-27 21:37 - 64631573 _____ C:\Users\Rayleigh\Documents\Let_s_Play_Batman_Arkham_Knight_Gameplay_German_Deutsch_11_Schrecken_der_Nacht_Rätsel_3_small.flv
2015-06-27 21:32 - 2015-06-27 21:37 - 56174630 _____ C:\Users\Rayleigh\Documents\Let_s_Play_Batman_Arkham_Knight_Gameplay_German_Deutsch_10_PS4_Riddler_Rätsel_1_2_small.flv
2015-06-27 21:32 - 2015-06-27 21:36 - 49403598 _____ C:\Users\Rayleigh\Documents\Let_s_Play_Batman_Arkham_Knight_Gameplay_German_Deutsch_9_PS4_Catwoman_small.flv
2015-06-27 21:31 - 2015-06-27 21:34 - 58337857 _____ C:\Users\Rayleigh\Documents\Let_s_Play_Batman_Arkham_Knight_Gameplay_German_Deutsch_8_PS4_Bomben_entschärfen_small.flv
2015-06-27 21:24 - 2015-06-27 21:31 - 93278320 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_086_Der_Werwolf_von_Silverpine_★_Let_s_Play_Fable_3_small.flv
2015-06-27 21:24 - 2015-06-27 21:30 - 54529564 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_085_Geisterhaus_Hinter_den_Spiegeln_★_Let_s_Play_Fable_3_small.flv
2015-06-27 21:23 - 2015-06-27 21:31 - 80725729 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_084_Das_Rätsel_des_Mysteriums_★_Let_s_Play_Fable_3_small.flv
2015-06-27 21:23 - 2015-06-27 21:31 - 80518031 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_083_Zwerge_Schlüssel_Grabungsorte_II_Überlänge_small.flv
2015-06-27 21:23 - 2015-06-27 21:30 - 79650000 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_081_Eine_Waisen_Entscheidung_★_Let_s_Play_Fable_3_small.flv
2015-06-27 21:23 - 2015-06-27 21:30 - 74571864 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_080_Duftende_Blümchen_liebreizende_Damen_★_Let_s_Play_Fable_3_small.flv
2015-06-27 21:23 - 2015-06-27 21:29 - 67699556 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_082_Zwerge_Schlüssel_Grabungsorte_I_★_Let_s_Play_Fable_3_small.flv
2015-06-27 21:22 - 2015-06-27 21:30 - 78401115 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_079_Schuld_und_Sühne_Und_Nigel_Ferret_★_Let_s_Play_Fable_3_small.flv
2015-06-27 21:19 - 2015-06-27 21:26 - 81491708 _____ C:\Users\Rayleigh\Documents\Let_s_Play_ARK_Survival_Evolved_Deutsch_22_In_den_Briefkasten_gekackt_für_Views_small.flv
2015-06-27 21:17 - 2015-06-27 21:27 - 149044823 _____ C:\Users\Rayleigh\Documents\WITCHER_3_042_Blutbesudeltes_Ahnenfest_★_Let_s_Play_The_Witcher_3_small.flv
2015-06-27 21:16 - 2015-06-27 21:21 - 83865095 _____ C:\Users\Rayleigh\Documents\BATMAN_ARKHAM_KNIGHT_005_Der_Arkham_Knight_stellt_sich_vor_★_Let_s_Play_Arkam_Knight_small.flv
2015-06-27 18:15 - 2015-06-28 17:59 - 00000000 ____D C:\Users\Rayleigh\AppData\Local\DayZ
2015-06-26 21:50 - 2015-06-26 21:51 - 29608712 _____ C:\Users\Rayleigh\Downloads\RacingGameSK.apk
2015-06-26 21:48 - 2015-06-26 21:49 - 77916327 _____ C:\Users\Rayleigh\Documents\Let_s_Play_ARK_Survival_Evolved_Deutsch_21_Shark_in_a_Box_small.flv
2015-06-26 21:37 - 2015-06-26 21:38 - 36113142 _____ C:\Users\Rayleigh\Documents\GEJAGT_DayZ_Mod_61_DE_FullHD_small.flv
2015-06-26 21:36 - 2015-06-26 21:38 - 41422379 _____ C:\Users\Rayleigh\Documents\ZU_BESUCH_DayZ_Mod_59_DE_FullHD_small.flv
2015-06-26 21:36 - 2015-06-26 21:38 - 38072320 _____ C:\Users\Rayleigh\Documents\MASCHINE_DayZ_Mod_55_DE_HD_small.flv
2015-06-26 21:36 - 2015-06-26 21:38 - 28919475 _____ C:\Users\Rayleigh\Documents\PETER_ZWEGAT_DayZ_Mod_57_DE_HD_small.flv
2015-06-26 21:36 - 2015-06-26 21:38 - 26385331 _____ C:\Users\Rayleigh\Documents\PROFI_RADLER_DayZ_Mod_58_DE_FullHD_small.flv
2015-06-26 21:36 - 2015-06-26 21:38 - 23549410 _____ C:\Users\Rayleigh\Documents\WARUM_LIEGT_HIER_STROH_DayZ_Mod_60_DE_FullHD_small.flv
2015-06-26 21:36 - 2015-06-26 21:37 - 20061319 _____ C:\Users\Rayleigh\Documents\SCHEIßE_PANZER_DayZ_Mod_56_DE_HD_small.flv
2015-06-26 21:35 - 2015-06-26 21:37 - 28558132 _____ C:\Users\Rayleigh\Documents\REPARATUR_DayZ_Mod_54_DE_HD_small.flv
2015-06-26 21:35 - 2015-06-26 21:36 - 24983419 _____ C:\Users\Rayleigh\Documents\FUCK_MEINE_KARRE_DayZ_Mod_53_DE_HD_small.flv
2015-06-26 21:26 - 2015-06-26 21:27 - 11429536 _____ C:\Users\Rayleigh\Documents\How_to_add_a_Chartboost_More_Apps_page_to_your_iOS_app_in_less_than_10_minutes_tutorial_large.mp4
2015-06-26 21:23 - 2015-06-26 21:30 - 123708068 _____ C:\Users\Rayleigh\Documents\Adding_Chartboost_to_your_Android_game_hd720.mp4
2015-06-26 21:04 - 2015-06-26 21:11 - 73733915 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_077_Welch_schmackhaftes_Grillfest_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:04 - 2015-06-26 21:11 - 62129659 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_075_Moralische_An_und_Aussichten_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:04 - 2015-06-26 21:11 - 60193713 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_076_Dunkle_Taten_in_dunklen_Hallen_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:04 - 2015-06-26 21:11 - 57717085 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_078_Puff_oder_Waisenhaus_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:03 - 2015-06-26 21:11 - 65645281 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_072_Gay_Guy_gegen_Kampflesbe_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:03 - 2015-06-26 21:11 - 63307680 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_074_Der_Wüstenstern_im_Sandfall_Palast_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:03 - 2015-06-26 21:11 - 62982926 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_073_Aurora_kaufen_erforschen_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:02 - 2015-06-26 21:11 - 83661622 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_070_Erotische_Hühnerliebe_Killer_Chicken_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:02 - 2015-06-26 21:11 - 72943694 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_071_Genozid_der_Zwerge_III_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:02 - 2015-06-26 21:10 - 66190754 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_068_Genozid_der_Zwerge_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:02 - 2015-06-26 21:09 - 60608851 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_069_Genozid_der_oh_geil_ne_Frau_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:02 - 2015-06-26 21:08 - 54591914 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_067_Chicken_King_mit_Double_Cheese_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:01 - 2015-06-26 21:10 - 80932837 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_066_Vom_Alten_Viertel_zu_alten_Sünden_★_Let_s_Play_Fable_3_small.flv
2015-06-26 21:01 - 2015-06-26 21:08 - 69048053 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_065_Alter_Freund_in_neuen_Albträumen_★_Let_s_Play_Fable_3_small.flv
2015-06-26 03:29 - 2015-06-26 03:29 - 00459840 _____ C:\Users\Rayleigh\climb10.fbx
2015-06-25 21:48 - 2015-06-25 21:48 - 00014634 _____ C:\Users\Rayleigh\Downloads\Unity Asset - Dinosaur Pack 1.0 v1.01 (Sep 13, 2012).torrent
2015-06-25 21:25 - 2015-06-25 21:28 - 77057097 _____ C:\Users\Rayleigh\Documents\RAIN_v2_1_Quick_Start_Sample_Project_and_Character_Rigging_in_less_than_15_mins_hd720(1).mp4
2015-06-25 21:24 - 2015-06-25 21:29 - 113965780 _____ C:\Users\Rayleigh\Documents\New_Input_System_and_Mobile_development_hd720.mp4
2015-06-25 21:24 - 2015-06-25 21:28 - 92848291 _____ C:\Users\Rayleigh\Documents\UnityFS_Aircraft_Creation_4_Control_Surfaces_and_Aerofoils_hd720.mp4
2015-06-25 21:24 - 2015-06-25 21:27 - 63486785 _____ C:\Users\Rayleigh\Documents\UnityFS_Aircraft_Creation_5_Animated_Control_Surfaces_hd720.mp4
2015-06-25 21:23 - 2015-06-25 21:25 - 38515958 _____ C:\Users\Rayleigh\Documents\UnityFS_Aircraft_Creation_3_Adding_Wheels_and_Engines_hd720.mp4
2015-06-25 21:22 - 2015-06-25 21:28 - 106636361 _____ C:\Users\Rayleigh\Documents\UnityFS_Aircraft_Creation_2_Rigging_Wings_hd720(1).mp4
2015-06-25 21:22 - 2015-06-25 21:23 - 46116981 _____ C:\Users\Rayleigh\Documents\UnityFS_Aircraft_Creation_1_Getting_Started_hd720.mp4
2015-06-25 17:29 - 2015-06-25 17:29 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\Rival Theory
2015-06-24 23:13 - 2015-06-30 17:14 - 00017408 _____ C:\Windows\SysWOW64\rpcnetp.dll
2015-06-24 23:08 - 2015-06-30 17:10 - 00017408 _____ C:\Windows\SysWOW64\rpcnetp.exe
2015-06-24 16:14 - 2015-06-24 16:14 - 00000000 ____D C:\Users\Rayleigh\Downloads\handcuffs.c4d
2015-06-23 23:34 - 2015-06-23 23:34 - 00137329 _____ C:\Users\Rayleigh\Downloads\dinasour - bykjaer.lib4d
2015-06-23 20:28 - 2015-06-23 20:28 - 00023355 _____ C:\Users\Rayleigh\Downloads\DayZ_Union_0_53_Sborka_Verner_rar_torrent.torrent
2015-06-22 21:35 - 2015-06-22 21:35 - 00048064 _____ C:\Users\Rayleigh\Downloads\DayZ_SA_v_0_57_128035_torrent.torrent
2015-06-22 18:29 - 2015-06-22 18:29 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-06-22 18:29 - 2015-06-22 18:29 - 00000000 ____D C:\Windows\system32\NV
2015-06-22 18:29 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-22 18:25 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-22 18:25 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-22 18:25 - 2015-06-17 11:10 - 00031376 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-06-22 15:35 - 2015-06-22 15:35 - 00066692 _____ C:\Users\Rayleigh\Downloads\poetsen_one.zip
2015-06-22 15:07 - 2015-06-22 15:07 - 00000222 _____ C:\Users\Rayleigh\Desktop\TIS-100.url
2015-06-22 13:40 - 2015-06-22 13:40 - 00001632 _____ C:\Users\Rayleigh\Desktop\TexturePackerGUI.exe - Verknüpfung.lnk
2015-06-22 13:37 - 2015-06-22 13:37 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TexturePacker
2015-06-22 13:37 - 2015-06-22 13:37 - 00000000 ____D C:\Program Files\texturepacker3.3
2015-06-22 13:19 - 2015-06-22 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TexturePacker
2015-06-22 12:38 - 2015-06-22 13:37 - 00002941 _____ C:\Users\Rayleigh\Desktop\TexturePackerGUI.lnk
2015-06-22 12:38 - 2015-06-22 13:07 - 00000000 ____D C:\Program Files\CodeAndWeb
2015-06-22 11:10 - 2015-06-22 11:10 - 12956475 _____ C:\Users\Rayleigh\Downloads\google-analytics-plugin-for-unity-master.zip
2015-06-21 17:18 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-21 17:18 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-21 17:10 - 2015-06-21 17:10 - 00478025 _____ C:\Users\Rayleigh\Downloads\PolyNav - 2D Pathfinding (ver 1.5.0).unitypackage
2015-06-21 14:34 - 2015-06-21 14:45 - 54430800 _____ C:\Users\Rayleigh\Downloads\The Stomping Land models.rar
2015-06-21 01:48 - 2015-06-21 01:48 - 00002124 _____ C:\Users\Rayleigh\AppData\Local\recently-used.xbel
2015-06-20 21:08 - 2015-06-20 21:14 - 92518883 _____ C:\Users\Rayleigh\Documents\Fuzzy_AI_Rundown_hd720.mp4
2015-06-20 21:08 - 2015-06-20 21:14 - 108166973 _____ C:\Users\Rayleigh\Documents\AI_Template_Creation_hd720.mp4
2015-06-20 20:50 - 2015-06-20 20:50 - 00002058 _____ C:\Users\Rayleigh\Desktop\JDownloader 2.lnk
2015-06-20 20:50 - 2015-06-20 20:50 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-06-20 20:45 - 2015-06-30 17:27 - 00000000 ____D C:\Users\Rayleigh\AppData\Local\JDownloader 2.0
2015-06-20 20:39 - 2015-06-20 20:42 - 80142623 _____ C:\Users\Rayleigh\Documents\Let_s_Play_ARK_Survival_Evolved_Deutsch_16_Die_wahren_Könige_des_Servers_small.flv
2015-06-20 20:35 - 2015-06-20 20:37 - 110654100 _____ C:\Users\Rayleigh\Documents\WITCHER_3_035_Zusammengepfercht_und_verbrannt_★_Let_s_Play_The_Witcher_3_small.flv
2015-06-20 20:05 - 2015-06-20 20:05 - 00000000 ____D C:\Users\Rayleigh\Downloads\JDownloader
2015-06-20 19:42 - 2015-06-20 19:45 - 88216837 _____ C:\Users\Rayleigh\Documents\TAGALOG_LOVE_SONG_NON_STOP_PART_01_small.flv
2015-06-20 16:04 - 2015-06-20 16:04 - 00001095 _____ C:\Users\Public\Desktop\Unity 5.1.1f1 (64-bit).lnk
2015-06-20 16:04 - 2015-06-20 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.1f1 (64-bit)
2015-06-19 21:47 - 2015-06-19 21:48 - 68566434 _____ C:\Users\Rayleigh\Documents\Let_s_Play_ARK_Survival_Evolved_Deutsch_15_Vergewaltigt_und_Zerstört_small.flv
2015-06-19 21:35 - 2015-06-19 21:35 - 00002536 _____ C:\Users\Rayleigh\Downloads\CCAlert.rar
2015-06-19 21:29 - 2015-06-19 21:31 - 72954695 _____ C:\Users\Rayleigh\Documents\D_best_NON_STOP_SLOWROCK_small.flv
2015-06-19 18:28 - 2015-06-19 18:28 - 59599166 _____ C:\Users\Rayleigh\Documents\ARK_S01E017_Fischers_Fritze_frisst_frische_Fische_★_Let_s_Survive_ARK_small.flv
2015-06-18 18:28 - 2015-06-18 18:28 - 00920687 _____ C:\Users\Rayleigh\Downloads\DayZ InsurgencyHack Sources_[www.unknowncheats.me]_ (1).rar
2015-06-18 18:22 - 2015-06-18 18:22 - 00027732 _____ C:\Users\Rayleigh\Downloads\BNS-Torrent.torrent
2015-06-18 18:03 - 2015-06-18 18:03 - 00920687 _____ C:\Users\Rayleigh\Downloads\DayZ InsurgencyHack Sources_[www.unknowncheats.me]_.rar
2015-06-17 21:50 - 2015-06-17 21:55 - 419616132 _____ (Igor Pavlov) C:\Users\Rayleigh\Downloads\android-ndk-r10e-windows-x86_64.exe
2015-06-17 21:29 - 2015-06-17 21:31 - 55101707 _____ C:\Users\Rayleigh\Documents\ARK_S01E015_Bei_dieser_Zwille_braucht_s_ne_Brille_★_Let_s_Survive_ARK_small.flv
2015-06-17 00:10 - 2015-06-28 22:00 - 00000646 _____ C:\Users\Rayleigh\mariodaz.txt
2015-06-16 21:50 - 2015-06-16 21:53 - 125962142 _____ C:\Users\Rayleigh\Documents\Maya_2014_Texture_Tip_for_UV_Mapping_Tutorial_by_Stuart_Christensen_hd720(1).mp4
2015-06-16 21:27 - 2015-06-16 21:28 - 69077365 _____ C:\Users\Rayleigh\Documents\Android_Cocos2d_x_Push_Notifications_hd720.mp4
2015-06-16 21:25 - 2015-06-16 21:30 - 93661944 _____ C:\Users\Rayleigh\Documents\Cocos2d_x_v3_C_Tutorial_4_Multi_Resolution_Support_hd720(1).mp4
2015-06-16 21:25 - 2015-06-16 21:27 - 22298321 _____ C:\Users\Rayleigh\Documents\Cocos2d_x_v3_C_Tutorial_5_Adding_a_Sprite_hd720(1).mp4
2015-06-16 21:25 - 2015-06-16 21:26 - 98325117 _____ C:\Users\Rayleigh\Documents\Cocos2d_x_v3_C_Tutorial_3_Setting_Up_For_Android_On_Windows_hd720.mp4
2015-06-16 18:18 - 2015-06-16 18:18 - 00000000 ____D C:\Users\Rayleigh\Downloads\wallworm_material_merge
2015-06-16 18:14 - 2015-06-16 18:14 - 00007832 _____ C:\Users\Rayleigh\Downloads\wallworm_material_merge.zip
2015-06-16 16:40 - 2015-06-16 16:41 - 53853079 _____ C:\Users\Rayleigh\Documents\UFE_1_6_UI_Tutorial_hd720.mp4
2015-06-16 16:26 - 2015-06-16 16:31 - 27501906 _____ C:\Users\Rayleigh\Downloads\naruto source code2.zip
2015-06-16 16:26 - 2015-06-16 16:30 - 26915744 _____ C:\Users\Rayleigh\Downloads\naruto  source codes.zip
2015-06-16 16:00 - 2015-06-16 16:00 - 25633187 _____ C:\Users\Rayleigh\Documents\how_to_import_Bubble_Shooter_Easter_Bunny_package_in_Unity3d_hd720.mp4
2015-06-15 21:28 - 2015-06-15 21:29 - 53026906 _____ C:\Users\Rayleigh\Documents\ARK_S01E013_Tschö_Regenwald_Hallo_Beistelltischchen_★_Let_s_Survive_ARK_small.flv
2015-06-15 16:53 - 2015-06-15 16:53 - 00000000 ____D C:\Users\Rayleigh\AppData\Local\Razer
2015-06-15 14:55 - 2015-06-15 14:55 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\com.playsaurus.heroclicker
2015-06-15 14:34 - 2015-06-15 14:34 - 00000222 _____ C:\Users\Rayleigh\Desktop\Clicker Heroes.url
2015-06-15 11:14 - 2015-06-15 11:14 - 04957607 _____ C:\Users\Rayleigh\Downloads\assaultriflescene.mview
2015-06-15 10:59 - 2015-06-15 10:59 - 05915533 _____ C:\Users\Rayleigh\Downloads\Electric Chair.rar
2015-06-15 10:33 - 2015-06-15 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Altera 13.1.0.162
2015-06-15 10:18 - 2015-06-15 10:18 - 00000000 ____D C:\altera
2015-06-14 04:40 - 2015-06-14 04:40 - 02187276 _____ C:\Users\Rayleigh\Documents\Untitled.psd
2015-06-13 21:58 - 2015-06-13 21:59 - 63101202 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_040_Geleit_für_den_Pleitegeier_★_Let_s_Play_Fable_3_small.flv
2015-06-13 21:57 - 2015-06-13 21:59 - 69369493 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_039_Zipfelklatschen_★_Let_s_Play_Fable_3_small.flv
2015-06-13 21:52 - 2015-06-13 21:56 - 71565220 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_035_Knochenjagd_in_Silverpine_★_Let_s_Play_Fable_3.flv
2015-06-13 21:52 - 2015-06-13 21:56 - 71250238 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_038_Böse_Zwerge_of_Extreme_Evilness_★_Let_s_Play_Fable_3_small.flv
2015-06-13 21:52 - 2015-06-13 21:56 - 69501743 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_037_Die_Gründung_von_Driftwood_★_Let_s_Play_Fable_3_small.flv
2015-06-13 21:52 - 2015-06-13 21:56 - 67214834 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_036_Wolfsfluch_★_Let_s_Play_Fable_3_small.flv
2015-06-13 21:51 - 2015-06-13 21:56 - 71565220 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_034_Die_Zwergenarmee_der_Mütterlichen_Ratschläge_★_Let_s_Play_Fable_3_small.flv
2015-06-13 21:51 - 2015-06-13 21:55 - 50223452 _____ C:\Users\Rayleigh\Documents\FABLE_3_HD_033_Zwerge_Wolfsrudel_eine_Jagdhütte_★_Let_s_Play_Fable_3_small.flv
2015-06-13 21:50 - 2015-06-13 21:54 - 83804331 _____ C:\Users\Rayleigh\Documents\DAZ_to_Unity_part_02_avi_hd720.mp4
2015-06-13 21:50 - 2015-06-13 21:51 - 53795286 _____ C:\Users\Rayleigh\Documents\DAZ_to_Unity_part_01_avi_hd720(1).mp4
2015-06-13 21:50 - 2015-06-13 21:51 - 21953017 _____ C:\Users\Rayleigh\Documents\DAZ_to_Unity_part_03_avi_hd720.mp4
