Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Chrome öffnet selbstständig neue Werbefenster (https://www.trojaner-board.de/167243-chrome-oeffnet-selbststaendig-neue-werbefenster.html)

Buyaka 25.05.2015 03:37
Chrome öffnet selbstständig neue Werbefenster
 
Hi,

ich habe ein Problem mit Browsern im allgemeinen, verwende aber praktisch nur chrome. Dieser öffnet bei einem beliebigen selbstständig tabs mit Werbung. Ich habe selbst etwas in aktiven Anwendungen etc gesucht, aber nichts gefunden. Ich habe bereits den FRST Scan durchlaufen lassen, die Ergebnisse:

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 01
Ran by Dirk (administrator) on BUYAKA on 25-05-2015 04:23:13
Running from D:\Downloads
Loaded Profiles: Dirk (Available Profiles: Dirk)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
() C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CyberLink Corp.) D:\Power DvD\PowerDVD14\PowerDVD14Agent.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-04-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [885760 2012-02-22] (Creative Technology Ltd)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [542560 2012-11-09] (ROCCAT GmbH)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5119600 2012-05-11] (VIA)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [LifeCam] => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PowerDVD14Agent] => D:\Power DvD\PowerDVD14\PowerDVD14Agent.exe [795672 2014-04-28] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.OE.Systray.exe [128760 2015-05-07] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\Run: [Google Update] => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-15] (Google Inc.)
HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\Run: [GoogleChromeAutoLaunch_AE66652699FDF5CB54FF6437594D0294] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-13] (Google Inc.)
HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7435320 2015-05-22] (GOG.com)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Networks Killer Network Manager.lnk [2013-01-17]
ShortcutTarget: Bigfoot Networks Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-08-07]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013-01-26]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
URLSearchHook: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002 - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-23] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-23] (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-23] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-23] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12] (Microsoft Corporation.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{68927ED1-1B66-4CC7-A556-99F8C5008778}: [NameServer] 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\ko2e0n80.default
FF SelectedSearchEngine:
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dirk\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: @talk.google.com/O1DPlugin -> C:\Users\Dirk\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-03-10] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Dirk\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dirk\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Avira Browser Safety - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\ko2e0n80.default\Extensions\abs@avira.com [2015-05-16]
FF Extension: ProxTube - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\ko2e0n80.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-12]

Chrome:
=======
CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-14]
CHR Extension: (Google Docs) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-19]
CHR Extension: (Google Drive) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-19]
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-19]
CHR Extension: (Google Search) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-19]
CHR Extension: (Avira Browser Safety) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-16]
CHR Extension: (Bookmark Manager) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Flash Player) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdpbajmogfhlafbipjjklkdhloplicgc [2015-02-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-14]
CHR Extension: (Gmail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-19]
CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-24]
CHR Extension: (Google Docs) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-26]
CHR Extension: (Google Drive) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-24]
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-26]
CHR Extension: (Google Search) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-26]
CHR Extension: (Google Sheets) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-24]
CHR Extension: (Google Wallet) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [342528 2012-11-09] (AVerMedia) []
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) []
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [206584 2015-05-07] (Avira Operations GmbH & Co. KG)
R2 Bigfoot Networks Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [492032 2012-10-23] () []
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-01-25] (Creative Labs) []
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-01-25] (Creative Labs) []
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) []
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103424 2013-02-14] (Creative Technology Ltd)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1743928 2015-05-22] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6516792 2015-05-22] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-08] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) []
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) []
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-08] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) []
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVer330; C:\Windows\system32\DRIVERS\AVer330.sys [1471104 2013-01-07] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 BfEdge7x64; C:\Windows\system32\DRIVERS\Edge7x64.sys [31336 2012-10-23] (Bigfoot Networks, Inc.)
R3 BFN7x64; C:\Windows\System32\drivers\Xeno7x64.sys [157288 2012-10-23] (Bigfoot Networks, Inc.)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1044760 2013-02-14] (Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [28440 2013-02-14] (Creative Technology Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34408 2013-10-14] (Microsoft Corporation)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-25 04:22 - 2015-05-25 04:23 - 00000000 ____D () C:\FRST
2015-05-25 04:15 - 2015-05-25 04:21 - 00000000 ____D () C:\Program Files\Reimage
2015-05-25 04:14 - 2015-05-25 04:15 - 00000165 _____ () C:\WINDOWS\Reimage.ini
2015-05-21 18:08 - 2015-05-21 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2015-05-20 01:15 - 2015-05-12 04:34 - 00571024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-05-20 01:13 - 2015-05-13 08:52 - 00195912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-05-20 01:13 - 2015-05-13 08:52 - 00031552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 42718864 _____ () C:\WINDOWS\system32\nvcompiler.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 37741712 _____ () C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 22945424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 16145176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 15858728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 14455296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 10972304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-05-20 01:13 - 2015-05-12 08:27 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 02599056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435286.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435286.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01099808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01050256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00982672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00974480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00939080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00878816 _____ () C:\WINDOWS\system32\nvmcumd.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00502896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00407296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00364176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-05-19 20:17 - 2015-05-25 02:52 - 00000000 ____D () C:\Users\Dirk\Documents\The Witcher 3
2015-05-19 20:17 - 2015-05-19 20:17 - 00000000 ____D () C:\Users\Dirk\AppData\Local\GalaxyCommunicationService
2015-05-19 20:17 - 2015-05-19 20:17 - 00000000 ____D () C:\GOG Games
2015-05-18 22:25 - 2015-05-18 22:25 - 00001077 _____ () C:\Users\Public\Desktop\GOG Galaxy.lnk
2015-05-18 22:25 - 2015-05-18 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-05-18 22:25 - 2015-05-18 22:25 - 00000000 ____D () C:\ProgramData\GOG.com
2015-05-18 22:25 - 2015-05-18 22:25 - 00000000 ____D () C:\Program Files (x86)\GalaxyClient
2015-05-14 03:09 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:09 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:02 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 18:02 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 18:02 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 18:02 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 18:02 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 18:02 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 18:02 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 18:02 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 18:02 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 18:02 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 18:02 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 18:02 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 18:02 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 18:02 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 18:02 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 18:02 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 18:02 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 18:01 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 18:01 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 18:01 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 18:01 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 18:01 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 18:01 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 18:01 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 18:00 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 18:00 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 18:00 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 18:00 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 18:00 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 18:00 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 18:00 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 18:00 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 18:00 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 18:00 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 18:00 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 18:00 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 18:00 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 18:00 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 18:00 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 18:00 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 18:00 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 18:00 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 18:00 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 18:00 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 18:00 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 18:00 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 18:00 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 18:00 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 18:00 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 18:00 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 18:00 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 18:00 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 18:00 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 18:00 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 18:00 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 18:00 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 18:00 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 18:00 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 18:00 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 18:00 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 18:00 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 18:00 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 18:00 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 18:00 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 18:00 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 18:00 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 18:00 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 18:00 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 18:00 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 18:00 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 18:00 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 18:00 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 18:00 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-13 18:00 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-13 18:00 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 18:00 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 18:00 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 18:00 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 18:00 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-04-30 18:46 - 2015-04-30 18:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-28 00:04 - 2015-04-28 00:04 - 00000922 _____ () C:\Users\Dirk\AppData\Local\recently-used.xbel
2015-04-27 19:35 - 2015-04-27 19:35 - 00000000 ____D () C:\Users\Dirk\Documents\Job-Card

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-25 04:18 - 2014-09-14 21:39 - 01048945 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-25 04:08 - 2014-02-03 01:40 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-25 04:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-25 03:46 - 2013-06-16 15:13 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002UA.job
