Task-Manager/Regedit schließen sich schnell von allein.

Novian3002 · 16.05.2015, 18:54

Ohne viel drumherum gleich mal zu meinem Problem:
Wenn ich den Task-Manager/Regedit öffne schließt sich dieser sofort.

Mehr kann ich nicht sagen, habe auch noch keine Virenscanner laufen lassen.

deeprybka · 16.05.2015, 19:06

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Novian3002 · 16.05.2015, 19:26

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by Sven (administrator) on SVEN-PC on 16-05-2015 20:23:44
Running from C:\Users\Sven\Desktop
Loaded Profiles: Sven (Available profiles: Sven)
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Oculus VR) C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\ProgramData\nvxasync\cvxasync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Sven\AppData\Roaming\nvxasync\nvxasync.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
() C:\Users\Sven\AppData\Roaming\nvxasync\nvxasync.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Oculus VR) C:\Program Files (x86)\Oculus\Service\OVRServer_x64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(CAPCOM U.S.A, INC.) C:\Program Files (x86)\Ultra Street Fighter IV\SSFIV.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-02-28] (Razer Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [KrakenLauncher] => C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenHelper.exe [1599808 2015-02-03] (Razer Inc)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [884440 2015-05-02] (BlueStack Systems, Inc.)
HKU\S-1-5-21-464442055-962088013-849747556-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-464442055-962088013-849747556-1001\...\Run: [nvxasync] => C:\Users\Sven\AppData\Roaming\nvxasync\nvxasync.exe [153822720 2015-05-10] ()
HKU\S-1-5-21-464442055-962088013-849747556-1001\...\MountPoints2: {3589e147-c49b-11e4-be6f-bcee7b7570f0} - "E:\pushinst.exe" 
HKU\S-1-5-21-464442055-962088013-849747556-1001\...\MountPoints2: {8925a436-d17a-11e4-be9e-bcee7b7570f0} - "E:\autorun.exe" 
HKU\S-1-5-21-464442055-962088013-849747556-1001\...\MountPoints2: {bb4273ca-d6f1-11e4-beaa-bcee7b7570f0} - "E:\setup.exe" 
HKU\S-1-5-21-464442055-962088013-849747556-1001\...\Winlogon: [Shell] C:\ProgramData\nvxasync\cvxasync.exe [153822720 2015-05-10] () <==== ATTENTION 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OculusConfigUtil.lnk [2015-04-13]
ShortcutTarget: OculusConfigUtil.lnk -> C:\Program Files (x86)\Oculus\Tools\OculusConfigUtil.exe (Oculus VR, LLC)
Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-03-08]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-464442055-962088013-849747556-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.surfvox.com/
HKU\S-1-5-21-464442055-962088013-849747556-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-464442055-962088013-849747556-1001 -> DefaultScope {828B376B-F2F6-4778-928C-E29EC877535E} URL = hxxp://www.google.com/cse?cx=partner-pub-0900663996874144:6813731868&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
SearchScopes: HKU\S-1-5-21-464442055-962088013-849747556-1001 -> {828B376B-F2F6-4778-928C-E29EC877535E} URL = hxxp://www.google.com/cse?cx=partner-pub-0900663996874144:6813731868&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-08] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-08] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\s61eyj58.default-1431364725434
FF Homepage: https://www.youtube.de/feed/subscriptions?gl=DE&hl=de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-03] ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-08] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-03] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-01-21] (Microsoft Corporation)
FF Extension: Stylish - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\s61eyj58.default-1431364725434\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2015-05-11]
FF Extension: Adblock Plus - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\s61eyj58.default-1431364725434\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-05-02] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-02] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [806616 2015-05-02] (BlueStack Systems, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-19] (Electronic Arts)
R2 OVRService; C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe [231560 2015-03-27] (Oculus VR)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-04-04] (Stardock Software, Inc)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145112 2015-05-02] (BlueStack Systems)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-04-01] (Disc Soft Ltd)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-03-24] (DT Soft Ltd)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 OCUSBVID; C:\Windows\System32\drivers\OCUSBVID.sys [61048 2015-03-26] (Oculus VR, LLC)
R1 RiftEnabler; C:\Windows\system32\DRIVERS\RiftEnabler.sys [55880 2015-03-26] (Oculus VR, LLC)
S3 RTLE8023x64; C:\Windows\system32\DRIVERS\Rtenic64.sys [399464 2011-12-08] (Realtek Semiconductor Corporation                           )
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [35496 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-16 20:23 - 2015-05-16 20:23 - 00044812 _____ () C:\Users\Sven\Desktop\Addition.txt
2015-05-16 20:21 - 2015-05-16 20:23 - 00014628 _____ () C:\Users\Sven\Desktop\FRST.txt
2015-05-16 20:21 - 2015-05-16 20:23 - 00000000 ____D () C:\FRST
2015-05-16 20:21 - 2015-05-16 20:21 - 02107392 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2015-05-16 18:38 - 2015-05-16 18:38 - 00003088 _____ () C:\Windows\System32\Tasks\{6957ED50-4D08-4683-8DCF-8E9E3681A345}
2015-05-16 16:01 - 2015-05-16 16:01 - 00000000 ____D () C:\ProgramData\X360CE
2015-05-15 14:47 - 2015-05-15 14:47 - 00000000 ____D () C:\Users\Sven\AppData\Local\Muze_Software_Inc
2015-05-15 14:46 - 2015-05-15 14:51 - 00000000 ____D () C:\Program Files (x86)\Pixel Art
2015-05-15 14:43 - 2015-05-15 14:43 - 00000000 ____D () C:\Users\Sven\Desktop\Mortal Kombat X (WIP)
2015-05-15 11:39 - 2015-05-15 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Not a hero
2015-05-15 11:37 - 2015-05-15 11:37 - 00000000 ____D () C:\Program Files (x86)\NOT A HERO
2015-05-10 15:54 - 2015-05-10 15:54 - 00048137 _____ () C:\Users\Sven\AppData\Local\Secure Preferences
2015-05-10 15:54 - 2015-05-10 15:54 - 00005502 _____ () C:\Users\Sven\AppData\Local\Preferences
2015-05-10 15:53 - 2015-05-10 15:53 - 00000000 _RSHD () C:\ProgramData\nvxasync
2015-05-10 15:53 - 2015-05-10 15:53 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\chportu
2015-05-10 15:52 - 2015-05-10 15:54 - 00000000 _RSHD () C:\Users\Sven\AppData\Roaming\nvxasync
2015-05-10 15:52 - 2015-05-10 15:52 - 243361280 _____ () C:\Users\Sven\AppData\Roaming\Launcher.rb4
2015-05-09 15:27 - 2015-05-09 15:27 - 00000000 ____D () C:\Users\Sven\Documents\Electronic Arts
2015-05-09 15:26 - 2015-05-14 20:35 - 00000001 _____ () C:\Users\Sven\AppData\Roaming\update.dat
2015-05-09 14:20 - 2015-05-09 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sims 4
2015-05-09 14:00 - 2015-05-09 14:00 - 00000000 ____D () C:\Program Files (x86)\Sims 4
2015-05-09 11:17 - 2015-05-09 11:19 - 00000000 ____D () C:\Program Files (x86)\ Bit.Trip Presents Runner 2- Future Legend of Rhythm Alien
2015-05-09 10:58 - 2015-05-09 10:58 - 00000000 ____D () C:\Users\Sven\AppData\Local\BIT.TRIP BEAT
2015-05-08 21:28 - 2015-05-09 10:41 - 00000000 ____D () C:\Users\Sven\AppData\Local\Gaijin Games
2015-05-08 21:28 - 2015-05-08 21:28 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-05-08 21:28 - 2015-05-08 21:28 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-05-08 21:28 - 2015-05-08 21:28 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-05-08 21:28 - 2015-05-08 21:28 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-05-08 21:28 - 2015-05-08 21:28 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2015-05-08 13:27 - 2015-05-08 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-05-08 13:27 - 2015-05-08 13:27 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-05-08 13:27 - 2015-05-08 13:27 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2015-05-08 13:25 - 2015-05-08 13:34 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-05-08 13:25 - 2015-05-08 13:25 - 00000000 ____D () C:\Users\Sven\AppData\Local\Bluestacks
2015-05-05 16:37 - 2015-05-05 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titan Souls [GOG.com]
2015-05-05 13:43 - 2015-05-05 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team Meat
2015-05-05 13:42 - 2015-05-05 13:42 - 00000000 ____D () C:\Program Files (x86)\Team Meat
2015-05-05 13:15 - 2015-05-05 13:15 - 00000000 ____D () C:\Program Files (x86)\Infinite Dreams
2015-05-05 12:47 - 2015-05-05 12:47 - 00000000 ____D () C:\Program Files (x86)\Devolver Digital
2015-05-04 18:44 - 2015-05-04 18:45 - 00000000 ____D () C:\Users\Sven\AppData\Local\nuclearthrone
2015-05-04 18:05 - 2015-05-04 18:07 - 00000000 ____D () C:\Users\Sven\AppData\Local\Game Dev Tycoon - Steam
2015-05-04 18:04 - 2015-05-04 18:13 - 00000000 ____D () C:\Program Files (x86)\Game Dev Tycoon
2015-05-02 23:10 - 2015-05-02 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpJet Rex
2015-05-02 23:09 - 2015-05-02 23:09 - 00000000 ____D () C:\Program Files (x86)\JumpJet Rex
2015-05-02 08:49 - 2015-05-02 08:49 - 00000000 ____D () C:\Users\Sven\Documents\Diablo III
2015-04-27 16:35 - 2015-04-27 16:59 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2
2015-04-27 16:35 - 2015-04-27 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2015-04-27 16:32 - 2015-04-27 16:34 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\Guild Wars 2
2015-04-27 16:32 - 2015-04-27 16:32 - 00000000 ____D () C:\Users\Sven\Documents\Guild Wars 2
2015-04-27 12:57 - 2015-04-27 12:58 - 00000000 ____D () C:\Program Files (x86)\Convoy
2015-04-24 13:29 - 2015-04-24 13:29 - 00000165 ____H () C:\Users\Sven\Desktop\~$TF2 Items.xlsx
2015-04-22 17:37 - 2015-05-16 18:59 - 00000000 ____D () C:\Users\Sven\Documents\Westerado DB
2015-04-22 17:37 - 2015-04-22 18:50 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\WesteradoDB
2015-04-22 17:33 - 2015-04-22 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adult Swim Games
2015-04-22 17:33 - 2015-04-22 17:33 - 00000000 ____D () C:\Program Files (x86)\Adult Swim Games
2015-04-19 00:43 - 2015-04-19 00:43 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2015-04-18 08:39 - 2015-04-18 08:39 - 00000000 ____D () C:\Users\Sven\Documents\Backups
2015-04-16 16:02 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-16 16:01 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-16 16:01 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-16 20:08 - 2015-03-03 19:38 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-16 20:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2015-05-16 19:37 - 2015-04-13 18:35 - 00000000 ____D () C:\Users\Sven\AppData\Local\Oculus
2015-05-16 19:29 - 2015-03-06 18:32 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\Skype
2015-05-16 19:25 - 2015-03-03 19:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-16 19:25 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-16 19:24 - 2015-03-05 16:21 - 00000000 ____D () C:\AdwCleaner
2015-05-16 19:24 - 2015-03-03 19:15 - 01172831 _____ () C:\Windows\WindowsUpdate.log
2015-05-16 18:38 - 2015-03-06 18:31 - 00000000 ____D () C:\ProgramData\Skype
2015-05-15 23:08 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-15 17:42 - 2015-03-03 16:58 - 00000000 ____D () C:\Users\Sven
2015-05-14 16:45 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-05-09 14:24 - 2015-03-04 13:14 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-09 14:22 - 2015-03-03 20:16 - 00172324 _____ () C:\Windows\DirectX.log
2015-05-09 11:59 - 2015-03-04 09:33 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-464442055-962088013-849747556-1001
2015-05-09 11:19 - 2015-03-24 17:35 - 00000000 ____D () C:\Users\Sven\AppData\Local\SKIDROW
2015-05-08 21:28 - 2015-03-26 15:24 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-05-08 13:27 - 2012-07-26 10:12 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-05 16:36 - 2015-03-26 15:04 - 00000000 ____D () C:\GOG Games
2015-05-05 14:19 - 2015-04-13 20:02 - 00000000 ____D () C:\Program Files (x86)\Airdrift
2015-05-05 14:09 - 2015-04-15 19:16 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-05-05 13:42 - 2015-03-03 18:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-04 18:06 - 2015-03-03 16:58 - 00000000 ____D () C:\Users\Sven\AppData\Local\Packages
2015-05-03 19:21 - 2015-03-03 19:19 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-03 13:19 - 2015-03-09 21:04 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\vlc
2015-05-02 23:10 - 2015-04-01 13:50 - 00000000 ____D () C:\ProgramData\Steam
2015-05-02 17:02 - 2015-03-20 13:46 - 00000000 ____D () C:\Program Files (x86)\ToonHud
2015-05-02 12:24 - 2015-04-13 18:36 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\Oculus VR LLC
2015-05-02 09:14 - 2015-03-05 16:06 - 00000000 ____D () C:\Users\Sven\AppData\Local\Battle.net
2015-05-02 08:49 - 2015-03-26 16:39 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2015-05-01 12:18 - 2015-03-03 19:38 - 00000000 ____D () C:\ProgramData\Origin
2015-04-30 13:56 - 2015-03-22 14:04 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-04-30 13:42 - 2015-03-05 16:06 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-27 18:55 - 2015-03-04 09:40 - 00000020 _____ () C:\Windows\capsys184523.log
2015-04-24 13:13 - 2012-07-26 12:27 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2015-04-24 13:13 - 2012-07-26 12:27 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2015-04-24 13:13 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-24 12:36 - 2015-03-09 21:33 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\DVDVideoSoft
2015-04-21 17:14 - 2015-03-03 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-21 13:20 - 2015-03-03 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-19 17:29 - 2015-03-03 19:38 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-16 16:03 - 2015-03-03 19:19 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-16 16:02 - 2015-03-03 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-16 16:02 - 2012-07-26 09:21 - 00014476 _____ () C:\Windows\setupact.log