2015-06-13 11:20 - 2015-06-14 03:32 - 00001121 _____ C:\Users\Rayleigh\Desktop\Ultimate Unwrap3D Pro (x64).lnk
2015-06-13 11:20 - 2015-06-13 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Unwrap3D Pro (x64)
2015-06-13 11:20 - 2015-06-13 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-06-13 11:20 - 2015-06-13 11:20 - 00000000 ____D C:\Program Files\Ultimate Unwrap3D Pro (x64)
2015-06-13 11:19 - 2015-06-13 11:19 - 00000000 ____D C:\Users\Rayleigh\Downloads\U3Dv35010x64
2015-06-13 11:18 - 2015-06-13 11:19 - 11712887 _____ C:\Users\Rayleigh\Downloads\U3Dv35010x64.zip
2015-06-12 18:15 - 2015-06-12 18:15 - 00000000 ____D C:\Users\Rayleigh\AppData\Local\Razer_Inc
2015-06-12 17:59 - 2015-03-03 19:47 - 00129600 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2015-06-12 17:58 - 2015-06-12 17:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2015-06-12 17:58 - 2015-06-12 17:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf
2015-06-12 17:58 - 2015-02-05 01:24 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2015-06-12 17:54 - 2015-06-13 11:20 - 00000000 ____D C:\ProgramData\Razer
2015-06-12 17:54 - 2015-06-13 11:20 - 00000000 ____D C:\Program Files (x86)\Razer
2015-06-12 13:10 - 2015-06-12 13:10 - 03689432 _____ C:\Users\Rayleigh\Downloads\SAMSUNG_Android_USB_Composite_Device_Driver_5.28.2.1.zip
2015-06-11 15:45 - 2015-06-11 15:45 - 00000000 ____D C:\Users\Rayleigh\Downloads\last_ninja
2015-06-11 15:44 - 2015-06-11 15:44 - 00016552 _____ C:\Users\Rayleigh\Downloads\last_ninja.zip
2015-06-10 21:48 - 2015-06-10 21:48 - 00055489 _____ C:\Users\Rayleigh\Downloads\Amplify Motion.unitypackage
2015-06-09 13:44 - 2015-06-09 13:44 - 00022418 _____ C:\Users\Rayleigh\Downloads\main_out.js
2015-06-09 08:32 - 2015-06-09 08:34 - 23372711 _____ C:\Users\Rayleigh\Downloads\fashion.apk
2015-06-07 21:57 - 2015-06-07 21:59 - 56171969 _____ C:\Users\Rayleigh\Documents\Ultimate_Isometric_Toolkit_Level_Generator_Part_2_hd720.mp4
2015-06-07 21:57 - 2015-06-07 21:58 - 64663662 _____ C:\Users\Rayleigh\Documents\Update_1_2_1_Ultimate_Isometric_Toolkit_hd720.mp4
2015-06-07 21:57 - 2015-06-07 21:58 - 46964747 _____ C:\Users\Rayleigh\Documents\Ultimate_Isometric_Toolkit_Level_Generator_Part_1_hd720.mp4
2015-06-07 21:53 - 2015-06-07 21:53 - 06178978 _____ C:\Users\Rayleigh\Downloads\Mine-In-Unity-master.zip
2015-06-07 21:22 - 2015-06-07 21:23 - 44369700 _____ C:\Users\Rayleigh\Documents\Kali_Linux_WEP_Cracken_Tutorial_Deutsch_HD_hd720.mp4
2015-06-07 21:21 - 2015-06-07 21:22 - 63448686 _____ C:\Users\Rayleigh\Documents\►_Kali_Linux_Reaver_WPS_Pin_Cracking_Tutorial_objektiv_Deutsch_HD_hd720.mp4
2015-06-07 21:20 - 2015-06-07 21:22 - 133873537 _____ C:\Users\Rayleigh\Documents\►_Kali_Linux_Installation_VMware_Installation_von_VMware_Tools_Tutorial_Deutsch_HD_hd720.mp4
2015-06-07 21:19 - 2015-06-07 21:20 - 92820955 _____ C:\Users\Rayleigh\Documents\Kali_Linux_Backdoor_Trojaner_erstellen_Deutsch_720p_HD_hd720.mp4
2015-06-07 14:50 - 2015-06-07 14:51 - 44658479 _____ C:\Users\Rayleigh\Downloads\EasyRoads3D.v3.beta5.zip
2015-06-06 14:34 - 2015-06-06 14:42 - 47389022 _____ C:\Users\Rayleigh\Documents\ScreenCapture_2015_06_06_2_47_50_AM_large.mp4
2015-06-06 14:20 - 2015-06-06 14:20 - 00146183 _____ C:\Users\Rayleigh\Downloads\YouTube-Unblocker-056.crx
2015-06-06 14:20 - 2015-06-06 14:20 - 00000000 ____D C:\Users\Rayleigh\Downloads\0.5.6_0
2015-06-05 13:55 - 2015-06-05 13:55 - 01274945 _____ C:\Users\Rayleigh\Downloads\zeigerdiagramm (1).eps
2015-06-05 13:52 - 2015-06-05 13:52 - 01274945 _____ C:\Users\Rayleigh\Downloads\zeigerdiagramm.eps
2015-06-05 11:47 - 2015-06-05 11:47 - 01808146 _____ C:\Users\Rayleigh\Downloads\FPS MESH TOOL.rar
2015-06-04 18:25 - 2015-06-04 18:25 - 00660404 _____ C:\Users\Rayleigh\Downloads\xtreem.zip
2015-06-04 18:24 - 2015-06-04 18:24 - 00032911 _____ C:\Users\Rayleigh\Downloads\bignoodle_titling.zip
2015-06-04 18:23 - 2015-06-04 18:23 - 00016853 _____ C:\Users\Rayleigh\Downloads\planet_kosmos.zip
2015-06-04 16:09 - 2015-06-04 16:09 - 01089752 _____ (Unity Technologies ApS) C:\Users\Rayleigh\Downloads\UnityWebPlayer (5).exe
2015-06-04 15:52 - 2015-06-04 15:53 - 49308615 _____ C:\Users\Rayleigh\Downloads\Simple match-three animals puzzle.unitypackage
2015-06-03 18:23 - 2015-06-03 19:23 - 00000176 _____ C:\Users\Rayleigh\emailgoogle.txt
2015-06-03 15:56 - 2015-06-03 15:56 - 00019848 _____ C:\Users\Rayleigh\Downloads\proxy_socks_auth.csv
2015-06-03 15:56 - 2015-06-03 15:56 - 00019848 _____ C:\Users\Rayleigh\Downloads\proxy_socks_auth (1).txt
2015-06-03 15:55 - 2015-06-03 15:55 - 00019848 _____ C:\Users\Rayleigh\Downloads\proxy_socks_ip.csv
2015-06-03 15:54 - 2015-06-03 15:54 - 00019848 _____ C:\Users\Rayleigh\Downloads\proxy_socks_auth.txt
2015-06-03 10:37 - 2015-06-29 09:16 - 00000000 ____D C:\Program Files (x86)\SecureW2
2015-06-03 00:18 - 2015-06-03 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-02 23:59 - 2015-06-03 01:18 - 00003021 _____ C:\Users\Rayleigh\seoandroidmario.txt
2015-06-02 22:08 - 2015-06-02 22:08 - 00000000 ____D C:\Users\Rayleigh\Downloads\STEVEN1578RIPRUSTHACK_[www.unknowncheats.me]_
2015-06-02 21:51 - 2015-06-02 21:52 - 00874903 _____ C:\Users\Rayleigh\Downloads\STEVEN1578RIPRUSTHACK_[www.unknowncheats.me]_.rar
2015-06-02 21:01 - 2015-06-02 21:01 - 00000222 _____ C:\Users\Rayleigh\Desktop\Rust.url
2015-06-02 15:26 - 2015-06-02 15:26 - 00000183 _____ C:\Users\Rayleigh\Downloads\100325061566 (1).sdx
2015-06-02 12:54 - 2015-06-02 12:54 - 00000000 ____D C:\Users\Rayleigh\Downloads\TexturePacker-3.2.1-x86
2015-06-02 12:09 - 2015-06-02 12:09 - 13730809 _____ C:\Users\Rayleigh\Downloads\TexturePacker-3.2.1-x86.7z
2015-06-02 12:06 - 2015-06-02 12:06 - 00000000 ____D C:\Users\Rayleigh\Downloads\Texture Packer Pro3.3 (1)
2015-06-02 12:05 - 2015-06-02 12:05 - 07738237 _____ C:\Users\Rayleigh\Downloads\Texture Packer Pro3.3 (1).rar
2015-06-02 11:38 - 2015-06-02 11:38 - 31318016 _____ C:\Users\Rayleigh\Downloads\TexturePacker-3.8.0-x64.msi
2015-06-02 11:36 - 2015-06-02 11:36 - 00010002 _____ C:\Users\Rayleigh\Downloads\Tools_MapToAtlas.ms
2015-06-02 11:34 - 2015-06-02 11:34 - 00004069 _____ C:\Users\Rayleigh\Downloads\ab34749ad4.ms.txt
2015-06-02 11:09 - 2015-06-02 11:53 - 00000000 ____D C:\Users\Rayleigh\Downloads\TexAtlasGen-v1.0.3
2015-06-02 11:06 - 2015-06-02 11:06 - 00015157 _____ C:\Users\Rayleigh\Downloads\TexAtlasGen-v1.0.3.rar
2015-06-02 00:45 - 2015-06-02 00:45 - 00097203 _____ C:\Users\Rayleigh\Downloads\Carbon-BI-Regular.zip
2015-06-02 00:45 - 2015-06-02 00:45 - 00000000 ____D C:\Users\Rayleigh\Downloads\Carbon-BI-Regular
2015-06-02 00:22 - 2015-06-02 00:25 - 00000000 ____D C:\Users\Rayleigh\Adobe Application Manager 9.0
2015-06-02 00:20 - 2015-06-02 00:21 - 68641544 _____ (Adobe Systems Incorporated) C:\Users\Rayleigh\Downloads\ApplicationManager9.0_all.exe
2015-06-01 22:40 - 2015-06-01 22:40 - 00000691 _____ C:\Users\Public\Desktop\Hatred.lnk
2015-06-01 22:40 - 2015-06-01 22:40 - 00000691 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hatred.lnk
2015-06-01 21:53 - 2015-06-12 01:43 - 00001709 _____ C:\Users\Rayleigh\mari.txt
2015-06-01 21:48 - 2015-06-01 21:48 - 00983840 _____ C:\Users\Rayleigh\Downloads\Extreme Injector v3.3 - by master131_[www.unknowncheats.me]_.rar
2015-06-01 21:48 - 2015-06-01 21:48 - 00000000 ____D C:\Users\Rayleigh\Downloads\Extreme Injector v3.3 - by master131_[www.unknowncheats.me]_
2015-06-01 21:47 - 2015-06-01 21:47 - 07059359 _____ C:\Users\Rayleigh\Downloads\Cocacola_[www.unknowncheats.me]_.zip
2015-06-01 21:45 - 2015-06-01 21:45 - 00000000 ____D C:\Users\Rayleigh\Downloads\CocacolaAEuro_[www.unknowncheats.me]_
2015-06-01 21:21 - 2015-06-01 21:21 - 00011341 _____ C:\Users\Rayleigh\Downloads\CocacolaAEuro_[www.unknowncheats.me]_.zip
2015-05-31 21:41 - 2015-05-31 21:41 - 35566094 _____ C:\Users\Rayleigh\Documents\Adding_a_new_car_to_Zigzag_Infinite_Runner_hd720.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-30 18:54 - 2012-07-06 14:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-30 18:43 - 2014-02-20 00:20 - 00000000 ____D C:\ProgramData\Unity
2015-06-30 18:34 - 2012-09-02 19:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-30 18:22 - 2012-07-06 14:27 - 01843929 _____ C:\Windows\WindowsUpdate.log
2015-06-30 18:12 - 2014-06-19 00:57 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8b48b4c6b382.job
2015-06-30 18:00 - 2012-10-14 17:28 - 00000000 ____D C:\Users\Rayleigh\AppData\Local\TSVNCache
2015-06-30 17:59 - 2012-09-24 21:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-30 17:23 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-30 17:23 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-30 17:14 - 2014-10-21 15:04 - 00000552 _____ C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job
2015-06-30 17:14 - 2012-12-29 03:14 - 00000000 ____D C:\ProgramData\VMware
2015-06-30 17:13 - 2015-01-27 20:38 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-06-30 17:13 - 2012-09-23 18:13 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\Skype
2015-06-30 17:12 - 2014-10-01 22:21 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\tor
2015-06-30 17:12 - 2014-06-19 00:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8b48afcdbd7f.job
2015-06-30 17:12 - 2012-07-27 19:51 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\uTorrent
2015-06-30 17:12 - 2012-07-06 14:28 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-30 17:11 - 2011-10-11 14:46 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-30 17:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-30 17:10 - 2015-04-25 20:56 - 00017408 _____ C:\Windows\system32\rpcnetp.exe
2015-06-30 16:30 - 2012-12-08 01:08 - 00000000 ____D C:\Users\Rayleigh\AppData\Local\CrashDumps
2015-06-30 15:53 - 2012-07-06 23:04 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\vlc
2015-06-30 14:42 - 2012-07-25 01:23 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-30 14:08 - 2012-07-25 12:32 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-30 10:57 - 2012-09-24 21:32 - 00007584 _____ C:\Windows\system32\PerfStringBackup.TMP
2015-06-29 15:30 - 2012-07-06 14:32 - 00000000 ____D C:\Users\Rayleigh
2015-06-29 09:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-06-29 09:16 - 2014-10-28 10:55 - 00003170 _____ C:\Windows\System32\Tasks\SecureW2 Task
2015-06-29 02:00 - 2014-07-08 00:50 - 00000000 ____D C:\Users\Rayleigh\AppData\Local\Adobe
2015-06-28 02:21 - 2015-05-14 11:00 - 00000000 ____D C:\Users\Rayleigh\Downloads\Honorbuddy 2.5.13944.787
2015-06-28 02:21 - 2015-04-02 22:03 - 00000000 ____D C:\Users\Rayleigh\Downloads\Honorbuddy 2.5.13384.780
2015-06-28 02:21 - 2015-03-20 12:31 - 00000000 ____D C:\Users\Rayleigh\Downloads\Honorbuddy 2.5.13286.775
2015-06-26 21:54 - 2015-04-21 23:33 - 00000034 _____ C:\Users\Rayleigh\AppData\Roaming\AdobeWLCMCache.dat
2015-06-26 17:29 - 2015-02-04 00:07 - 00000000 ____D C:\AdwCleaner
2015-06-26 17:16 - 2013-11-15 16:49 - 00000000 ____D C:\Users\Rayleigh\AppData\Local\Deployment
2015-06-26 12:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-26 03:51 - 2012-09-03 20:27 - 00000000 ____D C:\Users\Rayleigh\Documents\Password Depot
2015-06-24 23:17 - 2013-07-11 23:37 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-23 21:35 - 2012-09-02 19:21 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-23 21:35 - 2012-09-02 19:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-23 21:35 - 2011-08-10 21:09 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-23 17:40 - 2015-01-10 03:12 - 00000000 ____D C:\Users\Rayleigh\AppData\Local\LumaEmu_SteamCloud
2015-06-23 16:15 - 2013-05-21 02:06 - 00000000 ____D C:\Users\Rayleigh\Documents\Visual Studio 2012
2015-06-22 20:50 - 2012-09-23 18:12 - 00000000 ____D C:\ProgramData\Skype
2015-06-22 18:29 - 2013-07-24 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-22 18:29 - 2013-07-24 16:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-22 18:25 - 2012-09-23 13:26 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-22 15:53 - 2012-07-07 22:54 - 00000000 ____D C:\Users\Rayleigh\Documents\My Games
2015-06-21 19:26 - 2014-12-03 13:43 - 00000000 ____D C:\Users\Rayleigh\Documents\test
2015-06-21 19:02 - 2015-02-18 01:23 - 00001456 _____ C:\Users\Rayleigh\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-06-21 18:13 - 2014-09-10 23:35 - 00049536 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\agremove.exe
2015-06-21 01:49 - 2012-09-17 18:53 - 00000000 ____D C:\Users\Rayleigh\.gimp-2.8
2015-06-20 16:05 - 2015-03-26 22:06 - 00000000 ____D C:\Program Files (x86)\unity5
2015-06-19 12:54 - 2015-05-17 21:36 - 00001532 _____ C:\Users\Rayleigh\alle assets die ich habe#.txt
2015-06-17 11:10 - 2015-01-27 22:59 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-06-17 11:10 - 2015-01-27 22:59 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-06-17 11:10 - 2014-11-09 22:13 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-17 11:10 - 2013-07-24 16:56 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-06-17 11:10 - 2013-07-24 16:56 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-17 11:10 - 2013-07-24 16:56 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-17 11:10 - 2013-07-24 16:56 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-17 11:10 - 2013-07-24 16:56 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-17 11:10 - 2013-07-24 16:56 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-06-17 11:10 - 2013-07-24 16:56 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-06-17 08:48 - 2013-07-24 16:57 - 06873232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-06-17 08:48 - 2013-07-24 16:57 - 03492168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-06-17 08:48 - 2013-07-24 16:57 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-06-17 08:48 - 2013-07-24 16:57 - 01059472 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-06-17 08:48 - 2013-07-24 16:57 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-06-17 08:48 - 2013-07-24 16:57 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-06-17 08:48 - 2013-07-24 16:57 - 00074896 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-06-17 08:48 - 2013-07-24 16:57 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-06-17 00:33 - 2014-02-27 23:29 - 00000000 ____D C:\Users\Rayleigh\Downloads\unity3d tools
2015-06-16 17:26 - 2012-07-13 00:49 - 00000000 ____D C:\Users\Rayleigh\Documents\SQL Server Management Studio
2015-06-13 11:20 - 2014-12-11 00:33 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\Bolthouse Software
2015-06-12 22:00 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-12 18:15 - 2013-11-30 16:39 - 00000000 ____D C:\Program Files (x86)\Guild Wars 2 Game Client
2015-06-11 16:58 - 2012-12-22 23:55 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-06-11 16:55 - 2015-02-08 18:52 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-06-11 16:53 - 2012-07-06 14:59 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\Adobe
2015-06-11 16:52 - 2012-12-22 23:45 - 00000000 ____D C:\Program Files\Adobe
2015-06-11 13:16 - 2013-12-26 14:49 - 00000567 _____ C:\Users\Rayleigh\AppData\Roaming\prio.ini
2015-06-07 23:32 - 2015-02-09 01:09 - 00005064 _____ C:\Users\Rayleigh\Downloads\testa account für rache.txt
2015-06-06 23:08 - 2015-03-22 23:57 - 00000000 ____D C:\Users\Rayleigh\Downloads\wpepro09mod (4)
2015-06-06 23:08 - 2015-03-22 23:55 - 00000000 ____D C:\Users\Rayleigh\Downloads\wpepro09mod (2)
2015-06-06 23:08 - 2015-01-09 11:34 - 00000000 ____D C:\Users\Rayleigh\Downloads\DayZ_Whitelister
2015-06-06 23:08 - 2014-08-31 03:26 - 00000000 ____D C:\Users\Rayleigh\Downloads\ArmA Script Encryptor_mpgh.net
2015-06-06 23:08 - 2014-08-23 22:46 - 00000000 ____D C:\Users\Rayleigh\Downloads\FaithInjector[metinforum]
2015-06-06 23:08 - 2014-08-11 15:35 - 00000000 ____D C:\Users\Rayleigh\Downloads\wpepro09mod 4
2015-06-05 00:49 - 2012-09-22 17:18 - 00000000 ____D C:\Users\Rayleigh\.VirtualBox
2015-06-03 23:04 - 2014-07-30 18:20 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-03 23:04 - 2014-07-30 18:20 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-03 23:04 - 2014-05-24 09:37 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-03 23:04 - 2014-05-24 09:37 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-03 10:42 - 2012-07-11 13:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-02 16:11 - 2013-07-24 16:57 - 04421614 _____ C:\Windows\system32\nvcoproc.bin
2015-06-02 16:08 - 2014-09-23 19:18 - 00029124 _____ C:\Users\Rayleigh\Downloads\SecureDownloadManager.log
2015-06-02 11:45 - 2015-01-16 20:02 - 00000000 ____D C:\Users\Rayleigh\Documents\3dsMax
2015-06-02 01:48 - 2014-12-11 02:46 - 00000000 ____D C:\tmp
2015-06-01 23:22 - 2013-03-12 19:45 - 00000000 ____D C:\Users\Rayleigh\bot spot
2015-06-01 22:55 - 2015-01-03 12:36 - 00000000 ____D C:\Users\Rayleigh\Downloads\CDPatcher (2)
2015-05-31 22:00 - 2015-01-15 22:42 - 00000000 ____D C:\Users\Rayleigh\VirtualBox VMs
2015-05-31 21:58 - 2015-01-15 22:41 - 00000000 ____D C:\Users\Rayleigh\AppData\Roaming\Andy