2015-05-25 03:26 - 2013-01-19 17:43 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-25 02:00 - 2014-08-19 18:21 - 00000000 ____D () C:\Users\Dirk\AppData\Local\Adobe
2015-05-25 01:26 - 2013-01-19 17:43 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-25 01:07 - 2013-06-10 18:44 - 00000000 ___RD () C:\Users\Dirk\Dropbox
2015-05-25 00:57 - 2013-01-19 17:21 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3411081457-3890955146-2593942546-1002
2015-05-25 00:40 - 2013-02-20 21:24 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\Raptr
2015-05-25 00:39 - 2014-12-23 19:51 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{67A2C813-F999-4C25-B04F-888AB6118E69}
2015-05-25 00:39 - 2014-09-14 21:58 - 00000000 __RDO () C:\Users\Dirk\OneDrive
2015-05-25 00:39 - 2013-08-22 16:46 - 00395468 _____ () C:\WINDOWS\setupact.log
2015-05-25 00:39 - 2013-06-10 18:40 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\Dropbox
2015-05-23 21:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-23 18:46 - 2013-06-16 15:13 - 00001078 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002Core.job
2015-05-21 18:08 - 2013-01-22 19:02 - 00514462 _____ () C:\WINDOWS\DirectX.log
2015-05-21 17:35 - 2015-04-04 17:18 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-21 17:35 - 2015-04-04 17:18 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-21 17:35 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-20 01:17 - 2014-03-18 12:03 - 01807578 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-20 01:17 - 2014-03-18 11:25 - 00775384 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-20 01:17 - 2014-03-18 11:25 - 00164104 _____ () C:\WINDOWS\system32\perfc007.dat
2015-05-20 01:15 - 2014-09-14 21:39 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-20 01:15 - 2014-09-14 21:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-20 01:15 - 2013-01-19 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-19 18:42 - 2013-02-20 21:24 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-05-19 18:41 - 2013-06-16 15:13 - 00004074 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002UA
2015-05-19 18:41 - 2013-06-16 15:13 - 00003694 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002Core
2015-05-19 18:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-19 17:34 - 2014-03-18 03:50 - 00412076 _____ () C:\WINDOWS\PFRO.log
2015-05-19 17:34 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-19 01:12 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-19 00:07 - 2014-10-07 20:44 - 00000000 ____D () C:\Users\Dirk\AppData\Local\The Witcher
2015-05-18 22:25 - 2014-03-06 23:27 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-18 19:39 - 2013-01-20 15:15 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\vlc
2015-05-18 18:21 - 2013-01-20 00:59 - 00000000 ____D () C:\Users\Dirk\Documents\Outlook-Dateien
2015-05-17 13:48 - 2013-01-20 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-17 13:47 - 2015-04-02 12:03 - 00001233 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-05-17 13:47 - 2013-01-20 16:10 - 00000000 ____D () C:\ProgramData\Avira
2015-05-17 13:47 - 2013-01-20 16:10 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-05-17 12:21 - 2015-04-18 04:30 - 00000080 _____ () C:\Users\Dirk\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-05-17 03:13 - 2015-01-10 01:12 - 00000000 ____D () C:\Users\Dirk\AppData\Local\Genymobile
2015-05-17 03:13 - 2015-01-10 01:12 - 00000000 ____D () C:\Users\Dirk\.VirtualBox
2015-05-17 01:21 - 2013-01-19 17:43 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 01:21 - 2013-01-19 17:43 - 00003868 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 13:30 - 2014-04-06 16:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 13:30 - 2014-04-06 16:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 13:30 - 2014-02-03 01:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-14 13:30 - 2013-08-22 16:44 - 05126792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-14 03:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-14 03:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-14 03:10 - 2013-01-20 00:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-14 03:09 - 2013-07-14 13:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-14 03:06 - 2013-01-21 00:20 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-14 03:05 - 2014-04-06 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 03:04 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 08:52 - 2015-03-21 15:49 - 01558848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-05-12 08:27 - 2015-03-21 15:49 - 13263568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-05-12 08:27 - 2014-09-14 21:39 - 00112784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-05-12 08:27 - 2014-09-14 21:39 - 00105288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-05-12 08:27 - 2014-08-19 22:15 - 30478992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-05-12 08:27 - 2014-08-19 22:15 - 17540416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-12 08:27 - 2014-08-19 22:15 - 15048816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-05-12 08:27 - 2014-08-19 22:14 - 12849056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-05-12 08:27 - 2014-08-19 22:14 - 11790144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-05-12 08:27 - 2014-08-19 22:14 - 03363224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-05-12 08:27 - 2014-08-19 22:14 - 00031710 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-05-12 08:27 - 2014-08-19 22:13 - 02971776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 06872392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 03490448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-12 05:30 - 2014-09-14 21:39 - 00385352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-11 20:15 - 2013-06-10 18:44 - 00001070 _____ () C:\Users\Dirk\Desktop\Dropbox.lnk
2015-05-11 20:15 - 2013-06-10 18:40 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-11 19:01 - 2014-09-14 21:39 - 04391871 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-05-10 18:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-08 02:35 - 2014-12-15 21:00 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-05-08 02:35 - 2013-11-16 20:59 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-05-08 02:34 - 2014-12-15 21:00 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-05-08 02:34 - 2013-11-16 20:59 - 01570672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-05-05 19:59 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-03 15:55 - 2014-02-07 19:15 - 00000000 ____D () C:\Users\Dirk\Desktop\Herten
2015-04-28 00:11 - 2013-06-16 11:54 - 00000000 ____D () C:\Users\Dirk\.gimp-2.8

==================== Files in the root of some directories =======

2013-12-24 00:37 - 2013-12-24 00:37 - 0000092 _____ () C:\Users\Dirk\AppData\Local\fusioncache.dat
2015-04-28 00:04 - 2015-04-28 00:04 - 0000922 _____ () C:\Users\Dirk\AppData\Local\recently-used.xbel
2013-08-07 19:44 - 2014-09-15 19:15 - 0001338 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Dirk\AppData\Local\Temp\avgnt.exe
C:\Users\Dirk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvhl7pd.dll
C:\Users\Dirk\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dirk\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Dirk\AppData\Local\Temp\nvStInst.exe
C:\Users\Dirk\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Dirk\AppData\Local\Temp\Uninstaller-18212.exe
C:\Users\Dirk\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-19 17:44

==================== End of log ============================

Buyaka 25.05.2015 03:38
Additional txt
 
Und Additional.txt:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by Dirk at 2015-05-25 04:23:29
Running from D:\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3411081457-3890955146-2593942546-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3411081457-3890955146-2593942546-1004 - Limited - Enabled)
Dirk (S-1-5-21-3411081457-3890955146-2593942546-1002 - Administrator - Enabled) => C:\Users\Dirk
Gast (S-1-5-21-3411081457-3890955146-2593942546-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3411081457-3890955146-2593942546-1006 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 (HKLM\...\UDK-6f267067-7e60-4724-9445-d52ea2585f10) (Version:  - RuneStorm
4500_G510gm_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.25 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0925-000001000000}) (Version: 9.25.00.0 - Igor Pavlov)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CS4 (HKLM-x32\...\Adobe_26b63376f4efc354dae41af6b5e3343) (Version: 4 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version:  - Ubisoft Montreal)
AVerMedia Live Gamer HD Series Device 3.3.64.30 (HKLM-x32\...\AVerMedia Live Gamer HD Series Device) (Version: 3.3.64.30 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia RECentral (HKLM-x32\...\InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}) (Version: 1.2.0.25 - AVerMedia Technologies, Inc.)
AVerMedia RECentral (x32 Version: 1.2.0.25 - AVerMedia Technologies, Inc.) Hidden
Avira (HKLM-x32\...\{022ef99f-0db2-4efc-964d-5dd2da3151f6}) (Version: 1.1.37.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.37.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\Steam App 228280) (Version:  - Beamdog)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bigfoot Networks Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.440 - Bigfoot Networks)
Bigfoot Networks Killer Network Manager (Version: 6.1.0.440 - Bigfoot Networks) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Camelot Unchained (HKLM-x32\...\{68CBAF50-8453-46F3-BD4B-62429CE590BE}) (Version: 0.1.0 - City State Entertainment)
Crusader No Remorse (HKLM-x32\...\{2AEA735F-B393-4D89-93EF-5849CB72B4A3}) (Version: 1.0.0.2 - Electronic Arts)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4028.58 - CyberLink Corp.)
Dark Age of Camelot (HKLM-x32\...\Dark Age of Camelot) (Version:  - Electronic Arts)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.6 - Electronic Arts)
DriverCD (HKLM-x32\...\DriverCD) (Version:  - )
Dropbox (HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Edraw Mind Map 6.8 (HKLM-x32\...\Edraw Mind Map Freeware_is1) (Version:  - EdrawSoft)
EVE Online (nur entfernen) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
gamelauncher-ps2-psg (HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\SOE-D:/Planetside 2) (Version:  - Sony Online Entertainment)
Genymotion version 2.3.1 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.3.1 - Genymobile)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510g-m 14.0 Rel. 6 (HKLM\...\{C55BF64E-60E1-494C-B1EB-97A008141A55}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO - The Hobbit (HKLM-x32\...\Steam App 285160) (Version:  - Traveller's Tales)
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version:  - Traveller's Tales)
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.9 - www.leaguereplays.com)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Mortal Kombat Komplete Edition (HKLM-x32\...\Steam App 237110) (Version:  - NetherRealm Studios)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Neverwinter (HKLM-x32\...\Neverwinter) (Version:  - Cryptic Studios)
NSRCG (HKLM-x32\...\ST6UNST #1) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.3.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 352.86 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.2.12 (HKLM\...\{0C1DE303-E41B-44BA-8ABA-B7F09D857001}) (Version: 4.2.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.23.2817 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version:  - Obsidian Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
Shadowrun: Dragonfall - Director's Cut (HKLM-x32\...\Steam App 300550) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.31 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sid Meier's Pirates! (HKLM-x32\...\Steam App 3920) (Version:  - Firaxis Games)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sound Blaster Recon3D PCIe (HKLM-x32\...\{050484F3-3060-4FC3-B35E-94B35C52F52E}) (Version: 1.00.21 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tabletop Simulator (HKLM-x32\...\Steam App 286160) (Version:  - Berserk Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
The Lord of the Rings Online™ v03.08.00.8029 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.08.00.8029 - Turbine, Inc.)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.3.0 - GOG.com)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version:  - 11 bit studios)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Viscera Cleanup Detail: Shadow Warrior
Viscera Cleanup Detail: Shadow Warrior (HKLM-x32\...\Steam App 255520) (Version:  - RuneStorm)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Xfire (HKLM-x32\...\Xfire) (Version:  - )
XMedia Recode Version 3.1.6.6 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.6.6 - XMedia Recode)
XSplit Broadcaster (HKLM-x32\...\{3A1F3A32-7E9D-4AD2-A2E2-DFC98BAA9DC7}) (Version: 1.3.1403.1202 - SplitMediaLabs)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

21-05-2015 17:35:01 Windows Modules Installer

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2013-02-23 18:36 - 00002282 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 ntrack.com127.0.0.1                                activate.adobe.com
127.0.0.1      localhost
127.0.0.1      activate.adobe.com
127.0.0.1      practivate.adobe.com
127.0.0.1      adobeereg.com
127.0.0.1      hxxp://www.adobeereg.com
127.0.0.1      activate.adobe.com
127.0.0.1      activate-sea.adobe.com
127.0.0.1      activate-sjc0.adobe.com
127.0.0.1      wwis-dubc1-vip60.adobe.com
127.0.0.1      192.150.18.108
127.0.0.1      activate.adobe.com:443
127.0.0.1      3dns-3.adobe.com
127.0.0.1      3dns-2.adobe.com
127.0.0.1      adobeereg.com
127.0.0.1      www.adobeereg.com
127.0.0.1      activate.adobe.com
127.0.0.1      activate-sea.adobe.com
127.0.0.1      activate-sjc0.adobe.com
127.0.0.1      wwis-dubc1-vip60.adobe.com
127.0.0.1      192.150.18.108
127.0.0.1      adobeereg.com
127.0.0.1      www.adobeereg.com
127.0.0.1      activate.adobe.com
127.0.0.1      activate-sea.adobe.com
127.0.0.1      activate-sjc0.adobe.com
127.0.0.1      wwis-dubc1-vip60.adobe.com
127.0.0.1      192.150.18.108
127.0.0.1      adobe-dns.adobe.com

There are 9 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1ABD9254-621B-4F4F-9845-61FFEE86EECB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002UA => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-15] (Google Inc.)
