Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Malware durch dubiosen Downloader (Lightning Downloader)

Malware durch dubiosen Downloader (Lightning Downloader)


Log-Analyse und Auswertung: Malware durch dubiosen Downloader (Lightning Downloader)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 09.07.2015, 14:34   #1
Chillzz
 
Malware durch dubiosen Downloader (Lightning Downloader) - Standard

Malware durch dubiosen Downloader (Lightning Downloader)


Hallo Community,
Gestern wollte ich mir ein Programm im Internet herunterladen und bin dummerweise an ein Downloader geraten, der mir wohl Adware ins System einschleusen wollte. Ich habe mitten während der "Installation", dann das Programm "Lightning Downloader" unterbrochen und musste feststellen, dass schon einiges an Malware auf meinem PC drauf war. Dazu gehörten Addons (in meinem Firefox Browser) wie "bestadblocker" und "CutThePrice". Außerdem befand sich eine LightEngine.dll (ich nehme mal an dies ist eine Datei des Downloaders) in c:\Program Files\LightEngine\. Dies alles sieht mir nach harmloser Adware aus, aber ich möchte trozdem auf nummer sicher gehen und mein System sauber bekommen. (Edit : Ich sehe gerade, dass diese Programme noch unter den installierten Programmen angezeigten werden, diese 3 werde ich dann mal löschen)


Direkt danach startet ich eine Vollständige Überprüfung in avast! Free Antivirus 2015. Hier das Logfile :
Code:
ATTFilter
File: c:\ProgramData\{7d844150-04ba-d93b-7d84-4415004b0540}\windows_7_loader_v2.1.1_by_daz__x86___x64_.zip.exe
Reference: Scheduler:\ChocoChug
Value: c:\programdata\{7d844150-04ba-d93b-7d84-4415004b0540}\windows_7_loader_v2.1.1_by_daz__x86___x64_.zip.exe
Result (1/14): 22: 1 0


File: c:\Program Files\LightEngine\LightEngine.dll
Reference: HKLM:System\CurrentControlSet\Services\d1fbfb97
Value: "C:\Windows\system32\rundll32.exe" "c:\Program Files\LightEngine\LightEngine.dll",serv
Result (1/14): 6: 1 259


File: c:\ProgramData\{7d844150-04ba-d93b-7d84-4415004b0540}\windows_7_loader_v2.1.1_by_daz__x86___x64_.zip.exe
Reference: JOB:C:\Windows\system32\Tasks\ChocoChug
Value: c:\programdata\{7d844150-04ba-d93b-7d84-4415004b0540}\windows_7_loader_v2.1.1_by_daz__x86___x64_.zip.exe
Result (2/14): 23: -1 3221225524


File: c:\Program Files\LightEngine\LightEngine.dll
Reference: HKLM:System\CurrentControlSet\Services\d1fbfb97
Value: "C:\Windows\system32\rundll32.exe" "c:\Program Files\LightEngine\LightEngine.dll",serv
Result (2/14): 6: -1 3221225524


File: C:\Program Files\bestadblocker\VJAdWddsCHA0bi.dll
Reference: HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B7CE59D5-F64A-4489-B6BE-5D729DC1C5DE}
Value: {B7CE59D5-F64A-4489-B6BE-5D729DC1C5DE}
Result (2/14): 6: 1 2147483674


File: C:\Program Files\CutThePrice\Xufp14gmlrNyHh.dll
Reference: HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B436A724-A956-441C-B9BC-1F28251FF5BF}
Value: {B436A724-A956-441C-B9BC-1F28251FF5BF}
Result (2/14): 6: 1 2147483674
Der Computer startete allerdings automatisch noch einen Scan beim nächsten Boot Up, auf dessen Ende ich zuerst warten musste. Dieser verlief wohl gleich wie der erste und fand die gleichen Dateien (hier mal ein Screenshot von den Funden und der ausgeführten Aktion )

Direkt danach führte ich einen Scan mit MalwareBytes Anti-Malware aus, hier die Logdatei :
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 09.07.2015
Suchlauf-Zeit: 14:48:50
Logdatei: MalwareBytesLog9.07.15.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.07.09.02
Rootkit Datenbank: v2015.07.07.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Hek
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 308522
Verstrichene Zeit: 7 Min, 54 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 3
PUP.Optional.MultiPlug, HKU\S-1-5-21-2290024371-3984154701-145341786-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}, , [9c1a99464b3fe2541ef1edd06b97d030], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{d1fbfb97}, , [efc76e71b9d18ea85dae028910f407f9], 
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [5363647bcebc54e28333ed9fd23251af], 

Registrierungswerte: 1
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [5363647bcebc54e28333ed9fd23251af]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 3
PUP.Optional.MultiPlug.A, C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc\121, , [9d1931ae54368fa7f53d91f3a75de51b], 
PUP.Optional.MultiPlug.A, C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc, , [9d1931ae54368fa7f53d91f3a75de51b], 
PUP.Optional.MultiPlug, C:\ProgramData\cnbclgkjlknknhkddlaibldilknjfnjd, , [d6e01ac5a2e82016b3cc790c9a6a24dc], 

Dateien: 12
PUP.Optional.LightningDownloader.A, C:\Users\King Haze\AppData\Local\Temp\EB28\temp\lightningdownloader.exe, , [e7cfcf10dfabb086b17f5df8ca36ed13], 
Hacktool.Agent, C:\Users\King Haze\Downloads\Windows 7 loader bY Deki.rar, , [bcfa08d7c1c9fc3a6d71e42bb74aa858], 
PUP.Optional.MultiPlug.A, C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc\121\lsdb.js, , [9d1931ae54368fa7f53d91f3a75de51b], 
PUP.Optional.MultiPlug.A, C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc\121\background.html, , [9d1931ae54368fa7f53d91f3a75de51b], 
PUP.Optional.MultiPlug.A, C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc\121\content.js, , [9d1931ae54368fa7f53d91f3a75de51b], 
PUP.Optional.MultiPlug.A, C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc\121\HuXvrgDLc.js, , [9d1931ae54368fa7f53d91f3a75de51b], 
PUP.Optional.MultiPlug.A, C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc\121\manifest.json, , [9d1931ae54368fa7f53d91f3a75de51b], 
PUP.Optional.MultiPlug, C:\ProgramData\cnbclgkjlknknhkddlaibldilknjfnjd\lsdb.js, , [d6e01ac5a2e82016b3cc790c9a6a24dc], 
PUP.Optional.MultiPlug, C:\ProgramData\cnbclgkjlknknhkddlaibldilknjfnjd\background.html, , [d6e01ac5a2e82016b3cc790c9a6a24dc], 
PUP.Optional.MultiPlug, C:\ProgramData\cnbclgkjlknknhkddlaibldilknjfnjd\content.js, , [d6e01ac5a2e82016b3cc790c9a6a24dc], 
PUP.Optional.MultiPlug, C:\ProgramData\cnbclgkjlknknhkddlaibldilknjfnjd\manifest.json, , [d6e01ac5a2e82016b3cc790c9a6a24dc], 
PUP.Optional.MultiPlug, C:\ProgramData\cnbclgkjlknknhkddlaibldilknjfnjd\V2hMaS.js, , [d6e01ac5a2e82016b3cc790c9a6a24dc], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Außerdem füge ich hier noch ein HijackThis Log bei:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:40:13, on 09.07.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16750)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Thunder Master\THPanel.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\MSI\Super-Charger\Super-Charger.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
D:\Program Files\Steam\Steam.exe
D:\Program Files\Steam\bin\steamwebhelper.exe
D:\Program Files\Steam\bin\steamwebhelper.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\King Haze\Downloads\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [THPanel] "C:\Program Files\Thunder Master\THPanel.exe" /A
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Unknown owner - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe (file missing)
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files\MSI\Super-Charger\ChargeService.exe
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: RzKLService - Razer Inc. - C:\Program Files\Razer\Razer Cortex\RzKLService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 8727 bytes
Geändert von Chillzz (09.07.2015 um 14:44 Uhr)

Alt 09.07.2015, 14:40   #2
Warlord711
/// TB-Ausbilder
 
Malware durch dubiosen Downloader (Lightning Downloader) - Standard

Malware durch dubiosen Downloader (Lightning Downloader)


Hi !

Mach bitte noch:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 09.07.2015, 14:50   #3
Chillzz
 
Malware durch dubiosen Downloader (Lightning Downloader) - Standard

Malware durch dubiosen Downloader (Lightning Downloader)


Danke für die schnelle Antwort Warlord, hier sind die zwei Logfiles.

FRST.txt:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-07-2015
Ran by King Haze (administrator) on KINGHAZE-PC on 09-07-2015 15:46:39
Running from C:\Users\King Haze\Downloads
Loaded Profiles: King Haze (Available Profiles: King Haze)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(MSI) C:\Program Files\MSI\Super-Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files\MSI\MSITrigger\MSI_Trigger_Service.exe
(Palit Microsystems Ltd.) C:\Program Files\Thunder Master\THPanel.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files\MSI\Super-Charger\Super-Charger.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Valve Corporation) D:\Program Files\Steam\Steam.exe
(Valve Corporation) D:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Program Files\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6323928 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-05-17] (Intel Corporation)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM\...\Run: [Super-Charger] => C:\Program Files\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-13] (Avast Software s.r.o.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\Run: [amd_dc_opt] => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-2290024371-3984154701-145341786-1000\...\Run: [THPanel] => C:\Program Files\Thunder Master\THPanel.exe [2169640 2013-10-17] (Palit Microsystems Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-13] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2290024371-3984154701-145341786-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-08] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-08] (Oracle Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
Toolbar: HKU\S-1-5-21-2290024371-3984154701-145341786-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4B355606-754D-494A-92FD-255FAB54E638}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6324BC67-0616-40BB-9212-CCB7706AEAE1}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F67C3489-5DD7-4B2F-80F2-A5796B552951}: [DhcpNameServer] 7.254.254.254

