|
Plagegeister aller Art und deren Bekämpfung: Windows 7: weißer Bildschirm taucht immer wieder aufWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
06.05.2015, 09:02 | #16 |
/// the machine /// TB-Ausbilder | Windows 7: weißer Bildschirm taucht immer wieder auf Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
12.07.2015, 12:38 | #17 |
| Windows 7: weißer Bildschirm taucht immer wieder auf Unschön das ich hier nochmal reinschreiben muss, aber das Problem ist wieder aufgekommen nur hartnäckiger als vorher. Ich bin mir nicht mal sicher ob das Problem beim letzten mal entgültig entfernt wurde oder ob ich es nur wieder bekommen habe.
__________________Auf jeden Fall spukt es seit letzter Zeit wieder rum auf meinen PC. Vor einigen Tagen noch sehr sporadisch, aber seit gestern Nacht war es nicht mehr wegzukriegen. Ich habe fast Programme die du mir gezeigt hast noch einmal probiert aber es geht nicht mehr weg. Außerdem reagierte es immer dann wenn MBAM vor seiner letzten Stufe war, fast so als ob es sich verstecken will. Irgendeine Aktivität die permanent von außen zugreift kann ich auch ausschließen da der weiße Bildschirm auch ohne Internet vorhanden ist und ich kein ominöses Programm gefunden habe das Internet verbraucht. Jedenfalls versuche ich es seit heute mit anderen Methoden, aber ich bekomm auch nicht das Fenster mit dem ich über F8 in den Sicherheitsmodus gelange angezeigt. Der weiße Bildschirm bleibt egal was ich mache. Könntest du mir vielleicht noch ein zweites mal helfen? |
12.07.2015, 16:16 | #18 |
/// the machine /// TB-Ausbilder | Windows 7: weißer Bildschirm taucht immer wieder auf Poste mal frische FRST logs. Sowas muss aber nicht zwingend von Malware kommen (auch wenn dein Rechner verseucht war), kann auch gerne einfach die Grafik oder der Monitor kaputt sein.
__________________
__________________ |
12.07.2015, 16:23 | #19 |
| Windows 7: weißer Bildschirm taucht immer wieder auf Naja schon mit den FRST logs ist es ein Problem, denn diesmal ist der Zustand von Anfang an vorhanden, also beim Start, und ich komm nicht in den abgesicherten Modus vom PC. Also besser gesagt ich sehe ihn wohl nicht. Wie soll ich FRST sonst aktivieren? Geändert von Robbstar (12.07.2015 um 16:38 Uhr) |
13.07.2015, 08:11 | #20 |
/// the machine /// TB-Ausbilder | Windows 7: weißer Bildschirm taucht immer wieder auf Ah ok. Bitte ein externen Bildschirm oder TV anklemmen. Geht das?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
13.07.2015, 10:20 | #21 |
| Windows 7: weißer Bildschirm taucht immer wieder auf Hast recht hört sich klug an FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-07-2015 Ran by Robert (administrator) on SEPTA7 on 13-07-2015 11:14:31 Running from F:\ Loaded Profiles: Robert (Available Profiles: Robert) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Locktime Software) C:\Program Files\NetLimiter 3\nlsvc.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Akamai Technologies, Inc.) C:\Users\Robert\AppData\Local\Akamai\netsession_win.exe () C:\Windows\SysWOW64\PnkBstrB.exe () C:\Program Files (x86)\WhatPulse2\whatpulse.exe (Spotify Ltd) C:\Users\Robert\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Locktime Software) C:\Program Files\NetLimiter 3\NLClientApp.exe (Akamai Technologies, Inc.) C:\Users\Robert\AppData\Local\Akamai\netsession_win.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files (x86)\PC-Zeit\trap.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files (x86)\WhatPulse2\whatpulse-watchdog.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Google Inc.) C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET) HKLM-x32\...\Run: [pczeit] => C:\Program Files (x86)\PC-Zeit\trap.exe [32768 2001-03-21] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Robert\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\...\Run: [WhatPulse] => C:\Program Files (x86)\WhatPulse2\whatpulse.exe [3714560 2015-06-28] () HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\...\Run: [Spotify Web Helper] => C:\Users\Robert\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030648 2015-07-09] (Spotify Ltd) HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\...\Run: [NetLimiter] => C:\Program Files\NetLimiter 3\NLClientApp.exe [2915968 2013-10-10] (Locktime Software) HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP8BB0F646-33BB-4501-800B-7E7E2AB8D1D6&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06] (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06] (Oracle Corporation) Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File Toolbar: HKLM-x32 - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.) Toolbar: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{B594AA79-C8FC-4112-9A6D-A82864D8D7A9}: [DhcpNameServer] 192.168.2.1 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\jpokyryl.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_191.dll [2015-07-10] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-12-10] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-12-10] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-12-10] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-12-10] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-12-10] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_191.dll [2015-07-10] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.) FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-03-14] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-06] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2668693213-3710127811-2739174359-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Plugin HKU\S-1-5-21-2668693213-3710127811-2739174359-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Plugin HKU\S-1-5-21-2668693213-3710127811-2739174359-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-12-23] (Ubisoft) FF SearchPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\jpokyryl.default\searchplugins\youtube-videosuche.xml [2011-09-05] FF Extension: Amazon-Icon - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\jpokyryl.default\Extensions\amazon-icon@giga.de [2015-04-26] FF Extension: Gutscheinrausch.de - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\jpokyryl.default\Extensions\mail@gutscheinrausch.de [2011-05-08] FF Extension: ProxTube - Unblock YouTube - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\jpokyryl.default\Extensions\ich@maltegoetz.de.xpi [2011-12-08] FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [5093ef3f4e289@5093ef3f4e2c3.com] - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\jpokyryl.default\extensions\5093ef3f4e289@5093ef3f4e2c3.com FF Extension: No Name - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\jpokyryl.default\extensions\crossriderapp3491@crossrider.com [not found] FF Extension: No Name - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\jpokyryl.default\extensions\ffxtlbr@incredibar.com [not found] FF Extension: No Name - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\jpokyryl.default\extensions\ffxtlbra@softonic.com [not found] FF Extension: No Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [not found] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found] Chrome: ======= CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2012-07-02] CHR Extension: (BetterTTV) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-04-25] CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-31] CHR Extension: (Google Search) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-31] CHR Extension: (AdBlock) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-05-19] CHR Extension: (Reddit Enhancement Suite) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-01-25] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12] CHR Extension: (Google Wallet) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (NotScripts) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn [2013-04-17] CHR Extension: (Gmail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-31] CHR HKLM-x32\...