==================== Files in the root of some directories =======

2015-05-10 15:52 - 2015-05-10 15:52 - 243361280 _____ () C:\Users\Sven\AppData\Roaming\Launcher.rb4
2015-05-09 15:26 - 2015-05-14 20:35 - 0000001 _____ () C:\Users\Sven\AppData\Roaming\update.dat
2015-05-10 15:54 - 2015-05-10 15:54 - 0005502 _____ () C:\Users\Sven\AppData\Local\Preferences
2015-03-09 21:16 - 2015-03-09 21:16 - 0002028 _____ () C:\Users\Sven\AppData\Local\recently-used.xbel
2015-05-10 15:54 - 2015-05-10 15:54 - 0048137 _____ () C:\Users\Sven\AppData\Local\Secure Preferences

Some content of TEMP:
====================
C:\Users\Sven\AppData\Local\Temp\0KrakenDevProps.dll
C:\Users\Sven\AppData\Local\Temp\bitool.dll
C:\Users\Sven\AppData\Local\Temp\Gw2.exe
C:\Users\Sven\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Sven\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Sven\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Sven\AppData\Local\Temp\nvStInst.exe
C:\Users\Sven\AppData\Local\Temp\Quarantine.exe
C:\Users\Sven\AppData\Local\Temp\shutdown1428942870.exe
C:\Users\Sven\AppData\Local\Temp\sqlite3.dll
C:\Users\Sven\AppData\Local\Temp\ubi2D98.tmp.exe
C:\Users\Sven\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-09 12:00

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by Sven at 2015-05-16 20:24:07
Running from C:\Users\Sven\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-464442055-962088013-849747556-500 - Administrator - Disabled)
Gast (S-1-5-21-464442055-962088013-849747556-501 - Limited - Disabled)
Sven (S-1-5-21-464442055-962088013-849747556-1001 - Administrator - Enabled) => C:\Users\Sven