FireFox:
========
FF ProfilePath: C:\Users\King Haze\AppData\Roaming\Mozilla\Firefox\Profiles\rzo4dl8b.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-25] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-08] (Oracle Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2290024371-3984154701-145341786-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\King Haze\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2290024371-3984154701-145341786-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: youtubereplay - C:\Users\King Haze\AppData\Roaming\Mozilla\Firefox\Profiles\rzo4dl8b.default\Extensions\jid0-VuYraOOT2NM2AcnQwG4APKol3Vs@jetpack.xpi [2014-09-03]
FF Extension: Thumbnail Zoom Plus - C:\Users\King Haze\AppData\Roaming\Mozilla\Firefox\Profiles\rzo4dl8b.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-05-16]
FF Extension: YouTube Auto Replay - C:\Users\King Haze\AppData\Roaming\Mozilla\Firefox\Profiles\rzo4dl8b.default\Extensions\YouTubeAutoReplay@arikv.com.xpi [2014-06-08]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\King Haze\AppData\Roaming\Mozilla\Firefox\Profiles\rzo4dl8b.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-12]
FF Extension: Adblock Plus - C:\Users\King Haze\AppData\Roaming\Mozilla\Firefox\Profiles\rzo4dl8b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-28]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Google Drive) - C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (YouTube) - C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Google Search) - C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (Google Wallet) - C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR Extension: (Gmail) - C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-13] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-13] (Avast Software)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-05-24] (BitRaider, LLC)
S3 DAUpdaterSvc; C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [919184 2015-06-17] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1848168 2015-03-30] (LogMeIn Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [583680 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [637912 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-03-30] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MSI_SuperCharger; C:\Program Files\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 MSI_Trigger_Service; C:\Program Files\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20694160 2015-06-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-10-05] ()
R2 Razer Game Scanner Service; C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-10] ()
R2 RzKLService; C:\Program Files\Razer\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.)
S4 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S4 AntiVirWebService; "C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe" [X]
S2 Avira.OE.ServiceHost; "C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-13] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-06-28] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-13] ()
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 ipadtst; C:\Program Files\MSI\Super-Charger\ipadtst.sys [14576 2013-02-04] (Windows (R) 2000 DDK provider)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [40936 2013-02-13] ()
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-04-26] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [361968 2013-04-26] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [793072 2013-04-26] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [56432 2013-01-11] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files\MSI\Super-Charger\NTIOLib.sys [14392 2012-10-26] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [41648 2015-06-17] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [20416 2015-03-10] (Razer, Inc.)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2012-07-31] (Screaming Bee LLC)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181432 2012-02-24] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-13] (Avast Software)
S3 BRDriver_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-09 15:46 - 2015-07-09 15:46 - 01636352 _____ (Farbar) C:\Users\King Haze\Downloads\FRST.exe
2015-07-09 15:46 - 2015-07-09 15:46 - 00017525 _____ C:\Users\King Haze\Downloads\FRST.txt
2015-07-09 15:46 - 2015-07-09 15:46 - 00000000 ____D C:\FRST
2015-07-09 15:40 - 2015-07-09 15:40 - 00008728 _____ C:\Users\King Haze\Downloads\hijackthis.log
2015-07-09 15:37 - 2015-07-09 15:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\King Haze\Downloads\HiJackThis204.exe
2015-07-09 15:37 - 2015-07-09 15:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\King Haze\Downloads\HiJackThis204(1).exe
2015-07-09 14:57 - 2015-07-09 14:57 - 00000000 ____D C:\Users\King Haze\Desktop\VirusMalwareCheck
2015-07-09 05:31 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-09 05:19 - 2015-01-09 01:44 - 00419936 _____ C:\Windows\system32\locale.nls
2015-07-09 05:13 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-07-09 04:56 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-07-09 04:56 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-07-09 04:56 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-07-09 04:56 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-07-09 04:33 - 2015-07-09 04:47 - 00000000 ____D C:\Windows\system32\MRT
2015-07-09 04:33 - 2015-05-27 00:03 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-09 04:26 - 2015-07-09 04:26 - 00000000 ____D C:\Program Files\Microsoft ASP.NET
2015-07-09 04:14 - 2014-10-14 03:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-07-09 04:14 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-07-09 04:14 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-07-09 04:14 - 2014-07-17 03:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-07-09 04:14 - 2014-07-17 03:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-07-09 04:14 - 2014-07-17 03:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-07-09 04:14 - 2014-07-17 03:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-07-09 04:14 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-07-09 04:13 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-09 04:13 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-07-09 04:13 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-07-09 04:13 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-09 04:13 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-07-09 04:13 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-07-09 04:13 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-07-09 04:12 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-09 04:12 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-09 04:12 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-09 04:12 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-09 04:12 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-09 04:12 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-07-09 04:12 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-07-09 04:12 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-07-09 04:12 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-07-09 04:12 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-07-09 04:12 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-07-09 04:12 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-07-09 04:12 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-07-09 04:12 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-07-09 04:12 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-07-09 04:12 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-07-09 04:12 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-07-09 04:12 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-07-09 04:12 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-07-09 04:12 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-07-09 04:12 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-07-09 04:12 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-09 04:11 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-09 04:11 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-09 04:11 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-07-09 04:11 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-09 04:11 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-07-09 04:11 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-09 04:11 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-09 04:10 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-07-09 04:10 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-07-09 04:10 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-07-09 04:10 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-07-09 04:10 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-07-09 04:10 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-07-09 04:10 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-07-09 04:10 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-07-09 04:10 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-07-09 04:10 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-07-09 04:10 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-07-09 04:10 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-07-09 04:10 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-07-09 04:09 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-07-09 04:09 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-09 04:09 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-09 04:09 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-09 04:09 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-09 04:09 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-07-09 04:09 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-09 04:09 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-09 04:09 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-09 04:09 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-07-09 04:09 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-09 04:09 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-07-09 04:09 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-09 04:09 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-09 04:09 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-07-09 04:09 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-09 04:09 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-09 04:09 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-07-09 04:09 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-07-09 04:09 - 2014-12-19 04:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-09 04:09 - 2014-12-11 19:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-09 04:09 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-07-09 04:09 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-07-09 04:08 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-09 04:08 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-09 04:08 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-09 04:07 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-07-09 04:07 - 2014-11-11 03:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-07-09 04:07 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-07-09 04:07 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-07-09 04:07 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-07-09 04:07 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-07-09 04:07 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-07-09 04:07 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-07-09 04:07 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-07-09 04:07 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-07-09 04:07 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-07-09 04:07 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-07-09 04:07 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-07-09 04:07 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-07-09 04:07 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-07-09 04:07 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-07-09 04:07 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-07-09 04:07 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-07-09 04:07 - 2013-11-27 03:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-07-09 04:07 - 2013-11-27 03:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-07-09 04:07 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-07-09 04:06 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-09 04:06 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-09 04:05 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-09 04:05 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-09 04:05 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-09 04:05 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-09 04:05 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-07-09 04:05 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-07-09 04:05 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-09 04:05 - 2014-12-19 03:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-07-09 04:05 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-07-09 04:05 - 2014-12-06 05:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-07-09 04:05 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-07-09 04:05 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-09 04:05 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-07-09 04:05 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-09 04:05 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-09 04:05 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-07-09 04:05 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-07-09 03:58 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-09 03:58 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-07-09 03:58 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-07-09 03:58 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-07-09 03:58 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-07-09 03:58 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-07-09 03:58 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-07-09 03:58 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-09 03:58 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-07-09 03:58 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-09 03:58 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-07-09 03:58 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-07-09 03:58 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-07-09 03:58 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-07-09 03:56 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-07-09 03:56 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-07-09 03:50 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-07-09 03:50 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-07-09 03:50 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-07-09 03:50 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-07-09 03:50 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-07-09 03:37 - 2015-07-09 03:37 - 00347816 _____ (Microsoft Corporation) C:\Users\King Haze\Downloads\MicrosoftFixit.wu.LB.146359835153723920.2.1.Run.exe
2015-07-09 03:31 - 2015-07-09 03:31 - 00717733 _____ C:\Users\King Haze\Downloads\pcwUpdateRepair.exe
2015-07-09 03:31 - 2015-07-09 03:31 - 00000130 _____ C:\Descriptors.txt
2015-07-09 02:54 - 2015-07-09 02:55 - 15624032 _____ (FinalWire Ltd. ) C:\Users\King Haze\Downloads\aida64extreme520.exe
2015-07-09 02:47 - 2015-07-09 02:47 - 00000000 ____D C:\Users\King Haze\Downloads\Windows 7 loader bY Deki
2015-07-09 02:35 - 2015-07-09 12:00 - 00000000 ____D C:\Program Files\Cortex
2015-07-09 02:34 - 2015-07-09 02:35 - 00000000 ____D C:\ProgramData\12947541618424808863
2015-07-09 02:33 - 2015-07-09 02:37 - 00000000 ____D C:\ProgramData\{7d844150-04ba-d93b-7d84-4415004b0540}
2015-07-08 18:07 - 2015-07-08 18:07 - 00047340 _____ C:\Users\King Haze\Downloads\outc1der_cfg_12.04.15.txt
2015-07-08 14:58 - 2015-07-08 14:59 - 00000000 ____D C:\Users\King Haze\AppData\Local\NVIDIA Corporation
2015-07-08 14:56 - 2015-07-09 15:01 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-08 14:56 - 2015-07-08 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-08 14:56 - 2015-06-17 11:06 - 01320304 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2015-07-08 14:56 - 2015-06-17 11:06 - 01316000 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge.dll
2015-07-08 14:56 - 2015-06-17 08:38 - 00571024 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe
2015-07-08 14:55 - 2015-06-17 11:06 - 00105104 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-08 14:55 - 2015-06-17 08:51 - 04385608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-07-08 14:55 - 2015-06-17 08:51 - 03019920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2015-07-08 14:55 - 2015-06-17 08:51 - 02554512 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-07-08 14:55 - 2015-06-17 08:51 - 00670864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-07-08 14:55 - 2015-06-17 08:51 - 00374928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-07-08 14:55 - 2015-06-17 08:51 - 00061584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-07-08 14:55 - 2015-06-02 14:07 - 04421614 _____ C:\Windows\system32\nvcoproc.bin
2015-07-08 14:54 - 2015-07-08 14:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-08 14:54 - 2015-06-17 11:06 - 37748880 _____ C:\Windows\system32\nvcompiler.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 22947144 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 15224784 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 13263248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 12855224 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 11831856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 09129800 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-08 14:54 - 2015-06-17 11:06 - 02997544 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 02599568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 01049232 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3235330.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00982856 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00974992 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00938568 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00921448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00912528 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3235330.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00407296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00364176 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00171352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2015-07-08 14:54 - 2015-06-17 11:06 - 00155280 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00057520 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00041648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2015-07-08 14:54 - 2015-06-17 11:06 - 00037208 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00026142 _____ C:\Windows\system32\nvinfo.pb
2015-07-08 14:40 - 2015-07-08 15:00 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-07-08 14:25 - 2015-07-08 14:25 - 00000000 ____D C:\Users\King Haze\Downloads\[Guru3D.com]-DDU
2015-07-08 14:24 - 2015-07-08 14:24 - 01118829 _____ C:\Users\King Haze\Downloads\[Guru3D.com]-DDU.zip
2015-07-07 21:54 - 2015-07-07 21:56 - 227885392 _____ (NVIDIA Corporation) C:\Users\King Haze\Downloads\353.30-desktop-win8-win7-winvista-32bit-international-whql.exe
2015-07-07 19:35 - 2015-07-07 20:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-18 13:39 - 2015-06-18 13:39 - 00004233 _____ C:\Users\King Haze\Downloads\Backpack Mod-3800-1-0.zip
2015-06-18 13:39 - 2015-06-18 13:39 - 00000000 ____D C:\Users\King Haze\Downloads\Backpack Mod-3800-1-0
2015-06-18 13:30 - 2015-06-18 13:30 - 00201563 _____ C:\Users\King Haze\Downloads\Rune Expansion Pack 1-5-2655-1-5.zip
2015-06-18 13:30 - 2015-06-18 13:30 - 00000000 ____D C:\Users\King Haze\Downloads\Rune Expansion Pack 1-5-2655-1-5
2015-06-18 13:26 - 2015-06-18 13:26 - 00000000 ____D C:\Users\King Haze\Downloads\Morozik75 Arsenal Final-2845-1
2015-06-18 13:23 - 2015-06-18 13:23 - 00000000 ____D C:\Users\King Haze\Downloads\Diversified Follower Armors-2645-0-95b
2015-06-18 13:20 - 2015-06-18 13:20 - 24167540 _____ C:\Users\King Haze\Downloads\Diversified Follower Armors-2645-0-95b.zip
2015-06-18 13:16 - 2015-06-18 13:19 - 118681488 _____ C:\Users\King Haze\Downloads\Morozik75 Arsenal Final-2845-1.7z
2015-06-18 13:14 - 2015-06-18 13:14 - 00000000 ____D C:\Users\King Haze\Downloads\Aveline_Classic-2522
2015-06-18 13:12 - 2015-06-18 13:12 - 00031783 _____ C:\Users\King Haze\Downloads\Aveline_Classic-2522.zip
2015-06-18 13:10 - 2015-06-18 13:10 - 00049102 _____ C:\Users\King Haze\Downloads\Valuable_Junkv20-2453-v2-0.zip
2015-06-18 13:10 - 2015-06-18 13:10 - 00000000 ____D C:\Users\King Haze\Downloads\Valuable_Junkv20-2453-v2-0
2015-06-18 13:04 - 2015-06-18 13:04 - 00000000 ____D C:\Users\King Haze\Downloads\Dragon Age II ReDesigned-2659
2015-06-18 13:03 - 2015-06-18 13:03 - 00000000 ____D C:\Users\King Haze\Downloads\Nightmare Tweaked Normal Realistic-2194-1
2015-06-18 12:59 - 2015-06-18 13:00 - 04886657 _____ C:\Users\King Haze\Downloads\gff4editor-1.0.7z
2015-06-18 12:54 - 2015-06-18 12:54 - 00000000 ____D C:\Users\King Haze\Downloads\13c-2145-1-3c
2015-06-18 12:53 - 2015-06-18 12:53 - 00000000 ____D C:\Users\King Haze\Downloads\NoGibbing102-2363-1-02
2015-06-18 12:50 - 2015-06-18 12:50 - 00000000 ____D C:\Users\King Haze\Downloads\Hide ALL except Bow and Quiver-2150
2015-06-18 12:49 - 2015-06-18 12:49 - 00000000 ____D C:\Users\King Haze\Downloads\Complete Zip - Autorun and Highlight-2266-1-0
2015-06-18 12:46 - 2015-06-18 12:46 - 00001225 _____ C:\Users\Public\Desktop\Dragon Age 2.lnk
2015-06-18 12:45 - 2015-06-18 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age 2
2015-06-18 12:34 - 2015-06-18 12:34 - 00000000 ____D C:\Program Files\Electronic Arts
2015-06-14 12:09 - 2015-06-18 13:36 - 00000000 ____D C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch
2015-06-14 12:07 - 2015-06-14 12:09 - 21666348 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part09.rar
2015-06-14 11:58 - 2015-06-14 12:06 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part08.rar
2015-06-14 11:50 - 2015-06-14 11:58 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part07.rar
2015-06-14 11:42 - 2015-06-14 11:49 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part06.rar
2015-06-14 11:33 - 2015-06-14 11:41 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part05.rar
2015-06-14 11:25 - 2015-06-14 11:33 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part04.rar
2015-06-14 11:16 - 2015-06-14 11:24 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part03.rar
2015-06-14 11:07 - 2015-06-14 11:15 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part02.rar
2015-06-14 10:53 - 2015-06-14 10:59 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part01.rar
2015-06-13 14:30 - 2015-06-13 14:30 - 01474970 _____ C:\Users\King Haze\Downloads\Sunnies Item Packs 1-5-2510-1-0.zip
2015-06-13 14:26 - 2015-06-13 14:28 - 161635322 _____ C:\Users\King Haze\Downloads\Dragon Age II ReDesigned-2659.rar
2015-06-13 14:17 - 2015-06-13 14:17 - 00000632 _____ C:\Users\King Haze\Downloads\Nightmare Tweaked Normal Realistic-2194-1.rar
2015-06-13 14:12 - 2015-06-13 14:12 - 01153958 _____ C:\Users\King Haze\Downloads\13c-2145-1-3c.rar
2015-06-13 14:09 - 2015-06-13 14:09 - 00011636 _____ C:\Users\King Haze\Downloads\NoGibbing102-2363-1-02.zip
2015-06-13 14:08 - 2015-06-13 14:08 - 00002028 _____ C:\Users\King Haze\Downloads\Hide ALL except Bow and Quiver-2150.rar
2015-06-13 14:06 - 2015-06-13 14:06 - 00609798 _____ C:\Users\King Haze\Downloads\Complete Zip - Autorun and Highlight-2266-1-0.zip
2015-06-11 20:53 - 2015-06-11 20:53 - 00001983 _____ C:\Users\King Haze\Desktop\JDownloader.lnk
2015-06-11 20:52 - 2015-06-12 13:58 - 00000000 ____D C:\Program Files\JDownloader
2015-06-11 20:52 - 2015-06-11 20:52 - 00001947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-06-11 20:52 - 2015-06-11 20:52 - 00001891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-06-11 20:52 - 2015-06-11 20:52 - 00001870 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-09 15:45 - 2013-12-28 23:04 - 00000000 ____D C:\Users\King Haze\AppData\Roaming\TS3Client
2015-07-09 15:20 - 2013-12-28 21:00 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-09 15:20 - 2013-12-28 21:00 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-09 15:20 - 2013-12-28 21:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-09 15:18 - 2013-12-28 20:52 - 01641006 _____ C:\Windows\WindowsUpdate.log
2015-07-09 15:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-09 15:13 - 2010-11-20 23:01 - 01625030 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-09 15:09 - 2009-07-14 06:34 - 00033632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-09 15:09 - 2009-07-14 06:34 - 00033632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-09 15:01 - 2014-01-19 17:22 - 00000000 ____D C:\Users\King Haze\AppData\Local\LogMeIn Hamachi
2015-07-09 15:01 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-09 15:01 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-09 15:01 - 2009-07-14 06:39 - 00109276 _____ C:\Windows\setupact.log
2015-07-09 15:00 - 2010-11-20 23:48 - 00412454 _____ C:\Windows\PFRO.log
2015-07-09 14:59 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Resources
2015-07-09 14:48 - 2014-04-06 03:27 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2015-07-09 14:39 - 2009-07-14 06:33 - 00287312 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-09 09:31 - 2010-11-21 02:47 - 00000000 ____D C:\Program Files\Windows Journal
2015-07-09 09:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-07-09 09:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-08 15:00 - 2014-04-15 06:20 - 00000000 ____D C:\Users\King Haze\AppData\Local\NVIDIA
2015-07-08 14:57 - 2014-04-15 06:22 - 00001335 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-08 14:56 - 2013-12-28 21:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-08 14:55 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help
2015-07-08 14:54 - 2015-06-01 16:23 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-08 14:39 - 2009-07-14 04:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-07-08 14:35 - 2014-01-30 23:03 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2015-07-07 21:48 - 2013-12-28 21:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-06 12:34 - 2011-03-17 04:15 - 00207239 _____ C:\Users\King Haze\Desktop\autorun_tab_toggle.exe
2015-06-30 15:58 - 2014-08-16 17:06 - 00000000 ____D C:\Users\King Haze\AppData\Local\Adobe
2015-06-30 15:58 - 2013-12-28 21:00 - 00000000 ____D C:\Users\King Haze\AppData\Roaming\Adobe
2015-06-28 17:05 - 2014-09-26 21:25 - 00428120 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-23 13:27 - 2014-01-03 08:46 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-18 13:50 - 2015-05-28 14:32 - 00000000 ____D C:\Users\King Haze\Documents\BioWare
2015-06-16 07:16 - 2014-02-02 10:26 - 00000000 ____D C:\Users\King Haze\Desktop\TXT
2015-06-14 10:52 - 2015-05-28 15:16 - 00000000 ____D C:\Users\King Haze\Downloads\Dragon Age Origins - Deutsche Texte
2015-06-11 22:35 - 2014-01-08 15:05 - 00000000 ____D C:\Users\King Haze\AppData\Roaming\uTorrent