==================== Files in the root of some directories =======

2013-12-17 22:31 - 2013-12-17 22:31 - 0000012 _____ () C:\Users\Rayleigh\AppData\Roaming\0279
2015-04-21 23:33 - 2015-06-26 21:54 - 0000034 _____ () C:\Users\Rayleigh\AppData\Roaming\AdobeWLCMCache.dat
2012-07-13 23:45 - 2012-07-13 23:45 - 0000000 _____ () C:\Users\Rayleigh\AppData\Roaming\FileIn.cns
2012-07-13 23:45 - 2012-07-13 23:45 - 0000000 _____ () C:\Users\Rayleigh\AppData\Roaming\FileOut.cns
2014-05-05 17:57 - 2014-05-05 17:57 - 0000000 _____ () C:\Users\Rayleigh\AppData\Roaming\gdfw.log
2014-05-05 17:57 - 2014-05-05 17:57 - 0000779 _____ () C:\Users\Rayleigh\AppData\Roaming\gdscan.log
2013-12-26 14:49 - 2015-06-11 13:16 - 0000567 _____ () C:\Users\Rayleigh\AppData\Roaming\prio.ini
2013-12-17 22:31 - 2013-12-17 22:31 - 0000012 _____ () C:\Users\Rayleigh\AppData\Local\2232
2015-02-18 01:23 - 2015-06-21 19:02 - 0001456 _____ () C:\Users\Rayleigh\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2012-08-12 14:03 - 2015-04-26 01:12 - 0011264 _____ () C:\Users\Rayleigh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-14 13:49 - 2012-07-14 13:49 - 0000096 _____ () C:\Users\Rayleigh\AppData\Local\fusioncache.dat
2015-01-16 16:51 - 2015-01-16 16:51 - 0003584 _____ () C:\Users\Rayleigh\AppData\Local\GfxDrvMetrics-6528.stat
2015-01-16 16:29 - 2015-01-16 16:29 - 0003584 _____ () C:\Users\Rayleigh\AppData\Local\GfxDrvMetrics-9948.stat
2015-01-16 16:26 - 2015-01-16 17:51 - 0001536 _____ () C:\Users\Rayleigh\AppData\Local\GfxMetrics.cfg
2012-11-04 01:03 - 2012-11-04 01:03 - 0004819 _____ () C:\Users\Rayleigh\AppData\Local\IWDAudHelper.20121104.000329.txt
2014-10-23 15:48 - 2014-10-23 15:48 - 0000000 ___SH () C:\Users\Rayleigh\AppData\Local\LumaEmu
2012-11-04 01:01 - 2012-11-04 01:01 - 0001579 _____ () C:\Users\Rayleigh\AppData\Local\PDLSetup.20121104.000136.txt
2012-11-04 01:03 - 2012-11-04 01:03 - 0000661 _____ () C:\Users\Rayleigh\AppData\Local\PDLSetup.20121104.000310.txt
2012-11-04 01:03 - 2012-11-04 01:03 - 0001603 _____ () C:\Users\Rayleigh\AppData\Local\PDLSetup.20121104.000311.txt
2012-11-04 01:03 - 2012-11-04 01:03 - 0001245 _____ () C:\Users\Rayleigh\AppData\Local\PDLSetup.20121104.000314.txt
2012-11-04 01:04 - 2012-11-04 01:04 - 0001227 _____ () C:\Users\Rayleigh\AppData\Local\PDLSetup.20121104.000400.txt
2012-11-04 01:06 - 2012-11-04 01:06 - 0001526 _____ () C:\Users\Rayleigh\AppData\Local\PDLSetup.20121104.000632.txt
2015-06-21 01:48 - 2015-06-21 01:48 - 0002124 _____ () C:\Users\Rayleigh\AppData\Local\recently-used.xbel
2012-09-24 20:37 - 2015-02-26 02:44 - 0007626 _____ () C:\Users\Rayleigh\AppData\Local\Resmon.ResmonCfg
2012-07-06 14:59 - 2012-07-06 14:59 - 0017408 _____ () C:\Users\Rayleigh\AppData\Local\WebpageIcons.db
2015-01-16 00:31 - 2015-01-16 00:31 - 0000000 _____ () C:\Users\Rayleigh\AppData\Local\{1645F8ED-FB78-4E51-BEEC-8F36B78067A9}
2015-01-16 00:31 - 2015-01-16 00:31 - 0000000 _____ () C:\Users\Rayleigh\AppData\Local\{C4AB8F55-8B97-4149-BBFD-B8BDAEE4EB88}
2013-12-17 22:31 - 2013-12-17 22:31 - 0000012 _____ () C:\ProgramData\2103
2013-12-17 22:31 - 2013-12-17 22:31 - 0000012 _____ () C:\ProgramData\7049
2013-12-17 22:31 - 2013-12-17 22:31 - 0000012 _____ () C:\ProgramData\9625
2015-01-15 22:37 - 2015-01-15 22:37 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2013-12-17 23:05 - 2013-12-17 23:05 - 0000114 _____ () C:\ProgramData\VENH1.key