\Chrome\Extension: [polklggmgddggnfjbpdddknkgiiabdia] - C:\ProgramData\Download and Sa\polklggmgddggnfjbpdddknkgiiabdia.crx [Not Found] StartMenuInternet: Google Chrome - C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET) R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed] R2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1851008 2013-10-10] (Locktime Software) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3804120 2011-08-07] (INCA Internet Co., Ltd.) [File not signed] R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2010-11-12] (NTI Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-08-28] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-08-28] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-09-22] (ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-09-22] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-09-22] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-09-22] (ESET) R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [87472 2013-06-12] (Locktime Software) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X] S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X] S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X] S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X] S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X] S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X] S3 BtFilter; system32\DRIVERS\btfilter.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-13 11:12 - 2015-07-13 11:14 - 00000000 ____D C:\FRST 2015-07-09 22:50 - 2015-07-09 22:50 - 00000000 ____D C:\Users\Robert\AppData\Local\CrashRpt 2015-07-09 18:41 - 2015-07-09 18:41 - 00001136 _____ C:\Users\Robert\Desktop\JRT.txt 2015-07-09 11:21 - 2015-07-09 11:21 - 00112912 _____ C:\Users\Robert\AppData\Local\GDIPFONTCACHEV1.DAT 2015-07-09 11:20 - 2015-07-13 11:10 - 00000952 _____ C:\Windows\setupact.log 2015-07-09 11:20 - 2015-07-09 11:21 - 04939872 _____ C:\Windows\system32\FNTCACHE.DAT 2015-07-09 11:20 - 2015-07-09 11:20 - 00000000 _____ C:\Windows\setuperr.log 2015-07-08 11:25 - 2015-07-08 11:39 - 00000000 ____D C:\ComboFix 2015-06-26 23:29 - 2015-06-26 23:29 - 00000857 _____ C:\Users\Robert\AppData\Local\recently-used.xbel 2015-06-25 15:59 - 2015-06-25 09:51 - 02952250 _____ (Malwarebytes Corporation) C:\Users\Robert\Desktop\JRT.exe 2015-06-25 13:48 - 2015-06-25 13:48 - 00000000 ____D C:\Users\Robert\AppData\Local\Locktime 2015-06-25 13:47 - 2015-06-25 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 3 2015-06-25 13:47 - 2015-06-25 13:47 - 00000000 ____D C:\ProgramData\Locktime 2015-06-25 13:47 - 2015-06-25 13:47 - 00000000 ____D C:\Program Files\NetLimiter 3 2015-06-25 13:45 - 2015-06-25 13:47 - 10190344 _____ (Locktime Software) C:\Users\Robert\Downloads\netlimiter-3.0.0.11-x64.exe 2015-06-25 13:34 - 2015-07-04 19:57 - 00000000 ____D C:\Users\Robert\AppData\Roaming\qBittorrent 2015-06-25 13:34 - 2015-06-25 13:34 - 00000000 ____D C:\Users\Robert\AppData\Local\qBittorrent 2015-06-25 13:34 - 2015-06-25 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2015-06-25 13:34 - 2015-06-25 13:34 - 00000000 ____D C:\Program Files (x86)\qBittorrent 2015-06-24 15:50 - 2015-06-24 15:50 - 00000741 _____ C:\Users\Public\Desktop\World of Warcraft.lnk 2015-06-24 15:50 - 2015-06-24 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2015-06-23 01:16 - 2015-06-23 01:17 - 00007819 _____ C:\Users\Robert\Documents\Uninstall Dragon Age Origins.log 2015-06-19 23:31 - 2015-06-19 23:40 - 00000000 ____D C:\AdwCleaner 2015-06-19 23:17 - 2015-06-19 23:17 - 02950477 _____ (Thisisu) C:\Users\Robert\Downloads\JRT.exe 2015-06-16 20:18 - 2015-06-16 20:18 - 00019241 _____ C:\Users\Robert\Downloads\Ablaufplan.odt ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-13 11:14 - 2011-03-25 17:39 - 00704984 _____ C:\Windows\system32\perfh007.dat 2015-07-13 11:14 - 2011-03-25 17:39 - 00154708 _____ C:\Windows\system32\perfc007.dat 2015-07-13 11:14 - 2009-07-14 07:13 - 01650100 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-13 11:12 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-13 11:12 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-13 11:10 - 2012-05-25 16:39 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{17386BDC-39EE-4DC1-ABD7-A81EEE29B135} 2015-07-13 11:09 - 2014-06-28 13:45 - 01449818 _____ C:\Windows\WindowsUpdate.log 2015-07-13 11:07 - 2015-05-15 09:27 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08ee0a43bcdfa.job 2015-07-13 11:07 - 2015-05-15 09:27 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08ee0a41c1083.job 2015-07-13 11:07 - 2015-02-06 22:26 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0424b40eefb18.job 2015-07-13 11:07 - 2013-02-21 17:22 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-13 11:07 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-12 23:29 - 2015-05-15 09:27 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001UA1d08ee09bcb0957.job 2015-07-12 23:29 - 2015-02-06 22:26 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0424b4109fd8e.job 2015-07-12 23:29 - 2015-02-04 15:18 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001UA1d0407d1e164ffd.job 2015-07-12 23:29 - 2013-02-21 17:22 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-12 23:29 - 2012-03-31 14:52 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001UA.job 2015-07-12 23:29 - 2012-03-31 14:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-12 23:28 - 2014-10-20 01:22 - 00000000 ____D C:\Users\Robert\AppData\Local\whatpulse 2015-07-11 23:30 - 2013-12-08 15:52 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Spotify 2015-07-11 14:23 - 2012-03-31 14:52 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001Core.job 2015-07-11 12:26 - 2013-12-08 15:54 - 00000000 ____D C:\Users\Robert\AppData\Local\Spotify 2015-07-10 22:38 - 2012-03-31 14:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-10 21:39 - 2012-03-31 14:43 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-10 21:39 - 2011-05-18 15:23 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-10 14:13 - 2014-06-10 23:30 - 00000000 ____D C:\Users\Robert\AppData\Local\Battle.net 2015-07-10 13:36 - 2014-06-10 23:30 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-07-10 13:32 - 2012-04-02 16:29 - 00000000 ____D C:\Program Files (x86)\Steam 2015-07-09 18:51 - 2015-05-03 14:37 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-09 18:44 - 2015-05-02 10:31 - 00001272 _____ C:\Users\Robert\Desktop\Revo Uninstaller.lnk 2015-07-09 18:44 - 2015-05-02 10:31 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2015-07-08 14:00 - 2011-06-11 20:52 - 00000000 ____D C:\Users\Robert\AppData\Roaming\BitTorrent 2015-07-08 11:35 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2015-07-07 22:14 - 2011-04-27 10:50 - 00000000 ____D C:\Users\Robert\AppData\Roaming\vlc 2015-07-07 10:56 - 2015-05-15 09:27 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001Core1d08ee09ba5a67b.job 2015-07-07 10:47 - 2015-02-04 15:18 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001Core1d0407d1df3faea.job 2015-07-06 20:58 - 2015-04-24 23:49 - 00000000 ____D C:\Users\Robert\AppData\Roaming\foobar2000 2015-07-06 20:57 - 2014-06-21 14:57 - 00000000 ____D C:\Users\Robert\AppData\Local\Last.fm 2015-07-04 11:25 - 2014-10-20 01:22 - 00000000 ____D C:\Program Files (x86)\WhatPulse2 2015-06-26 23:29 - 2015-02-01 18:44 - 00000000 ____D C:\Users\Robert\.gimp-2.8 2015-06-25 23:07 - 2014-12-25 13:10 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-06-25 13:00 - 2013-04-12 17:04 - 00000000 ____D C:\Program Files (x86)\osu! 2015-06-25 11:17 - 2015-05-28 14:16 - 00000000 ____D C:\Qoobox 2015-06-25 