Task: {23FCCDB6-9867-4DB7-AD7E-B9CAC0F86C26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-19] (Google Inc.)
Task: {3CF95093-FA90-45B8-9D37-3912BE681307} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-drothe@gmx.net => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {62B84183-CDDA-4964-957E-963864360F67} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7DF86229-FE85-4744-BA41-1F4088E4B596} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-14] (Microsoft Corporation)
Task: {81E66C72-A946-4CF0-848E-0F934311A7A4} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {94DFECA3-6E88-4A7D-9D3B-08A7852E675E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {A65A513C-A4DB-4345-9ADF-C924136231D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-19] (Google Inc.)
Task: {B86B2015-C687-4A36-9EF2-8A5A7D1D452E} - System32\Tasks\{A5D3EFCC-0C81-4410-BA3E-7B361E017557} => pcalua.exe -a "H:\Shine_Win_Full\Shine_Win_Full\Adobe Premiere Pro\Premiere Pro CS4 or earlier\Trapcode Shine PPro.exe" -d "H:\Shine_Win_Full\Shine_Win_Full\Adobe Premiere Pro\Premiere Pro CS4 or earlier"
Task: {CF9EF135-65E6-40E2-8C60-D5B1B5FD0991} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {EADCA18D-4C11-4C6C-9D25-5D240186FDA9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002Core => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-15] (Google Inc.)
Task: {F76C6409-2DEA-4918-ADEA-796E94D7588F} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002Core.job => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002UA.job => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-10-23 15:03 - 2012-10-23 15:03 - 00492032 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
2011-05-09 21:46 - 2011-05-09 21:46 - 02760192 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll
2011-05-09 21:56 - 2011-05-09 21:56 - 09856000 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll
2011-05-09 21:47 - 2011-05-09 21:47 - 00416256 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll
2012-10-23 15:03 - 2012-10-23 15:03 - 00217600 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll
2011-05-09 21:48 - 2011-05-09 21:48 - 00990720 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll
2011-05-10 13:32 - 2011-05-10 13:32 - 00731648 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll
2014-09-14 21:39 - 2015-05-12 05:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-01-26 21:57 - 2012-05-11 09:46 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-01-26 21:57 - 2012-05-11 09:46 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2015-01-19 19:57 - 2015-01-19 19:57 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\c89a3da49bf7bd161745f4228277ea00\PSIClient.ni.dll
2015-03-31 21:04 - 2015-05-08 02:36 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 07816192 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 01425920 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 00188416 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 00336896 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 00096256 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2015-05-21 23:26 - 2015-05-13 18:48 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\libglesv2.dll
2015-05-21 23:26 - 2015-05-13 18:48 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\libegl.dll
2012-02-23 06:56 - 2012-02-23 06:56 - 00593920 _____ () C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\de-DE\SBRnPCIe.resources.dll
2013-01-26 17:43 - 2010-11-04 12:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2015-05-18 22:25 - 2015-05-18 22:26 - 00566272 _____ () C:\Program Files (x86)\GalaxyClient\PocoUtil.dll
2015-05-18 22:25 - 2015-05-18 22:26 - 01202176 _____ () C:\Program Files (x86)\GalaxyClient\PocoNet.dll
2015-05-18 22:25 - 2015-05-18 22:26 - 02577408 _____ () C:\Program Files (x86)\GalaxyClient\PocoData.dll
2015-05-18 22:25 - 2015-05-18 22:26 - 00477184 _____ () C:\Program Files (x86)\GalaxyClient\PocoDataSQLite.dll
2015-05-18 22:25 - 2015-05-18 22:26 - 00515584 _____ () C:\Program Files (x86)\GalaxyClient\PocoXML.dll
2015-05-18 22:25 - 2015-05-18 22:26 - 00340480 _____ () C:\Program Files (x86)\GalaxyClient\PocoZip.dll
2015-05-18 22:25 - 2015-05-18 22:26 - 01784320 _____ () C:\Program Files (x86)\GalaxyClient\PocoFoundation.dll
2015-05-18 22:25 - 2015-05-18 22:26 - 00332288 _____ () C:\Program Files (x86)\GalaxyClient\PocoNetSSL.dll
2015-05-18 22:25 - 2015-05-18 22:26 - 00415744 _____ () C:\Program Files (x86)\GalaxyClient\PocoJSON.dll
2015-05-18 22:25 - 2015-04-09 15:52 - 41299456 _____ () C:\Program Files (x86)\GalaxyClient\libcef.dll
2015-05-18 22:25 - 2015-05-18 22:26 - 00649728 _____ () C:\Program Files (x86)\GalaxyClient\sqlite.dll
2015-05-18 22:25 - 2015-04-09 15:52 - 00139776 _____ () C:\Program Files (x86)\GalaxyClient\expat.dll
2015-05-18 22:25 - 2015-04-09 15:52 - 00412672 _____ () C:\Program Files (x86)\GalaxyClient\pcre.dll
2015-05-18 22:25 - 2015-04-09 15:52 - 00094208 _____ () C:\Program Files (x86)\GalaxyClient\zlib.dll
2015-05-18 22:25 - 2015-05-18 22:26 - 00172032 _____ () C:\Program Files (x86)\GalaxyClient\PocoCrypto.dll
2015-05-18 22:25 - 2015-04-09 15:52 - 00107520 _____ () C:\Program Files (x86)\GalaxyClient\ZLIB1.dll
2014-05-28 18:00 - 2014-04-28 09:41 - 00866056 _____ () D:\Power DvD\PowerDVD14\common\UNO\UNO.dll
2014-05-28 18:00 - 2013-12-10 09:39 - 00074240 _____ () D:\Power DvD\PowerDVD14\Common\Koan\_ctypes.pyd
2014-05-28 18:00 - 2013-12-10 09:39 - 00285184 _____ () D:\Power DvD\PowerDVD14\Common\Koan\_hashlib.pyd
2014-05-28 18:00 - 2013-12-10 09:39 - 00040960 _____ () D:\Power DvD\PowerDVD14\Common\Koan\_socket.pyd
2014-05-28 18:00 - 2013-12-10 09:39 - 00721920 _____ () D:\Power DvD\PowerDVD14\Common\Koan\_ssl.pyd
2014-05-28 18:00 - 2014-04-28 09:40 - 00044296 _____ () D:\Power DvD\PowerDVD14\Kernel\DHProcedure\DHProcedure.dll
2015-05-18 22:25 - 2015-04-09 15:52 - 00888832 _____ () C:\Program Files (x86)\GalaxyClient\ffmpegsumo.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2015-05-15 04:21 - 2015-05-15 04:21 - 02540288 _____ () C:\Program Files (x86)\Raptr\ltc_host_ex.DLL
2014-08-14 02:37 - 2014-08-14 02:37 - 00027667 _____ () C:\Program Files (x86)\Raptr\plugins\audio_output\libdirectsound_plugin.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 00031251 _____ () C:\Program Files (x86)\Raptr\plugins\audio_output\libwaveout_plugin.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 00066579 _____ () C:\Program Files (x86)\Raptr\plugins\video_output\libdirectdraw_plugin.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-05-21 23:26 - 2015-05-13 18:48 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Dirk\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "LifeCam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{D2944BC4-7F6F-42F4-B623-4CCDCAA6C2FB}D:\blizzard\diablo iii\diablo iii.exe] => (Allow) D:\blizzard\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{EE42A1EE-898D-4441-A4F5-488C84124CD3}D:\blizzard\diablo iii\diablo iii.exe] => (Allow) D:\blizzard\diablo iii\diablo iii.exe
FirewallRules: [{D9BBFEA9-3CE4-4654-A83E-625F24B1C43C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{815E5F9A-55C0-43C4-A7CC-30A7D7131BFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{7F2C4B6F-9545-4C68-9732-2F0ED8A98A42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{6868EF00-30E8-403B-87D7-80D8E5D9631C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [UDP Query User{3CBF422C-57F6-4A5B-9593-2B209F9672ED}D:\lol replay\lolreplay.exe] => (Allow) D:\lol replay\lolreplay.exe
FirewallRules: [TCP Query User{30A80BFC-A3E5-4AD3-9BA4-F5E364DB72EC}D:\lol replay\lolreplay.exe] => (Allow) D:\lol replay\lolreplay.exe
FirewallRules: [{0DEA45D4-8DB0-42B1-B63A-8021FB501FE2}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{9F1B7FD2-9B5D-4D37-8D7C-A9292E0A6DBB}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{01073A41-A210-4E88-A844-014EF96A3B07}] => (Allow) D:\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{FEBBC448-3731-4195-8C53-83A7BC7E747D}] => (Allow) D:\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{89297831-BCEA-4EED-9E3F-BED94CF12F1D}] => (Allow) D:\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{4954ADFA-E28C-4507-BB92-2313A42B857E}] => (Allow) D:\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{F124F60D-41AC-43BF-B33B-FB163D89612F}] => (Allow) D:\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{42A83116-6BAB-4302-A06E-DD71774E7636}] => (Allow) D:\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{8FC429E2-5A03-4772-96AB-347C53DECBBA}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{E92DD98D-BBB0-4728-B0D0-27311AE64876}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{6539DBCE-3610-446E-B2CB-67D2E1692137}] => (Allow) D:\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{93F9A6C9-B602-4924-B3E4-093D748A8D54}] => (Allow) D:\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{1953A0C9-7C81-453F-B236-9AB495DDF323}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8CCA4839-A288-4957-A1F8-DF74129E9616}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{2D48BB8C-D699-4BF4-A0CA-0654954CF02E}C:\users\dirk\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\dirk\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E87280DA-E63E-4C86-9F06-C02B8695F554}C:\users\dirk\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\dirk\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{19595969-A907-48AF-9A27-BACACE49AC26}] => (Allow) D:\Steam\SteamApps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{52E0818A-CC83-4DEF-A9AC-43880D70637B}] => (Allow) D:\Steam\SteamApps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{7625DAF7-5FAB-4A47-B274-E5B91F082649}] => (Allow) D:\Steam\SteamApps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{DFEC3DF6-794E-4D3B-8446-ADD28A437EEA}] => (Allow) D:\Steam\SteamApps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{E1C27ED6-F628-4F8A-9FCC-02542482215D}] => (Allow) D:\WatchDogs\bin\Watch_Dogs.exe