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-464442055-962088013-849747556-1001\...\uTorrent) (Version: 3.4.2.39710 - BitTorrent Inc.)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.19.2 - Mirillis)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.24.4196 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{CF297F45-BB2C-4454-AEDA-EFAB01AFDCE3}) (Version: 0.9.24.4196 - BlueStack Systems, Inc.)
Borderlands - The Pre-Sequel (HKLM-x32\...\Borderlands - The Pre-Sequel_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
ColorMania 5.1 (HKLM-x32\...\ColorMania_is1) (Version: 5.1 - Blacksun Software)
Convoy (HKLM-x32\...\Q29udm95_is1) (Version: 1 - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CursorFX (x32 Version: 2.00 - Stardock Corporation) Hidden
CursorFX Plus (HKLM-x32\...\CursorFX Plus) (Version:  - Stardock Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Duke Nukem 3D Megaton Edition 1.1.3 (HKLM-x32\...\Duke Nukem 3D Megaton Edition 1.1.3) (Version: 1.1.3 - Devolver Digital)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio version 6.5.0.301 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.301 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Gauntlet™  (HKLM-x32\...\Steam App 258970) (Version:  - Arrowhead Game Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hotline Miami 2: Wrong Number (HKLM-x32\...\Hotline Miami 2: Wrong Number_is1) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
JumpJet Rex version 1.0 (HKLM-x32\...\JumpJet Rex_is1) (Version: 1.0 - )
KMSpico v9.3.2 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lucius II (HKLM-x32\...\Lucius II_is1) (Version:  - )
Mark of the Ninja Special Edition (HKLM-x32\...\Mark of the Ninja Special Edition_is1) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Monaco What's Yours Is Mine (HKLM-x32\...\Monaco What's Yours Is Mine_is1) (Version: Monaco What's Yours Is Mine - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Mumble 1.2.8 (HKLM-x32\...\{1BC144A3-20EF-49DD-8EBB-E421E128E30F}) (Version: 1.2.8 - Thorvald Natvig)
NEKOPARA vol.1 (HKLM-x32\...\{64DC04AF-BD7C-4CF4-9CA4-938953224328}) (Version:  - NEKO WORKs)
NOT A HERO version v1.5.0.0 (HKLM-x32\...\{8C0A1406-D6D1-4D9F-B328-B3AD5E5BC0AB}_is1) (Version: v1.5.0.0 - Devolver Digital)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Oculus Display Driver (Install Only) (HKLM\...\{50700EF8-2D6A-4122-B307-E37A5E1F32D5}) (Version: 1.2.4.0 - Oculus VR, LLC)
Oculus Positional Tracker Driver (Install Only) (HKLM\...\{8741739C-8CB4-47C2-B36C-A860AD180BDA}) (Version: 1.0.9.0 - Oculus VR, LLC)
Oculus Runtime (HKLM-x32\...\Oculus Runtime 0.5.0.1-Release-49138) (Version: 0.5.0.1-Release-49138 - Oculus VR, LLC)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2.1 r2386 - )
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24565 - Razer Inc.)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM-x32\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.6.0.13 - GOG.com)
Sims 4 by BuZeR version final (HKLM-x32\...\{ED118F10-E516-4245-160F-62131508F71F}_is1) (Version: final - )
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
Stardock Start8 (HKLM\...\Start8_is1) (Version: 1.41 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteamVR (HKLM-x32\...\Steam App 250820) (Version:  - )
Street Fighter X Tekken (HKLM-x32\...\{43430FA5-AF68-4A2D-A7D4-891000008200}) (Version: 1.0.0.0 - CAPCOM U.S.A., INC)
Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version:  - Team Meat)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Binding of Isaac - Rebirth version 1.0 (HKLM-x32\...\The Binding of Isaac - Rebirth_is1) (Version: 1.0 - )
Titan Souls (HKLM-x32\...\1427985242_is1) (Version: 2.0.0.1 - GOG.com)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)
Transistor (HKLM-x32\...\Transistor_is1) (Version:  - )
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH)
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Westerado Double Barreled (HKLM-x32\...\Westerado Double Barreled_is1) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Ziggurat v1.0u6 (HKLM-x32\...\Ziggurat v1.0u6_is1) (Version:  - )
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

24-04-2015 15:33:16 Geplanter Prüfpunkt
05-05-2015 13:42:24 Installiert Tom Clancy's H.A.W.X
09-05-2015 14:20:58 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {158DD46F-1573-4364-A0F4-02F909682F25} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {1BD33ADB-5117-4995-A982-CB88A28F0E41} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2E6E2E60-5EC7-4089-90DE-F20A6169964E} - System32\Tasks\{6957ED50-4D08-4683-8DCF-8E9E3681A345} => Firefox.exe hxxp://ui.skype.com/ui/0/7.4.80.102/de/abandoninstall?page=tsProgressBar
Task: {790C8B8E-5D4D-4696-ADE4-5D0DDE191E96} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DF068ED0-94EF-431E-BBBD-B81F0F55A035} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-08-12] (@ByELDI)

==================== Loaded Modules (Whitelisted) ==============

2015-03-03 19:35 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-05 02:24 - 2015-02-05 02:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-05-10 15:53 - 2015-05-10 15:53 - 153822720 __RSH () C:\ProgramData\nvxasync\cvxasync.exe
2015-05-10 15:52 - 2015-05-10 15:53 - 153822720 __RSH () C:\Users\Sven\AppData\Roaming\nvxasync\nvxasync.exe
2015-01-21 16:01 - 2015-01-21 16:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-24 15:28 - 2015-03-24 15:28 - 00036544 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2015-03-24 15:28 - 2015-03-24 15:28 - 00775872 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2015-04-07 15:31 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-01-21 16:01 - 2015-01-21 16:01 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-04-01 13:34 - 2014-08-08 02:10 - 00194048 _____ () C:\Program Files (x86)\Ultra Street Fighter IV\curllib.dll
2015-04-01 13:44 - 2014-08-08 02:07 - 00873988 _____ () C:\Program Files (x86)\Ultra Street Fighter IV\steam_api.dll
2015-04-01 13:34 - 2014-08-08 02:10 - 00110592 _____ () C:\Program Files (x86)\Ultra Street Fighter IV\OpenLDAP.dll
2015-03-03 19:44 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-03-03 19:44 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-03-03 19:44 - 2015-05-15 03:58 - 02396352 _____ () C:\Program Files (x86)\Steam\video.dll
2015-03-03 19:44 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-03-03 19:44 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-03-03 19:44 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-03-03 19:44 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-03-03 19:44 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-03-03 19:44 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-03-03 19:44 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-03-03 19:44 - 2015-05-15 03:57 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-03-03 19:44 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-16 20:07 - 2015-05-11 21:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-464442055-962088013-849747556-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sven\Pictures\Wallpapers\soaring_mountains.png
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "OculusConfigUtil.lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Zune Launcher"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "KrakenLauncher"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{104955CE-91E4-4650-8EBC-BD797B3A11B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E825EC26-7A07-4384-ACC7-CE5BB53EE31E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{219A9F03-2E32-4EEE-9410-A423DEDB58B3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5255B7B9-2567-46CF-8833-2FF62BF789D6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{54793095-FA6C-4F23-BEE7-56AE695B2EC9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4C710645-71B6-4305-9E8E-008DD0E8E0EA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FC8F7640-08EC-47D8-8460-0692361224B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{439B2B50-706E-44E6-9401-FA3DC8ADCB98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B3E4747B-7450-49E7-80C3-2192362FC1BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{69BAFF88-899D-4005-9DA4-D27BA1A4A9C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8CC803EB-30ED-4180-A849-747F246936A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8A40A5A5-275C-40B9-8BDA-5C7DC815374E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A4169A5E-0D32-4319-B0F0-99EB2836BB06}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{66E70575-5315-4910-8890-3FB41CEC1BF6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E9E52CD0-4FC2-40C5-B44D-75409E500D5A}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{FB0DE719-D1EB-4914-98EC-F0D5CDC72B00}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{92F5E4ED-B936-4E4E-A5FD-7B2909E14340}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EC03CFCF-A624-4E31-A045-6D5FC02F640E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{DC22DFFC-7317-4588-A927-9E6172457C04}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{10C0A7FE-B690-475F-B8C1-0CAE07A950FD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C9668500-5A82-4C0B-849F-ED28E578B665}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1BF66D35-FDE0-4100-A913-204FFD4E23E8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{2F4CFF18-A3EC-43BC-85AD-0C64406BB58E}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1CB39AEE-10FD-41C0-857A-7D9708C08150}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{BA6B85C6-5132-43CF-B553-C136AB232361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{7310A910-9FC3-448A-8F3A-F9A15F921D91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{BEBC672B-ABDF-48F8-A375-49EE76B35C8E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{52D8F833-3B06-40C0-BF09-E96F20B1D59C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5CC6CC33-2D2B-456F-BF09-6194D88EE73F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{E4BE5634-9A0C-403A-AF9C-663A53F73D35}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F1ECE758-C29F-41F1-B643-DA211BD38917}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{1E930C1F-1976-4D2A-AB7E-399D6130AECD}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{34EB9DA6-B0CA-4DCF-A718-3C6C5F94D2AD}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{356DD9E9-0E14-41B1-BE95-201D89267466}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5B4C289C-D0E9-4D1C-8F08-47F30DA703EA}] => (Allow) LPort=2869
FirewallRules: [{B3CAE95F-B9A8-404E-9B5C-18A770AD4E03}] => (Allow) LPort=1900
FirewallRules: [{F191E3EB-5420-4359-A6A7-FAD550DCFD66}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{DFCA9915-E9EF-4EDC-B6E9-CF34F2C8415D}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{A81D7B0B-122A-443D-AB5C-656DCE89F9BC}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{59AD25E7-2C4D-469A-9145-8E3AE58283A6}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{FFF2A4B6-B73E-4432-BFB2-6A22736B0F65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{2C05C87D-7560-429F-9AE5-A861D2FB3D35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{CC0595C3-555E-4F24-98FE-34CFBD444142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{80B6E43C-295E-4BDD-ACF7-830723958F7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{16DEC6C4-47CA-4E34-80B6-54485B95D911}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{250E7002-B3E0-4566-B3FA-2570A959E3AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{24E3178D-A844-46DA-A257-5033CCB49BA0}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{889EBC3D-8C59-45C9-8DE6-4ACAFE5B1EB1}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D6F56E13-33C4-4B85-A535-214D93AD12FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{10DD26B0-3C44-4647-A903-71165C57F8FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{F19727E2-50F8-4D34-B095-E42E63823447}] => (Allow) C:\Program Files (x86)\Capcom\Street Fighter X Tekken\SFTK.exe
FirewallRules: [{8CEE0720-60A7-40AC-BA75-4B1FDEE63DAC}] => (Allow) C:\Program Files (x86)\Capcom\Street Fighter X Tekken\SFTK.exe
FirewallRules: [{2E9807FA-BF19-4053-A9B3-0B2AB457DC86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{ED530BBE-F7C5-4B1B-843B-4BA7F8B80902}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{8C8787D1-29C5-41B4-A533-A9C2FB410998}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{59F1B233-15E6-44FE-876D-85C624A7ACC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{7F5F91CD-0FB1-4320-85DC-573711BADCB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{C02D8830-DB7E-4E87-AE41-5719595511C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{7686824F-863D-4E73-9B1D-7A61BCFD4114}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{20438377-6FF6-44AF-894A-B93FC322B474}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{BCAF5205-520B-4062-8C93-B69BD65DEB01}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0EF324AA-F458-4868-A411-C03DAFA9AA10}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{4518E3C0-064A-488D-A9D0-0B7DAB11FA69}C:\program files (x86)\starcrawlers.v22.3.15.hotfix1\starcrawlers.exe] => (Block) C:\program files (x86)\starcrawlers.v22.3.15.hotfix1\starcrawlers.exe
FirewallRules: [UDP Query User{CE7FCFE7-CD70-42F7-8EC9-BBCCAB457ECC}C:\program files (x86)\starcrawlers.v22.3.15.hotfix1\starcrawlers.exe] => (Block) C:\program files (x86)\starcrawlers.v22.3.15.hotfix1\starcrawlers.exe
FirewallRules: [TCP Query User{31D06F31-C391-4B6C-9638-6B9A05A144F5}C:\program files (x86)\r.g. mechanics\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) C:\program files (x86)\r.g. mechanics\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{FD4C08E7-9D2D-41D6-BAED-ABCE6419351E}C:\program files (x86)\r.g. mechanics\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) C:\program files (x86)\r.g. mechanics\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{6A221546-D83F-4E40-A317-9AE8E8328DD1}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{77CDCC9A-6FF7-4C4B-9E17-3C4DC7DCAC53}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{9CC9ECB4-24E5-4A0A-A7F7-9A7517FBB65F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{78EE611F-57DB-4AED-B130-C23CA0C396CA}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{3CDF24C1-136A-43ED-A6FA-B488619336D0}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{F7757477-EBF4-4568-9DF4-A0F81BF67D03}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E9EF9A3E-BBEE-43BF-A50E-D7DAD0135BC2}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{55A355C5-8D55-4ECD-A11F-D1D3B4E92A75}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{6C9A9DA8-2006-4816-B38B-BDAFD80417BA}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{452D2BD5-C076-47C1-9F07-8C59C24EE8D3}] => (Allow) C:\Users\Sven\Desktop\Neuer Ordner\uTorrentPortable\App\uTorrent\uTorrent.exe
FirewallRules: [{CE67BB57-2912-4FA1-AE26-898EA7B10BD5}] => (Allow) C:\Users\Sven\Desktop\Neuer Ordner\uTorrentPortable\App\uTorrent\uTorrent.exe
FirewallRules: [{9C3CA3B5-6888-49AB-87BA-D76C39ADEDD6}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{61466F1B-FADB-4477-8FDC-8751B4274E1B}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{EBEC7230-DB95-45FC-962F-FEC30DD1795D}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{4447570B-1E82-4006-B824-887BB9E16F78}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{D7EA8814-516B-411E-B41D-F51B4867190A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{3D66A6A7-8AB8-44E9-81BC-D71745918A22}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FD9932DF-AD0A-47D2-87BE-1CCB4CD6732D}C:\users\sven\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sven\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{0A03632A-61E0-44A7-9ACC-0FEF3B492CED}C:\users\sven\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sven\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8336D68F-554B-4E56-B8E9-A5B173DDB282}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\demo\bin\win32\hellovr_sdl.exe
FirewallRules: [{2D44F465-5456-46B0-9026-9E75AC0D969C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\demo\bin\win32\hellovr_sdl.exe
FirewallRules: [{8F1D5AC8-62E4-458B-AC9F-E1AEC25CCBB3}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{B53D123D-B197-47F5-9314-832272B20E47}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{461D74DB-0AAF-4997-AAF1-B612AE202A72}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{1817D561-F69C-4EFC-A4FD-866A668494B9}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{77DC6736-B7CA-4664-B04E-4669E1229038}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{B080684D-40A3-4B0D-B58F-C5DA056767D1}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{2D20E93A-A2FB-4916-803A-C87A68BAC533}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{FA43AD0F-CACB-4213-ABC3-1BBF0E1A1F5D}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{4B4FC678-C5A4-4957-9EF4-947D5E944BD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{D78F4A78-3188-49AD-8F73-0CE9D71E53DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2015 07:46:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Sven-PC)
Description: Die App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (05/16/2015 07:45:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sven-PC)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/16/2015 07:45:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sven-PC)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/16/2015 07:25:16 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.