==================== Files in the root of some directories =======

2014-08-27 17:52 - 2014-08-27 17:52 - 0000789 _____ () C:\Users\King Haze\AppData\Roaming\MPQEditor.ini
2013-12-31 00:36 - 2014-10-05 01:05 - 0138056 _____ () C:\Users\King Haze\AppData\Roaming\PnkBstrK.sys
2006-12-11 20:13 - 2006-12-11 20:13 - 0097336 _____ (Un4seen Developments) C:\Users\King Haze\AppData\Local\bass.dll
2006-12-11 20:13 - 2006-12-11 20:13 - 0013872 _____ (Un4seen Developments) C:\Users\King Haze\AppData\Local\basscd.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 0102912 _____ (Albert L Faber) C:\Users\King Haze\AppData\Local\CDRip.dll
2014-06-01 06:50 - 2014-06-01 06:50 - 0003584 _____ () C:\Users\King Haze\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-08-13 18:46 - 2007-08-13 18:46 - 0155136 _____ () C:\Users\King Haze\AppData\Local\lame_enc.dll
2007-01-18 22:09 - 2007-01-18 22:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\King Haze\AppData\Local\No23 Recorder.exe
2005-08-23 23:34 - 2005-08-23 23:34 - 0029184 _____ () C:\Users\King Haze\AppData\Local\no23xwrapper.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 0015872 _____ () C:\Users\King Haze\AppData\Local\ogg.dll
2015-01-12 14:29 - 2015-05-13 22:07 - 0001527 _____ () C:\Users\King Haze\AppData\Local\RecConfig.xml
2015-05-31 00:01 - 2015-05-31 00:01 - 0007605 _____ () C:\Users\King Haze\AppData\Local\Resmon.ResmonCfg
2006-10-26 02:06 - 2006-10-26 02:06 - 0143872 _____ () C:\Users\King Haze\AppData\Local\vorbis.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 0064000 _____ () C:\Users\King Haze\AppData\Local\vorbisenc.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 0019456 _____ () C:\Users\King Haze\AppData\Local\vorbisfile.dll

Some files in TEMP:
====================
C:\Users\King Haze\AppData\Local\Temp\130785220979674000.exe
C:\Users\King Haze\AppData\Local\Temp\13078522103129695320.exe
C:\Users\King Haze\AppData\Local\Temp\27fff54a706caf16275619fa9b79269c.dll
C:\Users\King Haze\AppData\Local\Temp\BRSVC_13799536_hlp.exe
C:\Users\King Haze\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\King Haze\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-04 00:42

==================== End of log ============================
__________________
Alt 09.07.2015, 14:51   #4
Chillzz
 
Malware durch dubiosen Downloader (Lightning Downloader) - Standard

Malware durch dubiosen Downloader (Lightning Downloader)


Addition.txt:

Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x86) Version: 05-07-2015
Ran by King Haze at 2015-07-09 15:47:09
Running from C:\Users\King Haze\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2290024371-3984154701-145341786-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2290024371-3984154701-145341786-1003 - Limited - Enabled)
Gast (S-1-5-21-2290024371-3984154701-145341786-501 - Limited - Disabled)
King Haze (S-1-5-21-2290024371-3984154701-145341786-1000 - Administrator - Enabled) => C:\Users\King Haze

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«The Walking Dead»  1.0.0.23 (HKLM\...\The Walking Dead_is1) (Version: 1.0.0.23 - Telltale Games)
µTorrent (HKU\S-1-5-21-2290024371-3984154701-145341786-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
AION Free-to-Play (HKLM\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version:  - Gameforge)
Alien Isolation (HKLM\...\Alien Isolation_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Alien Swarm (HKLM\...\Steam App 630) (Version:  - Valve)
Assassins Creed IV Black Flag (HKLM\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Autumn Aurora 2 for S.T.A.L.K.E.R - Shadow of Chernobyl (HKLM\...\Autumn Aurora 2.1_is1) (Version:  - )
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Avira (HKLM\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Batman: Arkham City™ GOTY (HKLM\...\GFWL_{57520FA0-DF38-46A1-8046-3B1000008500}) (Version: 1.0.0000.133 - WB Games)
Batman: Arkham City™ GOTY (Version: 1.0.0000.133 - WB Games) Hidden
Battle for Wesnoth 1.10.4 (HKLM\...\Battle for Wesnoth 1.10.4) (Version: 1.10.4 - )
Battle for Wesnoth 1.12.2 (HKLM\...\Battle for Wesnoth 1.12.2) (Version: 1.12.2 - )
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
BitRaider Streaming Client (HKLM\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blacklight: Retribution (HKLM\...\Steam App 209870) (Version:  - Zombie, Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
BOSS (HKLM\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
CLEO 4.3 (HKLM\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Company of Heroes - FAKEMSI (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM\...\Company of Heroes) (Version: 2.0.0.1 - THQ Inc.)
Deus.Ex.Human.Revolution.Directors.Cut (HKLM\...\RGV1c0V4SHVtYW5SZXZvbHV0aW9uRGlyZWN0b3JzQ3V0_is1) (Version: 1 - )
Dirty Bomb (HKLM\...\Steam App 333930) (Version:  - Splash Damage®)
DNDownloader version 1.2 (HKLM\...\DNDownloader_is1) (Version: 1.2 - )
Don't Starve (HKLM\...\GOGPACKDONTSTARVE_is1) (Version: 2.7.0.16 - GOG.com)
Dragon Age 2 (HKLM\...\{94C4C4F4-56FB-4032-908D-826220CBB97F}_is1) (Version: 1.04 - Bioware)
Dragon Age: Origins (HKLM\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.04 - Electronic Arts, Inc.)
Dragonball Xenoverse (HKLM\...\Dragonball Xenoverse_is1) (Version:  - )
Dual-Core Optimizer (HKLM\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dxtory version 2.0.126 (HKLM\...\Dxtory2.0_is1) (Version: 2.0.126 - ExKode Co. Ltd.)
EpicGear Meduza HDST Mouse (HKLM\...\InstallShield_{D348D476-3A04-4AA0-B094-954138A844CF}) (Version: 1.00.0000 - Epicgear)
Fallout Mod Manager 0.13.21 (HKLM\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout New Vegas (HKLM\...\{219ED5A0-9CBF-4F3A-B927-37C9E5C5F14F}_is1) (Version: 1.4.0.525 - Bethesda Softworks)
Far Cry 3 (HKLM\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.04 - Ubisoft)
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Free YouTube to MP3 Converter version 3.12.56.301 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.56.301 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.7 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.7 - Gameforge)
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hitman Absolution (HKLM\...\Hitman Absolution_is1) (Version:  - )
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
LOOT (HKLM\...\LOOT) (Version: 0.6.0 - LOOT Development Team)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Meduza HDST Mouse (Version: 1.00.0000 - Epicgear) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft1.7.2 (HKLM\...\Minecraft1.7.2) (Version:  - )
Mozilla Firefox 39.0 (x86 de) (HKLM\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.51.0 - Black Tree Gaming)
No23 Recorder (HKLM\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Outlast: Whistleblower (HKLM\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5875) (Version:  - )
Planescape Torment (HKLM\...\Planescape Torment_is1) (Version:  - GOG.com)
PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-2290024371-3984154701-145341786-1000\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Cortex (HKLM\...\Razer Cortex_is1) (Version: 5.4.15.0 - Razer Inc.)
RE_BH 6 AIO [W.B] (Version: 1.0 - Warlord Blade) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ)
S.T.A.L.K.E.R.: Lost Alpha version 1.3003 (HKLM\...\S.T.A.L.K.E.R.: Lost Alpha_is1) (Version: 1.3003 - dezowave)
Saints Row IV (HKLM\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.4.0 - SAMSUNG Electronics Co., Ltd.)
Samsung_MonSetup (HKLM\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Star Wars The Old Republic (HKLM\...\swtor_swtor) (Version: 8.0.0.21 - Bioware/EA)
Star Wars: The Old Republic (HKLM\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Stranded II 1.0.0.1 (HKLM\...\{CE0900ED-C76A-40C0-8DB4-0F68D825B283}_is1) (Version:  - Unreal Software)
Super-Charger (HKLM\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.018 - MSI)
System Requirements Lab CYRI (HKLM\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Walking Dead - Season 2 (HKLM\...\The Walking Dead - Season 2_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Thunder Master v1.9 (HKLM\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.9.7.4 - Palit Microsystems Ltd.)
TP-LINK TL-WN781ND Driver (HKLM\...\{87C7B472-9BC2-43C8-9F03-86D2908E1A51}) (Version: 1.3.1 - TP-LINK)
Tunngle beta (HKLM\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Unity Web Player (HKU\S-1-5-21-2290024371-3984154701-145341786-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
VGA Boost (HKLM\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.5 - MSI)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Warcraft III eSK 1.26.0.6401 (HKLM\...\Warcraft III eSK 1.26.0.6401) (Version:  - )
Warcraft III Reign of Chaos & The Frozen Throne (HKLM\...\Warcraft III Reign of Chaos & The Frozen Throne) (Version:  - )
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
Winamp (HKLM\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
YAWLE 0.5b (HKLM\...\Yawle_0.3b) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2290024371-3984154701-145341786-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
CustomCLSID: HKU\S-1-5-21-2290024371-3984154701-145341786-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\King Haze\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)