FirewallRules: [{F3579008-693E-40A2-B31C-2D8F312856EE}] => (Allow) D:\WatchDogs\bin\Watch_Dogs.exe
FirewallRules: [{AB079739-9F1C-4F72-8414-D0B85C0F9D45}] => (Allow) D:\Steam\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{F80FD433-06D1-499C-8FB1-745DD9305BF9}] => (Allow) D:\Steam\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{4AD8003D-0B74-436D-B465-3E1E12154BD5}] => (Allow) D:\Power DvD\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{117B430A-628B-4EBF-9A7F-5A987ECBD8EC}] => (Allow) D:\Power DvD\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{ADB70C68-69D8-4702-B133-9437887F3F30}] => (Allow) D:\Power DvD\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{DB49F362-FF44-4CD7-8A21-304ED1D684E9}] => (Allow) D:\Power DvD\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{3E373ED7-4638-4ED9-B182-3C2C75F08BD3}] => (Allow) D:\Power DvD\PowerDVD14\PowerDVD.exe
FirewallRules: [UDP Query User{97DDA0D9-5493-46D2-8D54-587EF2944C52}D:\eve\bin\exefile.exe] => (Block) D:\eve\bin\exefile.exe
FirewallRules: [TCP Query User{BCD9AEAB-A69C-47A3-87FA-94A9532C8C4A}D:\eve\bin\exefile.exe] => (Block) D:\eve\bin\exefile.exe
FirewallRules: [{F152F540-BF6F-41B6-8764-D3A91AC070E5}] => (Allow) D:\Steam\SteamApps\common\NBA2K14\nba2k14.exe
FirewallRules: [{AC5B97C7-FBEF-43D7-9E68-4C96CCE66C32}] => (Allow) D:\Steam\SteamApps\common\NBA2K14\nba2k14.exe
FirewallRules: [{85E34EA1-C590-4F58-A2B5-A78A992DB80E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{3EC17954-B246-4665-8470-47C9D62B9C09}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{C05C6463-3805-4360-987E-3BC41DD2A7FF}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{5B1572E9-F661-4A8A-92B5-2CC8721E1245}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{6B7A913E-C50F-44AB-BA08-9ECFA3873730}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{FEF4E2EF-9A84-4C66-9925-E7AE41957FE4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{7136C387-3A15-4080-A4C3-07CD9DA0EA11}] => (Allow) D:\Blizzard\Diablo III\Diablo III.exe
FirewallRules: [{40EFC1EB-12EA-48DF-80D8-19772EA9C852}] => (Allow) D:\Blizzard\Diablo III\Diablo III.exe
FirewallRules: [{8D38C033-C40B-4BD5-9F1F-737027C0BC7F}] => (Allow) D:\Blizzard\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{8FD4C88C-2F3F-494F-B6B2-21C5AB205148}] => (Allow) D:\Blizzard\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{733B4140-AEAA-460B-ABBC-73759C2A1AE8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{14243BEB-853F-485A-B82E-B6549E3F1908}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{54C0B68C-DDBF-4914-9A9C-C9F1B5850722}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{E63FAE14-9DE3-4E8A-B22B-62756A20F2A9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{4AD40BF2-8CCF-4218-8400-36A3EE0688CA}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EAAE77A9-4397-4118-A59E-B10D20A1CC87}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C8686D44-6CC8-40D9-9651-38AD89BC80FA}] => (Allow) D:\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{C859CE9F-C247-4A3F-B755-26CB29E9E8AE}] => (Allow) D:\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{A9C7FDB8-F42F-4EF0-B898-3BF0016501FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EBABEF75-310B-425D-BE68-188942549C6C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{383BB629-29EA-44A5-B42C-5A544C22E277}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BA7E6E82-C224-4C58-842C-7FB81CF2C8B2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C4330882-D561-4CFD-B2A8-8CC58D92A993}] => (Allow) D:\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{E4D6058A-EBA4-4A23-B239-437B111D82DE}] => (Allow) D:\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{009D769A-3036-412F-99EC-E1B1C920798D}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{A8C7774C-9FA5-457C-9EE1-0E1EF20AB242}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{63BBB5DD-04F6-4E27-BA78-9F286DDB6706}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{73A03111-BE84-4CF9-9F53-D9EAC3831B89}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{1EAF1C01-0FDE-4E38-AC10-5030FE477F96}] => (Allow) D:\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{FA7800DE-1B87-4735-8774-787EF09E935E}] => (Allow) D:\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{7C321C55-8662-4B49-93BA-CB2AA3686C01}] => (Allow) D:\Steam\SteamApps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{DA7D116E-8B19-4AD5-A27E-46A1E8368583}] => (Allow) D:\Steam\SteamApps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{ACB6FBB1-2363-4FD5-913F-0BBBEA77F2AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B263865C-781D-42A3-A536-F57D1591A30E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{15D5B4CF-C6EC-4C3C-9ED1-F24705C4AF8A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1653D1CB-8E6C-45BF-9499-A97F453985F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2A03BC1E-7242-4183-A912-E245BA21178D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{08CCBD19-0A74-44CC-8BF6-DD57CC908666}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{799F14FA-2B1D-4219-8D5C-0D8D19BDDB43}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B0E8B4F9-8696-414E-B0CC-144264FF937D}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [UDP Query User{D6B6DAA2-0272-4E53-A3BF-55AEBE354E77}D:\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) D:\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [TCP Query User{EBF9CB5B-20B8-4957-B2FE-80C79571986E}D:\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) D:\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [{7784776B-B5A4-4409-B3F7-78785C75A297}] => (Allow) D:\Steam\SteamApps\common\Lord of the Rings Online\TurbineInvoker.exe
FirewallRules: [{704D3A33-53DA-461B-A223-A7A88C976DD6}] => (Allow) D:\Steam\SteamApps\common\Lord of the Rings Online\TurbineInvoker.exe
FirewallRules: [{0AA45E7C-3AE7-4A87-9B5B-5645BB37F4C5}] => (Allow) D:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{FBC23BC0-6480-47E1-8CE8-E4E53BF8ED20}] => (Allow) D:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{19884797-BDA1-40E0-9B60-897CCDF90D60}] => (Allow) D:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{CBDED2B1-D7E4-4FD7-9DF1-8C3F7679A62E}] => (Allow) D:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{80358720-AA2C-4AE0-9234-58C9A816C8FE}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{C404FDD1-61DB-45C7-BC20-AED7B82E803C}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{F92EEE8E-2741-42C3-BFD8-EC6FA5A31B10}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8F24A1BD-ACE4-4845-B558-3ABDAD8F55ED}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{DD2CF3CD-03FD-4B2B-9FD0-92EE0B3D87A6}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{01458741-D8E2-420A-8047-35C63F99A989}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{74FB392D-53DF-447C-A075-DE3CEDE3548E}] => (Allow) D:\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{4347C8E7-C880-427E-86BD-F6DCE6801BCB}] => (Allow) D:\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{9B740945-1919-49F2-A780-6C91206F465E}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{EC7BE17A-65EB-45A5-8C7B-4973E8D851FB}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{6E3CD587-ECF7-473D-AF4B-42A87BFC1B59}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F502C6DF-AFC5-4EB3-B4E7-008D2BA80C0C}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3B9B88E0-CE2D-44A3-A486-BBAAC0A552FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B842F8EB-F11A-4435-9EDC-80D2626A3AF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6DDE4C62-3DF0-430D-BC0A-DBA5540B7A64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D533C4F2-0E61-4AB2-B96B-374A24FD5F37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7ED42003-38FB-4D4A-8BB9-A04718BE4B93}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