Error: (05/16/2015 06:38:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dosbox.exe, Version: 0.72.0.0, Zeitstempel: 0x46d1bcb8
Name des fehlerhaften Moduls: dosbox.exe, Version: 0.72.0.0, Zeitstempel: 0x46d1bcb8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000df0e2
ID des fehlerhaften Prozesses: 0x1380
Startzeit der fehlerhaften Anwendung: 0xdosbox.exe0
Pfad der fehlerhaften Anwendung: dosbox.exe1
Pfad des fehlerhaften Moduls: dosbox.exe2
Berichtskennung: dosbox.exe3
Vollständiger Name des fehlerhaften Pakets: dosbox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dosbox.exe5

Error: (05/16/2015 03:37:56 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.

Error: (05/16/2015 00:33:46 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.

Error: (05/15/2015 01:56:12 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.

Error: (05/15/2015 11:10:58 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.

Error: (05/14/2015 09:24:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SuperMeatBoy.exe, Version: 0.0.0.0, Zeitstempel: 0x4ee3490b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b485c4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00023e30
ID des fehlerhaften Prozesses: 0x15d0
Startzeit der fehlerhaften Anwendung: 0xSuperMeatBoy.exe0
Pfad der fehlerhaften Anwendung: SuperMeatBoy.exe1
Pfad des fehlerhaften Moduls: SuperMeatBoy.exe2
Berichtskennung: SuperMeatBoy.exe3
Vollständiger Name des fehlerhaften Pakets: SuperMeatBoy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SuperMeatBoy.exe5


System errors:
=============
Error: (05/16/2015 08:08:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/16/2015 08:08:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Disc Soft Lite Bus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Razer Overlay Subsystem Emergency Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RzKLService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Oculus VR Runtime Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (05/16/2015 07:46:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Sven-PC)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel

Error: (05/16/2015 07:45:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sven-PC)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2147023170

Error: (05/16/2015 07:45:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sven-PC)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2147023170

Error: (05/16/2015 07:25:16 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.

Error: (05/16/2015 06:38:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dosbox.exe0.72.0.046d1bcb8dosbox.exe0.72.0.046d1bcb8c0000005000df0e2138001d08ff6b37ffd18C:\Program Files (x86)\Devolver Digital\Duke Nukem 3D Megaton Edition\bin\dosbox\dosbox.exeC:\Program Files (x86)\Devolver Digital\Duke Nukem 3D Megaton Edition\bin\dosbox\dosbox.exef4a92807-fbe9-11e4-bf06-bcee7b7570f0

Error: (05/16/2015 03:37:56 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.

Error: (05/16/2015 00:33:46 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.

Error: (05/15/2015 01:56:12 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.

Error: (05/15/2015 11:10:58 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.

Error: (05/14/2015 09:24:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SuperMeatBoy.exe0.0.0.04ee3490bntdll.dll6.2.9200.1704653b485c4c000000500023e3015d001d08e7b8b147463C:\Program Files (x86)\Team Meat\SuperMeatBoy\SuperMeatBoy.exeC:\Windows\SYSTEM32\ntdll.dllcc951d33-fa6e-11e4-bf02-bcee7b7570f0


==================== Memory info =========================== 

Processor: AMD FX(tm)-6300 Six-Core Processor 
Percentage of memory in use: 41%
Total physical RAM: 8174.11 MB
Available physical RAM: 4788.85 MB
Total Pagefile: 9390.11 MB
Available Pagefile: 5459.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:682.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7AF1475F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Hoffe das hilft euch

deeprybka · 16.05.2015, 19:49

Jup, prima gemacht. Interessehalber möchte ich gerne wissen, wie die Quoten sind...