11:17 - 2015-05-28 14:13 - 05630239 ____R (Swearware) C:\Users\Robert\Downloads\ComboFix.exe 2015-06-23 04:17 - 2014-12-23 13:14 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2015-06-23 01:59 - 2011-05-12 16:39 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Skype 2015-06-23 01:30 - 2012-07-08 22:34 - 00000000 ____D C:\Windows\Minidump 2015-06-23 01:30 - 2011-04-27 11:54 - 00000000 ____D C:\Users\Robert\AppData\Local\CrashDumps 2015-06-23 01:26 - 2014-10-14 18:16 - 00000000 ____D C:\Users\Robert\AppData\Local\Glyph 2015-06-23 01:26 - 2014-10-14 18:16 - 00000000 ____D C:\ProgramData\Glyph 2015-06-23 01:22 - 2015-02-01 22:42 - 00000000 ____D C:\Program Files (x86)\Nordic Games ==================== Files in the root of some directories ======= 2015-06-26 23:29 - 2015-06-26 23:29 - 0000857 _____ () C:\Users\Robert\AppData\Local\recently-used.xbel 2013-01-10 17:59 - 2015-04-26 13:53 - 0007598 _____ () C:\Users\Robert\AppData\Local\Resmon.ResmonCfg 2011-11-05 15:51 - 2011-11-05 15:51 - 0017408 _____ () C:\Users\Robert\AppData\Local\WebpageIcons.db 2011-07-27 17:15 - 2011-07-27 17:15 - 0000000 _____ () C:\Users\Robert\AppData\Local\{6227965A-4CF6-4A9A-952E-11144ECAA2A4} 2011-05-01 15:44 - 2011-05-01 15:44 - 0000000 _____ () C:\Users\Robert\AppData\Local\{A4353A84-5E5C-4EC8-AD72-5253CBF69D70} 2011-05-15 18:45 - 2011-05-15 18:46 - 0000000 _____ () C:\Users\Robert\AppData\Local\{A7B678F0-47B5-40D1-B24C-5A4ED17CE10D} 2011-07-25 11:20 - 2011-07-25 11:20 - 0000000 _____ () C:\Users\Robert\AppData\Local\{C5A61369-7F35-48FC-A586-D83D2541C4A1} 2011-05-05 18:21 - 2011-05-05 18:21 - 0000000 _____ () C:\Users\Robert\AppData\Local\{CB9B68FB-6F2C-46C7-B269-0F004AE07B4D} 2011-05-30 22:10 - 2011-05-30 22:11 - 0000000 _____ () C:\Users\Robert\AppData\Local\{FE5EC26E-257D-4777-8FF8-FA3B0741CBD1} 2011-03-25 09:59 - 2011-03-25 10:02 - 0016178 _____ () C:\ProgramData\ArcadeDeluxe5.log 2014-01-12 00:54 - 2014-01-12 00:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2010-12-10 21:09 - 2010-03-03 01:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe 2012-05-30 21:28 - 2012-05-30 21:29 - 0000032 _____ () C:\ProgramData\PS.log ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-04 20:17 ==================== End of log ============================ Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:12-07-2015 Ran by Robert at 2015-07-13 11:14:54 Running from F:\ Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2668693213-3710127811-2739174359-500 - Administrator - Disabled) Gast (S-1-5-21-2668693213-3710127811-2739174359-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2668693213-3710127811-2739174359-1002 - Limited - Enabled) Robert (S-1-5-21-2668693213-3710127811-2739174359-1001 - Administrator - Enabled) => C:\Users\Robert ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.35 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0935-000001000000}) (Version: 9.35.00.0 - Igor Pavlov) Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.69 - NTI Corporation) Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1216 - CyberLink Corp.) Acer Crystal Eye Webcam (x32 Version: 1.0.1216 - CyberLink Corp.) Hidden Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3000 - Acer Incorporated) Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.191 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.191 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Alcatech BPM Studio Professional v4.9.1 (HKLM-x32\...\Alcatech BPM Studio Professional v4.9.1) (Version: - ) AMD Catalyst Install Manager (HKLM\...\{F37A899E-1745-52F5-658F-9A4DA4D46BB7}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.) Backup Manager V3 (x32 Version: 3.0.0.69 - NTI Corporation) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BitTorrent (HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.) Blobby Volley 2 Version 1.0RC3 (HKLM-x32\...\Blobby Volley 2 Version 1.0RC3_is1) (Version: - ) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - ) Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - ) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - ) Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version: - ) Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.) Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) ccc-core-static (x32 Version: 2010.1028.1114.18274 - Ihr Firmenname) Hidden CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform) CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.) ESET NOD32 Antivirus (HKLM\...\{9EEE5827-F6A6-447E-9839-6AFAF6FCC442}) (Version: 8.0.304.4 - ESET, spol s r. o.) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.) Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HydraVision (x32 Version: 4.2.248.0 - Advanced Micro Devices, Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Launch Manager (HKLM-x32\...\LManager) (Version: 5.0.3 - Acer Inc.) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Magic Bullet Looks Vegas (HKLM-x32\...\Magic Bullet Looks Vegas) (Version: - ) Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{E4E4EADB-34C0-4AAE-9056-64C3AFC0FAD2}) (Version: 11.3.0 - Red Giant Software) Magic Bullet Suite 64-bit (Version: 11.3.0 - Red Giant Software) Hidden Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Mp3tag v2.63 (HKLM-x32\...\Mp3tag) (Version: v2.63 - Florian Heidenreich) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) NetLimiter 3 (HKLM-x32\...\NetLimiter 3 3.0.0.11) (Version: 3.0.0.11 - Locktime Software) NetLimiter 3 (Version: 3.0.0.11 - Locktime Software) Hidden NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version: - ) NewBlue 3D Transformations for Vegas (HKLM-x32\...\NewBlue 3D Transformations for Vegas) (Version: - ) NewBlue Art Blends (HKLM-x32\...\NewBlue Art Blends) (Version: - ) NewBlue Art Effects (HKLM-x32\...\NewBlue Art Effects) (Version: - ) NewBlue Cartoonr for Vegas (HKLM-x32\...\NewBlue Cartoonr for Vegas) (Version: - ) NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version: - ) NewBlue Motion Blends (HKLM-x32\...\NewBlue Motion Blends) (Version: - ) NewBlue Motion Effects (HKLM-x32\...\NewBlue Motion Effects) (Version: - ) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.6 - Black Tree Gaming) NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation) OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org) Origin (HKLM-x32\...\Origin) (Version: 9.0.0.1980 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{201548b7-7d09-44b6-839a-c80f33bab34d}) (Version: latest - ppy Pty Ltd) Outspark Sharp Launcher (HKLM-x32\...\{B5560986-7A6A-4CCA-A808-853D2CED3796}) (Version: 1.75.00 - Outspark) PC-Zeit 2.01 (HKLM-x32\...\PC-Zeit) (Version: 2.01 - BAxBEx Software) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden qBittorrent 3.2.0 (HKLM-x32\...\qBittorrent) (Version: 3.2.0 - The qBittorrent project) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) S4 League_EU (HKLM-x32\...\{A9EAA08A-4190-4066-96DF-59B2D0E24015}) (Version: 1.00.0000 - ) Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - ) SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - ) Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - ) SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - ) SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - ) Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.) Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\...\Spotify) (Version: 1.0.8.59.gee82e7e6 - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH) TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo) Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version: - Hi-Rez Studios) TurboPlot v3.7e (HKLM-x32\...\TurboPlot_is1) (Version: - G. & H.-J. Dreher) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - ) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Vegas Pro 10.0 (HKLM-x32\...