BF6DD959-96DC-4AC2-B178-70483C61BBCE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CF5AADD6-585F-422E-B07A-31281753DEE7}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{76A12E8E-DD7A-4AFB-AEFD-F965F53A4BA8}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{FEBD4D7F-817A-4189-A106-EE220A8445C0}] => (Allow) D:\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{7D633555-B2DB-4BA8-84EF-6E4F23CF35CA}] => (Allow) D:\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{15F44263-7745-44A4-9BC0-5BF91C5E8988}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{39F51139-4EF9-41F1-A7EF-049F1931D352}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{ED919601-83D3-47B5-9600-868067E0B142}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0D1ABFE0-92C7-4191-80A9-0D1B171C7423}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7B8B0758-6A38-4124-9219-33D64EE4EB1D}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1371E78C-BF48-40F4-A09E-CC97FF23F8BE}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{01EA73ED-870D-4047-B093-6C48F778B277}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{1AD08169-6580-470A-8E5A-8927E6D7B97D}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{3AFAC762-F81A-4D7F-A723-4EA13BF413E9}] => (Allow) D:\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{31DE37E3-E98C-4268-A868-C65D1838DC16}] => (Allow) D:\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{58D33E43-F868-4CE9-B825-D599DAAB4842}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8B7CC87F-E4B5-40CC-9FCA-367AF02718AD}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{595B6D57-C159-4445-B5F3-C7C9172BD19E}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{69F7559D-3DE7-4E6F-BF55-E107D27FB60A}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{10FFB691-885D-49A5-8E60-F1A0DD86C688}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{265DD7EB-FD22-40F7-ACAC-05AE5CED5DDF}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{623DE4F0-5603-401E-B7BC-D167D2DAA962}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{FB06EE25-5F45-48A8-8ADE-F92F369FE2C5}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8CC558B9-5CDF-4F43-B4BE-5462A051B433}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{F8669908-A33F-4B3A-A201-FFA8736AB795}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{50F88736-A839-47D3-B75F-17657E35BAE6}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BB10E97C-955F-4258-BBF4-BCCDB90C9E7D}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{700C1DCC-400C-43F7-9F43-210A9EB185EF}] => (Allow) D:\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{EBDD3A62-0E61-4956-AABF-4A93D91E22C7}] => (Allow) D:\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{14D8D37B-9618-4179-94BD-8F742C666B4C}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7FA7716F-84EC-40FA-8A30-09F1A930E2F5}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{67DB0E54-D68C-4F7D-977A-B173EA7D146E}] => (Allow) D:\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{1E812D5A-960F-4D87-82EF-F38CE5C09438}] => (Allow) D:\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{1112D83C-8D4D-40D0-BCB3-8BBF1DF35D9C}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E2D5155F-EDEE-4685-96B0-CF1C46EBDB31}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5474669E-E508-40A6-A49F-D16150A73FF5}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{5BC8ED51-835C-4906-A707-53391391D42A}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{0FEA145B-14E2-42BF-AAAD-49DE87F114EC}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{4D4BDEC4-6AFA-40AF-BE03-A6535FAF93E0}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{98950167-0BC8-414F-8ABF-299E40B58EC9}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E7AF3F06-962B-4841-BF80-CB11B378A72D}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F37F7BFA-F97A-4AE9-9139-6156ABDFD177}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BE3C52FC-4147-46B3-9EF1-9E298700C1D7}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1AE3A11F-08DC-4F1A-840D-04F059181F40}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{5BD4905B-D5EE-45C0-9240-1446D64F5C65}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{85624075-9B58-4EA5-A476-DDE5483B30AC}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{04CB0430-4877-418A-82AA-83ACA03DFFCA}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2CEDCB0D-85E7-4355-B842-56DC02B5D6E5}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{28B89557-A748-45A6-8720-B209F1D9E46D}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BD89AE4F-1A14-4DB4-A5BF-BF054D5A5848}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{47411344-A4B2-4248-B408-E93329F6C9B1}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{111F0986-53B2-4A28-A0A5-72591FB8779B}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{6A4F5E9E-3260-4417-A86A-E721ECDCB6D5}] => (Allow) D:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [UDP Query User{CE838BD1-19F9-4D76-B7A0-18D7F3DDE0F1}D:\dc-online\unreal3\binaries\win32\dcgame.exe] => (Allow) D:\dc-online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [TCP Query User{B8533022-ED2F-4A6C-9617-7C6CC88BC3F5}D:\dc-online\unreal3\binaries\win32\dcgame.exe] => (Allow) D:\dc-online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [{8248ADFC-97AA-47DF-8075-6DEFDBB5F48E}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{819CB7A8-963A-478D-9FF9-43196F9AB2AC}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6B100EF1-BEF6-48AB-B9E9-7951CCA8201B}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{63EE2DE4-AE55-4CDE-A852-80FA1A94A27B}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{062E2E55-F554-49AD-BA65-CBB6018AEE51}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{62EF740A-CF5B-4CB6-A22B-A55B66B3272B}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [UDP Query User{19996180-3DC9-4DC0-AA70-31D75D817150}D:\star citizen\citizenclient\bin64\starcitizen.exe] => (Allow) D:\star citizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [TCP Query User{BB63FCEB-F0CA-4551-82F3-588575745191}D:\star citizen\citizenclient\bin64\starcitizen.exe] => (Allow) D:\star citizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [{BA0CED5C-4B5D-4240-99B1-A7418594A6DD}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{14C70B3D-CFD3-4BAE-B779-6D03A1FB88CD}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{46446A16-0FB7-4947-A334-101514B51AB9}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D7257A73-488D-4973-8FEE-8B26A63A3F8F}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{85F70807-AD62-4D64-AD70-B917DA968B3B}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F93CB468-CEA1-4BAC-A947-FC6F22F65B9B}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{25F60536-C218-42B9-85D9-D370CFF286E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1983FB29-0A03-48FE-878A-49963BC19227}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F5B137A3-9ADD-4CF6-8622-B0A85073EEA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5527C9F9-C6DB-4D82-B265-5D19277797BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3B301455-E216-4598-8264-14BC9323184F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CC0A5969-D983-4240-9346-4B43660A1D54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5911C8AF-94E7-427C-86C2-2FC508C122A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A069E5E7-EBEF-4DE0-8785-77D91D752693}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{04B8376B-521E-491A-945A-DEE99252D786}] => (Allow) D:\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{E976A170-63B9-4287-B5AC-2321E7F7DEC2}] => (Allow) D:\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [UDP Query User{9D32E29F-F530-41C7-8653-5DCFEDF6EEA8}D:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [TCP Query User{65DBC9E6-8E17-4ED3-B280-A5943541FBE6}D:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{5576EBBD-3764-42FF-BE83-55879C6A43A6}] => (Allow) D:\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{F814BEAD-BEC5-46BF-A3FB-A9347D62C52E}] => (Allow) D:\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{D54BC440-CBFE-471E-8A53-D1ADA4DC6ED5}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A6A9A8CF-547D-4256-AE3D-DC703BA934BF}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{32F6A50D-8D65-4D1D-B131-CCB880A4492D}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9905C077-C595-4A94-9B7E-BA9B452C71B6}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{DEC686FB-C44A-4310-A27A-9D38C483CD28}] => (Allow) D:\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{04991AFD-F47B-408F-96D1-3C5ED62561FE}] => (Allow) D:\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{C266B2A7-F59B-4FBD-B511-2632E7A2CE99}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{19267028-CF9C-40CB-944E-2BCC8A24E9E4}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{90D1B6D3-5E4F-4DD6-8810-2BCCFE223675}] => (Allow) D:\Steam\SteamApps\common\Baldur's Gate Enhanced Edition\BGEE.exe