Files to move or delete:
====================
C:\Users\Rayleigh\comm.dll
C:\Users\Rayleigh\jojo.exe
C:\Users\Rayleigh\vlc-2.0.2-win32.exe


Some files in TEMP:
====================
C:\Users\Rayleigh\AppData\Local\Temp\proxy_vole400120657968130423.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2015-06-23 13:28

==================== End of log ============================
         
__________________

Geändert von rayleigh (30.06.2015 um 18:39 Uhr)

Alt 30.06.2015, 18:40   #4
rayleigh
 
Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Rayleigh at 2015-06-30 18:57:11
Running from C:\Users\Rayleigh\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2704303720-1333551685-4236009739-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2704303720-1333551685-4236009739-1010 - Limited - Enabled)
Gast (S-1-5-21-2704303720-1333551685-4236009739-501 - Limited - Disabled)
Rayleigh (S-1-5-21-2704303720-1333551685-4236009739-1002 - Administrator - Enabled) => C:\Users\Rayleigh
SQLDebugger (S-1-5-21-2704303720-1333551685-4236009739-1015 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
123 Free Solitaire v9.0 (HKLM-x32\...\123 Free Solitaire_is1) (Version:  - TreeCardGames)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
AnotherLife Client Version 1.2 (HKLM-x32\...\{1B305614-536F-47B0-917D-140C1D2477BA}}_is1) (Version: 1.2 - Tim Witschel Serververmietung)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version:  - Trion Worlds, Inc.)
Ashampoo ClipFinder HD v.2.2.8 (HKLM-x32\...\Ashampoo ClipFinder HD_is1) (Version: 2.2.8 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
AssaultCube v1.1.0.4 (HKLM-x32\...\AssaultCube_v1.1.0.4) (Version: v1.1.0.4 - )
Audials (HKLM-x32\...\{73ABAA0E-70F0-4048-AD43-A5F5A13A198D}) (Version: 9.1.31900.0 - Audials AG)
Awesomium SDK (HKLM-x32\...\Awesomium SDK 1.7.4.2) (Version: 1.7.4.2 - Awesomium Technologies LLC)
Awesomium SDK (x32 Version: 1.7.4.2 - Awesomium Technologies LLC) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\{7293ACA7-D9B9-4DB9-B7D6-435FFF9CBBD3}) (Version: 0.8.11.3116 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version:  - )
Build Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Christmas Shopper Simulator (HKLM-x32\...\{139C8AA5-BA56-4388-B5EC-31E0BF09A7C6}) (Version: 1.0.0 - Game Retail Ltd.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05152 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05152 - Cisco Systems, Inc.) Hidden
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - )
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
COMPUTERBILD Vorteil-Center (HKLM-x32\...\{B7E68A6D-1C9B-4F18-B021-949115021714}) (Version: 1.1.23 - J3S)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike Source [2013] Update v.2230303 MULTI-2 v.2230303 (HKLM-x32\...\Counter-Strike Source [2013] Update v.2230303 MULTI-2 v.2230303) (Version:  - )
CPU-Control (HKLM-x32\...\CPU-Control_is1) (Version:  - Koma-Code)
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crafty 1.0.2 (HKLM-x32\...\Crafty_is1) (Version:  - Ryan Gregg)
Creatures of Darkness (HKLM-x32\...\{573F9269-A022-4C6F-97BD-CF1316A76369}) (Version: 3.3.1 - Screaming Bee)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DayZ Commander (HKLM-x32\...\{0170930E-68D6-4E85-88B2-82761CDE1F94}) (Version: 0.92.69 - Dotjosh Studios)
DAZ Content Management Service (HKLM-x32\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D)
DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.28) (Version: 1.1.0.28 - DAZ 3D)
DDS Converter 2.1 (HKLM-x32\...\DDS Converter 2.1) (Version:  - )
Decimator DS4 (64bit) (HKLM-x32\...\Decimator DS4 (64bit) 1.4.2.118) (Version: 1.4.2.118 - DAZ 3D)
Deckadance 2 (HKLM-x32\...\Deckadance 2) (Version: 2.0 - Image-Line)
Deep Space Voices (HKLM-x32\...\{67CEC218-B250-4B4C-B23F-A597EC8DB153}) (Version: 3.3.1 - Screaming Bee)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
devolo dLAN-Konfigurationsassistent (HKLM-x32\...\dlanconf) (Version: 20.0.0.0 - devolo AG)
devolo Informer (HKLM-x32\...\dslmon) (Version: 28.0.0.0 - devolo AG)
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
Dimensions3D GenX V3M3 addon for DS 4.5 (64bit) (HKLM-x32\...\Dimensions3D GenX V3M3 addon for DS 4.5 (64bit) 1.2.0.0) (Version: 1.2.0.0 - DAZ 3D)
DisSharp (HKLM-x32\...\{58344DA3-BE43-4B4F-8BF7-7DE69A9CBB77}) (Version: 1.0.8 - NETdecompiler)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dragonball Xenoverse MULTi2 1.0 (HKLM-x32\...\Dragonball Xenoverse MULTi2 1.0) (Version:  - )
Dropbox (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EncVorbis 1.1 (HKLM-x32\...\EncVorbis) (Version: 1.1 - Michael Facquet)
Entity Framework 6.1.0 Tools  for Visual Studio 2013 (HKLM-x32\...\{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}) (Version: 12.0.30228.0 - Microsoft Corporation)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{094D6E27-97CC-447E-8660-56F75CFC1E00}) (Version: 11.1.20702.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version:  - )
Female Voice Pack (HKLM-x32\...\{D947A225-8C23-4E52-866E-CF3967476BFC}) (Version: 3.3.2 - Screaming Bee)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.1.1 - Telerik)
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
Flash Memory Toolkit trial 2.01 (HKLM-x32\...\Flash Memory Toolkit trial_is1) (Version:  - EFD Software)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Studio version 6.4.3.128 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.50.1111 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1111 - DVDVideoSoft Ltd.)
Freez FLV to MP3 Converter (HKLM-x32\...\Freez FLV to MP3 Converter v1.5_is1) (Version: 1.5 - www.smallvideosoft.com)
Furry Voices for Second Life (HKLM-x32\...\{2032DA39-C844-43AE-B638-6A4F7496686E}) (Version: 1.3.1 - Screaming Bee)
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Gabelstapler 2014 1.0.2 (HKLM-x32\...\{9B9000F2-DD0C-40AA-9ED6-6776B83894E1}_is1) (Version:  - UIG Entertainment)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
GameMaker-Studio 1.2 (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\GameMaker-Studio12) (Version:  - YoYo Games Ltd.)
GameMaker-Studio 1.2 (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GameMaker-Studio12) (Version:  - YoYo Games Ltd.)
GamersFirst LIVE! (HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GamersFirst LIVE!) (Version:  - GamersFirst)
GamersFirst LIVE! (HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GamersFirst LIVE!) (Version:  - GamersFirst)
GamersFirst LIVE! (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\GamersFirst LIVE!) (Version:  - GamersFirst)
GamersFirst LIVE! (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GamersFirst LIVE!) (Version:  - GamersFirst)
GamersFirst LIVE! (HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GamersFirst LIVE!) (Version:  - GamersFirst)
GamersFirst LIVE! (HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GamersFirst LIVE!) (Version:  - GamersFirst)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GetFLV 9.3.1.8 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Global Agenda (HKLM-x32\...\Steam App 17020) (Version:  - Hi-Rez Studios)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hex Workshop v6 (HKLM\...\{58A5DD4F-15CB-4342-A0E4-FC4A75F0BEFE}) (Version: 6.0.0.4582 - BreakPoint Software)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
HWiNFO64 Version 4.50 (HKLM\...\HWiNFO64_is1) (Version: 4.50 - Martin Malík - REALiX)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Inhaltsmanager-Assistent für PlayStation(R) (HKLM-x32\...\{4AC85673-668B-4CC4-8800-D28E29B77A90}) (Version: 2.10.6402.20 - Sony Computer Entertainment Inc.)
Instant Demo (HKLM-x32\...\{B40C6E75-C67A-4CB9-A3E7-C8689F2F2C60}) (Version: 8.50.481 - NetPlay Software)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{821B4CA1-D404-4CCA-AEA4-C7D3F40841B1}) (Version: 1.0.0.0135 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0518 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
Intel® INDE Graphics Performance Analyzers 2014 R3 (HKLM\...\{B48DBBEE-2CCB-492E-8678-78ECE93387CA}) (Version: 14.3.1.231370 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Java SE Development Kit 8 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JetBrains dotPeek 1.3 Update 1 (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\{ac382b74-501b-5db7-80b9-d3949a5a90e7}) (Version: 1 - JetBrains s.r.o.)
JetBrains dotPeek 1.3 Update 1 (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{ac382b74-501b-5db7-80b9-d3949a5a90e7}) (Version: 1 - JetBrains s.r.o.)
Joe (HKLM-x32\...\{0AD3DEBC-5321-457E-8B43-8F546940169B}) (Version: 4.00.0050 - Wirth IT Design)
join.me (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\JoinMe) (Version: 1.15.0.136 - LogMeIn, Inc.)
join.me (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\JoinMe) (Version: 1.15.0.136 - LogMeIn, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kerbal Space Program (HKLM-x32\...\Kerbal Space Program_is1) (Version:  - )
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Landwirtschafts-Simulator 15 Deinstallation (HKLM-x32\...\Landwirtschafts-Simulator 15 Deinstallation) (Version: 1.1 - Shadow Eagle)
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.1 (x32 Version: 1.1.20410.1601 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibUSB-Win32-0.1.12.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.12.1 - LibUSB-Win32)
LibUSB-Win32-1.2.6.0 (HKLM\...\LibUSB-Win32_is1) (Version: 1.2.6.0 - LibUSB-Win32)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LockHunter 2.0 beta 2, 64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich, Ltd)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MATLAB R2014a (HKLM\...\Matlab R2014a) (Version: 8.3 - The MathWorks, Inc.)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Memory Profiler (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
mental ray renderer for Autodesk Maya 2014 (HKLM\...\{8057481C-0CFC-43BB-8EEC-C6A0E1C82E19}) (Version: 13.0.1.0 - mental ray)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET-keretrendszer 4.5.1 (magyar) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1038) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{1C3F92D0-3EC5-4CD4-9D5E-1E7834B65BB8}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{8583E7E3-2237-4981-B957-E28E5E9AB678}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{92C5C058-E941-47C3-B7E8-38A79C605969}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{9C3B8582-A72A-4835-8903-877A834407BB}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008-Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008-Richtlinien (HKLM-x32\...\{695E67B6-8B95-4160-9650-92974980CDC1}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1-Abfragetools (Deutsch) (HKLM-x32\...\{0DD2DCC6-21AE-4678-8629-1084B17BE077}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (HKLM-x32\...\{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (HKLM-x32\...\{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{95A2AD24-BD44-3E39-A31F-CE928276577E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (HKLM-x32\...\{31e4d2a5-b246-4c2d-a7fb-aee157c26b02}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{1a3b012e-1e4d-4929-8980-35d33968e593}) (Version: 12.0.30501 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
MilkShape 3D 1.8.5 (HKLM-x32\...\MilkShape 3D 1.8.5) (Version: 1.8.5 - chUmbaLum sOft)
ModelSim-Altera Starter Edition 13.1.0.162 (HKLM-x32\...\ModelSim-Altera Starter Edition 13.1.0.162) (Version: 13.1 - Altera Corporation)
Module Microsoft Report Viewer pour Visual Studio*2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
MorphVOX Effects Rack (HKLM-x32\...\{4439ED25-D9ED-4E78-A41E-6C6C5DCEDE62}) (Version: 4.3.0 - Screaming Bee)
MorphVOX Pro (HKLM-x32\...\{4bfc0d50-0417-46a0-ab1e-475fb1a90916}) (Version: 4.4.17.22603 - Screaming Bee)
MorphVOX Pro (x32 Version: 4.4.17.22603 - Screaming Bee) Hidden
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyFreeCodec) (Version:  - )
MySQL Connector C++ 1.1.2 (HKLM\...\{168EA59E-6139-4096-920A-BEE2BB5FC8A2}) (Version: 1.1.2 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{03B442FC-5A92-490B-8A13-4EBAEA08D857}) (Version: 5.1.23 - Oracle Corporation)
MySQL Connector Net 6.6.5 (HKLM-x32\...\{1AAD0C51-CE9E-4ECD-BB2D-6981472569B1}) (Version: 6.6.5 - Oracle)
MySQL Connector/ODBC 5.2(w) (HKLM\...\{4441EC17-3E4A-4FA0-8818-83537B549A54}) (Version: 5.2.4 - Oracle Corporation)
MySQL Documents 5.6 (HKLM-x32\...\{132E7CFD-3508-4605-90C9-1C9631C56229}) (Version: 5.6.10 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{5E905BCD-6D18-4DA2-B0F9-66DC159DDAB2}) (Version: 5.6.10 - Oracle Corporation)
MySQL For Excel 1.1.0 (HKLM-x32\...\{38404B7E-FF50-4525-8EA0-E1187E4171E4}) (Version: 1.1.0 - Oracle)
MySQL Installer (HKLM-x32\...\{3E39024D-9F83-4BF2-B87F-0768608FE0B5}) (Version: 1.1.7.0 - Oracle Corporation)
MySQL Notifier 1.0.3 (HKLM-x32\...\{5681C7AB-E29D-4EE9-B0F0-809A28ECECFC}) (Version: 1.0.3 - Oracle)
MySQL Server 5.6 (HKLM\...\{56DA0CB5-ABD2-4318-BEAB-62FDBC9B12CC}) (Version: 5.6.10 - Oracle Corporation)
MySQL Workbench 5.2 CE (HKLM-x32\...\{48A9B9DD-66B9-4846-AA7C-825A5729B643}) (Version: 5.2.47 - Oracle Corporation)
NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version:  - )
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 3.0.4 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Offline Player (HKLM-x32\...\com.digitaltutors.OfflinePlayer) (Version: 0.0.10 - Digital-Tutors)
Offline Player (x32 Version: 0.0.10 - Digital-Tutors) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{0A337036-B73E-4C85-8D32-3851F84B7CFE}) (Version: 0.46.271 - Overwolf)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Password Depot 6 (HKLM-x32\...\{AAE587E4-E661-4DB5-96DF-6E31C548F186}_is1) (Version: 6.1.8 - AceBIT GmbH)
PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 -  )
PBP Unpacker v0.94 (HKLM-x32\...\PBP Unpacker_is1) (Version:  - pdc)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Personality Voices (HKLM-x32\...\{4B886E97-AF5B-46F0-9F48-6BE03149D972}) (Version: 1.0.1 - Screaming Bee)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0038 - Pegatron Corporation)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Play withSIX (HKLM-x32\...\{D7F3EEAD-183C-47DE-BDC5-593539573F97}) (Version: 1.30.0476 - SIX Networks)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PokerTH (HKLM-x32\...\PokerTH 1.0.1) (Version: 1.0.1 - www.pokerth.net)
Poser Pro 2012 (HKLM\...\Poser Pro 2012_is1) (Version: 9.0.0 - Smith Micro Software, Inc.)
PoserContent2012 (HKLM\...\Poser Pro_is1) (Version: 9.0.0 - Smith Micro Software, Inc.)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PowerVR Graphics SDK v3.4 (HKLM-x32\...\PowerVR Graphics SDK v3.4 3.4) (Version: 3.4 - Imagination)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PremiumSoft Navicat Lite 10.0 (HKLM-x32\...\PremiumSoft Navicat Lite_is1) (Version:  - PremiumSoft CyberTech Ltd.)
Prio (HKLM\...\Prio) (Version: 2.0.0.2960 - )
Protector Suite 2011 (HKLM\...\{BF30D9F5-23B6-4E1C-B580-C9CDBA2CD894}) (Version: 5.9.4.6894 - UPEK Inc.)
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
psynetic® Gif-X 3.00 (HKLM-x32\...\psynetic® Gif-X) (Version: 3.00 - Robert Mundt)
Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
Queue Manager 2012 (HKLM\...\Queue Manager 2012_is1) (Version: 9.0.2 - Smith Micro Software, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RapeLay (HKLM-x32\...\{CA31F991-DBD2-4DE1-B6D2-30105F23CBBC}) (Version: 1.03 - ILLUSION)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.47 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
RL Vision ArtGem 1.1 (HKLM-x32\...\ArtGem) (Version:  - )
Ruby 1.9.3-p194 (HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p194 - RubyInstaller Team)
Ruby 1.9.3-p194 (HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p194 - RubyInstaller Team)
Ruby 1.9.3-p194 (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p194 - RubyInstaller Team)
Ruby 1.9.3-p194 (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p194 - RubyInstaller Team)
Ruby 1.9.3-p194 (HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p194 - RubyInstaller Team)
Ruby 1.9.3-p194 (HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p194 - RubyInstaller Team)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
Sci-Fi Sound Pack (HKLM-x32\...\{D16C611D-CA6F-402B-9EDA-9862CF4A701B}) (Version: 1.1.1 - Screaming Bee)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
SecureW2 Enterprise Client 3.5.12 (HKLM-x32\...\SecureW2 Enterprise Client) (Version:  - )
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Sothink SWF Decompiler (HKLM-x32\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.4 - SourceTec Software Co., LTD)
Sothink SWF Editor (HKLM-x32\...\{0BF1DE3D-31B9-417F-A915-4BCC5AAEE3CD}_is1) (Version: 1.3 - SourceTec Software Co., LTD)
Special Effects Voices (HKLM-x32\...\{913C4C4F-9E3E-41A6-A614-1BDC1352A225}) (Version: 1.0.2 - Screaming Bee)
Spooky Sounds (HKLM-x32\...\{F71EBF86-9A73-44C0-A674-55FA3E4A8428}) (Version: 2.1.1 - Screaming Bee)
Sql Server Customer Experience Improvement Program (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.4.3.21029 - Blizzard Entertainment)
StarFriend (HKLM-x32\...\StarFriend 1.3.1) (Version: 1.3.1 - StarFriend.net)
StarFriend (x32 Version: 1.3.1 - StarFriend.net) Hidden
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 9.0  (HKLM-x32\...\{3C90E3FC-9830-48A6-B101-CAD628A7922D}) (Version: 9.0 - Star Finanz GmbH)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
STOIK VideoEnhancer (HKLM-x32\...\{022C3E2D-9020-4D23-88A6-55E8D5092CB5}) (Version: 1.0.0 - STOIK)
Streaming Video Recorder V4.6.8 (HKLM-x32\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 4.6.8 - Apowersoft)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.4.0 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
Technitium MAC Address Changer v6.0.4 (HKLM-x32\...\TMACv6.0) (Version: 6.0.4 - Technitium)
TexturePacker (HKLM\...\{9606FE15-EC2A-4AA4-A190-1FA2568E2131}) (Version: 3.8.0 - code-and-web.de)
TexturePacker (HKLM-x32\...\{772E1F8E-B2D6-412C-BF84-75CB8AA67AA8}) (Version: 3.2.1 - Andreas Loew / CodeAndWeb)
TexView 2 Uninstall (HKLM-x32\...\TexView 2) (Version:  - )
Tiled - Tiled Map Editor (HKLM-x32\...\Tiled) (Version:  - )
TIS-100 (HKLM-x32\...\Steam App 370360) (Version:  - Zachtronics)
Tor 0.2.4.23 (HKLM-x32\...\Tor) (Version:  - )
TortoiseSVN 1.7.10.23359 (64 bit) (HKLM\...\{71EFF430-1A34-423E-8EAF-A80173960A8E}) (Version: 1.7.23359 - TortoiseSVN)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Total War Attila German Edition Incl. Update 2 and DLCs 1.2.0 (HKLM-x32\...\Total War Attila German Edition Incl. Update 2 and DLCs 1.2.0) (Version:  - )
Towtruck Simulator 2015 (HKLM-x32\...\Towtruck Simulator 2015_is1) (Version:  - )
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
TypeScript Power Tool (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ulead GIF Animator 5 ESD (HKLM-x32\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version:  - )
Ultimate Unwrap3D Pro 3.50.06 Demo (HKLM-x32\...\Ultimate Unwrap3D Pro 3.50.06 Demo_is1) (Version: 3.50.06 - Ultimate Unwrap3D Pro Demo)
Ultimate Unwrap3D Pro 3.50.10 (x64) (HKLM\...\Ultimate Unwrap3D Pro 3.50.10 (x64)_is1) (Version: 3.50.10 - Ultimate Unwrap3D Pro (x64))
Unity (HKLM-x32\...\Unity) (Version: 5.1.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VB Decompiler Pro (HKLM-x32\...\VB Decompiler Pro_is1) (Version:  - DotFix Software)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG) Hidden
Victoria 4.2 Base (HKLM-x32\...\Victoria 4.2 Base ps_pe069_Victoria4) (Version: ps_pe069_Victoria4 - Name of your company)
Victoria 4.2 Morphs++ (HKLM-x32\...\Victoria 4.2 Morphs++ ps_pe070_V4Morphs) (Version: ps_pe070_V4Morphs - Name of your company)
Vidalia 0.2.21 (HKLM-x32\...\Vidalia) (Version:  - )
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 11.1.0 - VMware, Inc)
VMware Workstation (Version: 11.1.0 - VMware, Inc.) Hidden
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
VpnOneClick (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\...\6a4f81584d46feb3) (Version: 2.3.9.10 - VpnOneClick)
VpnOneClick (HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\6a4f81584d46feb3) (Version: 2.3.9.10 - VpnOneClick)
VS Update core components (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
watchmi (HKLM-x32\...\{409DC300-28AF-468F-9624-1F3309701881}) (Version: 2.7.0 - Axel Springer Digital TV Guide GmbH)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2704303720-1333551685-4236009739-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2704303720-1333551685-4236009739-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2704303720-1333551685-4236009739-1017-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2704303720-1333551685-4236009739-1018-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinX Free AVI to MP4 Converter 4.0.6 (HKLM-x32\...\WinX Free AVI to MP4 Converter_is1) (Version:  - Digiarty Software,Inc.)
WinX Free FLV to MP4 Converter 4.1.7 (HKLM-x32\...\WinX Free FLV to MP4 Converter_is1) (Version:  - Digiarty Software,Inc.)
WinZip 16.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D2}) (Version: 16.5.10095 - WinZip Computing, S.L. )
Wireshark 1.8.4 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.4 - The Wireshark developer community, hxxp://www.wireshark.org)
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
X-NetStat Pro 5.56 (HKLM-x32\...\X-NetStat Pro) (Version: 5.56 - Fresh Software)
YTD Toolbar v10.4 (HKLM-x32\...\{7AB42990-6B84-4046-A104-79548CC5EA1C}) (Version: 10.4 - Spigot, Inc.) <==== ATTENTION
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{acd2566b-2ede-4279-bde6-e32f301a96e5}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{acd2566b-2ede-4279-bde6-e32f301a96e5}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-21 23:19 - 00008035 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {037782BA-29AC-4547-9B48-7FB08EAA9FAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {09F92724-35DC-4E28-A04D-321321FCC770} - System32\Tasks\{E1E6D736-A893-4B9C-A516-1B0426012495} => E:\SETUP.EXE
Task: {19C0EF93-EFBB-4A3D-89DE-C835063E46D1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {1BDAF099-AD2E-4EC6-9721-DE0F76154429} - System32\Tasks\arp_flush => C:\Program Files (x86)\hide.me VPN\FlushArpCache.exe [2014-11-26] ()
Task: {217E9066-1C97-4E26-AB6F-5FCE4C041A8D} - System32\Tasks\{827C920A-D1DF-4C83-AC77-FAB3D572898B} => pcalua.exe -a C:\Users\Rayleigh\STEP7_Lite_V30_incl_SP3\Install\Setup.exe -d C:\Users\Rayleigh\STEP7_Lite_V30_incl_SP3\Install
Task: {3C1FE098-4F30-453D-ABA1-D6F70D3519E9} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {3F32F2A3-1DA3-4E97-A173-9439E786A37B} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.0.3\MySqlNotifier.exe [2012-07-24] (Oracle)
Task: {50DD739D-D97B-4DDA-B093-859A0B8C671E} - System32\Tasks\MATLAB R2014a Startup Accelerator => C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe [2014-01-29] ()
Task: {6FDD44B6-B173-42B7-9B26-9EA2DDF5DAED} - System32\Tasks\SecureW2 Task => C:\Program Files (x86)\SecureW2\sw2_tray.exe [2014-03-24] (SecureW2 B.V.)
Task: {7B347C5E-3A05-4C97-AF87-A881A386A28A} - System32\Tasks\{BC640288-E083-4D1D-9B1E-388B94ACC58B} => E:\SETUP.EXE
Task: {9E5A9838-0F85-438A-A9DE-FD04F808AD2C} - System32\Tasks\{A73B4F6C-54EA-4B53-89D2-C24FFABB2B84} => pcalua.exe -a "H:\Programme\Extrinsic Studio\Terra Online\Uninstall.exe" -d "H:\Programme\Extrinsic Studio\Terra Online"
Task: {9F3BEAFA-A398-4E5A-8191-29BA3994DFE0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated)
Task: {B6F97125-DA6E-4901-8036-B4031A5F991A} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8b48b4c6b382 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {CB3CA6CF-435E-409F-A590-F741893D46C5} - System32\Tasks\{7D9A45C5-0FE6-4F9C-B65D-5ECF43D0721A} => pcalua.exe -a "C:\Program Files (x86)\DAZ 3D\DAZ3DIM1\DAZ3DIM.exe" -d "C:\Program Files (x86)\DAZ 3D\DAZ3DIM1"
Task: {CC4C5FDE-C411-43DD-B4F1-0060C3397A4F} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8b48afcdbd7f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {E07D8D84-6137-4480-BBA4-5812C4811E01} - System32\Tasks\{1E43D380-D59D-4B2C-89BF-A363E1505755} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {E5CDC1F0-3144-48E3-8ED7-21982F7FAC8F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {E93DAEEF-F02B-4A6B-83F7-5B78CB0145C5} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {F5AAEC9C-F6D1-4481-819B-66FA69384D25} - System32\Tasks\{44204B17-2407-4268-A8E3-CEF48CE3FC28} => pcalua.exe -a "C:\Users\Rayleigh\Downloads\unity3d tools\21.11.14\11631 - The Marquis\11631_2_dpc_TheMarquis_2.exe" -d "C:\Users\Rayleigh\Downloads\unity3d tools\21.11.14\11631 - The Marquis"
Task: {F7E823E3-E96D-4D31-9F4D-A0CF9358BB21} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-09-23] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8b48afcdbd7f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8b48b4c6b382.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job => C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe

==================== Loaded Modules (Whitelisted) ==============

2013-12-21 19:07 - 2012-11-22 19:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll
2013-07-24 16:56 - 2015-06-17 11:10 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-07-24 16:57 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-16 17:42 - 2015-04-16 17:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-08-31 00:31 - 2009-12-19 00:40 - 00104968 ____R () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2011-08-31 00:31 - 2010-10-07 02:46 - 00159752 ____R () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2011-08-31 00:31 - 2011-07-09 01:50 - 00824328 ____R () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-11-08 21:30 - 2012-11-08 21:30 - 00012656 _____ () C:\Program Files\Prio\prio_svc.exe
2013-12-19 04:42 - 2013-12-19 04:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2011-08-31 00:31 - 2011-07-13 22:56 - 03426312 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2012-10-08 21:10 - 2012-10-08 21:10 - 00088968 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2013-07-24 16:56 - 2015-06-17 11:10 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-08-31 00:31 - 2009-12-19 00:36 - 00973432 ____R () C:\Program Files (x86)\PHotkey\acAuth.dll
2011-08-31 00:31 - 2009-12-19 00:41 - 00129544 ____R () C:\Program Files (x86)\PHotkey\GFNEX.dll
2015-04-26 14:44 - 2015-06-03 23:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-29 12:25 - 2015-03-29 12:25 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2012-10-08 19:42 - 2012-10-08 19:42 - 00070536 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2013-12-13 00:36 - 2013-12-13 00:36 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-06-23 02:16 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 02:16 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-23 02:16 - 2015-06-20 07:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
2015-04-10 19:44 - 2015-04-10 19:44 - 00359936 _____ () C:\Program Files (x86)\Unityfree\Editor\libmp3lame.DLL
2015-04-27 12:34 - 2015-04-27 12:34 - 00739328 _____ () C:\Program Files (x86)\Unityfree\Editor\umbraoptimizer32.dll
2015-04-27 12:29 - 2015-04-27 12:29 - 00167936 _____ () C:\Program Files (x86)\Unityfree\Editor\LIBPQ.dll
2015-04-15 03:28 - 2015-04-15 03:28 - 15687680 _____ () C:\Program Files (x86)\Unityfree\Editor\CFLite.dll
2015-04-15 03:28 - 2015-04-15 03:28 - 00942080 _____ () C:\Program Files (x86)\Unityfree\Editor\cairo.dll
2015-04-15 03:28 - 2015-04-15 03:28 - 00986112 _____ () C:\Program Files (x86)\Unityfree\Editor\libxml2.dll
2015-04-15 03:28 - 2015-04-15 03:28 - 00100352 _____ () C:\Program Files (x86)\Unityfree\Editor\zlib1.dll
2015-04-27 12:34 - 2015-04-27 12:34 - 02102784 _____ () C:\Program Files (x86)\Unityfree\Editor\Data\Mono\EmbedRuntime\mono.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Microsoft:22jxcmopQOh7w9VKUV
AlternateDataStreams: C:\ProgramData\Microsoft:nvKZ64HvbaWVrOiwr7F2W
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\Users\Rayleigh\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Rayleigh\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Rayleigh\AppData\Local\atcGPCYA:EyurjT36ZOoAMqkSw