==================== Restore Points =========================

18-05-2015 14:33:50 Installed StuffIt Expander 2011.
18-05-2015 14:37:09 Removed StuffIt Expander 2011.
18-05-2015 15:47:35 NVIDIA PhysX wird entfernt
21-05-2015 19:40:33 DirectX wurde installiert
23-05-2015 23:08:37 DirectX wurde installiert
23-05-2015 23:20:40 DirectX wurde installiert
24-05-2015 22:34:08 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
24-05-2015 22:34:50 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
28-05-2015 14:04:21 Gerätetreiber-Paketinstallation: Elaborate Bytes AG Speichercontroller
28-05-2015 14:30:58 DirectX wurde installiert
28-05-2015 14:52:49 Entfernt Grand Theft Auto Vice City
04-06-2015 19:57:58 Geplanter Prüfpunkt
11-06-2015 21:25:20 Geplanter Prüfpunkt
19-06-2015 12:57:17 Geplanter Prüfpunkt
30-06-2015 16:29:25 Geplanter Prüfpunkt
07-07-2015 22:26:20 Geplanter Prüfpunkt
08-07-2015 14:27:35 Pre-NVIDIA Treiberinstallation
08-07-2015 14:34:26 Removed NVIDIA PhysX
08-07-2015 14:49:16 DDU System Restored Point
09-07-2015 04:16:12 Windows Update
09-07-2015 08:05:27 Windows Defender Checkpoint
09-07-2015 15:09:46 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E2282BC-E8DB-4833-BA6D-E00C3BF928DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09] (Adobe Systems Incorporated)
Task: {9B19FECE-81EF-4152-899C-843497C6E687} - System32\Tasks\ThunderMaster => C:\Program Files\Thunder Master\THPanel.exe [2013-10-17] (Palit Microsystems Ltd.)
Task: {A12C1782-AEE2-4924-8382-09F77582A172} - System32\Tasks\{0673662D-D139-4954-8D14-B63BA1BC66CE} => pcalua.exe -a "C:\Users\King Haze\Downloads\dxwebsetup(1).exe" -d "C:\Users\King Haze\Downloads"
Task: {B50E7B45-11F0-43BE-9538-2DC28B8AB37D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {B97A232A-E607-48FF-BCE6-E1EBFC45F358} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {CB357DDA-1DBD-4048-A727-30403449E685} - System32\Tasks\{F255CCAF-9B4E-494F-AD7F-FD8AFEEEA648} => pcalua.exe -a "C:\Program Files\MonitorDriver\MonSetup.exe" -d "C:\Users\King Haze\Desktop"
Task: {D2297DAC-AA39-4F61-9113-D2534373015E} - System32\Tasks\{98C6A655-E96E-44C4-90FC-1670DE772DB2} => pcalua.exe -a "C:\Users\King Haze\Downloads\NewSRInstaller-v1.1-MadeByChewbacca-YurixyWorks\New Summoners Rift Installer.exe" -d "C:\Users\King Haze\Downloads\NewSRInstaller-v1.1-MadeByChewbacca-YurixyWorks"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-13 15:17 - 2015-05-13 15:17 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-13 15:17 - 2015-05-13 15:17 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-09 14:40 - 2015-07-09 14:40 - 02955776 _____ () C:\Program Files\AVAST Software\Avast\defs\15070901\algo.dll
2015-07-08 14:55 - 2015-06-17 08:51 - 00106128 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-01-08 22:37 - 2014-10-05 12:09 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-03-10 19:20 - 2015-03-10 19:20 - 00187072 _____ () C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
2015-07-08 14:56 - 2015-06-17 11:06 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2015-03-26 16:47 - 2015-03-26 16:47 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-28 21:34 - 2013-05-17 01:05 - 01199576 ____R () C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-07-20 17:20 - 2015-04-16 19:40 - 00776192 _____ () D:\Program Files\Steam\SDL2.dll
2015-04-04 00:49 - 2015-04-23 04:16 - 04962816 _____ () D:\Program Files\Steam\v8.dll
2015-04-04 00:49 - 2015-04-23 04:16 - 01556992 _____ () D:\Program Files\Steam\icui18n.dll
2015-04-04 00:49 - 2015-04-23 04:16 - 01187840 _____ () D:\Program Files\Steam\icuuc.dll
2014-07-20 17:20 - 2015-06-04 20:56 - 02407104 _____ () D:\Program Files\Steam\video.dll
2014-08-29 01:35 - 2014-12-01 23:31 - 02396672 _____ () D:\Program Files\Steam\libavcodec-56.dll
2014-08-29 01:35 - 2014-12-01 23:31 - 00442880 _____ () D:\Program Files\Steam\libavutil-54.dll
2014-08-29 01:35 - 2014-12-01 23:31 - 00479744 _____ () D:\Program Files\Steam\libavformat-56.dll
2014-08-29 01:35 - 2014-12-01 23:31 - 00332800 _____ () D:\Program Files\Steam\libavresample-2.dll
2014-08-29 01:35 - 2014-12-01 23:31 - 00485888 _____ () D:\Program Files\Steam\libswscale-3.dll
2014-07-20 17:20 - 2015-06-04 20:56 - 00703168 _____ () D:\Program Files\Steam\bin\chromehtml.DLL
2014-07-20 17:20 - 2015-05-11 21:01 - 36302728 _____ () D:\Program Files\Steam\bin\libcef.dll
2015-05-16 14:35 - 2015-05-11 21:01 - 08958344 _____ () D:\Program Files\Steam\bin\pdf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\Users\King Haze\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\King Haze\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\King Haze\AppData\Roaming:NT
AlternateDataStreams: C:\Users\King Haze\AppData\Roaming:NT2