FirewallRules: [{995DFFE5-6556-4F09-B629-FE793EECE2FC}] => (Allow) D:\Steam\SteamApps\common\Baldur's Gate Enhanced Edition\BGEE.exe
FirewallRules: [{EC9AD64B-3DCD-4398-8C38-E21FE3BD09D7}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{8B86DE81-AC50-4F0F-AA55-449B3C53E3CE}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{F36074FB-EF49-4F18-BADD-1EA54C50EB02}] => (Allow) D:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{C68BBD7E-78F2-4B3C-9735-59070C792D07}] => (Allow) D:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [UDP Query User{3A17FA71-6386-4234-B926-AE57B40D0DA2}D:\lol replay\lolreplay.exe] => (Allow) D:\lol replay\lolreplay.exe
FirewallRules: [TCP Query User{78667C61-2292-4B8C-A74E-31DB0217470E}D:\lol replay\lolreplay.exe] => (Allow) D:\lol replay\lolreplay.exe
FirewallRules: [UDP Query User{71645865-02A9-4C42-962B-E12AFF603106}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe
FirewallRules: [TCP Query User{05DD6B7A-2144-426F-A1EF-A04432A8FF73}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe
FirewallRules: [{F5E7126E-B2DF-42F9-9032-1CBFC732BAA1}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{515936C3-62B4-46D1-B0E7-93C4976DD636}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{5A121805-48E7-4794-B3DA-48F18411BD02}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{CCFF1015-32E5-453F-8962-BFBC9D1CA0E1}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{22B5B7FF-D6FE-4461-8736-146C457A4301}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{3FEBA77E-5C34-48CD-A034-1C28810AD7B6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{0F046CB4-96C2-4740-A217-AD559F00B160}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{2A6BA6BC-6816-48FA-991B-89204512B900}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{1EAD827D-E520-4145-9AD1-5E1BF10B21B9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{42AFB44A-5C3D-4E00-8A97-E73225358D81}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{CC64B531-2858-4ABA-82F0-64B592DCC59E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{D5DD0747-CDA2-463D-BD52-265B07C7D0B1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{6FD3FFEA-CFD9-43D1-9B54-DDBE87D6197E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{2BA366BD-9808-4DE9-94BF-7203602507A8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{224F95D5-9254-43F7-BCE2-2742B5E0A018}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{066E7E76-65E6-422B-BD47-94D78BBF795E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{C5692DDF-3FEA-4857-B5F2-1848B0A4EBDA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{258E4CD0-139D-457E-BD95-25132FFF2C74}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{F9ECD527-809D-4F8B-B44E-69501BB1CC95}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{940D97A6-023B-421A-9E58-DDB3D560652A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{A22E41FF-88E1-424C-B193-0ECC7965F6E9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{DDB1F578-D529-44C3-B8CA-5895FC56E663}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{336DA791-2487-4027-AFAF-5CE4FF57DC29}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{EB3678DA-25F6-4312-A9FA-71FE23474143}] => (Allow) C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F2E30858-5BC7-4DD8-ABE3-6331DA8F062D}] => (Allow) C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1529C8DD-1C07-4733-8857-52447D7EE82B}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.163\deploy\LoLLauncher.exe
FirewallRules: [{54234A83-7307-48B6-9928-295FE055051C}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.163\deploy\LoLLauncher.exe
FirewallRules: [{E4F4AE9D-2697-4093-8B52-6BDF03802AAA}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.163\deploy\LoLLauncher.exe
FirewallRules: [{C8E53D16-B9E3-4326-AA7B-32A60BDB5653}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.163\deploy\LoLLauncher.exe
FirewallRules: [{78839E89-6609-4FB5-BBE5-EB3A87CEE9BE}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.26\deploy\LolClient.exe
FirewallRules: [{C2F32ECD-7FBB-41DB-90BC-7241C62178E1}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.26\deploy\LolClient.exe
FirewallRules: [{2B2006FD-BA48-4F81-9C8C-A86D85746D4F}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.26\deploy\LolClient.exe
FirewallRules: [{8CE26C18-AAC6-4431-91D0-95B5440F9F78}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.26\deploy\LolClient.exe
FirewallRules: [{6B9B6FAF-F223-42A0-AF68-33C10673E30C}] => (Allow) C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.232\deploy\League of Legends.exe
FirewallRules: [{10550ED9-F3C2-46FC-A898-FFEA49AD0426}] => (Allow) C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.232\deploy\League of Legends.exe
FirewallRules: [{25C173F3-C2AA-4879-A150-65FAFE8034C7}] => (Allow) C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.232\deploy\League of Legends.exe
FirewallRules: [{CD623763-2EA0-44FB-8526-FA4C4490BC36}] => (Allow) C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.232\deploy\League of Legends.exe
FirewallRules: [{2325534E-555C-4B66-9D8B-269E05EB259A}] => (Allow) C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
FirewallRules: [{CD75F62C-E5E6-4DF6-AB64-5B7B7BA7D46D}] => (Allow) C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
FirewallRules: [{C0D8CCBE-C278-48BD-890F-A8FABD993D95}] => (Allow) C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
FirewallRules: [{6125706A-BD11-424C-874B-F3F9FEF93759}] => (Allow) C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
FirewallRules: [UDP Query User{13137E26-C433-4E0F-962F-3B112912937E}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{00A54F3F-4E19-437A-9694-6649334E2CCA}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{36995201-C6F3-40FF-A00E-056C3D21CEE9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
FirewallRules: [{9A962C1E-34B4-4839-8A17-A9D2C30AEBE8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
FirewallRules: [{4D2D517D-3190-4FC6-906A-75DAABA82697}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
FirewallRules: [{DFF44CEE-183E-40D2-ABA3-B6E484EF62BB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
FirewallRules: [{4620159E-E02D-4722-AFB9-52FBFA804BF0}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{A988F0E9-A739-4863-BF0A-2064566DFB03}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{C8842F76-CB6F-4E32-AFB9-553A82F01423}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{14573E48-77A0-4D0E-97D8-51316B7FDF62}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{2B0E5CAD-FE51-44C9-A64F-E26D0D4B2986}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{B44D60C3-D6AD-4A6F-B480-B0F5DE07A6CD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [UDP Query User{C493DE61-C4EC-402A-AA44-0AA7FC220434}D:\blizzard\starcraft ii\versions\base24944\sc2.exe] => (Allow) D:\blizzard\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{202B8542-BEF8-4A9E-A54B-947A1952A5A9}D:\blizzard\starcraft ii\versions\base24944\sc2.exe] => (Allow) D:\blizzard\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [{56BB30AC-85B0-4D67-83F6-2B0C22347BA6}] => (Allow) D:\Blizzard\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{8DC2320C-0543-49EA-80AC-E66E1B3A6C2E}] => (Allow) D:\Blizzard\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{AFA1A3DB-152B-4C59-8F49-436A9E7946DC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{E62D4F0F-205C-4AB0-A2BA-53DAF03C8D7B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{FDEF6910-EB95-472E-8F62-E2966920F7D5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{82B2324B-45B6-471D-9E3A-73EDDB0C15CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [UDP Query User{7CCB83CE-2E1B-44AE-88DD-B00DB4A3056C}D:\blizzard\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) D:\blizzard\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [TCP Query User{8178B8BD-8498-45EA-A8D5-11DB10C9A710}D:\blizzard\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) D:\blizzard\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{139E6A13-9810-401D-B77C-27FFC4156F83}D:\blizzard\starcraft ii\support\blizzarddownloader.exe] => (Allow) D:\blizzard\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [TCP Query User{D810C148-7D04-4E71-A47B-8D723CC58F5F}D:\blizzard\starcraft ii\support\blizzarddownloader.exe] => (Allow) D:\blizzard\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [{25CC8BE9-CDF4-4259-8DB9-B8E421CCA704}] => (Allow) D:\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{AD9C1EA1-93BE-4FCC-96D5-2FFC601DC9D2}] => (Allow) D:\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{E87374E6-8E59-4ABC-BAA7-77EEAF10712D}] => (Allow) D:\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{1FB10C83-D4CE-4485-9AD4-A0CA88B29DCE}] => (Allow) D:\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E3B13B7C-0AB4-478E-860C-B45E7C22FB04}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{D7FD829D-9441-4816-A1B8-287769BA9210}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [UDP Query User{5C496197-F10B-4C02-A3F2-BCAA7BC94BB9}D:\neverwinter\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) D:\neverwinter\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{50B51AC7-813E-4AAE-A44D-EDE354DDFCE8}D:\neverwinter\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) D:\neverwinter\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{631650A1-1F5F-4C0D-AB84-110B0C53B269}C:\users\dirk\downloads\nw.1.20130225d.1.exe] => (Allow) C:\users\dirk\downloads\nw.1.20130225d.1.exe