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2704303720-1333551685-4236009739-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Rayleigh\AppData\Roaming\Virtual Desktop Manager\PVDesktopWallpaper_0.jpg
HKU\S-1-5-21-2704303720-1333551685-4236009739-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Rayleigh\AppData\Roaming\Virtual Desktop Manager\PVDesktopWallpaper_0.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Inhaltsmanager-Assistent für PlayStation(R).lnk => C:\Windows\pss\Inhaltsmanager-Assistent für PlayStation(R).lnk.CommonStartup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SteelSeries Engine => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{85832019-5E10-4687-9BE8-ECC6260C4DFB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3F0CB73A-4640-4B7B-A0AC-524E66E23823}] => (Allow) LPort=2869
FirewallRules: [{D63C74F5-9DCE-4F49-A501-D838905BB8A3}] => (Allow) LPort=1900
FirewallRules: [{CB2332EA-77AC-41DE-AD54-8B1B22BDC0F9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C0B4056E-B896-435C-BBE5-FF8029F17959}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{B19025A0-8736-4708-8C21-E784D124B029}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{FDD71A52-1275-4E81-8549-3AFFE3E63AFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{7A5C0F60-682B-4817-B2E6-30F203DCE436}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{E66080B8-D887-4323-BDA6-1B503CFAC852}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{583EE373-3998-44F6-A33C-240358A416C4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{04B569BE-0CDF-4887-A521-E58D9600C80B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{17E3B51E-E02B-4441-8AE9-6292FB7D6BCE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{9F452F8C-94A5-4F8C-B201-D2FE26FF6BE9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{3EEF0ABF-E03B-4869-B68B-12CF2BFA92F9}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{040ABDDE-A1DA-4192-9145-AA245547F79D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{8CDED3FB-B2D4-49EA-AD6D-C64A37FC4C08}] => (Allow) LPort=1542
FirewallRules: [{636427EC-4C9B-4126-ACE9-31ECFAED1FC1}] => (Allow) LPort=1542
FirewallRules: [{AA5AB32E-ECD8-4CEE-8EEB-0B6987EAE131}] => (Allow) LPort=53
FirewallRules: [{07A7E979-0BDF-4FD3-A10B-B368C5DAF9E7}] => (Allow) C:\Program Files (x86)\Fiddler2\Fiddler.exe
FirewallRules: [{890022FE-C923-4509-AF16-F55598D91049}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{313A0090-D4A6-4988-8E06-FD2B910DF9A5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2374F85F-AE4A-408B-9D84-0C3C7538F3C4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{46C63E8F-B2A9-4E34-8A32-85A88C00C67B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CB2DFA6C-39DC-4EAD-BD9F-6414ADC5BA94}] => (Allow) C:\Program Files (x86)\devolo\informer\devinf.exe
FirewallRules: [{28A7113C-CD79-4941-B5A1-AD3A7AACBDFB}] => (Allow) C:\Program Files (x86)\devolo\informer\devinf.exe
FirewallRules: [{E54FF65D-F7DE-483B-9692-8FAAADB3E70B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B07475F4-2884-4828-A488-96E579F70A83}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C4B7D4A6-1DD5-46E3-9DC4-41404B679A4C}] => (Allow) LPort=3306
FirewallRules: [{B6998D71-6158-49E9-BCD5-6052FE67B12C}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{FECDC4BD-2874-4447-8B4D-18EA6B9CE26A}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{E5B36F00-20BF-46B2-816F-EDD8B9D6C1B1}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{1195C35A-C82D-4FE0-88D3-77B1D1D340CD}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{CE7E89A7-02AE-4FCA-93CC-D1168105A479}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{09E7D673-6074-42C3-B68F-2F28536833EB}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{756353E9-5866-47AB-B19A-3AA2813A85AB}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{7661E7E0-7176-432B-A44C-AE2AD46CCEE7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{34F6CBC8-8CA2-439B-BED6-5597B6220DFB}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe
FirewallRules: [{B0B4C4C6-5C4D-4559-AD0C-19A041EA844B}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe
FirewallRules: [{FC3AC42E-1DC2-4FC1-8785-85E6051195D3}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll
FirewallRules: [{FA9E8C34-B891-4818-B322-72D89DE52BF7}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll
FirewallRules: [{8F908B8C-7F54-405E-A062-019582A318EA}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll
FirewallRules: [{51CADBF1-48C0-4E7B-BC44-8DFCF8446AFB}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll
FirewallRules: [{69BB5D31-49A7-477F-8249-BE667F16D2C0}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll
FirewallRules: [{8DAA3F32-7FB4-43AD-9764-7BDA26304AD1}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll
FirewallRules: [{7075EEE5-787F-497F-9EAD-798222FA81C2}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll
FirewallRules: [{36334DDB-ACED-4045-AF9B-919519C142F5}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll
FirewallRules: [{BABB38A1-B9C3-4A9D-A894-B396AE1966BE}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll
FirewallRules: [{03241333-16DF-4969-A1D2-563C7A27AD47}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll
FirewallRules: [{A3FD3E44-34DE-44AE-A5F4-837AF93BBBC3}] => (Allow) C:\Program Files (x86)\RapidSolution\Audials 9\Audials.exe
FirewallRules: [{027FCDE2-25E1-4C90-8CA5-BD4D4E6C1314}] => (Allow) LPort=12972
FirewallRules: [{8FD44C2C-4F9D-4E3B-8D6B-16D8860A9826}] => (Allow) LPort=14714
FirewallRules: [{B2580889-51B7-4579-A08A-1585289D88C2}] => (Allow) LPort=31931
FirewallRules: [{BE5B3AF5-91E5-4E31-857F-794A49A1C053}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [{EA493393-CA33-40E3-BE5D-B400C9FD4662}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FB8F7451-3D78-4F4D-8A34-D21D929B7256}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ABE53DDD-C2BC-4D11-888A-BDA3B2523A9C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B0A7E998-3132-4012-9EC8-8A411E4E6FB3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{28C3BB9A-3D67-4567-A729-D5FD45BA7D1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5164F9F5-2ECD-4861-AF04-09E71D3C863F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{174AE958-5FBE-42EE-8B0F-E48C2328FF98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{12DED834-D37F-4C3B-82D0-CB675037ACDD}] => (Allow) C:\Users\Rayleigh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{303796C7-42F9-4210-A02B-779A30F9A4AC}] => (Allow) C:\Users\Rayleigh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{03FBF8D3-EF1A-4C53-888D-7D9B88850788}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F6817B5D-8FA6-4AD0-8216-C1B0EA47093A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{035E7044-5C38-47A6-B89C-DC44AC51FB9E}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{2B419880-63A8-4AE4-9CCE-992B5A9F98DD}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{EF7D3935-4B16-484F-8D5E-D19699FA40E6}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [{A564667D-9E80-4875-8E84-8E15C4B7B3B2}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [{57ED00A9-055F-484E-B055-ABEE9A303237}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9B74AF98-A38B-4327-8201-31D7A542205D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BF2020AD-D964-424F-9533-DBC2C92E86D1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FEAA13E7-D880-4009-A054-793BE2306FF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{66FACB7D-114F-4205-90C8-7738488C0CDA}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{66E711C1-E6D6-4A8B-8449-FB40488EEC93}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{9B655180-D2A0-4BC2-8BD1-7C1B085985A4}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{DC0C6D19-23A0-4DE3-B5E3-8C6AA2905496}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{711C3700-12CD-44A4-A5DE-6044232A5AD4}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{A408EEBA-5223-4230-9DF4-6015B9124FE2}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{9E04E863-9DF0-4417-8F0C-1162FEA7914F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{4F30B487-B1A1-484C-BEBD-628ECDD61921}] => (Allow) LPort=12292
FirewallRules: [{FA2D4C45-E8D1-4364-998B-ACCE84285C60}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C985E560-5851-43E5-B692-D4DCE1F77488}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F7A8A42D-D1AD-4D15-BCB3-1C41633A3CF2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06D654BE-E75A-4905-AB9C-BA1126526551}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{592AF5CF-6F2D-46AE-AA6B-AF53610A0249}] => (Allow) LPort=17234
FirewallRules: [{155FC039-FAEC-4499-AB58-96F2951F290D}] => (Allow) C:\Intel\INDE\GPA\2014 R3\gpamonitor.exe
FirewallRules: [{D09F6CC7-1D5B-4712-9206-D6862CC10A75}] => (Allow) C:\Intel\INDE\GPA\2014 R3\gpamonitor.exe
FirewallRules: [{17BC543F-7A64-4E75-ADB8-1487D0A58163}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{A3928167-FF89-4FA4-B382-FE547129E4C1}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{53870551-1A3A-45FE-9DAB-D695444FEB91}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{580E9BBF-8A03-4A59-BB85-29EC5D590272}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{05C31305-592E-46B7-A00C-E2B12B7D1B40}] => (Allow) H:\games\Capcom\deadrising2otr.exe
FirewallRules: [{0DD62041-438E-4FBC-8298-8FF91DFE6FBA}] => (Allow) H:\games\Capcom\deadrising2otr.exe
FirewallRules: [{1B47EED6-BC84-40D6-94F7-38B7A88F25F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4C407576-2C39-4135-99E7-6B121F13F32F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BEB2AF85-D61F-46E4-BFC9-EE88C42CC091}] => (Allow) C:\Program Files (x86)\IDA 6.6\idaq.exe
FirewallRules: [{CBE21A67-6DA4-43C5-AB35-8ECFDABB714C}] => (Allow) C:\Program Files (x86)\IDA 6.6\idaq.exe
FirewallRules: [{D5BBF77A-2244-4454-8317-B330257DE41D}] => (Allow) C:\Program Files (x86)\IDA 6.6\idaq64.exe
FirewallRules: [{F9A8D958-1170-49A1-9FF7-9FD9E4328E92}] => (Allow) C:\Program Files (x86)\IDA 6.6\idaq64.exe
FirewallRules: [{5F66C7AC-60BF-44F8-9D1A-B99730F6DC75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{575A9FBF-F956-46A2-A3A6-6E3BE50691A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{A923E55A-CB16-47D5-BB02-4DD883B745D4}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{BA6C1FC9-C1E0-40B3-982C-551B657CBFF4}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{0A9C5D17-0379-44E0-90A3-DDC661C04645}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{0C3A132A-06AC-4A12-9CB5-667006020CF2}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{8D0F0FB1-EEE4-4ECF-825E-7438A1E4226E}] => (Allow) H:\SteamLibrary\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{7514C540-C624-4E39-905A-2AC9B20C3294}] => (Allow) H:\SteamLibrary\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{C005D651-1C78-4759-8709-DD9456DCCD98}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{CBA1C10A-85C7-43D6-942D-35E744A8F0B2}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{C8A0EFE3-C708-4828-8736-380FA4C0AD4C}] => (Allow) H:\SteamLibrary\steamapps\common\Global Agenda Live\Binaries\LauncherBin\HiRezLauncherUI.exe
FirewallRules: [{F7A2CB1B-399F-4EAC-9AA7-E44282C25CBC}] => (Allow) H:\SteamLibrary\steamapps\common\Global Agenda Live\Binaries\LauncherBin\HiRezLauncherUI.exe
FirewallRules: [{D825DF0F-5AB7-4385-9ECC-E7464CF258F0}] => (Allow) C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2D1782FB-2351-44E3-8001-99A7FA37E831}] => (Allow) C:\Users\Rayleigh\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{90F2084B-EBDB-4986-B45C-1B7041F61664}] => (Allow) D:5\SteamLibrary\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{377CB981-0C41-4A56-9732-04C10FBEB0AA}] => (Allow) D:5\SteamLibrary\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E4AA9C25-59FA-4D28-A192-ECBEBE8F8F5A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{ABE617E1-A52B-4A7D-8781-D99E4CEF8E91}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D2D078A2-F0CE-40B9-B635-8254268F18BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CA9A0BC8-333D-40BA-98F1-E1EBD200C03E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4DCEF9DB-C30D-45F0-8DE6-AD35B700C9FA}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{4156F054-334D-4EBB-A378-B068EFE4FF43}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{A72C3E72-E384-4A8B-9C46-EB0F0294737D}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{9CD7AB6C-2C9B-4AB4-8484-E9EE229741F3}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{016E52BE-AACC-4754-AADE-E6D47F7AB709}] => (Allow) H:\SteamLibrary\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{FDB74D83-55AB-4D36-B433-08D139AF6C7C}] => (Allow) H:\SteamLibrary\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E929523F-58D4-4033-A2B6-0331957FC496}] => (Allow) H:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{5A699C61-2EB9-4D9A-8F9D-92DA9126546E}] => (Allow) H:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{2BADAED4-2E64-419F-BC6B-797F5D6EFBE0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{F0C699F5-07B4-4CD4-82A5-D9C2CCF00CFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{B6090E04-3CC5-45AA-A269-9BF4227438A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TIS-100\tis100.exe
FirewallRules: [{49EB652C-3142-4C26-819D-31998A594825}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TIS-100\tis100.exe
FirewallRules: [{7E755F4B-E494-47D9-98DF-3443C33F255E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TAP-Win32 Adapter V9 (Tunngle)
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: USB2.0 UVC 1.3M Webcam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TouchStrip Fingerprint Sensor (WBF advanced mode)
Description: TouchStrip Fingerprint Sensor (WBF advanced mode)
Class Guid: {53d29ef7-377c-4d14-864b-eb3a85769359}
Manufacturer: AuthenTec
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: CyberLink WebCam Virtual Driver
Description: CyberLink WebCam Virtual Driver
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: CyberLink
Service: clwvd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Screaming Bee Audio
Description: Screaming Bee Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Screaming Bee LLC
Service: ScreamBAudioSvc
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter #4
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter #6
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/30/2015 05:16:13 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/30/2015 05:13:44 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (06/30/2015 04:29:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WinRAR.exe, Version: 5.1.0.0, Zeitstempel: 0x529aee4c
Name des fehlerhaften Moduls: libapr_tsvn.dll, Version: 1.4.6.0, Zeitstempel: 0x50731e1f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000340c
ID des fehlerhaften Prozesses: 0xef74
Startzeit der fehlerhaften Anwendung: 0xWinRAR.exe0
Pfad der fehlerhaften Anwendung: WinRAR.exe1
Pfad des fehlerhaften Moduls: WinRAR.exe2
Berichtskennung: WinRAR.exe3

Error: (06/30/2015 10:57:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID "0816" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich enthält den Win32-Fehlercode.

Error: (06/30/2015 10:57:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID "01F" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich enthält den Win32-Fehlercode.

Error: (06/30/2015 10:57:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID "015" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich enthält den Win32-Fehlercode.

Error: (06/30/2015 10:57:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID "013" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich enthält den Win32-Fehlercode.

Error: (06/30/2015 10:57:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID "010" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich enthält den Win32-Fehlercode.

Error: (06/30/2015 10:57:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID "00E" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich enthält den Win32-Fehlercode.

Error: (06/30/2015 10:57:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID "00C" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich enthält den Win32-Fehlercode.