Schritt 1

Bitte lasse die Datei aus der Code-Box bei

überprüfen.

Klicke auf Wählen Sie eine
Kopiere nun folgendes in die Suchleiste
Code:
ATTFilter
```
C:\ProgramData\nvxasync\cvxasync.exe
         
```
und klicke auf Öffnen.
Klicke auf Scannen!.
Warte bitte bis die Datei vollständig hochgeladen wurde. Solltest Du folgende Meldung bekommen

Zitat:

Diese Datei wurde bereits von VirusTotal analysiert...

klicke auf Neu analysieren.
Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
Kopiere den Link aus deiner Adresszeile und poste ihn hier.

Novian3002 · 16.05.2015, 19:59

Na supi, VirusTotal sagt die datei wäre zu groß

PS: hab die cvxasync.exe ausversehen ausgeführt und mein explorer hatt sich direkt geschlossen, fand ich irgendwie relevant.

Edit: Hier ein screenshot hxxp://imgur.com/4nsKcUe
Edit2: Was meinste mit "Interessehalber möchte ich gerne wissen, wie die Quoten sind..."?

deeprybka · 16.05.2015, 20:02

Dann halt nicht. (Welche Virenscanner was finden = Quoten)

Schritt 1

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Novian3002 · 16.05.2015, 20:24

Es wird immer "interessanter" was auf meinem PC abgeht

(Video hab ich grad aufgenommmen, zu faul das alles zu beschreiben).
https://www.youtube.com/watch?v=eggmOTTdV9g

deeprybka · 16.05.2015, 20:27

Hast Du meine Anweisungen ausgeführt? Und hör bitte auf hier Videos zu posten.

Novian3002 · 16.05.2015, 20:35

Zitat:

Zitat von deeprybka

Hast Du meine Anweisungen ausgeführt? Und hör bitte auf hier Videos zu posten.

Ja hab ich, wollte das nicht alles schreiben deswegen das Video sry.
Falls du es trotzdem in Textform haben willst: Wenn ich deinen Link anklicke schließt sich das download Fenster sofort. Und falls ich nach Combo Fix download in google suche schließ sich das Fenster einfach.

deeprybka · 16.05.2015, 20:41

Was ist denn passiert?
Poste dann wenigstens nen Link der geht.

Novian3002 · 16.05.2015, 20:45

Zitat:

Zitat von deeprybka

Was ist denn passiert?
Poste dann wenigstens nen Link der geht.

Hier ein funktionierender Linkhttps://www.youtube.com/watch?v=eggmOTTdV9g
Text steht oben

deeprybka · 16.05.2015, 20:51

Probier mal diesen Link: edit
Combofix ist in calc.exe umbenannt.

Novian3002 · 16.05.2015, 21:12

Zitat:

Zitat von deeprybka

Probier mal diesen Link: Tool

Combofix ist in calc.exe umbenannt.

Das hat geklappt nur gibts bei mir keine Combofix.txt sonder nur einen Calc Dateinordern der mich auf C:\calc zurückleitet da seh ich aber wieder nur meine Fesplatte und mein CD Laufewerk

Edit: Hab die Datei gefunden, da steht aber nicht viel drin.

Code:

ATTFilter

ComboFix 15-05-13.01 - Sven 16.05.2015  21:56:56.1.6 - x64
Microsoft Windows 8 Pro  6.2.9200.0.1252.49.1031.18.8174.5677 [GMT 2:00]
ausgeführt von:: C:\Users\Sven\Desktop\calc.exe
AV: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt

deeprybka · 16.05.2015, 21:14

Neues FRST-Log bitte:

Schritt 1

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

Novian3002 · 16.05.2015, 21:24

Bitteschön

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by Sven (administrator) on SVEN-PC on 16-05-2015 22:21:32
Running from C:\Users\Sven\Desktop
Loaded Profiles: Sven (Available profiles: Sven)
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Oculus VR) C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Oculus VR) C:\Program Files (x86)\Oculus\Service\OVRServer_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
() C:\Users\Sven\AppData\Roaming\nvxasync\nvxasync.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\ProgramData\nvxasync\cvxasync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-02-28] (Razer Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [KrakenLauncher] => C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenHelper.exe [1599808 2015-02-03] (Razer Inc)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [884440 2015-05-02] (BlueStack Systems, Inc.)
HKU\S-1-5-21-464442055-962088013-849747556-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-464442055-962088013-849747556-1001\...\Run: [nvxasync] => C:\Users\Sven\AppData\Roaming\nvxasync\nvxasync.exe [153822720 2015-05-10] ()
HKU\S-1-5-21-464442055-962088013-849747556-1001\...\Winlogon: [Shell] C:\ProgramData\nvxasync\cvxasync.exe [153822720 2015-05-10] () <==== ATTENTION 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OculusConfigUtil.lnk [2015-04-13]
ShortcutTarget: OculusConfigUtil.lnk -> C:\Program Files (x86)\Oculus\Tools\OculusConfigUtil.exe (Oculus VR, LLC)
Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-03-08]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-464442055-962088013-849747556-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.surfvox.com/
HKU\S-1-5-21-464442055-962088013-849747556-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-464442055-962088013-849747556-1001 -> DefaultScope {828B376B-F2F6-4778-928C-E29EC877535E} URL = hxxp://www.google.com/cse?cx=partner-pub-0900663996874144:6813731868&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
SearchScopes: HKU\S-1-5-21-464442055-962088013-849747556-1001 -> {828B376B-F2F6-4778-928C-E29EC877535E} URL = hxxp://www.google.com/cse?cx=partner-pub-0900663996874144:6813731868&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-08] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-08] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\s61eyj58.default-1431364725434
FF Homepage: https://www.youtube.de/feed/subscriptions?gl=DE&hl=de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-03] ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-08] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-03] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-01-21] (Microsoft Corporation)
FF Extension: Stylish - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\s61eyj58.default-1431364725434\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2015-05-11]
FF Extension: Adblock Plus - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\s61eyj58.default-1431364725434\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-05-02] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-02] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [806616 2015-05-02] (BlueStack Systems, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-19] (Electronic Arts)
R2 OVRService; C:\Program Files (x86)\Oculus\Service\OVRServiceLauncher.exe [231560 2015-03-27] (Oculus VR)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145112 2015-05-02] (BlueStack Systems)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-04-01] (Disc Soft Ltd)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-03-24] (DT Soft Ltd)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 OCUSBVID; C:\Windows\System32\drivers\OCUSBVID.sys [61048 2015-03-26] (Oculus VR, LLC)
R1 RiftEnabler; C:\Windows\system32\DRIVERS\RiftEnabler.sys [55880 2015-03-26] (Oculus VR, LLC)
S3 RTLE8023x64; C:\Windows\system32\DRIVERS\Rtenic64.sys [399464 2011-12-08] (Realtek Semiconductor Corporation                           )
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [35496 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-16 22:21 - 2015-05-16 22:21 - 02107392 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2015-05-16 22:21 - 2015-05-16 22:21 - 00013583 _____ () C:\Users\Sven\Desktop\FRST.txt
2015-05-16 22:15 - 2015-05-16 22:18 - 00000000 ___SD () C:\Users\Sven\Desktop\calc
2015-05-16 21:55 - 2015-05-16 21:55 - 00000000 ____D () C:\Windows\erdnt
2015-05-16 21:55 - 2015-05-16 21:55 - 00000000 ____D () C:\Qoobox
2015-05-16 21:55 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-16 21:55 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-16 21:55 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-16 21:55 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-16 21:55 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-16 21:55 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2015-05-16 21:55 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-16 21:55 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-16 21:55 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-16 21:54 - 2015-05-16 21:54 - 05623645 ____R (Swearware) C:\Users\Sven\Desktop\calc.exe
2015-05-16 20:21 - 2015-05-16 22:21 - 00000000 ____D () C:\FRST
2015-05-16 18:38 - 2015-05-16 18:38 - 00003088 _____ () C:\Windows\System32\Tasks\{6957ED50-4D08-4683-8DCF-8E9E3681A345}
2015-05-16 16:01 - 2015-05-16 16:01 - 00000000 ____D () C:\ProgramData\X360CE
2015-05-15 14:47 - 2015-05-15 14:47 - 00000000 ____D () C:\Users\Sven\AppData\Local\Muze_Software_Inc
2015-05-15 14:46 - 2015-05-15 14:51 - 00000000 ____D () C:\Program Files (x86)\Pixel Art
2015-05-15 11:39 - 2015-05-15 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Not a hero
2015-05-15 11:37 - 2015-05-15 11:37 - 00000000 ____D () C:\Program Files (x86)\NOT A HERO
2015-05-10 15:54 - 2015-05-10 15:54 - 00048137 _____ () C:\Users\Sven\AppData\Local\Secure Preferences
2015-05-10 15:54 - 2015-05-10 15:54 - 00005502 _____ () C:\Users\Sven\AppData\Local\Preferences
2015-05-10 15:53 - 2015-05-10 15:53 - 00000000 _RSHD () C:\ProgramData\nvxasync
2015-05-10 15:53 - 2015-05-10 15:53 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\chportu
2015-05-10 15:52 - 2015-05-10 15:54 - 00000000 _RSHD () C:\Users\Sven\AppData\Roaming\nvxasync
2015-05-10 15:52 - 2015-05-10 15:52 - 243361280 _____ () C:\Users\Sven\AppData\Roaming\Launcher.rb4
2015-05-09 15:27 - 2015-05-09 15:27 - 00000000 ____D () C:\Users\Sven\Documents\Electronic Arts
2015-05-09 15:26 - 2015-05-16 20:50 - 00000001 _____ () C:\Users\Sven\AppData\Roaming\update.dat
2015-05-09 14:20 - 2015-05-09 14:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sims 4
2015-05-09 14:00 - 2015-05-09 14:00 - 00000000 ____D () C:\Program Files (x86)\Sims 4
2015-05-09 11:17 - 2015-05-09 11:19 - 00000000 ____D () C:\Program Files (x86)\ Bit.Trip Presents Runner 2- Future Legend of Rhythm Alien
2015-05-09 10:58 - 2015-05-09 10:58 - 00000000 ____D () C:\Users\Sven\AppData\Local\BIT.TRIP BEAT
2015-05-08 21:28 - 2015-05-09 10:41 - 00000000 ____D () C:\Users\Sven\AppData\Local\Gaijin Games
2015-05-08 21:28 - 2015-05-08 21:28 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-05-08 21:28 - 2015-05-08 21:28 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-05-08 21:28 - 2015-05-08 21:28 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-05-08 21:28 - 2015-05-08 21:28 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-05-08 21:28 - 2015-05-08 21:28 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2015-05-08 13:27 - 2015-05-08 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-05-08 13:27 - 2015-05-08 13:27 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-05-08 13:27 - 2015-05-08 13:27 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2015-05-08 13:25 - 2015-05-08 13:34 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-05-08 13:25 - 2015-05-08 13:25 - 00000000 ____D () C:\Users\Sven\AppData\Local\Bluestacks
2015-05-05 16:37 - 2015-05-05 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titan Souls [GOG.com]
2015-05-05 13:43 - 2015-05-05 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team Meat
2015-05-05 13:42 - 2015-05-05 13:42 - 00000000 ____D () C:\Program Files (x86)\Team Meat
2015-05-05 13:15 - 2015-05-05 13:15 - 00000000 ____D () C:\Program Files (x86)\Infinite Dreams
2015-05-05 12:47 - 2015-05-05 12:47 - 00000000 ____D () C:\Program Files (x86)\Devolver Digital
2015-05-04 18:44 - 2015-05-04 18:45 - 00000000 ____D () C:\Users\Sven\AppData\Local\nuclearthrone
2015-05-04 18:05 - 2015-05-04 18:07 - 00000000 ____D () C:\Users\Sven\AppData\Local\Game Dev Tycoon - Steam
2015-05-04 18:04 - 2015-05-04 18:13 - 00000000 ____D () C:\Program Files (x86)\Game Dev Tycoon
2015-05-02 23:10 - 2015-05-02 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpJet Rex
2015-05-02 23:09 - 2015-05-02 23:09 - 00000000 ____D () C:\Program Files (x86)\JumpJet Rex
2015-05-02 08:49 - 2015-05-02 08:49 - 00000000 ____D () C:\Users\Sven\Documents\Diablo III
2015-04-27 16:35 - 2015-04-27 16:59 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2
2015-04-27 16:35 - 2015-04-27 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2015-04-27 16:32 - 2015-04-27 16:34 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\Guild Wars 2
2015-04-27 16:32 - 2015-04-27 16:32 - 00000000 ____D () C:\Users\Sven\Documents\Guild Wars 2
2015-04-27 12:57 - 2015-04-27 12:58 - 00000000 ____D () C:\Program Files (x86)\Convoy
2015-04-24 13:29 - 2015-04-24 13:29 - 00000165 ____H () C:\Users\Sven\Desktop\~$TF2 Items.xlsx
2015-04-22 17:37 - 2015-05-16 18:59 - 00000000 ____D () C:\Users\Sven\Documents\Westerado DB
2015-04-22 17:37 - 2015-04-22 18:50 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\WesteradoDB
2015-04-22 17:33 - 2015-04-22 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adult Swim Games
2015-04-22 17:33 - 2015-04-22 17:33 - 00000000 ____D () C:\Program Files (x86)\Adult Swim Games
2015-04-19 00:43 - 2015-04-19 00:43 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2015-04-18 08:39 - 2015-04-18 08:39 - 00000000 ____D () C:\Users\Sven\Documents\Backups
2015-04-16 16:02 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-16 16:01 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-16 16:01 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-16 16:01 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-16 22:20 - 2015-03-03 19:15 - 01196870 _____ () C:\Windows\WindowsUpdate.log
2015-05-16 22:09 - 2015-04-13 18:35 - 00000000 ____D () C:\Users\Sven\AppData\Local\Oculus
2015-05-16 22:08 - 2015-03-03 19:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-16 22:08 - 2015-03-03 16:54 - 00014210 _____ () C:\Windows\PFRO.log
2015-05-16 22:08 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-16 22:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2015-05-16 21:36 - 2015-03-03 19:38 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-16 21:10 - 2015-03-09 21:04 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\vlc
2015-05-16 21:07 - 2015-03-04 09:40 - 00000020 _____ () C:\Windows\capsys184523.log
2015-05-16 19:29 - 2015-03-06 18:32 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\Skype
2015-05-16 19:24 - 2015-03-05 16:21 - 00000000 ____D () C:\AdwCleaner
2015-05-16 18:38 - 2015-03-06 18:31 - 00000000 ____D () C:\ProgramData\Skype
2015-05-15 23:08 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-15 17:42 - 2015-03-03 16:58 - 00000000 ____D () C:\Users\Sven
2015-05-14 16:45 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-05-09 14:24 - 2015-03-04 13:14 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-09 14:22 - 2015-03-03 20:16 - 00172324 _____ () C:\Windows\DirectX.log
2015-05-09 11:59 - 2015-03-04 09:33 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-464442055-962088013-849747556-1001
2015-05-09 11:19 - 2015-03-24 17:35 - 00000000 ____D () C:\Users\Sven\AppData\Local\SKIDROW
2015-05-08 21:28 - 2015-03-26 15:24 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-05-08 13:27 - 2012-07-26 10:12 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-05 16:36 - 2015-03-26 15:04 - 00000000 ____D () C:\GOG Games
2015-05-05 14:19 - 2015-04-13 20:02 - 00000000 ____D () C:\Program Files (x86)\Airdrift
2015-05-05 14:09 - 2015-04-15 19:16 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-05-05 13:42 - 2015-03-03 18:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-04 18:06 - 2015-03-03 16:58 - 00000000 ____D () C:\Users\Sven\AppData\Local\Packages
2015-05-03 19:21 - 2015-03-03 19:19 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-02 23:10 - 2015-04-01 13:50 - 00000000 ____D () C:\ProgramData\Steam
2015-05-02 17:02 - 2015-03-20 13:46 - 00000000 ____D () C:\Program Files (x86)\ToonHud
2015-05-02 12:24 - 2015-04-13 18:36 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\Oculus VR LLC
2015-05-02 09:14 - 2015-03-05 16:06 - 00000000 ____D () C:\Users\Sven\AppData\Local\Battle.net
2015-05-02 08:49 - 2015-03-26 16:39 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2015-05-01 12:18 - 2015-03-03 19:38 - 00000000 ____D () C:\ProgramData\Origin
2015-04-30 13:56 - 2015-03-22 14:04 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-04-30 13:42 - 2015-03-05 16:06 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-24 13:13 - 2012-07-26 12:27 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2015-04-24 13:13 - 2012-07-26 12:27 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2015-04-24 13:13 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-24 12:36 - 2015-03-09 21:33 - 00000000 ____D () C:\Users\Sven\AppData\Roaming\DVDVideoSoft
2015-04-21 17:14 - 2015-03-03 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-21 13:20 - 2015-03-03 18:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-19 17:29 - 2015-03-03 19:38 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-16 16:03 - 2015-03-03 19:19 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-16 16:02 - 2015-03-03 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-16 16:02 - 2012-07-26 09:21 - 00014476 _____ () C:\Windows\setupact.log