\{6E0E4D61-11EC-11E0-B454-0013D3D69929}) (Version: 10.0.469 - Sony) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN) Vocup 1.4.3 (HKLM-x32\...\Vocup_is1) (Version: 1.4.3 - Florian Amstutz) WhatPulse version 2.4.1 (HKLM-x32\...\{95CC8D5F-90A1-4285-9B2D-8D0FBCFD8D0D}_is1) (Version: 2.4.1 - WhatPulse) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{01E9FAE9-3819-4dd9-B1D9-998A1C62D1F8}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 09-07-2015 18:45:16 Revo Uninstaller's restore point - World of Warcraft ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-05-02 10:57 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {020FEC40-FB5C-47CB-8F84-E23230794017} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001UA1d08ee09bcb0957 => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-31] (Google Inc.) Task: {0A9F09FE-D210-4B4F-B3C3-E2E7B329B2DB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001Core => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-31] (Google Inc.) Task: {10235F50-09EC-4EC0-AAFC-79C8E16426D4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-10] (Adobe Systems Incorporated) Task: {16EED851-8D00-4220-B2E6-D8BEDFBB5CA9} - System32\Tasks\GoogleUpdateTaskMachineCore1d08ee0a41c1083 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21] (Google Inc.) Task: {1A552667-140D-49DD-9843-45D5FF8E254B} - System32\Tasks\{2C65BEBB-040F-43E6-802C-E3E6C1994368} => pcalua.exe -a "F:\Sony Vegas pro 10\SonyVegasProCRACK.exe" -d "F:\Sony Vegas pro 10" Task: {1BD882F0-F2F5-47CC-A166-D8D2DCE12CCA} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe Task: {2A379B19-FD98-4857-AA07-1F89DFEBBC01} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001UA => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-31] (Google Inc.) Task: {423E3973-D27B-4D9C-A373-4898699942A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21] (Google Inc.) Task: {502DF70B-78DD-4C3C-A6EF-5F951780309F} - System32\Tasks\{88F1CE7F-4A11-4AAE-8C06-7BFED5D996B8} => pcalua.exe -a D:\pictures\SonyVegasProCRACK.exe -d "C:\Program Files (x86)\Skype\Phone" Task: {6763E3EC-2E9A-4CAD-956C-765DC9F6FEE0} - System32\Tasks\GoogleUpdateTaskMachineCore1d0424b40eefb18 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21] (Google Inc.) Task: {68CC596D-5AA4-4124-BD5C-952674E4A54E} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated) Task: {82C89B78-05F6-4A9C-BF40-53B9F79BD588} - System32\Tasks\{8AC1D440-A0B6-4646-BE4F-CBC36BAD1C0D} => pcalua.exe -a D:\SKYRIM\Setup.exe -d D:\SKYRIM Task: {8D52E095-5142-49D8-8940-BDC41511381A} - System32\Tasks\{AD672A81-4362-4FA7-A964-AD2D540C644A} => pcalua.exe -a D:\Spiele\SKYRIM\Uninstall.exe -d D:\Spiele\SKYRIM Task: {930B516A-49B2-496D-9919-15DEFB1D3F1C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21] (Google Inc.) Task: {9B04A1B3-0EEF-4AC0-A057-6403A71DA287} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation) Task: {A3249097-BF76-498D-A064-38FCEFBC728E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001UA1d0407d1e164ffd => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-31] (Google Inc.) Task: {AFF91E2F-4238-44F4-A9DF-420F3DE4EE8B} - System32\Tasks\{EC401BA4-2459-4F3A-9FAF-565C0B66E8F5} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/218 Task: {B1C2AE75-E3CA-40A2-983B-01DDE5E6FCE9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated) Task: {B5116105-E0CF-413B-B633-281F6BA599E1} - \{02F7FA9D-71B4-4590-A2AE-218E3685B877} No Task File <==== ATTENTION Task: {BA616892-3656-460F-B550-D0974F2B2EB4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001Core1d08ee09ba5a67b => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-31] (Google Inc.) Task: {C0A1A332-5FDB-48C4-81F3-72BE806266AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001Core1d0407d1df3faea => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-31] (Google Inc.) Task: {CA339EDD-7A9F-4EA1-B5DF-913612F15E66} - System32\Tasks\GoogleUpdateTaskMachineUA1d0424b4109fd8e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21] (Google Inc.) Task: {EDCD337F-F730-4A58-AD7B-50C86AD55B86} - System32\Tasks\GoogleUpdateTaskMachineUA1d08ee0a43bcdfa => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-21] (Google Inc.) Task: {F6EC52A5-00DB-4B74-846B-663DF871C676} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0424b40eefb18.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08ee0a41c1083.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0424b4109fd8e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08ee0a43bcdfa.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001Core.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001Core1d0407d1df3faea.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001Core1d08ee09ba5a67b.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001UA.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001UA1d0407d1e164ffd.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2668693213-3710127811-2739174359-1001UA1d08ee09bcb0957.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2011-03-21 16:19 - 2011-03-21 16:19 - 00053248 _____ () C:\Program Files\NetLimiter 3\nlsvcPS.dll 2011-09-06 15:57 - 2014-08-28 17:05 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2011-09-06 15:57 - 2014-08-28 17:05 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-10-20 01:22 - 2015-06-28 13:32 - 03714560 _____ () C:\Program Files (x86)\WhatPulse2\whatpulse.exe 2001-03-21 03:01 - 2001-03-21 03:01 - 00032768 ____N () C:\Program Files (x86)\PC-Zeit\trap.exe 2014-10-20 01:22 - 2014-09-27 17:24 - 00664064 _____ () C:\Program Files (x86)\WhatPulse2\whatpulse-watchdog.exe 2010-11-12 03:22 - 2010-11-12 03:22 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2010-11-12 03:22 - 2010-11-12 03:22 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll 2010-11-12 03:22 - 2010-11-12 03:22 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll 2014-10-20 01:22 - 2013-04-08 10:34 - 00039936 _____ () C:\Program Files (x86)\WhatPulse2\CrashRpt1402.dll 2014-10-20 01:22 - 2014-09-03 23:26 - 00875520 _____ () C:\Program Files (x86)\WhatPulse2\platforms\qwindows.dll 2001-03-21 03:01 - 2001-03-21 03:01 - 00024576 ____N () C:\Program Files (x86)\PC-Zeit\PCZeitH.DLL 2014-11-09 21:00 - 2014-11-09 21:00 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll 2010-12-10 21:00 - 2010-09-14 04:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2015-07-07 21:33 - 2015-07-07 05:49 - 01281864 _____ () C:\Users\Robert\AppData\Local\Google\Chrome\Application\43.0.2357.132\libglesv2.dll 2015-07-07 21:33 - 2015-07-07 05:49 - 00080712 _____ () C:\Users\Robert\AppData\Local\Google\Chrome\Application\43.0.2357.132\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:0B9176C0 AlternateDataStreams: C:\ProgramData\Temp:1A60DE96 AlternateDataStreams: C:\ProgramData\Temp:798A3728 AlternateDataStreams: C:\ProgramData\Temp:93EB7685 AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D AlternateDataStreams: C:\ProgramData\Temp:E3C56885 ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\...\aeriagames.com -> hxxp://aeriagames.