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2290024371-3984154701-145341786-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: TunngleService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup
MSCONFIG\startupreg: Avira Systray => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GarenaPlus => "C:\Program Files\Garena Plus\GarenaMessenger.exe" -autolaunch
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: uTorrent => "C:\Users\King Haze\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{95E47FEA-A545-461B-B87E-70D896E4B644}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9E14CF60-1F97-485E-92DB-7BBF4C5178B4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{66A5FE03-F7AD-4113-8A55-158F4A57E412}] => (Allow) D:\Programme\Winamp\winamp.exe
FirewallRules: [{7A7A5404-DDA0-4425-B89B-0AF311E8B1F6}] => (Allow) D:\Programme\Winamp\winamp.exe
FirewallRules: [{47D110E2-A70F-420D-B30D-372F12D98046}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{EE5B334E-A5CE-4F5F-8E59-E215B132ECC4}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{EA6619CE-B85F-4345-90EB-B87D3DCC27B2}] => (Allow) D:\Program Files\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2D7C67BD-548F-4118-AA9E-335ED7C626B6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{07870B6F-6C3B-4726-A180-BB33C92A44E6}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{B62DAF84-16F6-47E2-BCBA-CF5A10A90326}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{41F32E1D-9161-4128-A5FD-5DFB681AC32E}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{41BEF963-2E94-4E7F-B8F2-80FCCDAFDDF8}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [TCP Query User{3582609C-C5F5-4D78-A9C4-08F48A01A61A}D:\program files\wolfenstein - enemy territory\et.exe] => (Allow) D:\program files\wolfenstein - enemy territory\et.exe
FirewallRules: [UDP Query User{AD6CA884-4F55-494F-96D6-A2794C8D1AEA}D:\program files\wolfenstein - enemy territory\et.exe] => (Allow) D:\program files\wolfenstein - enemy territory\et.exe
FirewallRules: [TCP Query User{C23BAA7C-D1EA-4669-9A90-A27D43EEAA6B}D:\program files\wolfenstein - enemy territory\etded.exe] => (Allow) D:\program files\wolfenstein - enemy territory\etded.exe
FirewallRules: [UDP Query User{6A38650B-4FE4-4519-BCDB-8B7CC9F33BA8}D:\program files\wolfenstein - enemy territory\etded.exe] => (Allow) D:\program files\wolfenstein - enemy territory\etded.exe
FirewallRules: [TCP Query User{513FF0BE-06EE-4CFA-ADC7-599F93858D45}D:\program files\tera\tera-launcher.exe] => (Allow) D:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{BC9C7890-815A-4FB2-A88C-19F3A5AEEEA3}D:\program files\tera\tera-launcher.exe] => (Allow) D:\program files\tera\tera-launcher.exe
FirewallRules: [{F4932AEA-5215-4162-B470-01A86CC9B321}] => (Allow) C:\Users\King Haze\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{78C9CD19-E81F-4123-BCF1-9DF5552388FF}] => (Allow) C:\Users\King Haze\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{32E6557B-3D9E-4379-97D6-FB41571A60E6}] => (Allow) D:\Program Files\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{D22DC451-512C-4844-AAB5-C44D0D01FE20}] => (Allow) D:\Program Files\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{120008A2-B0A4-4EAD-9C19-13B92D911F84}] => (Allow) D:\Program Files\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{D8D415BA-6160-42F7-B35A-68370FF7D071}] => (Allow) D:\Program Files\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{58D38450-3B17-4ACB-8796-21AF1C2E77BD}] => (Allow) D:\Program Files\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{C90067C7-226B-4150-850E-6215F19A90E3}] => (Allow) D:\Program Files\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{1DCE4A5B-2489-4311-8D55-E5BDF63B32B1}] => (Allow) D:\Program Files\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{BD70F1AE-1302-41BE-9E8B-DEB9E476F983}] => (Allow) D:\Program Files\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [TCP Query User{ABC50C0B-2D8C-40FD-91FF-FE94423F67CF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C7B6140F-BFE1-4BA0-B4A7-88E38CD9D17E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{67CC9BC4-1BD1-42EC-BA0F-2D39534820D6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{2D54F044-2D62-41A0-9D9D-2DC922127EE7}] => (Allow) D:\Program Files\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{07E11687-362B-4A89-A734-265A8CF804B9}D:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) D:\program files\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{8D83B17D-1F98-41C0-94E6-146364DC5C61}D:\program files\steam\steamapps\common\cry of fear\cof.exe] => (Allow) D:\program files\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{7D76562B-1476-43D3-AC4D-6B27C3DBF000}] => (Allow) D:\Program Files\Steam\SteamApps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{2B69FB67-543D-4450-8F75-E0A3F737AFF3}] => (Allow) D:\Program Files\Steam\SteamApps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{3C246ED7-247C-4262-9276-AB1EA567CF67}] => (Allow) D:\Program Files\Steam\SteamApps\common\Stronghold Kingdoms\StrongholdKingdoms.exe
FirewallRules: [{DEE2C92A-4BB6-4DF3-BEF6-2AE20D85C632}] => (Allow) D:\Program Files\Steam\SteamApps\common\Stronghold Kingdoms\StrongholdKingdoms.exe
FirewallRules: [TCP Query User{88AB30FB-8C38-4D6A-B6E7-48CD2CEA2B63}D:\program files\saints row iv\saintsrowiv.exe] => (Allow) D:\program files\saints row iv\saintsrowiv.exe
FirewallRules: [UDP Query User{FEA7CCCE-1F4D-4912-80B8-E151B2228AFF}D:\program files\saints row iv\saintsrowiv.exe] => (Allow) D:\program files\saints row iv\saintsrowiv.exe
FirewallRules: [TCP Query User{E87269CC-0B9C-4611-9C73-DF9D36EE4D2A}D:\programme\outlast\outlast\binaries\win32\olgame.exe] => (Allow) D:\programme\outlast\outlast\binaries\win32\olgame.exe
FirewallRules: [UDP Query User{72B842FA-D136-4755-B36E-6E2A4D26DEF2}D:\programme\outlast\outlast\binaries\win32\olgame.exe] => (Allow) D:\programme\outlast\outlast\binaries\win32\olgame.exe
FirewallRules: [{AD0CF430-3F73-4C87-B5F9-7899263B4996}] => (Allow) D:\Program Files\Steam\SteamApps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{DC72BEBE-DA5B-42B3-8AB1-A8E4710993AE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{0C15305F-5941-483D-96D3-67303F98BBC6}] => (Allow) D:\Program Files\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{E8C55275-7DF1-45DA-879A-554E034DB355}] => (Allow) D:\Program Files\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{45213D07-6AD7-41B3-A963-3911242DF487}] => (Allow) C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{9D5B4CFA-40C8-421E-92D0-E8D1A9A23F6B}] => (Allow) C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{F0334ED5-FDFF-45FB-9F58-4A61455F205B}] => (Allow) C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{84D3C170-63DD-4FF5-BD72-254C666D8CE2}] => (Allow) C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [TCP Query User{62284171-8825-448C-8596-F16C9A0369EA}C:\program files\l4d2\left4dead 2 2013\left4dead2.exe] => (Allow) C:\program files\l4d2\left4dead 2 2013\left4dead2.exe
FirewallRules: [UDP Query User{A27C6A85-5E0A-4589-8414-956E1995E6AE}C:\program files\l4d2\left4dead 2 2013\left4dead2.exe] => (Allow) C:\program files\l4d2\left4dead 2 2013\left4dead2.exe
FirewallRules: [{4C85F890-0304-44C7-83EB-4359A4C3EE76}] => (Allow) C:\Program Files\THQ\Company of Heroes\RelicCOH.exe
FirewallRules: [{A80F9071-67FC-41DE-925E-890E725973C7}] => (Allow) C:\Program Files\THQ\Company of Heroes\RelicCOH.exe
FirewallRules: [{941C391C-ABD5-4EED-8915-C767E8315B1C}] => (Allow) C:\Program Files\THQ\Company of Heroes\RelicDownloader\RelicDownloader.exe
FirewallRules: [{D7995022-785F-4DD5-A40F-A181B6ADB13E}] => (Allow) C:\Program Files\THQ\Company of Heroes\RelicDownloader\RelicDownloader.exe
FirewallRules: [TCP Query User{A3200E52-16E3-4D6D-9D07-9C0ACFE3B59E}C:\program files\assassins creed iv black flag\ac4bfmp.exe] => (Allow) C:\program files\assassins creed iv black flag\ac4bfmp.exe
FirewallRules: [UDP Query User{95F5F18D-A7D7-4E04-BEF4-EB8ADFC5DF54}C:\program files\assassins creed iv black flag\ac4bfmp.exe] => (Allow) C:\program files\assassins creed iv black flag\ac4bfmp.exe
FirewallRules: [{3CBCCF16-56EA-4857-B319-C239AD14971A}] => (Allow) C:\Users\King Haze\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EA5AA5E3-CBFF-406F-BF17-87BFB47B0425}] => (Allow) C:\Users\King Haze\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6C1B4B4F-33C5-4942-983B-B5112CB74458}] => (Allow) D:\Program Files\Steam\SteamApps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{26612BD6-91AC-415E-9971-B1D7C6F59EE3}] => (Allow) D:\Program Files\Steam\SteamApps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{6E22D866-393A-4903-84A0-39732F4238BB}] => (Allow) D:\Program Files\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{21EE445B-E10F-4D49-8DE9-ADD84BC7A288}] => (Allow) D:\Program Files\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [TCP Query User{8237FBFC-4F36-4D76-B752-F1954BAA76E7}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{8B0467AE-9C78-407B-82F6-8B8B46041FBC}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [TCP Query User{7DCA93D0-40E6-42A1-ACD2-77A3FE354B75}C:\program files\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\program files\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{D4B3997D-E636-4D81-A686-3DC3ADD1AAB0}C:\program files\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\program files\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [TCP Query User{50781CCC-AB0F-4136-B35F-080538804489}D:\utorrent\3dmgame-the.stanley.parable.cracked-3dm\the stanley parable\stanley.exe] => (Allow) D:\utorrent\3dmgame-the.stanley.parable.cracked-3dm\the stanley parable\stanley.exe
FirewallRules: [UDP Query User{15B95296-FF20-4049-934E-EE01A71B02AB}D:\utorrent\3dmgame-the.stanley.parable.cracked-3dm\the stanley parable\stanley.exe] => (Allow) D:\utorrent\3dmgame-the.stanley.parable.cracked-3dm\the stanley parable\stanley.exe
FirewallRules: [TCP Query User{A2A8CD81-E07A-4F93-9210-169C5FBF822C}C:\games\the stanley parable\stanley.exe] => (Block) C:\games\the stanley parable\stanley.exe
FirewallRules: [UDP Query User{B61D3FF5-40CE-465E-A9AA-2553BB98FAB6}C:\games\the stanley parable\stanley.exe] => (Block) C:\games\the stanley parable\stanley.exe
FirewallRules: [TCP Query User{D7A41BC3-1D3A-462E-B9F1-25DAD1CFEE51}C:\program files\r.g. mechanics\resident evil 6\bh6.exe] => (Allow) C:\program files\r.g. mechanics\resident evil 6\bh6.exe
FirewallRules: [UDP Query User{230D6F84-33A1-4D0D-9D96-CA90CC7BFAED}C:\program files\r.g. mechanics\resident evil 6\bh6.exe] => (Allow) C:\program files\r.g. mechanics\resident evil 6\bh6.exe
FirewallRules: [{37F7DA4F-DDA4-484D-A443-18882140A472}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{787FC88C-9510-4DE2-A0C7-09A4A8CE9346}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{2B7D7B46-581E-4299-B478-F69161C5EB58}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{7FBB25AB-FC43-474F-9BC1-BBB875183FBF}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{288F009E-9323-4C61-A3B1-A8B276A028E2}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
FirewallRules: [{295F0203-A546-43FA-B3B5-A35FA4D3D10F}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
FirewallRules: [{FA38561D-B169-4F3E-AD33-EF5D58BC1425}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{CDCED1DB-24C6-4724-B002-E0E36B7C7C4B}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{67191162-0932-43E9-8EB3-0B316C6E8867}] => (Allow) D:\Program Files\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{5B803CA6-40A5-4972-9F40-49B569501DD3}] => (Allow) D:\Program Files\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [TCP Query User{F67ABF52-B2AF-4918-B666-3621E83AB03E}D:\program files\steam\steamapps\common\planetside 2\planetside2_x86.exe] => (Allow) D:\program files\steam\steamapps\common\planetside 2\planetside2_x86.exe
FirewallRules: [UDP Query User{198A8DE1-0190-4C78-B304-B40646B1857D}D:\program files\steam\steamapps\common\planetside 2\planetside2_x86.exe] => (Allow) D:\program files\steam\steamapps\common\planetside 2\planetside2_x86.exe
FirewallRules: [TCP Query User{E36E26AD-C5A3-4CFD-9285-7C21C975EA35}C:\program files\mortal kombat complete edition\mkke.exe] => (Allow) C:\program files\mortal kombat complete edition\mkke.exe
FirewallRules: [UDP Query User{6A14444A-E2A2-4183-A315-F58E42B0BA7B}C:\program files\mortal kombat complete edition\mkke.exe] => (Allow) C:\program files\mortal kombat complete edition\mkke.exe
FirewallRules: [{32C02294-276F-4370-A921-2E3CB386B02B}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{4F962B2F-97CB-4C12-9841-110B4A44188B}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{7EFB85FA-B8E6-4B97-9E44-1F55BBB3F8B8}C:\program files\warcraft iii reign of chaos & the frozen throne\war3.exe] => (Allow) C:\program files\warcraft iii reign of chaos & the frozen throne\war3.exe
FirewallRules: [UDP Query User{6B7574CE-6FD5-4E3A-AAB0-4E33F9E559B9}C:\program files\warcraft iii reign of chaos & the frozen throne\war3.exe] => (Allow) C:\program files\warcraft iii reign of chaos & the frozen throne\war3.exe
FirewallRules: [TCP Query User{45AE972B-32C7-40C5-9713-0C7CB2FCE602}C:\program files\warcraft iii reign of chaos & the frozen throne\warcraft iii frozen throne esk\war3.exe] => (Allow) C:\program files\warcraft iii reign of chaos & the frozen throne\warcraft iii frozen throne esk\war3.exe
FirewallRules: [UDP Query User{7A36CB57-4E07-4A91-9EBE-33B7486392BB}C:\program files\warcraft iii reign of chaos & the frozen throne\warcraft iii frozen throne esk\war3.exe] => (Allow) C:\program files\warcraft iii reign of chaos & the frozen throne\warcraft iii frozen throne esk\war3.exe
FirewallRules: [TCP Query User{BD47E7A2-105B-42A2-94C8-7B70B247DDC0}C:\program files\warcraft iii\yawle.exe] => (Allow) C:\program files\warcraft iii\yawle.exe
FirewallRules: [UDP Query User{26C2CC69-F319-45F5-9171-2866CEE90424}C:\program files\warcraft iii\yawle.exe] => (Allow) C:\program files\warcraft iii\yawle.exe
FirewallRules: [TCP Query User{547AB8C3-A76C-485E-83F8-FE2A6287F503}C:\program files\warcraft iii reign of chaos & the frozen throne\warcraft iii frozen throne esk\yawle.exe] => (Allow) C:\program files\warcraft iii reign of chaos & the frozen throne\warcraft iii frozen throne esk\yawle.exe
FirewallRules: [UDP Query User{54E96C63-09A0-4C17-A430-8550A1A10644}C:\program files\warcraft iii reign of chaos & the frozen throne\warcraft iii frozen throne esk\yawle.exe] => (Allow) C:\program files\warcraft iii reign of chaos & the frozen throne\warcraft iii frozen throne esk\yawle.exe
FirewallRules: [{D1E0AC19-A31E-48CB-AEF7-C7D4DD6AF8CA}] => (Allow) C:\Program Files\Warcraft III Reign of Chaos & The Frozen Throne\Warcraft III Frozen Throne eSK\Frozen Throne.exe
FirewallRules: [{A01507DB-6299-4C12-B05E-77011B76BB92}] => (Allow) C:\Program Files\Warcraft III Reign of Chaos & The Frozen Throne\Warcraft III Frozen Throne eSK\Frozen Throne.exe
FirewallRules: [{B71434FC-BBD9-4DCB-8461-F2F4B700C23E}] => (Allow) C:\Program Files\Warcraft III Reign of Chaos & The Frozen Throne\Warcraft III Frozen Throne eSK\Frozen Throne.exe
FirewallRules: [{40B77E29-A7AB-46A4-8CC9-EF0C7A85E31B}] => (Allow) C:\Program Files\Warcraft III Reign of Chaos & The Frozen Throne\Warcraft III Frozen Throne eSK\Frozen Throne.exe
FirewallRules: [{164E3E45-6F6F-4EA0-BCF8-09D6BAF8A789}] => (Allow) C:\Program Files\Garena Plus\ggdllhost.exe
FirewallRules: [TCP Query User{FA880C85-47B8-4DCB-ACD5-A8101C9D9631}C:\program files\warcraft iii reign of chaos & the frozen throne\warcraft iii frozen throne esk\nirvana.exe] => (Allow) C:\program files\warcraft iii reign of chaos & the frozen throne\warcraft iii frozen throne esk\nirvana.exe
FirewallRules: [UDP Query User{D211DF2B-C85F-47AF-B234-7865FDBA6E46}C:\program files\warcraft iii reign of chaos & the frozen throne\warcraft iii frozen throne esk\nirvana.exe] => (Allow) C:\program files\warcraft iii reign of chaos & the frozen throne\warcraft iii frozen throne esk\nirvana.exe
FirewallRules: [{877998F1-3D8B-4949-96B2-BCC454BA8050}] => (Allow) C:\Program Files\SDGi Europe\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{B6984DA3-A9B4-4256-AB2B-D2AF1A106D83}] => (Allow) C:\Program Files\SDGi Europe\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{5C1DEED2-C9E7-4FD1-B01C-1532EF941870}] => (Allow) D:\Program Files\Steam\SteamApps\common\Alien Swarm\swarm.exe
FirewallRules: [{BBAA76BC-A348-49FE-AEA4-A4535CFD14A2}] => (Allow) D:\Program Files\Steam\SteamApps\common\Alien Swarm\swarm.exe
FirewallRules: [{07826E19-D989-47A7-966E-EE67F3E5102A}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{5157BDAD-FD1B-4526-9744-87F56E9DF5C7}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{298DEB91-9A44-4B35-A458-478B358A289A}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{34B4AC82-12E0-47A8-A3C1-5D6CE51C9630}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{6E2DA937-3D91-4490-98E5-7B97F8FF4428}] => (Allow) D:\Program Files\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{562934EE-40C6-4B89-B28F-0E684AA1B6BE}] => (Allow) D:\Program Files\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{C558CDFB-1EAA-41F6-942E-538B0EE193D2}] => (Allow) D:\Program Files\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{FAACFCD5-7FD8-4A88-B8EC-D123396DB95F}] => (Allow) D:\Program Files\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{9A8787B8-6FBD-4787-B566-EF151820EE5A}] => (Allow) D:\Program Files\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{C77D9DE4-0FBD-4BE7-B897-492FCCFDE797}] => (Allow) D:\Program Files\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{06C575D7-BD3A-4A44-8F43-4B104C96A23E}] => (Allow) D:\Program Files\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7C4E1B69-4789-464A-BC13-97710E1F6B32}] => (Allow) D:\Program Files\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{5F18A661-D32A-4E5F-9003-999B928121B9}] => (Allow) D:\Program Files\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{B4DC4D67-78DA-449C-BA81-BB7E7F4DF2DB}] => (Allow) D:\Program Files\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{9C43176E-27CE-42CF-AF3E-83C367197A93}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{25226807-7D74-46BD-BB68-CAB2D9BB9987}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{15654651-0F3B-44D1-A834-8A0D3E6E08BA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{BDC83DC2-158C-4B61-81CF-8C107620E326}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{630356D1-8973-4C90-BB04-94DCE6F79C87}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{D98E3849-6499-41B1-9670-1398A55790B1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [TCP Query User{E81F70B6-EAB7-406A-ACEA-46F81E27C289}C:\users\king haze\desktop\warcraft iii frozen throne esk\war3.exe] => (Allow) C:\users\king haze\desktop\warcraft iii frozen throne esk\war3.exe
FirewallRules: [UDP Query User{58E72DD2-71D4-4D93-9998-E17702402E22}C:\users\king haze\desktop\warcraft iii frozen throne esk\war3.exe] => (Allow) C:\users\king haze\desktop\warcraft iii frozen throne esk\war3.exe
FirewallRules: [TCP Query User{F23F3534-17B7-42C0-82C1-0918B7B0B587}C:\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{FDC685BE-7B22-4857-BDDC-B789E2CD5790}C:\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [{5FC3D803-DCE5-47D0-AEAB-BBA942611616}] => (Allow) C:\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{B31B7D70-7E6A-4DB5-BCAF-BFD2FF70CE88}] => (Allow) C:\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{E8FB447C-3F1A-4B3A-BF29-51714B4137A9}] => (Allow) C:\Program Files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{AA8C932E-CAE3-47E3-97EC-4B1DEFB18334}] => (Allow) C:\Program Files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{85B2E2CA-C8B7-431E-B41D-3F5F6EFCAE15}] => (Allow) C:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{666843BE-849A-4D84-8504-6D93EE60DEF8}] => (Allow) C:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{03D9A59B-6E34-4B17-A131-2A740D769B24}] => (Allow) C:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{AA0E8EBD-A4DF-4CD8-B878-667B0301BC18}] => (Allow) C:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{356D4E71-8E08-438A-9EAD-0E2785995165}] => (Allow) D:\Program Files\Steam\SteamApps\common\Evolve\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{E3A40419-FA19-419C-9907-08DC2372E625}] => (Allow) D:\Program Files\Steam\SteamApps\common\Evolve\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{DB05B260-5BF0-4D51-A5A5-4D7664DD36BF}] => (Allow) D:\Program Files\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{8C17788E-C96F-4F78-AA0D-B0555CDD780D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{D77BA5C3-D039-469B-B94C-C0E2AE2B1F3E}] => (Allow) C:\Steam\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{F0292F59-3BA0-4CB1-9485-46B548142237}] => (Allow) C:\Steam\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [TCP Query User{5643DC32-BCC5-4A13-BEAF-1B82C01B5686}C:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{F4353289-A5C9-4E46-80D7-FE92BCC89E30}C:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{1256E77A-D8C2-4434-89A1-C579EC2C1552}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AFAA881B-9F0D-4DE2-B01B-939970EAA68F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5CF49325-8A71-4DBF-A21D-8334F45F0BBB}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F5765E85-A311-4D21-BE9B-E406D969AFED}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{366F4BA2-2447-4EE4-BF20-AD78DA42D2BD}] => (Allow) C:\Program Files\WB Games\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [TCP Query User{AF2E0868-2307-4AF5-90AF-9517288D0E04}C:\program files\wb games\batman arkham city goty\binaries\win32\batmanac_o.exe] => (Allow) C:\program files\wb games\batman arkham city goty\binaries\win32\batmanac_o.exe
FirewallRules: [UDP Query User{712F5624-026B-4942-A236-F8B86C4E3EE4}C:\program files\wb games\batman arkham city goty\binaries\win32\batmanac_o.exe] => (Allow) C:\program files\wb games\batman arkham city goty\binaries\win32\batmanac_o.exe
FirewallRules: [TCP Query User{B05427E2-ED30-4150-BD96-87009B4FC5C5}C:\program files\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{0133279F-4CB0-44F6-ACF2-A3D53C70A778}C:\program files\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [TCP Query User{60B7BCFE-252C-4A7E-B466-98D3F3D9B38B}C:\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{774CA783-5F8B-47DF-B9CF-E067A2B28BB8}C:\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{315379F9-0E9E-4D40-BC96-69793B88C6E2}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{0843F465-6FC6-4FC8-8DD6-0562A3573590}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{400F9854-0E16-40FD-8D54-E5B0889F17DE}C:\program files\r.g. mechanics\alien isolation\ai.exe] => (Allow) C:\program files\r.g. mechanics\alien isolation\ai.exe
FirewallRules: [UDP Query User{A9647276-1BAD-4CFC-BBF1-B8DE7DBEFB8B}C:\program files\r.g. mechanics\alien isolation\ai.exe] => (Allow) C:\program files\r.g. mechanics\alien isolation\ai.exe
FirewallRules: [TCP Query User{EFED2478-507B-49FE-9A8B-D303EB247A68}C:\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{1D6A3B6C-4A54-4399-B4FA-88FDC05E1F22}C:\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [{4BB03F54-58C6-4927-A488-CFDE9D6E6AEA}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{DD452866-F206-440D-9495-BE064EB45801}C:\program files\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [UDP Query User{FFD79ED6-D210-4FAB-8593-10E1EF6BB4B2}C:\program files\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [{B51054A2-68FF-4A80-A577-0BFD8D96075A}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{E7F287B7-2D68-4C0E-BC0E-523EA6168D3D}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{4ACE1280-9857-4F9F-8411-D9C6D3D025F8}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{4736E2E2-FA55-49A3-93A9-E19DFF4983E1}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{D7F42292-422B-4B5E-9942-74601340F493}] => (Allow) C:\Program Files\Heroes of the Storm\Versions\Base35360\HeroesOfTheStorm.exe
FirewallRules: [{EB270687-DDB8-475F-B2D7-8D8222C47605}] => (Allow) C:\Program Files\Heroes of the Storm\Versions\Base35360\HeroesOfTheStorm.exe
FirewallRules: [{8DA416F8-5458-4C23-AF33-AA039965B1C3}] => (Allow) C:\Program Files\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{13C30349-17D0-40FD-81B6-589CC9E5AA4E}] => (Allow) C:\Program Files\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{F8FF2EA9-ECFE-435B-B0A0-B64A6414714F}] => (Allow) C:\Program Files\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{0BF63947-C866-42AD-8747-4E03DB2E4F18}] => (Allow) C:\Program Files\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [TCP Query User{D22ADA01-C8D1-4B42-8882-585AA15FA11A}C:\program files\dragon age\bin_ship\daorigins.exe] => (Allow) C:\program files\dragon age\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{ACD3783B-D206-4607-B927-16C4D14B7ABE}C:\program files\dragon age\bin_ship\daorigins.exe] => (Allow) C:\program files\dragon age\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{AE8E2D14-5B86-471E-A484-69232022E806}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{22D0207C-9EF6-4E6F-90D9-E66CF26821E3}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{4D5CFB87-44F3-4E01-871B-86A2A894F826}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{FE39EC2F-08FB-4F64-A6B4-12BFA8518E8E}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{89321245-59C4-4931-BE88-D2CEF8B30B75}] => (Allow) C:\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{92F15C63-4F3F-4305-90F8-0A9828CFCDB5}] => (Allow) C:\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{05D16A60-7406-4EB2-9F2B-06A231B1376C}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E0A7BB86-16D7-4793-8E41-9B53DF3E884E}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D93A405B-FD6F-4BEC-BB6B-DFE8C82C950F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{823D530A-ECAF-4503-92B0-DB446B5A0124}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A4B6023C-85F3-4A7B-BCBE-5AAF5EA6F6E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CB153B97-C73D-4E9B-96CF-569647C52EA1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2015 03:01:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 02:48:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.2.929, Zeitstempel: 0x552d3ec4
Name des fehlerhaften Moduls: mbam.exe, Version: 1.0.2.929, Zeitstempel: 0x552d3ec4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001c3fc0
ID des fehlerhaften Prozesses: 0x1464
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (07/09/2015 02:40:48 PM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Tasks, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (07/09/2015 02:40:48 PM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Utilities, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (07/09/2015 02:39:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 08:01:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/09/2015 08:01:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/09/2015 08:00:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/09/2015 03:07:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 03:03:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/09/2015 02:41:01 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: Fehler beim Starten des Assistenten für das Sprachpaket-Setup. Führen Sie einen Neustart des Systems aus, und führen Sie den Assistenten erneut aus.