==================== Files in the root of some directories =======

2015-05-10 15:52 - 2015-05-10 15:52 - 243361280 _____ () C:\Users\Sven\AppData\Roaming\Launcher.rb4
2015-05-09 15:26 - 2015-05-16 20:50 - 0000001 _____ () C:\Users\Sven\AppData\Roaming\update.dat
2015-05-10 15:54 - 2015-05-10 15:54 - 0005502 _____ () C:\Users\Sven\AppData\Local\Preferences
2015-03-09 21:16 - 2015-03-09 21:16 - 0002028 _____ () C:\Users\Sven\AppData\Local\recently-used.xbel
2015-05-10 15:54 - 2015-05-10 15:54 - 0048137 _____ () C:\Users\Sven\AppData\Local\Secure Preferences

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-09 12:00


==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by Sven at 2015-05-16 22:22:16
Running from C:\Users\Sven\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-464442055-962088013-849747556-500 - Administrator - Disabled)
Gast (S-1-5-21-464442055-962088013-849747556-501 - Limited - Disabled)
Sven (S-1-5-21-464442055-962088013-849747556-1001 - Administrator - Enabled) => C:\Users\Sven

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.19.2 - Mirillis)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.24.4196 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{CF297F45-BB2C-4454-AEDA-EFAB01AFDCE3}) (Version: 0.9.24.4196 - BlueStack Systems, Inc.)
Borderlands - The Pre-Sequel (HKLM-x32\...\Borderlands - The Pre-Sequel_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
ColorMania 5.1 (HKLM-x32\...\ColorMania_is1) (Version: 5.1 - Blacksun Software)
Convoy (HKLM-x32\...\Q29udm95_is1) (Version: 1 - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CursorFX (x32 Version: 2.00 - Stardock Corporation) Hidden
CursorFX Plus (HKLM-x32\...\CursorFX Plus) (Version:  - Stardock Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Duke Nukem 3D Megaton Edition 1.1.3 (HKLM-x32\...\Duke Nukem 3D Megaton Edition 1.1.3) (Version: 1.1.3 - Devolver Digital)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio version 6.5.0.301 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.301 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Gauntlet™  (HKLM-x32\...\Steam App 258970) (Version:  - Arrowhead Game Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hotline Miami 2: Wrong Number (HKLM-x32\...\Hotline Miami 2: Wrong Number_is1) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
JumpJet Rex version 1.0 (HKLM-x32\...\JumpJet Rex_is1) (Version: 1.0 - )
KMSpico v9.3.2 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lucius II (HKLM-x32\...\Lucius II_is1) (Version:  - )
Mark of the Ninja Special Edition (HKLM-x32\...\Mark of the Ninja Special Edition_is1) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Monaco What's Yours Is Mine (HKLM-x32\...\Monaco What's Yours Is Mine_is1) (Version: Monaco What's Yours Is Mine - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Mumble 1.2.8 (HKLM-x32\...\{1BC144A3-20EF-49DD-8EBB-E421E128E30F}) (Version: 1.2.8 - Thorvald Natvig)
NEKOPARA vol.1 (HKLM-x32\...\{64DC04AF-BD7C-4CF4-9CA4-938953224328}) (Version:  - NEKO WORKs)
NOT A HERO version v1.5.0.0 (HKLM-x32\...\{8C0A1406-D6D1-4D9F-B328-B3AD5E5BC0AB}_is1) (Version: v1.5.0.0 - Devolver Digital)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Oculus Display Driver (Install Only) (HKLM\...\{50700EF8-2D6A-4122-B307-E37A5E1F32D5}) (Version: 1.2.4.0 - Oculus VR, LLC)
Oculus Positional Tracker Driver (Install Only) (HKLM\...\{8741739C-8CB4-47C2-B36C-A860AD180BDA}) (Version: 1.0.9.0 - Oculus VR, LLC)
Oculus Runtime (HKLM-x32\...\Oculus Runtime 0.5.0.1-Release-49138) (Version: 0.5.0.1-Release-49138 - Oculus VR, LLC)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2.1 r2386 - )
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24565 - Razer Inc.)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM-x32\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.6.0.13 - GOG.com)
Sims 4 by BuZeR version final (HKLM-x32\...\{ED118F10-E516-4245-160F-62131508F71F}_is1) (Version: final - )
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
Stardock Start8 (HKLM\...\Start8_is1) (Version: 1.41 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteamVR (HKLM-x32\...\Steam App 250820) (Version:  - )
Street Fighter X Tekken (HKLM-x32\...\{43430FA5-AF68-4A2D-A7D4-891000008200}) (Version: 1.0.0.0 - CAPCOM U.S.A., INC)
Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version:  - Team Meat)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Binding of Isaac - Rebirth version 1.0 (HKLM-x32\...\The Binding of Isaac - Rebirth_is1) (Version: 1.0 - )
Titan Souls (HKLM-x32\...\1427985242_is1) (Version: 2.0.0.1 - GOG.com)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)
Transistor (HKLM-x32\...\Transistor_is1) (Version:  - )
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH)
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Westerado Double Barreled (HKLM-x32\...\Westerado Double Barreled_is1) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Ziggurat v1.0u6 (HKLM-x32\...\Ziggurat v1.0u6_is1) (Version:  - )
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

24-04-2015 15:33:16 Geplanter Prüfpunkt
05-05-2015 13:42:24 Installiert Tom Clancy's H.A.W.X
09-05-2015 14:20:58 DirectX wurde installiert
16-05-2015 21:55:52 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {158DD46F-1573-4364-A0F4-02F909682F25} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {1BD33ADB-5117-4995-A982-CB88A28F0E41} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2E6E2E60-5EC7-4089-90DE-F20A6169964E} - System32\Tasks\{6957ED50-4D08-4683-8DCF-8E9E3681A345} => Firefox.exe hxxp://ui.skype.com/ui/0/7.4.80.102/de/abandoninstall?page=tsProgressBar
Task: {790C8B8E-5D4D-4696-ADE4-5D0DDE191E96} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DF068ED0-94EF-431E-BBBD-B81F0F55A035} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-08-12] (@ByELDI)