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2668693213-3710127811-2739174359-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: Hamachi2Svc => 2 MSCONFIG\Services: HiPatchService => 2 MSCONFIG\Services: OpenVPNService => 3 MSCONFIG\Services: vToolbarUpdater13.2.0 => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tbhcn.lnk => C:\Windows\pss\tbhcn.lnk.Startup MSCONFIG\startupreg: Acer ePower Management => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Robert\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k MSCONFIG\startupreg: BitTorrent => "C:\Users\Robert\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: Google Update => "C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Java Update => C:\Program Files\Java\divx.exe MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: NetLimiter => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" MSCONFIG\startupreg: ROC_ROC_JULY_P1 => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => "C:\Users\Robert\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Robert\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: YTDownloader => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{DD1A5DAB-126C-45C2-8975-70B960BA01F1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{33CAC409-948F-448D-8B34-E191E5641362}] => (Allow) LPort=2869 FirewallRules: [{737F0FB1-E5E4-446A-B8C3-35265645C948}] => (Allow) LPort=1900 FirewallRules: [{6C37FE7D-523E-48DB-9FC7-48205BBC6BF6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{CCD408E6-D2EE-4891-B846-60E043F1B0DC}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{73CD557F-4E9D-472D-8BCA-0687EFA43B19}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\CLML\CLMLSvc.exe FirewallRules: [{4442BF0A-A0DF-4961-B8C3-83EDFEEEFE29}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe FirewallRules: [{1382281E-CE6F-4FB3-A3DC-72A0774F897B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe FirewallRules: [{EF129539-91AE-4DDF-81F9-A54F0E623321}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe FirewallRules: [{E3463121-DFA6-4C9F-AF70-698AA9EF9CAF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{7E47FDD6-FA62-47FC-8220-D7F6DE8C1844}] => (Allow) C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe FirewallRules: [{2D5A575F-0090-446E-8EF6-5D50505543CC}] => (Allow) C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe FirewallRules: [TCP Query User{07DEDCEB-8BA2-439F-AB50-5CAA60DFE5A0}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Block) C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe FirewallRules: [UDP Query User{AC3C5EA0-09EA-4438-8CA9-9E8A71718091}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Block) C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe FirewallRules: [TCP Query User{49877313-D175-47DE-BA7B-E2A140605BD0}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe FirewallRules: [UDP Query User{31323A24-F21E-47F5-A63D-C566483AC7BB}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe FirewallRules: [TCP Query User{6F27F989-B256-40E1-8B1B-E212156F2BD4}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe FirewallRules: [UDP Query User{BB13E8F8-EB70-4A9F-ABFD-E27EC0101B39}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe FirewallRules: [{1491FFC2-9C55-4A2D-AB3C-0467792EA495}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{3467EB9E-D075-45E7-9971-15805D27DADC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{0D98FADA-8400-42F2-B1AF-FD6DB4D203A4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{A1083E8E-F9E4-4243-AD40-F7F079F82726}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{B765E5A3-937D-46B1-9578-A7A514D3E219}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{24D0CDAC-4E49-463A-A60D-99740F527E1D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{B0ECDD3D-F99A-47E0-9D66-7BEE71607076}] => (Allow) C:\Users\Robert\AppData\Local\Akamai\netsession_win.exe FirewallRules: [{D999F1FD-4927-4A58-B837-A3A7EEA323BD}] => (Allow) C:\Users\Robert\AppData\Local\Akamai\netsession_win.exe FirewallRules: [{C022BB6B-015C-463F-8CF9-6AE0B1F74333}] => (Allow) C:\Program Files (x86)\Outspark\Project Powder\Run.exe FirewallRules: [{7969C193-A0BB-4E5F-B210-E8B476729C0B}] => (Allow) C:\Program Files (x86)\Outspark\Project Powder\Run.exe FirewallRules: [{0342E4CE-A228-4FC6-88F2-828A02BA2971}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe FirewallRules: [{2CD532FD-D4F1-4455-8578-86CF90883963}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe FirewallRules: [{6E3EE2A7-D6E4-4E25-9EBF-81E6E5AD8D81}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe FirewallRules: [{94069FE5-B8DD-49BC-8D7A-726B8ABDCC5D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe FirewallRules: [{6B8CA702-5861-4702-9C4A-6DAC0F426E77}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe FirewallRules: [{D1995A10-E1C5-47A7-ACB7-F3A14863979D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe FirewallRules: [{7DA7C2B7-ABA1-48BE-9974-9141FD47A72D}] => (Allow) C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe FirewallRules: [{C40B5EE1-53B5-4BFC-B311-6D5A5F95CA1E}] => (Allow) C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe FirewallRules: [{27D238BF-6E52-4C4C-A63F-D38B5F5D93C3}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{5E1BDD13-C168-4DAD-BB98-67F0C3707D25}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{B2A21CD1-299A-419F-8D3F-162D482348C6}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{37B75D7C-7523-40A9-A390-E18354988C53}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [TCP Query User{8F0B0B45-D67A-45C9-BDD4-AD4ECE51C36C}C:\program files (x86)\xfire\xfire.exe] => (Block) C:\program files (x86)\xfire\xfire.exe FirewallRules: [UDP Query User{9ECF5A61-44EB-466F-A2A7-B04503F13D4F}C:\program files (x86)\xfire\xfire.exe] => (Block) C:\program files (x86)\xfire\xfire.exe FirewallRules: [{0C503B01-67B1-467D-9DCB-EF7291D254F5}] => (Allow) C:\Program Files (x86)\REACTOR\ijjiOptimizer.exe FirewallRules: [{112D1A0F-E29E-4C5F-A041-C130372182DB}] => (Allow) C:\Program Files (x86)\REACTOR\ijjiOptimizer.exe FirewallRules: [TCP Query User{D96AC44D-6857-4376-A06D-AB0D1B5492EB}C:\ijji\english\ava\binaries\ava.exe] => (Block) C:\ijji\english\ava\binaries\ava.exe FirewallRules: [UDP Query User{79E161FD-A8A5-4CF3-ADDF-82C5670BF911}C:\ijji\english\ava\binaries\ava.exe] => (Block) C:\ijji\english\ava\binaries\ava.exe FirewallRules: [TCP Query User{B7334783-AD15-4CCC-8CC1-B1B1A199A76C}C:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe FirewallRules: [UDP Query User{0CEEDFAE-D34F-424A-8EF5-67DCB50F7984}C:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe FirewallRules: [{283073CB-5C6D-4740-8AD6-9C0A175EDCCD}] => (Block) C:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe FirewallRules: [{F3CB6D78-FF3A-4A19-B250-DBEC574B8122}] => (Block) C:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe FirewallRules: [TCP Query User{5CB27770-95C7-4647-AA89-6398142BBD4F}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [UDP Query User{887EB305-5F07-492C-BF01-96F5CE587F11}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [{AF554393-BB37-4F20-920D-C16B8A874BCF}] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [{F339521F-A332-496F-8885-F734B0EDCFFA}] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [{244774E3-4EEA-476F-AF7E-C859024EA4E0}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{46878430-117A-414F-AD42-4A1860512833}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{CBDE655F-C126-4EF4-BFD8-8F0B5AD5CB92}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{0C19CCB9-41FF-405F-8315-4A5EF6375861}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [TCP Query User{1C5B5B2B-5AAE-46B6-B8D9-FB417FC219C3}C:\nexon\combat arms eu\engine.exe] => (Block) C:\nexon\combat arms eu\engine.exe FirewallRules: [UDP Query User{64399B8B-93AC-4B58-86B1-AE2051FA5663}C:\nexon\combat arms eu\engine.exe] => (Block) C:\nexon\combat arms eu\engine.exe FirewallRules: [TCP Query User{CB9B45BF-6CA7-45B5-BBE3-C559F62B6A81}C:\program files\adobe\adobe after effects cs5.5\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs5.5\support files\afterfx.exe FirewallRules: [UDP Query User{99E9FC90-3641-453C-9E81-D18453A1E3E1}C:\program files\adobe\adobe after effects cs5.5\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs5.5\support files\afterfx.exe FirewallRules: [{2052BA58-77B1-42A2-832B-4F943C263E0D}] => (Block) C:\program files\adobe\adobe after effects cs5.5\support files\afterfx.exe FirewallRules: [{4ED343DB-F648-48B7-944C-E9A0E964D7BB}] => (Block) C:\program files\adobe\adobe after