Error: (07/09/2015 02:41:01 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005

Error: (07/09/2015 02:41:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (07/09/2015 02:40:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%16405

Error: (07/09/2015 02:24:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "sppuinotify" wurde mit folgendem Fehler beendet: 
%%126

Error: (07/09/2015 02:16:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/08/2015 03:00:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/08/2015 02:54:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/08/2015 02:48:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/08/2015 02:47:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office:
=========================
Error: (07/09/2015 03:01:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 02:48:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.2.929552d3ec4mbam.exe1.0.2.929552d3ec4c0000005001c3fc0146401d0ba4580336656C:\Program Files\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files\ Malwarebytes Anti-Malware \mbam.exec450f664-2638-11e5-a7b1-448a5b212ed6

Error: (07/09/2015 02:40:48 PM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Tasks, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (07/09/2015 02:40:48 PM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Utilities, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (07/09/2015 02:39:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 08:01:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\outlast whistleblower\Binaries\Win64\OLGame_R.exe

Error: (07/09/2015 08:01:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\outlast whistleblower\Binaries\Win64\OLGame.exe

Error: (07/09/2015 08:00:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"d:\program files\Steam\steamapps\common\Warframe\Warframe.x64.exe

Error: (07/09/2015 03:07:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 03:03:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 53%
Total physical RAM: 3544.07 MB
Available physical RAM: 1645.38 MB
Total Virtual: 7086.45 MB
Available Virtual: 4765.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:638.54 GB) (Free:118.18 GB) NTFS
Drive d: () (Fixed) (Total:292.87 GB) (Free:48.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DF39E75C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=638.5 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---

Alt 09.07.2015, 15:18   #5
Warlord711
/// TB-Ausbilder
 
Malware durch dubiosen Downloader (Lightning Downloader) - Standard

Malware durch dubiosen Downloader (Lightning Downloader)


Zitat:
D:\utorrent\3dmgame-the.stanley.parable.cracked-3dm
c:\ProgramData\{7d844150-04ba-d93b-7d84-4415004b0540}\windows_7_loader_v2.1.1_by_daz__x86___x64_.zip.exe
C:\Users\King Haze\Downloads\Windows 7 loader bY Deki.rar
Die von mir gelisteten Einträge deuten stark darauf hin, dass auf diesem Rechner Software benutzt wird, die nicht legal erworben wurde.

Supportunterbrechung
Lesestoff:
Cracks und Keygens
Den Kopierschutz von Software zu umgehen ist nach geltendem Recht illegal. Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert.

Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle nicht weiter bereinigen, da wir ein solches Vorgehen nicht unterstützen. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen.

Das Thema wird erst nach Entfernung fortgeführt.

Ich gehe davon aus das Win 7 ist ne geklaute Version, ansonste würde wohl kein "Loader" vorhanden sein.

__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 09.07.2015, 15:35   #6
Chillzz
 
Malware durch dubiosen Downloader (Lightning Downloader) - Standard

Malware durch dubiosen Downloader (Lightning Downloader)


Ein Freund von mir empfahl mir das Programm, da mein Windows Update nicht mehr richtig funktionieren wollte und er meinte, das könnte an meinem Windows Key liegen. Mein Windows zeigte mir nämlich an, dass der Key nicht geprüft werden kann. Ich habe das Programm bereits entfernt, da mein Windows Update Problem sich anderweitig gelöst hat. Keine Sorge, mein Windows wurde damals zusammen mit meinem PC legal erworben.

Alt 09.07.2015, 15:52   #7
Warlord711
/// TB-Ausbilder
 
Malware durch dubiosen Downloader (Lightning Downloader) - Standard

Malware durch dubiosen Downloader (Lightning Downloader)


Ok.

Dann so weiter:
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.





Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 09.07.2015, 16:32   #8
Chillzz
 
Malware durch dubiosen Downloader (Lightning Downloader) - Standard

Malware durch dubiosen Downloader (Lightning Downloader)


Security Check:

Code:
ATTFilter
 Results of screen317's Security Check version 1.004  
 Windows 7 Service Pack 1 x86 (UAC is disabled!)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 45  
 Adobe Flash Player 	18.0.0.194  
 Mozilla Firefox (39.0) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
AdwCleaner :
Code:
ATTFilter
# AdwCleaner v4.207 - Bericht erstellt 09/07/2015 um 17:16:39
# Aktualisiert 21/06/2015 von Xplode
# Datenbank : 2015-07-05.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x86)
# Benutzername : King Haze - KINGHAZE-PC
# Gestarted von : C:\Users\King Haze\Downloads\AdwCleaner_4.207.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\{7d844150-04ba-d93b-7d84-4415004b0540}
Ordner Gelöscht : C:\Users\King Haze\AppData\Roaming\dvdvideosoftiehelpers
Datei Gelöscht : C:\Users\King Haze\AppData\Roaming\Mozilla\Firefox\Profiles\rzo4dl8b.default\Extensions\YouTubeAutoReplay@arikv.com.xpi
Datei Gelöscht : C:\Users\King Haze\AppData\Roaming\MPQEditor.ini

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\dcb13a01-1618-f7fc-c369-6c5a692f6e62
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1339A3D4-3AC0-4469-A041-2367BE61A997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}

***** [ Internetbrowser ] *****

-\\ Internet Explorer v10.0.9200.16750


-\\ Mozilla Firefox v39.0 (x86 de)


-\\ Google Chrome v

[C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [1962 Bytes] - [09/07/2015 17:15:04]
AdwCleaner[S0].txt - [1882 Bytes] - [09/07/2015 17:16:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1941  Bytes] ##########
Junkware Removal Tool:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.3.8 (07.09.2015:1)
OS: Windows 7 Professional x86
Ran by King Haze on 09.07.2015 at 17:25:42,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] C:\ProgramData\Google
Successfully deleted: [Folder] C:\Windows\System32\ai_recyclebin
Successfully deleted: [Folder] C:\ProgramData\12947541618424808863



~~~ FireFox

Successfully deleted: [File] C:\Users\King Haze\AppData\Roaming\mozilla\firefox\profiles\rzo4dl8b.default\extensions\{b64d9b05-48e1-4ceb-bf58-e0643994e900}.xpi
Emptied folder: C:\Users\King Haze\AppData\Roaming\mozilla\firefox\profiles\rzo4dl8b.default\minidumps [254 files]



~~~ Chrome


[C:\Users\King Haze\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\King Haze\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\King Haze\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\King Haze\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.07.2015 at 17:26:59,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-07-2015
Ran by King Haze (administrator) on KINGHAZE-PC on 09-07-2015 17:28:33
Running from C:\Users\King Haze\Downloads
Loaded Profiles: King Haze (Available Profiles: King Haze)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6323928 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-05-17] (Intel Corporation)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM\...\Run: [Super-Charger] => C:\Program Files\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-13] (Avast Software s.r.o.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\Run: [amd_dc_opt] => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-2290024371-3984154701-145341786-1000\...\Run: [THPanel] => C:\Program Files\Thunder Master\THPanel.exe [2169640 2013-10-17] (Palit Microsystems Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-13] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2290024371-3984154701-145341786-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-08] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-08] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2290024371-3984154701-145341786-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4B355606-754D-494A-92FD-255FAB54E638}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6324BC67-0616-40BB-9212-CCB7706AEAE1}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F67C3489-5DD7-4B2F-80F2-A5796B552951}: [DhcpNameServer] 7.254.254.254