==================== Loaded Modules (Whitelisted) ==============

2015-03-03 19:35 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-05 02:24 - 2015-02-05 02:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-01-21 16:01 - 2015-01-21 16:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-05-10 15:52 - 2015-05-10 15:53 - 153822720 __RSH () C:\Users\Sven\AppData\Roaming\nvxasync\nvxasync.exe
2015-03-24 15:28 - 2015-03-24 15:28 - 00036544 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2015-03-24 15:28 - 2015-03-24 15:28 - 00775872 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2015-05-10 15:53 - 2015-05-10 15:53 - 153822720 __RSH () C:\ProgramData\nvxasync\cvxasync.exe
2015-04-07 15:31 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-01-21 16:01 - 2015-01-21 16:01 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-464442055-962088013-849747556-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sven\Pictures\Wallpapers\soaring_mountains.png
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "OculusConfigUtil.lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Zune Launcher"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "KrakenLauncher"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{104955CE-91E4-4650-8EBC-BD797B3A11B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E825EC26-7A07-4384-ACC7-CE5BB53EE31E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{219A9F03-2E32-4EEE-9410-A423DEDB58B3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5255B7B9-2567-46CF-8833-2FF62BF789D6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{54793095-FA6C-4F23-BEE7-56AE695B2EC9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4C710645-71B6-4305-9E8E-008DD0E8E0EA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FC8F7640-08EC-47D8-8460-0692361224B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{439B2B50-706E-44E6-9401-FA3DC8ADCB98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B3E4747B-7450-49E7-80C3-2192362FC1BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{69BAFF88-899D-4005-9DA4-D27BA1A4A9C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8CC803EB-30ED-4180-A849-747F246936A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8A40A5A5-275C-40B9-8BDA-5C7DC815374E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A4169A5E-0D32-4319-B0F0-99EB2836BB06}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{66E70575-5315-4910-8890-3FB41CEC1BF6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E9E52CD0-4FC2-40C5-B44D-75409E500D5A}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{FB0DE719-D1EB-4914-98EC-F0D5CDC72B00}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{92F5E4ED-B936-4E4E-A5FD-7B2909E14340}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EC03CFCF-A624-4E31-A045-6D5FC02F640E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{DC22DFFC-7317-4588-A927-9E6172457C04}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{10C0A7FE-B690-475F-B8C1-0CAE07A950FD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C9668500-5A82-4C0B-849F-ED28E578B665}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1BF66D35-FDE0-4100-A913-204FFD4E23E8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{2F4CFF18-A3EC-43BC-85AD-0C64406BB58E}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1CB39AEE-10FD-41C0-857A-7D9708C08150}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{BA6B85C6-5132-43CF-B553-C136AB232361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{7310A910-9FC3-448A-8F3A-F9A15F921D91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{BEBC672B-ABDF-48F8-A375-49EE76B35C8E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{52D8F833-3B06-40C0-BF09-E96F20B1D59C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5CC6CC33-2D2B-456F-BF09-6194D88EE73F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{E4BE5634-9A0C-403A-AF9C-663A53F73D35}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F1ECE758-C29F-41F1-B643-DA211BD38917}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{1E930C1F-1976-4D2A-AB7E-399D6130AECD}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{34EB9DA6-B0CA-4DCF-A718-3C6C5F94D2AD}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{356DD9E9-0E14-41B1-BE95-201D89267466}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5B4C289C-D0E9-4D1C-8F08-47F30DA703EA}] => (Allow) LPort=2869
FirewallRules: [{B3CAE95F-B9A8-404E-9B5C-18A770AD4E03}] => (Allow) LPort=1900
FirewallRules: [{F191E3EB-5420-4359-A6A7-FAD550DCFD66}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{DFCA9915-E9EF-4EDC-B6E9-CF34F2C8415D}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{A81D7B0B-122A-443D-AB5C-656DCE89F9BC}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{59AD25E7-2C4D-469A-9145-8E3AE58283A6}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{FFF2A4B6-B73E-4432-BFB2-6A22736B0F65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{2C05C87D-7560-429F-9AE5-A861D2FB3D35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{CC0595C3-555E-4F24-98FE-34CFBD444142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{80B6E43C-295E-4BDD-ACF7-830723958F7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{16DEC6C4-47CA-4E34-80B6-54485B95D911}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{250E7002-B3E0-4566-B3FA-2570A959E3AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{24E3178D-A844-46DA-A257-5033CCB49BA0}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{889EBC3D-8C59-45C9-8DE6-4ACAFE5B1EB1}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D6F56E13-33C4-4B85-A535-214D93AD12FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{10DD26B0-3C44-4647-A903-71165C57F8FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{F19727E2-50F8-4D34-B095-E42E63823447}] => (Allow) C:\Program Files (x86)\Capcom\Street Fighter X Tekken\SFTK.exe
FirewallRules: [{8CEE0720-60A7-40AC-BA75-4B1FDEE63DAC}] => (Allow) C:\Program Files (x86)\Capcom\Street Fighter X Tekken\SFTK.exe
FirewallRules: [{2E9807FA-BF19-4053-A9B3-0B2AB457DC86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{ED530BBE-F7C5-4B1B-843B-4BA7F8B80902}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gauntlet\binaries\gauntlet.exe
FirewallRules: [{8C8787D1-29C5-41B4-A533-A9C2FB410998}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{59F1B233-15E6-44FE-876D-85C624A7ACC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{7F5F91CD-0FB1-4320-85DC-573711BADCB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{C02D8830-DB7E-4E87-AE41-5719595511C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{7686824F-863D-4E73-9B1D-7A61BCFD4114}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{20438377-6FF6-44AF-894A-B93FC322B474}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{BCAF5205-520B-4062-8C93-B69BD65DEB01}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0EF324AA-F458-4868-A411-C03DAFA9AA10}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{4518E3C0-064A-488D-A9D0-0B7DAB11FA69}C:\program files (x86)\starcrawlers.v22.3.15.hotfix1\starcrawlers.exe] => (Block) C:\program files (x86)\starcrawlers.v22.3.15.hotfix1\starcrawlers.exe
FirewallRules: [UDP Query User{CE7FCFE7-CD70-42F7-8EC9-BBCCAB457ECC}C:\program files (x86)\starcrawlers.v22.3.15.hotfix1\starcrawlers.exe] => (Block) C:\program files (x86)\starcrawlers.v22.3.15.hotfix1\starcrawlers.exe
FirewallRules: [TCP Query User{31D06F31-C391-4B6C-9638-6B9A05A144F5}C:\program files (x86)\r.g. mechanics\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) C:\program files (x86)\r.g. mechanics\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{FD4C08E7-9D2D-41D6-BAED-ABCE6419351E}C:\program files (x86)\r.g. mechanics\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Block) C:\program files (x86)\r.g. mechanics\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{6A221546-D83F-4E40-A317-9AE8E8328DD1}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{77CDCC9A-6FF7-4C4B-9E17-3C4DC7DCAC53}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{9CC9ECB4-24E5-4A0A-A7F7-9A7517FBB65F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{78EE611F-57DB-4AED-B130-C23CA0C396CA}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{3CDF24C1-136A-43ED-A6FA-B488619336D0}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{F7757477-EBF4-4568-9DF4-A0F81BF67D03}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E9EF9A3E-BBEE-43BF-A50E-D7DAD0135BC2}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{55A355C5-8D55-4ECD-A11F-D1D3B4E92A75}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{6C9A9DA8-2006-4816-B38B-BDAFD80417BA}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{9C3CA3B5-6888-49AB-87BA-D76C39ADEDD6}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{61466F1B-FADB-4477-8FDC-8751B4274E1B}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{EBEC7230-DB95-45FC-962F-FEC30DD1795D}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{4447570B-1E82-4006-B824-887BB9E16F78}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{D7EA8814-516B-411E-B41D-F51B4867190A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{3D66A6A7-8AB8-44E9-81BC-D71745918A22}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{8336D68F-554B-4E56-B8E9-A5B173DDB282}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\demo\bin\win32\hellovr_sdl.exe
FirewallRules: [{2D44F465-5456-46B0-9026-9E75AC0D969C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\demo\bin\win32\hellovr_sdl.exe
FirewallRules: [{8F1D5AC8-62E4-458B-AC9F-E1AEC25CCBB3}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{B53D123D-B197-47F5-9314-832272B20E47}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{461D74DB-0AAF-4997-AAF1-B612AE202A72}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{1817D561-F69C-4EFC-A4FD-866A668494B9}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{77DC6736-B7CA-4664-B04E-4669E1229038}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{B080684D-40A3-4B0D-B58F-C5DA056767D1}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{2D20E93A-A2FB-4916-803A-C87A68BAC533}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{FA43AD0F-CACB-4213-ABC3-1BBF0E1A1F5D}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{4B4FC678-C5A4-4957-9EF4-947D5E944BD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{D78F4A78-3188-49AD-8F73-0CE9D71E53DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2015 10:09:04 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.

Error: (05/16/2015 09:38:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x23f0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (05/16/2015 09:02:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x2688
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (05/16/2015 09:02:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x36c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (05/16/2015 08:54:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x228c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (05/16/2015 08:54:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x1a50
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (05/16/2015 08:52:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x18d8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (05/16/2015 08:52:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x1e2c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (05/16/2015 08:52:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0xa44
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (05/16/2015 07:46:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Sven-PC)
Description: Die App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.


System errors:
=============
Error: (05/16/2015 10:08:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎16.‎05.‎2015 um 22:05:16 unerwartet heruntergefahren.

Error: (05/16/2015 10:00:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/16/2015 08:08:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/16/2015 08:08:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Disc Soft Lite Bus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Razer Overlay Subsystem Emergency Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RzKLService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/16/2015 07:24:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Oculus VR Runtime Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (05/16/2015 10:09:04 PM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: [LauncherService] Unable to start service: There is no active interactive user session.

Error: (05/16/2015 09:38:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa123f001d0900c52537f2cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll29c73180-fc03-11e4-bf07-bcee7b7570f0

Error: (05/16/2015 09:02:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1268801d0900ad6f47f42C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll1810e1aa-fbfe-11e4-bf07-bcee7b7570f0

Error: (05/16/2015 09:02:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa136c01d09009c3f5e2a1C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll0e2b86b4-fbfe-11e4-bf07-bcee7b7570f0

Error: (05/16/2015 08:54:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1228c01d09009b4fde03cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllf7fa1538-fbfc-11e4-bf07-bcee7b7570f0

Error: (05/16/2015 08:54:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa11a5001d0900984fbb479C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllee0c3d93-fbfc-11e4-bf07-bcee7b7570f0

Error: (05/16/2015 08:52:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa118d801d0900979c09c05C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllba1f267a-fbfc-11e4-bf07-bcee7b7570f0

Error: (05/16/2015 08:52:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa11e2c01d090096d29e934C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllabfd3302-fbfc-11e4-bf07-bcee7b7570f0

Error: (05/16/2015 08:52:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1a4401d090025e9de420C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla85e11f4-fbfc-11e4-bf07-bcee7b7570f0

Error: (05/16/2015 07:46:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Sven-PC)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel


==================== Memory info =========================== 

Processor: AMD FX(tm)-6300 Six-Core Processor 
Percentage of memory in use: 22%
Total physical RAM: 8174.11 MB
Available physical RAM: 6369.39 MB
Total Pagefile: 9390.11 MB
Available Pagefile: 6982.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:684.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7AF1475F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

16.05.2015, 20:27	#8
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Task-Manager/Regedit schließen sich schnell von allein. Hast Du meine Anweisungen ausgeführt? Und hör bitte auf hier Videos zu posten. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

16.05.2015, 20:41	#10
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Task-Manager/Regedit schließen sich schnell von allein. Was ist denn passiert? Poste dann wenigstens nen Link der geht. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Task-Manager/Regedit schließen sich schnell von allein.

Plagegeister aller Art und deren Bekämpfung: Task-Manager/Regedit schließen sich schnell von allein.