effects cs5.5\support files\afterfx.exe FirewallRules: [{E9BD8F3C-6156-48E7-A04E-A654A350DA3E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{DB416604-73B8-4C78-9803-43AC47589A95}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{372DC819-7F16-4DC8-B3C6-05515554082C}C:\program files (x86)\ea games\dead space 2\deadspace2.exe] => (Allow) C:\program files (x86)\ea games\dead space 2\deadspace2.exe FirewallRules: [UDP Query User{8C8CA000-FEFC-4846-A925-4EDEB80C0E41}C:\program files (x86)\ea games\dead space 2\deadspace2.exe] => (Allow) C:\program files (x86)\ea games\dead space 2\deadspace2.exe FirewallRules: [{A7D98A29-BE1F-4CE1-9B12-F023E8C77B33}] => (Block) C:\program files (x86)\ea games\dead space 2\deadspace2.exe FirewallRules: [{1C63674E-5DEE-44DC-863C-D1AE7B79EC80}] => (Block) C:\program files (x86)\ea games\dead space 2\deadspace2.exe FirewallRules: [TCP Query User{494C747B-0820-4E04-B186-FCDDA2FDC253}C:\program files (x86)\1clickdownload\1clickdownloader.exe] => (Allow) C:\program files (x86)\1clickdownload\1clickdownloader.exe FirewallRules: [UDP Query User{3B425E53-186D-483B-9675-9D91F86E0131}C:\program files (x86)\1clickdownload\1clickdownloader.exe] => (Allow) C:\program files (x86)\1clickdownload\1clickdownloader.exe FirewallRules: [{CD4D6426-3196-4C0F-88FE-44B9364C4BA6}] => (Block) C:\program files (x86)\1clickdownload\1clickdownloader.exe FirewallRules: [{98EA688E-AF22-4B09-ADD1-8322CFD5C0AD}] => (Block) C:\program files (x86)\1clickdownload\1clickdownloader.exe FirewallRules: [{580E10A8-B769-426E-9527-41F2E9F6FD5E}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{E564755D-3424-4D15-B842-628FA2093494}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{DDC2120F-8BC4-4F59-A616-7062829B31BA}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe FirewallRules: [{37F346AC-D064-455C-9A1B-F9FE86AA0270}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe FirewallRules: [TCP Query User{B7258E1D-E604-4217-888E-D83CACCAB0CE}C:\program files (x86)\azureus\azureus.exe] => (Allow) C:\program files (x86)\azureus\azureus.exe FirewallRules: [UDP Query User{B64682D5-9026-4001-8E19-7ACBB8D47CA0}C:\program files (x86)\azureus\azureus.exe] => (Allow) C:\program files (x86)\azureus\azureus.exe FirewallRules: [{CFBAD58A-9F28-40F1-B70C-BBB687FE16A0}] => (Block) C:\program files (x86)\azureus\azureus.exe FirewallRules: [{5323A579-44EA-48E3-AB01-FA32036E6352}] => (Block) C:\program files (x86)\azureus\azureus.exe FirewallRules: [{509C988A-E17C-4A29-92B2-B02402C4AB4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe FirewallRules: [{654C2439-82C8-489F-976D-4C2352F2D0C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe FirewallRules: [{9188EBE3-FAC6-4025-AFE9-0B393F98D5CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe FirewallRules: [{DF1819B9-12B5-4694-AF11-06804AD95423}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe FirewallRules: [TCP Query User{D3D6FF18-E379-4A3D-BD1E-E7E9BF6B36E0}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe FirewallRules: [UDP Query User{18096683-B149-4D8B-8063-8E055FFF8DAC}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe FirewallRules: [TCP Query User{1F1D2CE7-9518-4193-8BC0-4521CF0E432A}C:\program files (x86)\reactor\reactor.exe] => (Allow) C:\program files (x86)\reactor\reactor.exe FirewallRules: [UDP Query User{F4A347B4-701D-4BAF-A743-A4BCDD8E15B8}C:\program files (x86)\reactor\reactor.exe] => (Allow) C:\program files (x86)\reactor\reactor.exe FirewallRules: [{66D5C071-C739-4820-8B77-FA62FC9D3F42}] => (Allow) C:\Program Files (x86)\REACTOR\ijjiOptimizer.exe FirewallRules: [{DB7D894A-6BD0-4ACC-9131-4B8582C9E367}] => (Allow) C:\Program Files (x86)\REACTOR\ijjiOptimizer.exe FirewallRules: [TCP Query User{8A6FA3AC-29F3-42A2-BE8B-D0BA91A3CFCE}C:\program files (x86)\klebezettel ng\klebez.exe] => (Allow) C:\program files (x86)\klebezettel ng\klebez.exe FirewallRules: [UDP Query User{426BECE7-366E-420A-9911-1CF0316CD72E}C:\program files (x86)\klebezettel ng\klebez.exe] => (Allow) C:\program files (x86)\klebezettel ng\klebez.exe FirewallRules: [TCP Query User{459F137B-A9E0-4822-BB61-9D63799B2662}C:\program files (x86)\klebezettel ng\klebez.exe] => (Allow) C:\program files (x86)\klebezettel ng\klebez.exe FirewallRules: [UDP Query User{78225195-6D14-4B8D-A5A2-124AB817397A}C:\program files (x86)\klebezettel ng\klebez.exe] => (Allow) C:\program files (x86)\klebezettel ng\klebez.exe FirewallRules: [TCP Query User{D39AF0DF-AB54-4367-93B6-30A9B132FF33}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe FirewallRules: [UDP Query User{89460417-CDD4-4D88-9D34-61ADC84ECBFA}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe FirewallRules: [TCP Query User{C2039F34-B7D4-49CF-9401-8EBA3CBA9C17}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{261089E6-F73A-4CB6-8331-B57746D95F64}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{801A56E0-4651-4F5C-85C5-2C02A33457E0}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{1F62693E-A3CD-49B3-ACEE-E34E8C4EE35B}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{3C85D8B8-BC62-4951-BACA-30C83D77CAD2}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe FirewallRules: [{DF46D6FC-B767-467D-B27C-75FDE40F5A9C}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe FirewallRules: [{09E1575D-AFE0-481D-BAA7-3B684E73140D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe FirewallRules: [{768DFAD5-F04C-44A8-80A4-8F6A96287C9A}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe FirewallRules: [{6819F056-9A3E-4256-A9E1-5D56539D98C1}] => (Allow) C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe FirewallRules: [{00280792-DBF2-40F6-AB0C-A56E1547DD81}] => (Allow) C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe FirewallRules: [{C8928E7A-012B-473C-A34F-68018BDC515C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warframe\Tools\Launcher.exe FirewallRules: [{C6FA8B9F-37EA-41F4-83BE-B18471792CA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warframe\Tools\Launcher.exe FirewallRules: [{EDDCED61-964E-4B68-A694-557F5B96E9E0}] => (Allow) C:\Users\Robert\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{AF9F536E-AD52-44AF-8A60-86BFC243FA21}] => (Allow) C:\Users\Robert\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [{34D4187E-B7FE-4580-953B-4C2FE9363DA8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014 Demo\DotP_D14.exe FirewallRules: [{1C234BE5-DCC2-42E8-970F-E6C3466FFBE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014 Demo\DotP_D14.exe FirewallRules: [{E27F0FAA-868E-4812-8EC9-3A9E62600ADE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{48012D74-E6A1-43C9-8205-0223A6E5BD2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{1485216A-DA37-400E-8ED3-D1BC4C9E8AF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{55672E07-2C3A-4BA1-99D6-7298A386DC56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{9E5446A4-D271-439B-AF60-CBD3E6C2AF74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{90A91FAE-9A21-4466-9184-CF7A57AE8C1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{63C83A16-37AE-41CE-86E8-3B8C409B501D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [TCP Query User{DE03424A-10E3-46DD-AD05-5B3FBF658615}C:\users\robert\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\robert\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{CAE522A9-E379-46D6-885E-B4B4A1AD197C}C:\users\robert\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\robert\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{36AF369B-DCC7-47F4-B70D-FF769F6E7143}C:\users\robert\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\robert\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{96F8EE1A-8B59-428E-8ABF-BF11B9D773F6}C:\users\robert\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\robert\appdata\roaming\spotify\spotify.exe FirewallRules: [{A90A133F-0A68-4373-A41B-A233ADD40F65}] => (Allow) C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe FirewallRules: [{CD6AED31-3A03-4D18-8B43-F943AE179923}] => (Allow) C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe FirewallRules: [{53C49770-4E14-4DE9-BFED-1B284C180036}] => (Allow) C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe FirewallRules: [{B1D2D1D5-F445-40FF-AB8E-BDD81E0D29DC}] => (Allow) C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe FirewallRules: [TCP Query User{22E5D203-909E-433C-B8E4-36BA122E2C1D}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Block) C:\program files (x86)\maniaplanet\maniaplanet.exe FirewallRules: [UDP Query User{6E42AE27-6FDC-4280-9B3F-140984D71096}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Block) C:\program files (x86)\maniaplanet\maniaplanet.exe FirewallRules: [TCP Query User{4C1B4733-4496-4500-B810-A1EB1B501D7C}C:\users\robert\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\robert\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{67595AAF-3759-412F-8F5E-4ECE62C725BE}C:\users\robert\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\robert\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{9C7AB490-D301-4BD1-BC7E-F5B5A25E8351}C:\aeriagames\ava\binaries\ava.exe] => (Allow) C:\aeriagames\ava\binaries\ava.exe FirewallRules: [UDP Query User{1551DF4D-6E59-4608-9396-4443092521F8}C:\aeriagames\ava\binaries\ava.exe] => (Allow) C:\aeriagames\ava\binaries\ava.exe FirewallRules: [{2FE52CB8-B41A-4000-8D75-5A81643A976F}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{E2BAA385-530D-4184-A3D1-4F1E37EEBB60}] => (Allow) C:\Users\Robert\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{4D42D2CB-91BC-4C18-B7BF-9DBC4608C6E2}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{D57B4AB0-AFBA-43AE-AE1E-D82977ACD968}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{7EEB8637-CA9E-4747-9FA2-A43A31027CC5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe FirewallRules: [{32F47E3C-EBA2-4552-9800-42198B06BCAB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe FirewallRules: [{85E73DEE-3905-4D2A-BBF7-71604F71FBD3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{109503BD-3ACF-4A5D-961C-10EBAE5A7DE6}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{54ECADBF-904B-47F9-A195-5E10232C157A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{78EC4451-2DA2-4557-A476-0E8D624FCD9A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{BC8E2C51-DA41-4F98-B47A-8B819323793B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe FirewallRules: [{E0FDB638-9D02-46AB-B7BB-E76A724726C7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe FirewallRules: [{6846B8FA-2EB0-462B-8923-BA051E066E50}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe FirewallRules: [{1C95F8AB-817B-4C85-B2BD-BF4E77669977}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe FirewallRules: [{059A6246-6E34-498B-A513-9362E65ED563}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe FirewallRules: [{6C5FDAFE-7750-493A-99B3-7EC528487218}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe FirewallRules: [{E3116F81-C60C-43C8-BE0E-D36AE9EA4E72}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe FirewallRules: [{50EA69FF-FA58-42FE-AF7F-FEE90679EF72}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe FirewallRules: [{7B733F2C-20AB-410B-9A74-C8A4F78F958A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe FirewallRules: [{68525C4D-3CCD-4DD8-8DB7-37AF02547ABD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe FirewallRules: [{72600299-84CA-435C-8327-8C3C1929FFBB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe FirewallRules: [{08CEC0A1-9290-4B51-B932-96E50D63B611}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe FirewallRules: [{7663B0D7-6836-4765-A03A-CCE859BA5A78}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe FirewallRules: [{B82FA42B-1DC6-4166-8272-DCCE24A42580}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe FirewallRules: [{2CACC590-8792-4ADA-B114-5AB5DDB0B82F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe FirewallRules: [{2F2C72A8-F7EC-4347-A194-17280168F53C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe FirewallRules: [{5C596B09-4C34-4A1A-B508-40AC3CE751E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{48A9AAE4-8633-4211-AC8B-3D00C316F7A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{0D2E1D6F-034F-4F8D-A6F2-665D4EEF4A2D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{61B6D8A0-C079-46BC-A64A-ECB4AC28C4C5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{4A270883-3E54-4092-ADF2-CFDF1CEE006B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe FirewallRules: [{0990144F-DD0B-48E4-8938-2D0DCF108A54}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe FirewallRules: [{BC8D87D8-3DA4-4525-8CF8-066D9D2C7742}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe FirewallRules: [{75BF92C9-1765-40E9-B792-6E7A50B7CB8A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe FirewallRules: [{7C14C158-A0B5-4CB0-8CC4-9350CA30DB95}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe FirewallRules: [{A8BD14C9-E1DD-417F-9F08-C3DAB521F577}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe FirewallRules: [{3F70C99C-F47B-415B-A3F6-89C086D43C57}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe FirewallRules: [{822E7CF8-78F1-4209-B734-E0ECAB8CE93C}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe FirewallRules: [TCP Query User{A5A63B9B-B11B-471F-83E2-BE86DB260341}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe FirewallRules: [UDP Query User{EA2D678E-C658-4487-8D1C-E5BC77A75DC7}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe FirewallRules: [{8D19B940-22F5-462C-8813-F7DA7DEE6B2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{E61D86B9-9D34-499A-B79E-D15AAA64D73E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{DCADE8F2-EC3E-4E18-AECD-96AD004143B0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{0354DD0F-C96B-44B9-9C5E-EAE24EB7DE22}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{2C2FF193-B27D-437C-8625-91FB861C08BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe FirewallRules: [{70EB84E7-EE10-422D-95CA-C3C5A03A4599}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe FirewallRules: [{54FDBD14-5F05-4DC0-865A-E4FA0B2110C7}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{E07FF0F9-F302-4F69-8F3E-CFEAD42199F4}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{1701B5B8-66A7-4AAE-BE82-97D14240FED0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{42E9136A-C72E-42A2-AF20-D1A1AD477CFF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [TCP Query User{EF90719A-7E6F-449B-91E2-875A23AD3BAD}C:\programdata\battle.net\agent\agent.3668\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3668\agent.exe FirewallRules: [UDP Query User{2E0086B4-2D11-43B6-B138-9B0EDE0E8F5B}C:\programdata\battle.net\agent\agent.3668\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3668\agent.exe FirewallRules: [{61E96716-CB8F-4F7A-A6EE-49529A073F8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe FirewallRules: [{452C0E21-5137-42E7-8648-4C55F77ABFDC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe FirewallRules: [{EB55AE90-116C-4029-8292-9C088D17703D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{5FA20C4F-990D-4ECD-9509-C76765191BBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{F5BED132-2EB2-4DC9-B9AF-39501098020D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{DDC4A3E8-43BA-4A68-BD77-35FBEA140BE5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [TCP Query User{F01172CE-8548-4296-AC03-1A7DA5A01000}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3715\agent.exe FirewallRules: [UDP Query User{A1533009-084E-4CC6-9233-4479C5E6CB31}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3715\agent.exe FirewallRules: [{4DCD961D-823A-479F-B1E9-9D3ECA8F2B65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tribes\Binaries\Win32\HirezBridge.exe FirewallRules: [{63A56418-ED4D-4B1C-A94B-86B2CB2AFD20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tribes\Binaries\Win32\HirezBridge.exe FirewallRules: [{A08B0CE9-3970-4D81-91D4-97AFE0D91213}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{4BA7C149-29CF-413D-991A-46496FAA4CF0}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe ==================== Faulty Device Manager Devices ============= Name: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Description: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Atheros Service: L1C Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/11/2015 12:23:49 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (07/09/2015 08:59:58 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Blizzard Uninstaller.exe, Version 2.0.0.55 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 600 Startzeit: 01d0ba66a6125a76 Endzeit: 60000 Anwendungspfad: C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe Berichts-ID: 84dd49e2-266c-11e5-9d7a-baf846e812cf Error: (07/09/2015 07:12:19 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (07/08/2015 02:17:55 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (07/07/2015 12:43:00 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (07/06/2015 04:09:49 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (07/04/2015 08:17:13 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (07/04/2015 11:27:39 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (06/27/2015 11:03:39 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (06/26/2015 01:29:12 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. System errors: ============= Error: (07/13/2015 11:08:07 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (07/12/2015 06:27:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (07/12/2015 01:22:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (07/12/2015 01:20:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: AFD DfsC discache eamonm ehdrv NetBIOS NetBT nltdi nsiproxy Psched rdbss spldr tdx vpcnfltr vpcvmm vwififlt Wanarpv6 WfpLwf ws2ifsl Error: (07/12/2015 01:20:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (07/12/2015 01:20:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Netzwerkverbindungen" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (07/12/2015 01:20:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (07/12/2015 01:20:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (07/12/2015 01:20:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "SMB-Miniredirector-Wrapper und -Modul" ist vom Dienst "Umgeleitetes Puffersubsystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%31 Error: (07/12/2015 01:20:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "IP-Hilfsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Microsoft Office: ========================= Error: (07/11/2015 12:23:49 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (07/09/2015 08:59:58 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Blizzard Uninstaller.exe2.0.0.5560001d0ba66a6125a7660000C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe84dd49e2-266c-11e5-9d7a-baf846e812cf Error: (07/09/2015 07:12:19 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (07/08/2015 02:17:55 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (07/07/2015 12:43:00 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (07/06/2015 04:09:49 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (07/04/2015 08:17:13 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (07/04/2015 11:27:39 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe Error: (06/27/2015 11:03:39 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (06/26/2015 01:29:12 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe CodeIntegrity Errors: =================================== Date: 2015-05-02 10:53:07.373 Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-05-02 10:53:07.280 Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-05-02 10:53:07.171 Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-05-02 10:53:07.093 Description: Windows konnte die Abbildintegritat der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht uberprufen, weil der Dateihash nicht im System gefunden wurde. Moglicherweise wurde durch eine kurzlich durchgefuhrte Hardware- oder Softwareanderung eine falsch signierte oder beschadigte Datei oder eine Datei, bei der es sich um schadliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-10-26 11:54:53.227 Description: Die Abbildintegritat der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht uberpruft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-26 11:54:53.226 Description: Die Abbildintegritat der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht uberpruft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-26 11:54:53.224 Description: Die Abbildintegritat der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht uberpruft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-26 11:54:53.219 Description: Die Abbildintegritat der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht uberpruft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-26 11:54:53.217 Description: Die Abbildintegritat der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht uberpruft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-26 11:54:53.215 Description: Die Abbildintegritat der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht uberpruft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz Percentage of memory in use: 63% Total physical RAM: 4077.86 MB Available physical RAM: 1495.05 MB Total Virtual: 8153.91 MB Available Virtual: 5509.74 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:96.69 GB) (Free:20.64 GB) NTFS Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:207.62 GB) NTFS Drive f: (TRANSCEND) (Removable) (Total:3.77 GB) (Free:3.57 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5A442EB1) Partition 1: (Not Active) - (Size=15 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=96.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5A442E87) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 3.8 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=3.8 GB) - (Type=0B) ==================== End of log ============================ |
14.07.2015, 07:00 | #22 |
/// the machine /// TB-Ausbilder | Windows 7: weißer Bildschirm taucht immer wieder auf also mit externem TV/Monitor gar keine Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
14.07.2015, 11:18 | #23 |
| Windows 7: weißer Bildschirm taucht immer wieder auf Richtig, klappt mit Fernseher, würde bestimmt auch mit einem Monitor klappen. |
15.07.2015, 08:24 | #24 |
/// the machine /// TB-Ausbilder | Windows 7: weißer Bildschirm taucht immer wieder auf Dann hat dein Bildschirm nen Schuss, da können wir so nix machen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
15.07.2015, 20:27 | #25 |
| Windows 7: weißer Bildschirm taucht immer wieder auf Das ist zwar nicht sehr schön, aber zufälligerweise kauf ich mir in nächster einen Tower PC und werde mein Notebook dann wohl nur noch nebenbei benutzen. Aber schön zu wissen das es keine schädigende Datei auf meinen Computer war. Und nochmals Danke vielmals für deine Hilfe! |
16.07.2015, 07:52 | #26 |
/// the machine /// TB-Ausbilder | Windows 7: weißer Bildschirm taucht immer wieder auf Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Windows 7: weißer Bildschirm taucht immer wieder auf |
andere, anderen, auswirkungen, bildschirm, erklären, erklärung, funktionieren, hoffe, hören, jegliche, nicht schließen, nichts, problem, programme, schließe, schließen, tagen, taskma, taskmanager, taste, taucht, virus, weißer, weißer bildschirm, windows, windows 7 |