FireFox:
========
FF ProfilePath: C:\Users\King Haze\AppData\Roaming\Mozilla\Firefox\Profiles\rzo4dl8b.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-08] (Oracle Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2290024371-3984154701-145341786-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\King Haze\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2290024371-3984154701-145341786-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: youtubereplay - C:\Users\King Haze\AppData\Roaming\Mozilla\Firefox\Profiles\rzo4dl8b.default\Extensions\jid0-VuYraOOT2NM2AcnQwG4APKol3Vs@jetpack.xpi [2014-09-03]
FF Extension: Thumbnail Zoom Plus - C:\Users\King Haze\AppData\Roaming\Mozilla\Firefox\Profiles\rzo4dl8b.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-05-16]
FF Extension: Adblock Plus - C:\Users\King Haze\AppData\Roaming\Mozilla\Firefox\Profiles\rzo4dl8b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-28]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Google Drive) - C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (YouTube) - C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Google Search) - C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (Google Wallet) - C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR Extension: (Gmail) - C:\Users\King Haze\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-13] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-13] (Avast Software)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-05-24] (BitRaider, LLC)
S3 DAUpdaterSvc; C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [919184 2015-06-17] (NVIDIA Corporation)
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1848168 2015-03-30] (LogMeIn Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [583680 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [637912 2013-02-13] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-03-30] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 MSI_SuperCharger; C:\Program Files\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
S2 MSI_Trigger_Service; C:\Program Files\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
S2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20694160 2015-06-17] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-10-05] ()
R2 Razer Game Scanner Service; C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-10] ()
S2 RzKLService; C:\Program Files\Razer\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.)
S4 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S4 AntiVirWebService; "C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe" [X]
S2 Avira.OE.ServiceHost; "C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-13] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-13] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-13] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-06-28] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-13] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-13] ()
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 ipadtst; C:\Program Files\MSI\Super-Charger\ipadtst.sys [14576 2013-02-04] (Windows (R) 2000 DDK provider)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [40936 2013-02-13] ()
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-04-26] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [361968 2013-04-26] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [793072 2013-04-26] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [56432 2013-01-11] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files\MSI\Super-Charger\NTIOLib.sys [14392 2012-10-26] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [41648 2015-06-17] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [20416 2015-03-10] (Razer, Inc.)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2012-07-31] (Screaming Bee LLC)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181432 2012-02-24] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-13] (Avast Software)
S3 BRDriver_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-09 17:26 - 2015-07-09 17:26 - 00001563 _____ C:\Users\King Haze\Desktop\JRT.txt
2015-07-09 17:25 - 2015-07-09 17:25 - 02953724 _____ (Malwarebytes Corporation) C:\Users\King Haze\Downloads\JRT.exe
2015-07-09 17:25 - 2015-07-09 17:25 - 00000207 _____ C:\Windows\tweaking.com-regbackup-KINGHAZE-PC-Windows-7-Professional-(32-bit).dat
2015-07-09 17:25 - 2015-07-09 17:25 - 00000000 ____D C:\RegBackup
2015-07-09 17:10 - 2015-07-09 17:16 - 00000000 ____D C:\AdwCleaner
2015-07-09 17:10 - 2015-07-09 17:10 - 02244096 _____ C:\Users\King Haze\Downloads\AdwCleaner_4.207.exe
2015-07-09 17:09 - 2015-07-09 17:09 - 00852662 _____ C:\Users\King Haze\Downloads\SecurityCheck.exe
2015-07-09 15:47 - 2015-07-09 15:47 - 00065006 _____ C:\Users\King Haze\Downloads\Addition.txt
2015-07-09 15:46 - 2015-07-09 17:28 - 00015373 _____ C:\Users\King Haze\Downloads\FRST.txt
2015-07-09 15:46 - 2015-07-09 17:28 - 00000000 ____D C:\FRST
2015-07-09 15:46 - 2015-07-09 15:46 - 01636352 _____ (Farbar) C:\Users\King Haze\Downloads\FRST.exe
2015-07-09 15:40 - 2015-07-09 15:40 - 00008728 _____ C:\Users\King Haze\Downloads\hijackthis.log
2015-07-09 15:37 - 2015-07-09 15:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\King Haze\Downloads\HiJackThis204.exe
2015-07-09 15:37 - 2015-07-09 15:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\King Haze\Downloads\HiJackThis204(1).exe
2015-07-09 15:09 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-07-09 15:09 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-07-09 15:09 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-07-09 15:09 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-07-09 15:09 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-07-09 15:09 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-07-09 15:09 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-07-09 15:09 - 2014-07-09 03:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-07-09 14:57 - 2015-07-09 14:57 - 00000000 ____D C:\Users\King Haze\Desktop\VirusMalwareCheck
2015-07-09 05:31 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-09 05:19 - 2015-01-09 01:44 - 00419936 _____ C:\Windows\system32\locale.nls
2015-07-09 05:13 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-07-09 04:56 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-07-09 04:56 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-07-09 04:56 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-07-09 04:56 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-07-09 04:33 - 2015-07-09 04:47 - 00000000 ____D C:\Windows\system32\MRT
2015-07-09 04:33 - 2015-05-27 00:03 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-09 04:26 - 2015-07-09 04:26 - 00000000 ____D C:\Program Files\Microsoft ASP.NET
2015-07-09 04:14 - 2014-10-14 03:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-07-09 04:14 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-07-09 04:14 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-07-09 04:14 - 2014-07-17 03:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-07-09 04:14 - 2014-07-17 03:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-07-09 04:14 - 2014-07-17 03:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-07-09 04:14 - 2014-07-17 03:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-07-09 04:14 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-07-09 04:13 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-09 04:13 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-07-09 04:13 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-07-09 04:13 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-09 04:13 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-07-09 04:13 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-07-09 04:13 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-07-09 04:12 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-09 04:12 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-09 04:12 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-09 04:12 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-09 04:12 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-09 04:12 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-07-09 04:12 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-07-09 04:12 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-07-09 04:12 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-07-09 04:12 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-07-09 04:12 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-07-09 04:12 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-07-09 04:12 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-07-09 04:12 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-07-09 04:12 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-07-09 04:12 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-07-09 04:12 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-07-09 04:12 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-07-09 04:12 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-07-09 04:12 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-07-09 04:12 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-07-09 04:12 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-07-09 04:12 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-09 04:11 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-09 04:11 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-09 04:11 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-09 04:11 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-07-09 04:11 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-09 04:11 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-07-09 04:11 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-09 04:11 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-09 04:10 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-07-09 04:10 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-07-09 04:10 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-07-09 04:10 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-07-09 04:10 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-07-09 04:10 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-07-09 04:10 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-07-09 04:10 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-07-09 04:10 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-07-09 04:10 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-07-09 04:10 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-07-09 04:10 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-07-09 04:10 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-07-09 04:09 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-07-09 04:09 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-09 04:09 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-09 04:09 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-09 04:09 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-09 04:09 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-09 04:09 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-09 04:09 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-07-09 04:09 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-09 04:09 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-09 04:09 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-09 04:09 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-07-09 04:09 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-09 04:09 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-07-09 04:09 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-09 04:09 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-09 04:09 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-07-09 04:09 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-09 04:09 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-09 04:09 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-09 04:09 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-07-09 04:09 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-07-09 04:09 - 2014-12-19 04:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-09 04:09 - 2014-12-11 19:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-09 04:09 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-07-09 04:09 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-07-09 04:09 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-07-09 04:08 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-09 04:08 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-09 04:08 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-09 04:07 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-07-09 04:07 - 2014-11-11 03:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-07-09 04:07 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-07-09 04:07 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-07-09 04:07 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-07-09 04:07 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-07-09 04:07 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-07-09 04:07 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-07-09 04:07 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-07-09 04:07 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-07-09 04:07 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-07-09 04:07 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-07-09 04:07 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-07-09 04:07 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-07-09 04:07 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-07-09 04:07 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-07-09 04:07 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-07-09 04:07 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-07-09 04:07 - 2013-11-27 03:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-07-09 04:07 - 2013-11-27 03:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-07-09 04:07 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-07-09 04:06 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-09 04:06 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-09 04:05 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-09 04:05 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-09 04:05 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-09 04:05 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-09 04:05 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-07-09 04:05 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-07-09 04:05 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-09 04:05 - 2014-12-19 03:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-07-09 04:05 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-07-09 04:05 - 2014-12-06 05:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-07-09 04:05 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-07-09 04:05 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-09 04:05 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-07-09 04:05 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-09 04:05 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-09 04:05 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-07-09 04:05 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-07-09 03:58 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-09 03:58 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-07-09 03:58 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-07-09 03:58 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-07-09 03:58 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-07-09 03:58 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-07-09 03:58 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-07-09 03:58 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-09 03:58 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-07-09 03:58 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-09 03:58 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-07-09 03:58 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-07-09 03:58 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-07-09 03:58 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-07-09 03:56 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-07-09 03:56 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-07-09 03:50 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-07-09 03:50 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-07-09 03:50 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-07-09 03:50 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-07-09 03:50 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-07-09 03:37 - 2015-07-09 03:37 - 00347816 _____ (Microsoft Corporation) C:\Users\King Haze\Downloads\MicrosoftFixit.wu.LB.146359835153723920.2.1.Run.exe
2015-07-09 03:31 - 2015-07-09 03:31 - 00717733 _____ C:\Users\King Haze\Downloads\pcwUpdateRepair.exe
2015-07-09 03:31 - 2015-07-09 03:31 - 00000130 _____ C:\Descriptors.txt
2015-07-09 02:54 - 2015-07-09 02:55 - 15624032 _____ (FinalWire Ltd. ) C:\Users\King Haze\Downloads\aida64extreme520.exe
2015-07-09 02:47 - 2015-07-09 02:47 - 00000000 ____D C:\Users\King Haze\Downloads\Windows 7 loader bY Deki
2015-07-09 02:35 - 2015-07-09 12:00 - 00000000 ____D C:\Program Files\Cortex
2015-07-08 18:07 - 2015-07-08 18:07 - 00047340 _____ C:\Users\King Haze\Downloads\outc1der_cfg_12.04.15.txt
2015-07-08 14:58 - 2015-07-08 14:59 - 00000000 ____D C:\Users\King Haze\AppData\Local\NVIDIA Corporation
2015-07-08 14:56 - 2015-07-09 17:18 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-08 14:56 - 2015-07-08 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-08 14:56 - 2015-06-17 11:06 - 01320304 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2015-07-08 14:56 - 2015-06-17 11:06 - 01316000 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge.dll
2015-07-08 14:56 - 2015-06-17 08:38 - 00571024 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe
2015-07-08 14:55 - 2015-06-17 11:06 - 00105104 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-08 14:55 - 2015-06-17 08:51 - 04385608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-07-08 14:55 - 2015-06-17 08:51 - 03019920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2015-07-08 14:55 - 2015-06-17 08:51 - 02554512 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-07-08 14:55 - 2015-06-17 08:51 - 00670864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-07-08 14:55 - 2015-06-17 08:51 - 00374928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-07-08 14:55 - 2015-06-17 08:51 - 00061584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-07-08 14:55 - 2015-06-02 14:07 - 04421614 _____ C:\Windows\system32\nvcoproc.bin
2015-07-08 14:54 - 2015-07-08 14:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-08 14:54 - 2015-06-17 11:06 - 37748880 _____ C:\Windows\system32\nvcompiler.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 22947144 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 15224784 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 13263248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 12855224 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 11831856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 09129800 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-08 14:54 - 2015-06-17 11:06 - 02997544 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 02599568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 01049232 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3235330.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00982856 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00974992 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00938568 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00921448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00912528 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3235330.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00407296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00364176 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00171352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2015-07-08 14:54 - 2015-06-17 11:06 - 00155280 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00057520 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00041648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2015-07-08 14:54 - 2015-06-17 11:06 - 00037208 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2015-07-08 14:54 - 2015-06-17 11:06 - 00026142 _____ C:\Windows\system32\nvinfo.pb
2015-07-08 14:40 - 2015-07-08 15:00 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-07-08 14:25 - 2015-07-08 14:25 - 00000000 ____D C:\Users\King Haze\Downloads\[Guru3D.com]-DDU
2015-07-08 14:24 - 2015-07-08 14:24 - 01118829 _____ C:\Users\King Haze\Downloads\[Guru3D.com]-DDU.zip
2015-07-07 21:54 - 2015-07-07 21:56 - 227885392 _____ (NVIDIA Corporation) C:\Users\King Haze\Downloads\353.30-desktop-win8-win7-winvista-32bit-international-whql.exe
2015-07-07 19:35 - 2015-07-07 20:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-18 13:39 - 2015-06-18 13:39 - 00004233 _____ C:\Users\King Haze\Downloads\Backpack Mod-3800-1-0.zip
2015-06-18 13:39 - 2015-06-18 13:39 - 00000000 ____D C:\Users\King Haze\Downloads\Backpack Mod-3800-1-0
2015-06-18 13:30 - 2015-06-18 13:30 - 00201563 _____ C:\Users\King Haze\Downloads\Rune Expansion Pack 1-5-2655-1-5.zip
2015-06-18 13:30 - 2015-06-18 13:30 - 00000000 ____D C:\Users\King Haze\Downloads\Rune Expansion Pack 1-5-2655-1-5
2015-06-18 13:26 - 2015-06-18 13:26 - 00000000 ____D C:\Users\King Haze\Downloads\Morozik75 Arsenal Final-2845-1
2015-06-18 13:23 - 2015-06-18 13:23 - 00000000 ____D C:\Users\King Haze\Downloads\Diversified Follower Armors-2645-0-95b
2015-06-18 13:20 - 2015-06-18 13:20 - 24167540 _____ C:\Users\King Haze\Downloads\Diversified Follower Armors-2645-0-95b.zip
2015-06-18 13:16 - 2015-06-18 13:19 - 118681488 _____ C:\Users\King Haze\Downloads\Morozik75 Arsenal Final-2845-1.7z
2015-06-18 13:14 - 2015-06-18 13:14 - 00000000 ____D C:\Users\King Haze\Downloads\Aveline_Classic-2522
2015-06-18 13:12 - 2015-06-18 13:12 - 00031783 _____ C:\Users\King Haze\Downloads\Aveline_Classic-2522.zip
2015-06-18 13:10 - 2015-06-18 13:10 - 00049102 _____ C:\Users\King Haze\Downloads\Valuable_Junkv20-2453-v2-0.zip
2015-06-18 13:10 - 2015-06-18 13:10 - 00000000 ____D C:\Users\King Haze\Downloads\Valuable_Junkv20-2453-v2-0
2015-06-18 13:04 - 2015-06-18 13:04 - 00000000 ____D C:\Users\King Haze\Downloads\Dragon Age II ReDesigned-2659
2015-06-18 13:03 - 2015-06-18 13:03 - 00000000 ____D C:\Users\King Haze\Downloads\Nightmare Tweaked Normal Realistic-2194-1
2015-06-18 12:59 - 2015-06-18 13:00 - 04886657 _____ C:\Users\King Haze\Downloads\gff4editor-1.0.7z
2015-06-18 12:54 - 2015-06-18 12:54 - 00000000 ____D C:\Users\King Haze\Downloads\13c-2145-1-3c
2015-06-18 12:53 - 2015-06-18 12:53 - 00000000 ____D C:\Users\King Haze\Downloads\NoGibbing102-2363-1-02
2015-06-18 12:50 - 2015-06-18 12:50 - 00000000 ____D C:\Users\King Haze\Downloads\Hide ALL except Bow and Quiver-2150
2015-06-18 12:49 - 2015-06-18 12:49 - 00000000 ____D C:\Users\King Haze\Downloads\Complete Zip - Autorun and Highlight-2266-1-0
2015-06-18 12:46 - 2015-06-18 12:46 - 00001225 _____ C:\Users\Public\Desktop\Dragon Age 2.lnk
2015-06-18 12:45 - 2015-06-18 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age 2
2015-06-18 12:34 - 2015-06-18 12:34 - 00000000 ____D C:\Program Files\Electronic Arts
2015-06-14 12:09 - 2015-06-18 13:36 - 00000000 ____D C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch
2015-06-14 12:07 - 2015-06-14 12:09 - 21666348 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part09.rar
2015-06-14 11:58 - 2015-06-14 12:06 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part08.rar
2015-06-14 11:50 - 2015-06-14 11:58 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part07.rar
2015-06-14 11:42 - 2015-06-14 11:49 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part06.rar
2015-06-14 11:33 - 2015-06-14 11:41 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part05.rar
2015-06-14 11:25 - 2015-06-14 11:33 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part04.rar
2015-06-14 11:16 - 2015-06-14 11:24 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part03.rar
2015-06-14 11:07 - 2015-06-14 11:15 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part02.rar
2015-06-14 10:53 - 2015-06-14 10:59 - 104857600 _____ C:\Users\King Haze\Downloads\dragon age 2 deutsch sprachpatch.part01.rar
2015-06-13 14:30 - 2015-06-13 14:30 - 01474970 _____ C:\Users\King Haze\Downloads\Sunnies Item Packs 1-5-2510-1-0.zip
2015-06-13 14:26 - 2015-06-13 14:28 - 161635322 _____ C:\Users\King Haze\Downloads\Dragon Age II ReDesigned-2659.rar
2015-06-13 14:17 - 2015-06-13 14:17 - 00000632 _____ C:\Users\King Haze\Downloads\Nightmare Tweaked Normal Realistic-2194-1.rar
2015-06-13 14:12 - 2015-06-13 14:12 - 01153958 _____ C:\Users\King Haze\Downloads\13c-2145-1-3c.rar
2015-06-13 14:09 - 2015-06-13 14:09 - 00011636 _____ C:\Users\King Haze\Downloads\NoGibbing102-2363-1-02.zip
2015-06-13 14:08 - 2015-06-13 14:08 - 00002028 _____ C:\Users\King Haze\Downloads\Hide ALL except Bow and Quiver-2150.rar
2015-06-13 14:06 - 2015-06-13 14:06 - 00609798 _____ C:\Users\King Haze\Downloads\Complete Zip - Autorun and Highlight-2266-1-0.zip
2015-06-11 20:53 - 2015-06-11 20:53 - 00001983 _____ C:\Users\King Haze\Desktop\JDownloader.lnk
2015-06-11 20:52 - 2015-06-12 13:58 - 00000000 ____D C:\Program Files\JDownloader
2015-06-11 20:52 - 2015-06-11 20:52 - 00001947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-06-11 20:52 - 2015-06-11 20:52 - 00001891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-06-11 20:52 - 2015-06-11 20:52 - 00001870 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-09 17:27 - 2013-12-28 23:04 - 00000000 ____D C:\Users\King Haze\AppData\Roaming\TS3Client
2015-07-09 17:25 - 2014-01-19 17:22 - 00000000 ____D C:\Users\King Haze\AppData\Local\LogMeIn Hamachi
2015-07-09 17:25 - 2009-07-14 06:34 - 00033632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-09 17:25 - 2009-07-14 06:34 - 00033632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-09 17:24 - 2010-11-20 23:01 - 01651686 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-09 17:20 - 2013-12-28 21:00 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-09 17:20 - 2013-12-28 21:00 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-09 17:20 - 2013-12-28 21:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-09 17:18 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-09 17:18 - 2009-07-14 06:39 - 00109500 _____ C:\Windows\setupact.log
2015-07-09 17:17 - 2013-12-28 20:52 - 01645401 _____ C:\Windows\WindowsUpdate.log
2015-07-09 17:17 - 2010-11-20 23:48 - 00412804 _____ C:\Windows\PFRO.log
2015-07-09 17:17 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2015-07-09 15:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-09 15:01 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-09 14:59 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Resources
2015-07-09 14:48 - 2014-04-06 03:27 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2015-07-09 14:39 - 2009-07-14 06:33 - 00287312 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-09 09:31 - 2010-11-21 02:47 - 00000000 ____D C:\Program Files\Windows Journal
2015-07-09 09:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-07-09 09:31 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-08 15:00 - 2014-04-15 06:20 - 00000000 ____D C:\Users\King Haze\AppData\Local\NVIDIA
2015-07-08 14:57 - 2014-04-15 06:22 - 00001335 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-08 14:56 - 2013-12-28 21:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-08 14:55 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help
2015-07-08 14:54 - 2015-06-01 16:23 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-08 14:39 - 2009-07-14 04:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-07-08 14:35 - 2014-01-30 23:03 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2015-07-07 21:48 - 2013-12-28 21:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-06 12:34 - 2011-03-17 04:15 - 00207239 _____ C:\Users\King Haze\Desktop\autorun_tab_toggle.exe
2015-06-30 15:58 - 2014-08-16 17:06 - 00000000 ____D C:\Users\King Haze\AppData\Local\Adobe
2015-06-30 15:58 - 2013-12-28 21:00 - 00000000 ____D C:\Users\King Haze\AppData\Roaming\Adobe
2015-06-28 17:05 - 2014-09-26 21:25 - 00428120 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-23 13:27 - 2014-01-03 08:46 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-18 13:50 - 2015-05-28 14:32 - 00000000 ____D C:\Users\King Haze\Documents\BioWare
2015-06-16 07:16 - 2014-02-02 10:26 - 00000000 ____D C:\Users\King Haze\Desktop\TXT
2015-06-14 10:52 - 2015-05-28 15:16 - 00000000 ____D C:\Users\King Haze\Downloads\Dragon Age Origins - Deutsche Texte
2015-06-11 22:35 - 2014-01-08 15:05 - 00000000 ____D C:\Users\King Haze\AppData\Roaming\uTorrent