System errors:
=============
Error: (06/30/2015 06:46:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/30/2015 06:46:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Machine Debug Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/30/2015 06:03:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Cisco AnyConnect Secure Mobility Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/30/2015 06:03:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/30/2015 06:03:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TeamViewer 10" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (06/30/2015 05:17:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Cisco AnyConnect Secure Mobility Agent" wurde unerwartet beendet. Dies ist bereits 3 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 20000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/30/2015 05:17:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/30/2015 05:17:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 10" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/30/2015 05:17:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/30/2015 05:17:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Cisco AnyConnect Secure Mobility Agent" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 4000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (05/08/2015 03:50:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2155 seconds with 360 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2015-06-13 06:29:17.200
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Rayleigh\Downloads\ehsvc3_[www.unknowncheats.me]_.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-13 06:29:16.830
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Rayleigh\Downloads\ehsvc3_[www.unknowncheats.me]_.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-13 06:29:16.460
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Rayleigh\Downloads\ehsvc3_[www.unknowncheats.me]_.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-13 06:29:15.950
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Rayleigh\Downloads\ehsvc3_[www.unknowncheats.me]_.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-13 06:29:15.308
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Rayleigh\Downloads\EhSvc_Dumped2_[www.unknowncheats.me]_.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-13 06:29:14.936
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Rayleigh\Downloads\EhSvc_Dumped2_[www.unknowncheats.me]_.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-13 06:29:14.564
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Rayleigh\Downloads\EhSvc_Dumped2_[www.unknowncheats.me]_.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-13 06:29:14.164
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Rayleigh\Downloads\EhSvc_Dumped2_[www.unknowncheats.me]_.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-16 15:21:15.903
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Rayleigh\Downloads\EhSvc_Dumped2_[www.unknowncheats.me]_.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-16 15:21:15.369
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Rayleigh\Downloads\EhSvc_Dumped2_[www.unknowncheats.me]_.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 49%
Total physical RAM: 10151.05 MB
Available physical RAM: 5143.3 MB
Total Pagefile: 20300.29 MB
Available Pagefile: 14405.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:57.96 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:29.13 GB) NTFS
Drive h: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:173.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: A1927F1E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of log ============================
         
--- --- ---

Alt 01.07.2015, 10:29   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    YTD Toolbar v10.4


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.07.2015, 11:03   #6
rayleigh
 
Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



sry irgendwie hatte ich mega problem mit dem internet
DNS problem kann nciht mal ne seite öffnen habe das Problem temporär gefixt indem ich einfach den dns dienst beendet habe
hmm und bei combofix passiert nichts bzw warte darauf
Aber das problem ist immer noch nicht gefixt.
Aber konnte es einiger maßen eingrenzen.
Habe unity3d die neueste version gedownloaded und sobald ich assets größer als 1gb glaube ich downloade und improtiere dann booom wie ein eine spam mail angriff.

Geändert von rayleigh (07.07.2015 um 11:09 Uhr)

Alt 07.07.2015, 13:29   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



Ich versteh kein einziges Wort......

Was genau ist das Problem bei Combofix? Was passiert? AV Programm ist aus?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.07.2015, 15:22   #8
rayleigh
 
Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



Zitat:
Zitat von schrauber Beitrag anzeigen
Ich versteh kein einziges Wort......

Was genau ist das Problem bei Combofix? Was passiert? AV Programm ist aus?
ok habe das problem mit combofix behoben musste vorher av ausschalten und dann gabs sehr viele meldungen die ich apzektierte und dann musste ich es noch mals downloaden und dann noch mals starten und dann jetzt ist es fertig nach 3 st bzw bis es neugestartet worden ist
Code:
ATTFilter
ComboFix 15-07-07.01 - Rayleigh 07.07.2015  12:14:39.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.10151.5351 [GMT 2:00]
ausgeführt von:: c:\users\Rayleigh\Desktop\ComboFix.exe
AV: G Data InternetSecurity CBE *Disabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
FW: G Data Personal Firewall *Enabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
SP: G Data InternetSecurity CBE *Disabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\SecureW2
c:\program files (x86)\SecureW2\sw2_res_default.bmp
c:\program files (x86)\SecureW2\sw2_rsaproxy.exe
c:\program files (x86)\SecureW2\sw2_service.exe
c:\program files (x86)\SecureW2\sw2_tool.exe
c:\program files (x86)\SecureW2\sw2_tray.exe
c:\program files (x86)\SecureW2\Uninstall.exe
c:\program files (x86)\Skype\Phone\Skype.exe
c:\program files\Andy\HandyAndy.exe
c:\programdata\ntuser.pol
c:\programdata\Roaming
C:\test.txt
c:\users\Rayleigh\AppData\Local\assembly\tmp
c:\users\Rayleigh\AppData\Local\Microsoft\Windows\Temporary Internet Files\logo-gamesrocket-gold.png
c:\users\Rayleigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\users\Rayleigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
c:\users\Rayleigh\comm.dll
c:\users\Rayleigh\jojo.exe
c:\users\Rayleigh\ufe hitbox .txt
c:\users\Rayleigh\vlc-2.0.2-win32.exe
c:\windows\apppatch\AppLoc.exe
c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
c:\windows\msdownld.tmp
c:\windows\SysWow64\NTVBSvcW.tlb
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeUpdateService
-------\Service_SW2SVC
-------\Service_SW2SVC
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-07 bis 2015-07-07  ))))))))))))))))))))))))))))))
.
.
2015-07-07 12:37 . 2015-07-07 12:37	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2015-07-07 12:37 . 2015-07-07 12:37	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-07-07 09:55 . 2015-07-07 09:55	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-07-06 23:55 . 2015-07-01 04:55	897088	----a-w-	c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
2015-07-06 23:55 . 2015-07-01 02:31	188584	----a-w-	c:\program files (x86)\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2015-07-06 23:55 . 2015-07-01 02:31	51880	----a-w-	c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2015-07-06 23:55 . 2015-07-01 02:31	36545192	----a-w-	c:\program files (x86)\Mozilla Firefox\xul.dll
2015-07-06 23:55 . 2015-07-01 02:30	108712	----a-w-	c:\program files (x86)\Mozilla Firefox\wow_helper.exe
2015-07-06 23:55 . 2015-07-01 02:30	134312	----a-w-	c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
2015-07-06 23:55 . 2015-07-01 02:30	87568	----a-w-	c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2015-07-06 23:55 . 2015-07-01 02:30	298664	----a-w-	c:\program files (x86)\Mozilla Firefox\updater.exe
2015-07-06 23:55 . 2015-07-01 02:30	152744	----a-w-	c:\program files (x86)\Mozilla Firefox\softokn3.dll
2015-07-06 23:55 . 2015-07-01 02:30	210088	----a-w-	c:\program files (x86)\Mozilla Firefox\sandboxbroker.dll
2015-07-01 05:26 . 2015-07-01 05:26	--------	d-----w-	c:\users\Rayleigh\AppData\Local\ElevatedDiagnostics
2015-06-30 16:51 . 2015-06-30 16:57	--------	d-----w-	C:\FRST
2015-06-30 16:00 . 2015-07-07 12:44	113880	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-06-30 15:59 . 2015-06-18 06:41	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-06-30 15:59 . 2015-06-18 06:41	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-06-30 15:59 . 2015-06-18 06:41	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-06-30 15:59 . 2015-06-30 16:00	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-06-27 16:15 . 2015-07-02 12:18	--------	d-----w-	c:\users\Rayleigh\AppData\Local\DayZ
2015-06-25 15:29 . 2015-06-25 15:29	--------	d-----w-	c:\users\Rayleigh\AppData\Roaming\Rival Theory
2015-06-24 21:13 . 2015-07-07 12:43	17408	----a-w-	c:\windows\SysWow64\rpcnetp.dll
2015-06-24 21:08 . 2015-07-07 12:40	17408	----a-w-	c:\windows\SysWow64\rpcnetp.exe
2015-06-22 16:29 . 2015-06-22 16:29	--------	d-----w-	c:\windows\SysWow64\NV
2015-06-22 16:29 . 2015-06-22 16:29	--------	d-----w-	c:\windows\system32\NV
2015-06-22 16:29 . 2015-06-17 06:03	571024	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2015-06-22 11:37 . 2015-06-22 11:37	--------	d-----w-	c:\program files\texturepacker3.3
2015-06-22 10:38 . 2015-06-22 11:07	--------	d-----w-	c:\program files\CodeAndWeb
2015-06-21 15:18 . 2015-05-19 03:29	46768	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2015-06-21 15:18 . 2015-05-19 03:14	57520	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2015-06-20 18:45 . 2015-07-02 13:41	--------	d-----w-	c:\users\Rayleigh\AppData\Local\JDownloader 2.0
2015-06-15 14:53 . 2015-06-15 14:53	--------	d-----w-	c:\users\Rayleigh\AppData\Local\Razer
2015-06-15 12:55 . 2015-06-15 12:55	--------	d-----w-	c:\users\Rayleigh\AppData\Roaming\com.playsaurus.heroclicker
2015-06-15 08:18 . 2015-06-15 08:18	--------	d-----w-	C:\altera
2015-06-13 09:20 . 2015-07-05 16:38	--------	d-----w-	c:\program files\Ultimate Unwrap3D Pro (x64)
2015-06-12 15:59 . 2015-03-03 17:47	129600	----a-w-	c:\windows\system32\drivers\rzpnk.sys
2015-06-12 15:58 . 2015-02-04 23:24	37184	----a-w-	c:\windows\system32\drivers\rzpmgrk.sys
2015-06-12 15:54 . 2015-06-13 09:20	--------	d-----w-	c:\programdata\Razer
2015-06-12 15:54 . 2015-06-13 09:20	--------	d-----w-	c:\program files (x86)\Razer
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-07 12:40 . 2015-04-25 18:56	17408	----a-w-	c:\windows\system32\rpcnetp.exe
2015-07-07 08:57 . 2012-09-24 19:32	7584	----a-w-	c:\windows\system32\PerfStringBackup.TMP
2015-07-06 23:53 . 2012-09-02 17:21	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-06 23:53 . 2011-08-10 19:09	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-24 11:36 . 2014-05-24 07:37	1320120	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-06-24 11:36 . 2014-07-30 16:20	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-06-24 11:36 . 2014-05-24 07:37	1571696	----a-w-	c:\windows\system32\nvspcap64.dll
2015-06-24 11:36 . 2014-07-30 16:20	1756424	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-06-21 16:13 . 2014-09-10 21:35	49536	----a-w-	c:\windows\SysWow64\agremove.exe
2015-06-17 09:10 . 2015-01-27 20:59	12855416	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2015-06-17 09:10 . 2014-11-09 20:13	15866992	----a-w-	c:\windows\system32\nvd3dumx.dll
2015-06-17 09:10 . 2013-07-24 14:56	112784	----a-w-	c:\windows\system32\OpenCL.dll
2015-06-17 09:10 . 2013-07-24 14:56	105288	----a-w-	c:\windows\SysWow64\OpenCL.dll
2015-06-17 09:10 . 2013-07-24 14:56	938752	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2015-06-17 09:10 . 2013-07-24 14:56	3395648	----a-w-	c:\windows\system32\nvapi64.dll
2015-06-17 09:10 . 2013-07-24 14:56	176904	----a-w-	c:\windows\system32\nvinitx.dll
2015-06-17 09:10 . 2013-07-24 14:56	155280	----a-w-	c:\windows\SysWow64\nvinit.dll
2015-06-17 09:10 . 2013-07-24 14:56	1099992	----a-w-	c:\windows\system32\nvumdshimx.dll
2015-06-17 06:48 . 2013-07-24 14:57	937616	----a-w-	c:\windows\system32\nvvsvc.exe
2015-06-17 06:48 . 2013-07-24 14:57	74896	----a-w-	c:\windows\system32\nv3dappshextr.dll
2015-06-17 06:48 . 2013-07-24 14:57	62792	----a-w-	c:\windows\system32\nvshext.dll
2015-06-17 06:48 . 2013-07-24 14:57	385168	----a-w-	c:\windows\system32\nvmctray.dll
2015-06-17 06:48 . 2013-07-24 14:57	2558792	----a-w-	c:\windows\system32\nvsvcr.dll
2015-06-17 06:48 . 2013-07-24 14:57	1059472	----a-w-	c:\windows\system32\nv3dappshext.dll
2015-06-17 06:48 . 2013-07-24 14:57	6873232	----a-w-	c:\windows\system32\nvcpl.dll
2015-06-17 06:48 . 2013-07-24 14:57	3492168	----a-w-	c:\windows\system32\nvsvc64.dll
2015-06-02 14:11 . 2013-07-24 14:57	4421614	----a-w-	c:\windows\system32\nvcoproc.bin
2015-05-19 03:14 . 2014-05-24 07:36	61616	----a-w-	c:\windows\system32\nvaudcap64v.dll
2015-05-16 17:22 . 2012-12-20 17:10	7524	----a-w-	c:\windows\SysWow64\PerfStringBackup.TMP
2015-05-12 06:27 . 2015-05-18 20:33	1898312	----a-w-	c:\windows\system32\nvdispco6435286.dll
2015-05-12 06:27 . 2015-05-18 20:33	1557648	----a-w-	c:\windows\system32\nvdispgenco6435286.dll
2015-05-02 09:49 . 2014-06-20 13:21	238376	----a-w-	c:\windows\SysWow64\EasyAntiCheat.exe
2015-04-27 08:10 . 2015-04-27 08:10	80384	----a-w-	c:\windows\system32\RazerCoinstaller.dll
2015-04-09 00:58 . 2015-04-26 13:21	1895568	----a-w-	c:\windows\system32\nvdispco6435012.dll
2015-04-09 00:58 . 2015-04-26 13:21	1557648	----a-w-	c:\windows\system32\nvdispgenco6435012.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	152544	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-07-06 39408]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Vidalia"="c:\program files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe" [2014-07-28 6239727]
"CyberGhost"="c:\program files\CyberGhost 5\CyberGhost.EXE" [2014-11-03 410216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2013-12-19 1724728]
"G Data ASM"="c:\program files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" [2013-12-19 431224]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2013-12-12 707472]
"ADSKAppManager"="c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" [2013-12-22 477064]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-06-23 832272]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2015-04-20 2584240]
"vmware-tray.exe"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2015-02-06 114368]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2015-05-15 590656]
.
c:\users\Rayleigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2014-1-3 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"RequireSignedAppInit_DLLs"=0 (0x0)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk /p \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli c:\program files\Protector Suite\psqlpwd.dll
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;h:\agenda\HiPatchService.exe;h:\agenda\HiPatchService.exe [x]
R2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 busenum;SteelBusSvc;c:\windows\system32\DRIVERS\SteelBus64.sys;c:\windows\SYSNATIVE\DRIVERS\SteelBus64.sys [x]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 mi-raysat_3dsmax2015_64;mental ray Satellite for Autodesk 3ds Max 2015 64-bit;c:\program files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe;c:\program files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 rpcnetp;rpcnetp;rpcnetp [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys;c:\windows\SYSNATIVE\drivers\GRD.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]
S2 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe  [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [x]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 CGVPNCliService;CyberGhost 5 Client Service;c:\program files\CyberGhost 5\Service.exe;c:\program files\CyberGhost 5\Service.exe [x]
S2 DAZContentManagementService;DAZ Content Management Service;c:\program files\DAZ 3D\Content Management Service\ContentManagementServer.exe ;c:\program files\DAZ 3D\Content Management Service\ContentManagementServer.exe  [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 GFNEXSrv;GFNEX Service;c:\program files (x86)\PHotkey\GFNEXSrv.exe;c:\program files (x86)\PHotkey\GFNEXSrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
S2 IntelHaxm;Intel HAXM Service;c:\windows\system32\DRIVERS\IntelHaxm.sys;c:\windows\SYSNATIVE\DRIVERS\IntelHaxm.sys [x]
S2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe;c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [x]
S2 MySQL56;MySQL56;c:\program files\MySQL\MySQL Server 5.6\bin\mysqld --defaults-file=c:\programdata\MySQL\MySQL Server 5.6\my.ini MySQL56;c:\program files\MySQL\MySQL Server 5.6\bin\mysqld --defaults-file=c:\programdata\MySQL\MySQL Server 5.6\my.ini MySQL56 [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PEGAGFN;PEGAGFN;c:\program files (x86)\PHotkey\PEGAGFN.sys;c:\program files (x86)\PHotkey\PEGAGFN.sys [x]
S2 prio_svc;Prio Service;c:\program files\Prio\prio_svc.exe;c:\program files\Prio\prio_svc.exe [x]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [x]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.6.0;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys;c:\windows\SYSNATIVE\DRIVERS\rdpdispm.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-06-23 00:15	990024	----a-w-	c:\program files (x86)\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-02 23:53]
.
2015-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 15:16]
.
2015-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf8b48afcdbd7f.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 15:16]
.
2015-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 15:16]
.
2015-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8b48b4c6b382.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 15:16]
.
2015-07-07 c:\windows\Tasks\MATLAB R2014a Startup Accelerator.job
- c:\program files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe [2014-10-21 10:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2015-04-16 15:42	997536	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2015-04-16 15:42	997536	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2015-04-16 15:42	997536	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-03-04 22:27	185824	----a-w-	c:\users\Rayleigh\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2014-04-21 10:02	25112	----a-w-	c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2010-12-10 09:59	5267792	----a-w-	c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2010-12-10 09:59	5267792	----a-w-	c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-02-11 10361616]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-24 2754704]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-06-24 1571696]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-03-30 500936]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download aller Links mit IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV-Videoinhalt mit IDM - c:\program files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download mit IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Sothink Flash Downloader For IE - c:\program files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{B0E5909F-F7FA-4E8C-8AB1-70410E8B1A59}: NameServer = 0.0.0.0
TCP: Interfaces\{E5269A84-6B08-402B-A572-5B1BC3943EDD}: NameServer =
FF - ProfilePath - c:\users\Rayleigh\AppData\Roaming\Mozilla\Firefox\Profiles\qgxwtkeg.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - 
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - prefs.js: network.proxy.ftp - 185.2.32.210
FF - prefs.js: network.proxy.ftp_port - 1080
FF - prefs.js: network.proxy.http - 185.2.32.210
FF - prefs.js: network.proxy.http_port - 1080
FF - prefs.js: network.proxy.socks - 185.2.32.210
FF - prefs.js: network.proxy.socks_port - 1080
FF - prefs.js: network.proxy.ssl - 185.2.32.210
FF - prefs.js: network.proxy.ssl_port - 1080
FF - prefs.js: network.proxy.type - 0
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-Skype - c:\program files (x86)\Skype\Phone\Skype.exe
Wow6432Node-HKCU-Run-Hide.me - (no file)
Wow6432Node-HKLM-Run-Andy - c:\program files\Andy\HandyAndy.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-SecureW2 Tray - c:\program files (x86)\SecureW2\sw2_tray.exe
Wow6432Node-HKU-Default-Run-Skype - c:\program files (x86)\Skype\Phone\Skype.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-ARK Survival Evolved Early Access Incl. Updates 170.41 - h:\ark survival evolved early access\Uninstall.exe
AddRemove-ARK Survival Evolved Early Access Update 1 170.47 - h:\ark survival evolved early access\Uninstall.exe
AddRemove-ARK Survival Evolved Early Access Update 2 171.21 - h:\ark survival evolved early access\Uninstall.exe
AddRemove-ARK Survival Evolved Early Access Update 3 171.74 - h:\ark survival evolved early access\Uninstall.exe
AddRemove-ARK Survival Evolved Early Access Update 4 172.4 - h:\ark survival evolved early access\Uninstall.exe
AddRemove-Dragonball Xenoverse MULTi2 1.0 - h:\dragonball xenoverse\Uninstall.exe
AddRemove-Grand Theft Auto V Digital Deluxe Edition MULTi11 1.0 - h:\grand theft auto v\Uninstall.exe
AddRemove-Grand Theft Auto V Digital Deluxe Edition Update 2 FIXED Version MULTi11 1.0 - h:\grand theft auto v\Uninstall.exe
AddRemove-Kerbal Space Program_is1 - h:\kerbal space program\unins000.exe
AddRemove-Landwirtschafts-Simulator 15 Deinstallation - h:\landwirtschafts-simulator 15\Uninstall.exe
AddRemove-SecureW2 Enterprise Client - c:\program files (x86)\SecureW2\Uninstall.exe
AddRemove-SGF0cmVk_is1 - h:\hatred\unins000.exe
AddRemove-Total War Attila German Edition Incl. Update 2 and DLCs 1.2.0 - h:\total war attila\Uninstall.exe
AddRemove-Towtruck Simulator 2015_is1 - h:\games\Towtruck Simulator 2015\unins000.exe
AddRemove-{9B9000F2-DD0C-40AA-9ED6-6776B83894E1}_is1 - h:\games\Forklifter 2014\unins000.exe
AddRemove-{F660E9B3-D4BD-48D5-A30B-972E2085470B}_is1 - h:\games\Dead Rising 3 Apocalypse Edition\unins000.exe
AddRemove-SOE-PlanetSide 2 - h:\steamlibrary\steamapps\common\PlanetSide 2\Uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\MySQL56]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.6\bin\mysqld\" --defaults-file=\"c:\programdata\MySQL\MySQL Server 5.6\my.ini\" MySQL56"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2704303720-1333551685-4236009739-1002\Software\SecuROM\License information*]
"datasecu"=hex:e9,32,49,b2,c4,bd,13,1e,fb,9d,ce,d4,c9,7a,32,90,c2,93,d7,7a,1a,
   1b,1c,a1,e8,38,57,40,7c,92,de,7a,23,63,e1,c1,89,f4,5f,28,91,bb,e6,1c,37,46,\
"rkeysecu"=hex:f9,34,85,fa,10,5e,f4,25,6a,03,30,32,42,bc,7c,26
.
[HKEY_USERS\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):eb,87,30,de,e6,03,58,eb,3f,13,6e,97,c1,7d,90,6f,53,65,ac,0b,4b,
   e5,a8,f0,d7,8e,25,cd,2f,5b,71,bd,f8,be,0f,09,9d,ea,49,a6,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-2704303720-1333551685-4236009739-1002_Classes\Wow6432Node\CLSID\{f167a5a4-0c28-4c24-a7df-318d7c257839}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000005a
"Therad"=dword:0000001c
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
   1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_194_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_194_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:4b,7b,6a,d2,dd,e0,37,2c,b6,b4,5f,b2,4a,90,06,93,b0,b8,d8,7d,3d,
   f6,04,df,88,8c,15,27,06,67,20,e0,9f,25,30,7e,f0,55,22,3c,37,1c,bc,55,08,d9,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_194_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_194_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_194.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_194.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_194.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_194.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:4b,7b,6a,d2,dd,e0,37,2c,b6,b4,5f,b2,4a,90,06,93,b0,b8,d8,7d,3d,
   f6,04,df,88,8c,15,27,06,67,20,e0,9f,25,30,7e,f0,55,22,3c,37,1c,bc,55,08,d9,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
c:\program files (x86)\PHotkey\ASLDRSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\System32\rpcnetp.exe
c:\program files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\PHotkey\PHotkey.exe
c:\program files (x86)\PHotkey\MsgTranAgt.exe
c:\program files (x86)\Vidalia Relay Bundle\Tor\tor.exe
c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
c:\program files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
c:\program files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\users\Rayleigh\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
c:\program files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
c:\program files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
c:\program files (x86)\Internet Explorer\IEXPLORE.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-07  14:59:40 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-07-07 12:59
.
Vor Suchlauf: 45 Verzeichnis(se), 49.066.065.920 Bytes frei
Nach Suchlauf: 52 Verzeichnis(se), 47.653.777.408 Bytes frei
.
- - End Of File - - 7B61BC27044AF85C240F71CAA194A24E
         