==================== Files in the root of some directories =======

2013-12-31 00:36 - 2014-10-05 01:05 - 0138056 _____ () C:\Users\King Haze\AppData\Roaming\PnkBstrK.sys
2006-12-11 20:13 - 2006-12-11 20:13 - 0097336 _____ (Un4seen Developments) C:\Users\King Haze\AppData\Local\bass.dll
2006-12-11 20:13 - 2006-12-11 20:13 - 0013872 _____ (Un4seen Developments) C:\Users\King Haze\AppData\Local\basscd.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 0102912 _____ (Albert L Faber) C:\Users\King Haze\AppData\Local\CDRip.dll
2014-06-01 06:50 - 2014-06-01 06:50 - 0003584 _____ () C:\Users\King Haze\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-08-13 18:46 - 2007-08-13 18:46 - 0155136 _____ () C:\Users\King Haze\AppData\Local\lame_enc.dll
2007-01-18 22:09 - 2007-01-18 22:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\King Haze\AppData\Local\No23 Recorder.exe
2005-08-23 23:34 - 2005-08-23 23:34 - 0029184 _____ () C:\Users\King Haze\AppData\Local\no23xwrapper.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 0015872 _____ () C:\Users\King Haze\AppData\Local\ogg.dll
2015-01-12 14:29 - 2015-05-13 22:07 - 0001527 _____ () C:\Users\King Haze\AppData\Local\RecConfig.xml
2015-05-31 00:01 - 2015-05-31 00:01 - 0007605 _____ () C:\Users\King Haze\AppData\Local\Resmon.ResmonCfg
2006-10-26 02:06 - 2006-10-26 02:06 - 0143872 _____ () C:\Users\King Haze\AppData\Local\vorbis.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 0064000 _____ () C:\Users\King Haze\AppData\Local\vorbisenc.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 0019456 _____ () C:\Users\King Haze\AppData\Local\vorbisfile.dll

Some files in TEMP:
====================
C:\Users\King Haze\AppData\Local\Temp\130785220979674000.exe
C:\Users\King Haze\AppData\Local\Temp\13078522103129695320.exe
C:\Users\King Haze\AppData\Local\Temp\27fff54a706caf16275619fa9b79269c.dll
C:\Users\King Haze\AppData\Local\Temp\BRSVC_13799536_hlp.exe
C:\Users\King Haze\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\King Haze\AppData\Local\Temp\nvStInst.exe
C:\Users\King Haze\AppData\Local\Temp\Quarantine.exe
C:\Users\King Haze\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-04 00:42

==================== End of log ============================

Alt 10.07.2015, 07:55   #9
Warlord711
/// TB-Ausbilder
 
Malware durch dubiosen Downloader (Lightning Downloader) - Standard

Malware durch dubiosen Downloader (Lightning Downloader)


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Mach noch ESET Scan, der dauert länger:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 10.07.2015, 12:46   #10
Chillzz
 
Malware durch dubiosen Downloader (Lightning Downloader) - Standard

Malware durch dubiosen Downloader (Lightning Downloader)


Fixlog.txt :
Code:
ATTFilter
Fix result of Farbar Recovery Scan Tool (x86) Version: 05-07-2015
Ran by King Haze at 2015-07-10 13:41:58 Run:1
Running from C:\Users\King Haze\Downloads
Loaded Profiles: King Haze (Available Profiles: King Haze)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
emptytemp:
*****************

"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
EmptyTemp: => 837.4 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 13:43:11 ====

Antwort

Themen zu Malware durch dubiosen Downloader (Lightning Downloader)
adware, antivirus, avast, boot, browser, computer, dateien, downloader, explorer, firefox, free, helper, installation, internet, lightning, logfile, malware, microsoft, programm, rundll, rundll32.exe, scan, software, system, system32, windows


« GVU/BKA-Trojaner & pak.225 | Windows Vista, InstallCore.Gen7, LavasoftWeCompanion »


Ähnliche Themen: Malware durch dubiosen Downloader (Lightning Downloader)


  1. Yourfile Downloader Malware
    Plagegeister aller Art und deren Bekämpfung - 31.07.2014 (7)
  2. Win 7, win32.downloader.gen schon wieder gefunden durch Spybot
    Log-Analyse und Auswertung - 12.03.2014 (7)
  3. win32.downloader.gen trotz angeblicher Beseitigung durch spybot sofort wieder da
    Log-Analyse und Auswertung - 03.02.2014 (2)
  4. BKA-Befall (inzwischen wieder nutzbar) und malware (lightning Speed Dial startseite)
    Plagegeister aller Art und deren Bekämpfung - 31.01.2014 (9)
  5. Windows 7 64bit - Win32.downloader.gen (C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll) durch Spybot gefunden
    Log-Analyse und Auswertung - 29.09.2013 (7)
  6. Hartnäckige Tasks (Trojan.FraudPack & Trojan.Downloader lt. Malwarebytes Anti-Malware)
    Log-Analyse und Auswertung - 23.09.2013 (16)
  7. Delta-Search durch J-Downloader eingefangen
    Log-Analyse und Auswertung - 20.05.2013 (8)
  8. Win32:Malware-gen und Win32:Downloader-PKU.C:\Windows\System32\services.exe.Weitere Meldungen
    Log-Analyse und Auswertung - 12.09.2012 (10)
  9. Incredibar/Mystart durch Softtonic-Downloader
    Plagegeister aller Art und deren Bekämpfung - 12.07.2012 (1)
  10. Trojan.Downloader.Gen konnte nicht restlos von Malwarebytes Anti-Malware entfernt werden Vista 64bit
    Plagegeister aller Art und deren Bekämpfung - 22.06.2012 (24)
  11. Trojaner: Spy(Farko), Banker(Jorik),Downloader(Java) und Rootkit Funde durch Kaspersky '12
    Plagegeister aller Art und deren Bekämpfung - 15.05.2012 (13)
  12. ständige malware-meldungen von antivir - svchost.exe -TR/Downloader.Gen, mit logfile
    Log-Analyse und Auswertung - 24.04.2010 (12)
  13. Malware und Spyware in RS Downloader
    Plagegeister aller Art und deren Bekämpfung - 10.05.2009 (0)
  14. Trojan.Vundo/Trojan.Downloader/Trojan.Agent/Malware.Trace
    Plagegeister aller Art und deren Bekämpfung - 02.08.2008 (2)
  15. GpCoder.E, Downloader und Byte.Verify durch NAV zu spät entdeckt
    Plagegeister aller Art und deren Bekämpfung - 17.06.2008 (7)
  16. Malware "DyFuCA" ;Win32.Trojan.Downloader mit Ad-Aware SE Personal gefunden
    Log-Analyse und Auswertung - 11.08.2006 (13)
  17. HILFEEEE!!!trojan-downloader-ruin, trojan-downloader-wareout
    Log-Analyse und Auswertung - 16.09.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Malware durch dubiosen Downloader (Lightning Downloader) - Hallo Community, Gestern wollte ich mir ein Programm im Internet herunterladen und bin dummerweise an ein Downloader geraten, der mir wohl Adware ins System einschleusen wollte. Ich habe mitten während - Malware durch dubiosen Downloader (Lightning Downloader)...
Archiv
Du betrachtest: Malware durch dubiosen Downloader (Lightning Downloader) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19