Aber irgendwie kam heute ja noch mal der gleiche fehler bug was auch immer auf also wo halt meine 10 programme gleichzeitig geöffnetwerden
konnte kein sniping tool benutzen und es stand unten rechts in text von mein wlan aptader einfach nur text ka warum und dann stand auch bei TortoiseSVN das der irgendwie was geclaimt hat oder vielleicht auch hochgeladen hat von meinen daten wtf sry konnte nichts machen kein snipping tool garnichts nur neustarten


Das andere problem ich komme nicht mehr ins internet bzw nur abundzu wenn ich den dsn dienst beende wenn nicht kommt das DNS_PROBE_FINISHED_NXDOMAIN

Bring es wenn ich mal die ganz windows 7 neu installiere und die festplattte ganz sagen wir mal 10 mal formatiere ??

Oder ist mein Antivir infiziert ?? Weil naja etwas buggy ist habe es erst jetzt gemerkt mal steht da schutz aktiviert mal nicht obwohl es aktiviert ist ??
ähhh warum ist skype gelöscht und warum löscht er einfach welche txt daten die ich selber erstellt habe lol


sieh hier es liegt wie man es sieht 99% an unity3d ka warum das passiert aber irgendwas stimmt mit dem java script wie man es sieht vielleicht ein java trojaner ??

Geändert von rayleigh (07.07.2015 um 14:41 Uhr)

Alt 08.07.2015, 06:30   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.07.2015, 18:16   #10
rayleigh
 
Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.3.8 (07.09.2015:1)
OS: Windows 7 Home Premium x64
Ran by Rayleigh on 09.07.2015 at 18:48:55,03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Users\Rayleigh\appdata\local\google\chrome\user data\default\local storage\hxxp_st.chatango.com_0.localstorage
Successfully deleted: [File] C:\Users\Rayleigh\appdata\local\google\chrome\user data\default\local storage\hxxp_st.chatango.com_0.localstorage-journal



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Rayleigh\appdata\local\{06C66E50-3CD1-46F2-A55E-A9B4DDF39EF5}
Successfully deleted: [Empty Folder] C:\Users\Rayleigh\appdata\local\{58DE31CA-1940-4C62-ADF0-A07F804542E3}
Successfully deleted: [Empty Folder] C:\Users\Rayleigh\appdata\local\{62C91014-B2D7-4E71-A765-9B7F0E86FF9A}
Successfully deleted: [Empty Folder] C:\Users\Rayleigh\appdata\local\{7DCA7A1B-C276-4AA9-8715-4B8E78D37EDA}
Successfully deleted: [Empty Folder] C:\Users\Rayleigh\appdata\local\{A93B8D68-9595-4118-BF01-52F9534180EC}
Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\ProgramData\Google
Successfully deleted: [Folder] C:\Users\Rayleigh\appdata\locallow\ytd
Successfully deleted: [Folder] C:\Users\Rayleigh\documents\add-in express
Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin
Successfully deleted: [Folder] C:\Users\Rayleigh\appdata\local\2012



~~~ FireFox

Successfully deleted: [Folder] C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de
Successfully deleted the following from C:\Users\Rayleigh\AppData\Roaming\mozilla\firefox\profiles\qgxwtkeg.default\prefs.js

user_pref(extensions.register@pgport.com.data, {ef522540-89f5-46b9-b6fe-1829e2b572c6},0,9999,999.999.999,9999,|{c50ca3c4-5656-43c2-a061-13e717f73fc8},5300,5300,4.0.1,5300,f
Emptied folder: C:\Users\Rayleigh\AppData\Roaming\mozilla\firefox\profiles\qgxwtkeg.default\minidumps [187 files]



~~~ Chrome


[C:\Users\Rayleigh\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Rayleigh\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Rayleigh\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Rayleigh\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  mkfokfffehpeedafpekjeddnmnjhmcmk,
  npnkeeiehehhefofiekoflfedgehcdhl
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.07.2015 at 18:56:22,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
So aber das hier kommt immer überall in jeden programm von
Malwarebytes adware
C:\Users\Rayleigh\AppData\Roaming\mozilla\firefox\profiles\qgxwtkeg.default\prefs.js

Ach ja und DNS Fehler bug zum Internet habe ich auch immer

Alt 10.07.2015, 08:11   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



Logs von MBAM und AdwCleaner? Frisches FRST log?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.07.2015, 20:46   #12
rayleigh
 
Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



Zitat:
Zitat von schrauber Beitrag anzeigen
Logs von MBAM und AdwCleaner? Frisches FRST log?
Gerade wirds schlimm komme kaum ins internet und jetzt spinnt die cpu wenn ich chrome oder firefox öffne dann steigt es bis zu 100% cpu auslastung und dann kann ich nichts mehr machen

Alt 12.07.2015, 16:02   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - Standard

Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??



Hast Du alle 3 Tools laufen lassen? Ich brauch ein frisches FRST log, zur Not aus dem Safe Mode.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??
anti-malware, anwendungen, automatisch, explorer, firefox, gdata, gelöscht, google, großes, grund, hilft, laufen, min, nichts, plötzlich, problem, programme, scan, starte, starten, trojaner, viren, virus, virus ?, virus?, virus??, warscheinlich



Ähnliche Themen: Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??


  1. Windows 7: Laptop braucht 5 Min.+ zum Starten, Downloads nicht möglich, startet Programme (WLAN-Verbinung, Audio) nicht automatisch
    Plagegeister aller Art und deren Bekämpfung - 03.07.2015 (23)
  2. Notebook fährt ohne Grund ständig runter! Virus? Trojaner oder neues Notebook?
    Plagegeister aller Art und deren Bekämpfung - 09.03.2015 (9)
  3. PC plötzlich langsam, hängt, ohne ersichtlichen Grund
    Plagegeister aller Art und deren Bekämpfung - 19.07.2013 (15)
  4. Asus Eee PC 1000H Win 7: plötzlich teilte sich der Kern ohne ersichtlichen Grund
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (2)
  5. Nur noch Verknüpfungen und viele Programme lassen sich nicht mehr starten..
    Plagegeister aller Art und deren Bekämpfung - 09.01.2012 (3)
  6. Laptop geht aus ohne Grund ,Virus?
    Plagegeister aller Art und deren Bekämpfung - 28.12.2011 (5)
  7. Laptop (xp home) extrem langsam, immer 100% cpu ohne offene Programme -> Virus, Trojaner?
    Log-Analyse und Auswertung - 22.07.2011 (1)
  8. Internet Explorer startet ohne Grund automatisch
    Log-Analyse und Auswertung - 29.03.2011 (39)
  9. Beim starten öffnen sich automatisch sehr viele Ordner
    Alles rund um Windows - 20.02.2011 (4)
  10. Internet plötzlich merklich langsamer - Trojaner der Grund?
    Log-Analyse und Auswertung - 20.11.2010 (7)
  11. Plötzlich hohe Cpu auslastung, ohne erkennbaren Grund
    Plagegeister aller Art und deren Bekämpfung - 19.11.2010 (36)
  12. Viele Programme starten einfach nicht mehr
    Log-Analyse und Auswertung - 30.12.2009 (9)
  13. Rechner friert plötzlich ein ohne erkennbaren grund
    Log-Analyse und Auswertung - 10.08.2009 (4)
  14. Komischer Virus ? Kann Programme nicht mehr starten.
    Plagegeister aller Art und deren Bekämpfung - 23.05.2009 (17)
  15. IE Pop Ups ohne Grund!
    Plagegeister aller Art und deren Bekämpfung - 11.09.2008 (1)
  16. Pc ist ausgelastet ohne Grund
    Log-Analyse und Auswertung - 04.10.2006 (8)
  17. System plötzlich ohne ersichtlichen Grund langsam
    Log-Analyse und Auswertung - 09.02.2006 (1)

Zum Thema Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? - hi Habe ein großes problem jedes mal wenn irgendwie mein lapi heruntergefahren wurde. Und neugestartet wurde dann starte ich gerne Firefox und google nach ca 5min kommen plötzlich 10-15 programme - Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus??...
Archiv
Du betrachtest: Plötzlich starten viele programme automatisch ohne grund .Trojaner??Virus?? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.