FirewallRules: [TCP Query User{E54E4AF9-5014-44D6-855D-04ECB7B541E8}C:\users\dirk\downloads\nw.1.20130225d.1.exe] => (Allow) C:\users\dirk\downloads\nw.1.20130225d.1.exe
FirewallRules: [UDP Query User{917124CA-AFA3-42A9-8B69-D9E628C7EDBD}D:\planetside 2\planetside2.exe] => (Allow) D:\planetside 2\planetside2.exe
FirewallRules: [TCP Query User{B68C6142-9632-41CF-A219-D874FF5F74F6}D:\planetside 2\planetside2.exe] => (Allow) D:\planetside 2\planetside2.exe
FirewallRules: [{B11E54BD-2D41-49F0-94EA-9C99595DB356}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [UDP Query User{C166BA72-8C16-476C-94AA-BA0AC364B1F2}C:\users\dirk\appdata\local\temp\rarsfx1\bie_kms.exe] => (Allow) C:\users\dirk\appdata\local\temp\rarsfx1\bie_kms.exe
FirewallRules: [TCP Query User{1DF9A5CB-BAC2-4FAE-9600-689F052ACF46}C:\users\dirk\appdata\local\temp\rarsfx1\bie_kms.exe] => (Allow) C:\users\dirk\appdata\local\temp\rarsfx1\bie_kms.exe
FirewallRules: [UDP Query User{AA506CF1-DE56-4842-9E2A-6AA47C5BCB5B}C:\users\dirk\appdata\local\temp\rarsfx0\bie_kms.exe] => (Allow) C:\users\dirk\appdata\local\temp\rarsfx0\bie_kms.exe
FirewallRules: [TCP Query User{7B2C2664-83AB-4B1C-B7B6-831ABAE8A949}C:\users\dirk\appdata\local\temp\rarsfx0\bie_kms.exe] => (Allow) C:\users\dirk\appdata\local\temp\rarsfx0\bie_kms.exe
FirewallRules: [UDP Query User{885AD1B1-AEB1-4385-ABC2-E419C9BF2817}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{9AE9BC41-D6C0-4C56-B9D9-8BCE35F74D10}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [{F0ED9EDF-C879-47A8-B8B2-02EFEBD4D6B1}] => (Allow) D:\Steam\SteamApps\common\Blood Bowl Chaos Edition\BB_Chaos.exe
FirewallRules: [{18AD0292-10B3-4BB7-B662-D7C999C4DF40}] => (Allow) D:\Steam\SteamApps\common\Blood Bowl Chaos Edition\BB_Chaos.exe
FirewallRules: [{6DB8EE4F-E85F-42F7-B645-79B9AC1D7EDE}] => (Allow) D:\Steam\SteamApps\common\Deus Ex - Human Revolution\dxhr.exe
FirewallRules: [{11ECA3E8-0514-4DA1-8E92-AAE026478C75}] => (Allow) D:\Steam\SteamApps\common\Deus Ex - Human Revolution\dxhr.exe
FirewallRules: [{B3D37374-6E8D-46AA-85D7-8D9D8CD2D6F5}] => (Allow) D:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{0E383031-5357-48BC-A866-1F97026FF710}] => (Allow) D:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{AF7C85DA-EE69-41A5-9B15-8E7A09CC193A}] => (Allow) D:\Steam\SteamApps\common\DXHRML\dxhrml.exe
FirewallRules: [{472CFB49-847F-4CC5-B503-03B72D1521D2}] => (Allow) D:\Steam\SteamApps\common\DXHRML\dxhrml.exe
FirewallRules: [{49502E41-5004-4A9F-AD6D-CB2E43040BB3}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{9EBFC4D1-F5BB-4D51-ADBE-9B4BBEFB98BA}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{7F949935-B269-435D-A40D-131B01257E9C}] => (Allow) D:\Steam\SteamApps\common\Trine\trine_launcher.exe
FirewallRules: [{C4987969-6B23-4484-8DBF-9B6C0BF2B1C2}] => (Allow) D:\Steam\SteamApps\common\Trine\trine_launcher.exe
FirewallRules: [UDP Query User{4C86B4D2-1DB0-456C-955A-1A486A2B9A7E}C:\program files (x86)\xfire\xfire.exe] => (Allow) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{C984F0F7-3353-4ED8-8ED9-F8829877CB4B}C:\program files (x86)\xfire\xfire.exe] => (Allow) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [{9E1F0E57-EE66-42D8-8A29-4371E17C7E58}] => (Allow) D:\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A701C62D-3F92-4872-A8AC-4B66386E2773}] => (Allow) D:\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{61F3B7B9-4C5B-41F2-89FB-2F5B40B17A8B}] => (Allow) D:\Steam\SteamApps\common\Blood Bowl Chaos Edition\BB_Chaos.exe
FirewallRules: [{EE30C2B0-6A21-447A-99E3-11D848418435}] => (Allow) D:\Steam\SteamApps\common\Blood Bowl Chaos Edition\BB_Chaos.exe
FirewallRules: [{A94A04E1-5A1E-42E1-AA1A-6FBCED8EEAEE}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{3123672D-212B-483A-BC84-F69647F10E69}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [UDP Query User{F7BAB71A-06B6-408B-B2F4-ED362BD1456C}C:\users\dirk\appdata\local\temp\rarsfx0\bie_kms.exe] => (Allow) C:\users\dirk\appdata\local\temp\rarsfx0\bie_kms.exe
FirewallRules: [TCP Query User{6A2781E2-018D-413F-98D8-799801F00808}C:\users\dirk\appdata\local\temp\rarsfx0\bie_kms.exe] => (Allow) C:\users\dirk\appdata\local\temp\rarsfx0\bie_kms.exe
FirewallRules: [UDP Query User{E4494A6F-BAD3-447B-B1FA-ED24375DB1B3}D:\planetside 2\planetside2.exe] => (Allow) D:\planetside 2\planetside2.exe
FirewallRules: [TCP Query User{7CEFF482-608D-4E40-8D74-53FCB5B0407A}D:\planetside 2\planetside2.exe] => (Allow) D:\planetside 2\planetside2.exe
FirewallRules: [{240B2FFA-177E-4929-B060-8FFA024E6936}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{554FFE61-7EB8-4981-A1A7-D7DD79038DEC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0BD584A3-0CCD-436F-A0B1-EC715815CD0E}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
FirewallRules: [{D998F022-0D06-4740-8372-572F0EFDE823}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe
FirewallRules: [{B8426150-249A-4552-8768-55D08BBC5174}] => (Allow) C:\Program Files (x86)\ExpressFiles\expressdl.exe
FirewallRules: [{2680E406-7DFE-437A-B8AD-DAB8E083258A}] => (Allow) C:\Program Files (x86)\ExpressFiles\expressdl.exe
FirewallRules: [UDP Query User{E09588FE-DD28-4D3C-AA40-F90DAAAB55D7}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{4DCB242A-320A-4D36-B342-47D2313514A4}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{A60A172B-A561-44CF-8791-032F792F299A}C:\users\dirk\appdata\local\temp\gw2.exe] => (Allow) C:\users\dirk\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{3C780A78-58A7-4137-BCE4-7E97A679B74A}C:\users\dirk\appdata\local\temp\gw2.exe] => (Allow) C:\users\dirk\appdata\local\temp\gw2.exe
FirewallRules: [{E1D98F9D-E2C6-4407-9A89-A587AACA714A}] => (Allow) D:\Steam\SteamApps\common\Baldur's Gate Enhanced Edition\Baldur.exe
FirewallRules: [{14003004-D4FC-4D0E-AEF9-E531E0D83C41}] => (Allow) D:\Steam\SteamApps\common\Baldur's Gate Enhanced Edition\Baldur.exe
FirewallRules: [{E9A01C3C-98C3-49DC-96E1-586F49A804D7}] => (Allow) D:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{D6C26604-D7CC-4952-8A8F-385DC3D7D0EC}] => (Allow) D:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{A21F2ED0-F198-4FA2-8912-569DAC6DA407}] => (Allow) D:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{0C5ECD3D-1B48-40DD-8796-62DD34EE7621}] => (Allow) D:\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{279F43BD-5852-45DA-9D8E-112C21E4F3EC}] => (Allow) D:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{7DA78569-D7E7-4DA9-8A84-9501DCA2B3C9}] => (Allow) D:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{40703DFF-8C67-48F9-A9C4-5442B73FD8B4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{2E802B09-4613-4589-9404-0154620AB92A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{3742763D-D1C8-4369-B86A-F362D716DC2A}] => (Allow) D:\Blizzard\StarCraft II\Versions\Base28667\SC2.exe
FirewallRules: [{DC618D96-010C-4D32-910C-CBB2629D3088}] => (Allow) D:\Blizzard\StarCraft II\Versions\Base28667\SC2.exe
FirewallRules: [{2B4E3733-3F26-4737-B691-112696290D03}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6477DE33-4EA7-4CDF-B376-A1291C2611B6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{2762CF4E-670C-41DC-A3C6-C19FA1323A75}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{5D85AD68-3530-401B-8AF0-9AD010A762A0}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{AEA18158-8DB9-490C-ACF6-91C0CAB94964}D:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe] => (Allow) D:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe
FirewallRules: [UDP Query User{4285C6DC-BCFB-4009-B211-5AAD9474F828}D:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe] => (Allow) D:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe
FirewallRules: [{7C7EC467-7829-4905-8915-FFDB7873749E}] => (Allow) D:\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{8D167E69-0E80-4D0F-B08F-9F80F9F55FA2}] => (Allow) D:\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{A6CDE91E-6F84-401F-9589-62A49617C11B}] => (Allow) D:\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{2536F8D7-B092-410C-BB56-3264A77BF579}] => (Allow) D:\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{B4E8F5DC-88AB-47FC-9C3F-85B45EB95C2D}] => (Allow) D:\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{FE2E41A3-A286-4AE1-8BF2-5CC6A4B3F327}] => (Allow) D:\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{65AB3C2A-D5F0-438F-9EB5-8A50839FD642}] => (Allow) D:\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{196821F6-4171-4D12-89BF-2734B8E505DF}] => (Allow) D:\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{BFD08338-DF2E-4D98-A2FD-9397AFEC2085}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{A643F97F-67CE-412E-91A9-4E4C6A573579}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{9FD64621-A732-40BC-BF56-3AAA77582263}D:\blizzard\hearthstone\hearthstone\hearthstone.exe] => (Allow) D:\blizzard\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{B206D471-8A5D-4841-9D69-BFD087B91200}D:\blizzard\hearthstone\hearthstone\hearthstone.exe] => (Allow) D:\blizzard\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [{ABBBBC95-C27A-4F64-BCFB-EA637A72EE60}] => (Allow) D:\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{1B8E08A1-82C7-43E7-919D-F79C30C221F1}] => (Allow) D:\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{2312EB6A-B96F-4FAD-BE3D-A93DBEF1E4D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{1B95ADFA-7B71-4654-82C7-C03E488B4451}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{C56F3D26-8612-4797-A52F-DAE3A8AC465B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{80044DD4-64B9-4B40-BD82-F8B11FEF96E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{58AFF4A3-867F-44B7-B659-3900005F2230}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{9573273A-3934-47F0-9362-DD346AA4EFF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{40484156-D48D-4659-873D-DB26EDCB3BD8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{2AC587EB-0D69-42C1-AD31-EE1C95E0F5C2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [TCP Query User{CDDB57DF-9E01-4AD1-B92E-AEC92B8780CE}D:\blizzard\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) D:\blizzard\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C2645E11-A906-4F73-9EB9-5B81B52D81EA}D:\blizzard\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) D:\blizzard\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{52CA4BB8-3E0E-4A90-8E23-C0900895BD7C}] => (Block) D:\blizzard\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{BE004091-4693-41DD-B558-D3187EDEF1D5}] => (Block) D:\blizzard\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{6EA1E3AD-A7DE-43B2-8D38-66F3D041C945}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BA4B84C0-1DE4-4D56-B9ED-BC969005FC09}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7FFF5781-8F15-4B6F-B25A-E3C677FA5BC1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{096E6456-386E-428B-B026-F4E7456682C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{202511D4-B3C1-4996-84D8-EF4A2AFA167E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{8E5F9A62-3C02-4EC6-88C6-36B4DE973889}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{B1D36278-13FC-454F-AAA2-19D7D5270D55}] => (Allow) D:\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{E605EA78-55E1-482B-816B-9D3364334F4B}] => (Allow) D:\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{4BADCED2-9A30-403E-A818-9D409A932D93}] => (Allow) D:\Steam\SteamApps\common\LEGO Marvel Super Heroes\LEGOMARVEL.exe
FirewallRules: [{57D1426E-2418-4348-831B-BEB4BFC1AE8D}] => (Allow) D:\Steam\SteamApps\common\LEGO Marvel Super Heroes\LEGOMARVEL.exe
FirewallRules: [{D3C03BD4-A2D7-4E0D-B080-260AD098FF1A}] => (Allow) D:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{4408A15B-2776-4122-B06F-B976788A21B4}] => (Allow) D:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{96B3BDC0-3A49-47CA-83C8-C0969CC7A9FA}] => (Allow) D:\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{05F4B13F-5A44-44F5-B517-1BAA7378127F}] => (Allow) D:\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [TCP Query User{AD294476-28FE-47A6-867B-48AEBB9407AB}D:\teso\launcher\bethesda.net_launcher.exe] => (Allow) D:\teso\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{CBFF40E7-EB89-4FA9-B774-C6166AF7206D}D:\teso\launcher\bethesda.net_launcher.exe] => (Allow) D:\teso\launcher\bethesda.net_launcher.exe
FirewallRules: [{71682B26-E3E2-4546-B5E3-24FC90965549}] => (Block) D:\teso\launcher\bethesda.net_launcher.exe
FirewallRules: [{5A8BA481-B729-4C64-9820-470F4C983A7E}] => (Block) D:\teso\launcher\bethesda.net_launcher.exe
FirewallRules: [{A531FF64-3AF1-4C8E-94F6-017A93717B1F}] => (Allow) D:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{43B245E3-6ECE-45C8-883B-6A80452A9867}] => (Allow) D:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{400415D8-188B-4A23-BEE1-F9D0C0C8F414}] => (Allow) D:\Steam\SteamApps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{41CD6A54-8525-488E-A4FA-D5DBC6128854}] => (Allow) D:\Steam\SteamApps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{401ABF45-AA95-496B-AC05-E818B135C2C0}] => (Allow) D:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{795E10D1-5DAB-47C5-B1F4-EDD2B70FB9F5}] => (Allow) D:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{4BC6BA46-5FD3-421F-896E-758882776C97}] => (Allow) D:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{4C15374F-F820-4292-856F-F4A8B8B428DF}] => (Allow) D:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{B329F91B-4520-4F64-ADC1-27C1026940A7}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{2FBD4296-71C4-4232-8300-31469A212D81}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{1C78346D-07A0-4876-A8BC-09846B50D99D}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{257D59DA-1B0B-413D-B997-467A23FF1D41}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{4CDA8817-1608-4826-8101-F07A0B9777A5}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{59A7E459-94F0-424A-AC24-07F6697795F4}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{60248758-6AAD-4607-98C0-4E994EE86E77}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{CC5EBE41-23F5-453F-BF06-E36399C8603C}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{8BFC772A-4D55-4BD8-98D9-D0AE79C0CE29}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{88934C6F-1ACD-45CF-A748-A17B11E32DA0}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C91F31E6-E955-4760-89A0-963E4E93A13B}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{359D8356-302F-4001-A7EE-96780869FADE}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{104BAC58-BCFB-4CFB-889D-2B004CCB384C}] => (Allow) D:\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{27F4DE28-703F-4EF9-B345-6F1BE010FD7A}] => (Allow) D:\Steam\SteamApps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{C407672A-B492-45C2-92EA-8F126DE806A4}] => (Allow) D:\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{1ED28E90-5B82-43C8-8C78-AE2C88CFC55C}] => (Allow) D:\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{6F67930D-4128-4558-83B0-5B420CC3A7AB}] => (Allow) D:\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{762C218A-CC85-48D8-948E-C6701A491193}] => (Allow) D:\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{98928069-4F13-4247-8413-B067D3C30448}] => (Allow) D:\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{3CE278DB-F2DB-426E-AF1D-D7FC8202207E}] => (Allow) D:\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{21E17321-9CF0-49E4-9584-F4A2A6F093DB}] => (Allow) D:\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{F6B67D2D-E4CD-4A33-8705-597EC67A1602}] => (Allow) D:\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{B9010EA6-2F51-483D-BC0A-A7D80DD9AD95}] => (Allow) D:\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{9621D0BD-A03D-419F-92D7-C4B6B016CD4B}] => (Allow) D:\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{FAD90652-A35E-4EC8-948C-A0C56EA23C8E}] => (Allow) D:\Program Files (x86)\Origin Games\Crusader No Remorse\data\Game\DOSBox\DOSBox.exe
FirewallRules: [{AE55FC50-8A3A-43CD-9CC5-B193CA2318FC}] => (Allow) D:\Program Files (x86)\Origin Games\Crusader No Remorse\data\Game\DOSBox\DOSBox.exe
FirewallRules: [TCP Query User{B29214BB-29EC-43E6-8FC9-C819EE92325E}D:\gta v\gta5.exe] => (Allow) D:\gta v\gta5.exe
FirewallRules: [UDP Query User{FDF95E34-8901-417A-8DD9-FB560CBD6851}D:\gta v\gta5.exe] => (Allow) D:\gta v\gta5.exe
FirewallRules: [{63A0736A-2C0F-43DA-8236-CBCABE137431}] => (Block) D:\gta v\gta5.exe
FirewallRules: [{A8675715-35F7-47D0-B865-BF7734AECE87}] => (Block) D:\gta v\gta5.exe
FirewallRules: [{C34E7DEC-F464-4529-ABC4-84FC10625DB6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E050F62F-8E8F-4C37-949B-3F7210E93CC6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{934946B5-3EDA-4930-8519-A88A9423B439}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{0AB42B11-285F-4015-AC99-D5CD21D4C838}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{5F263522-2D05-4106-85DE-39CBBC41A277}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Bigfoot Networks Killer Ethernet Controller
Description: Bigfoot Networks Killer Ethernet Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Bigfoot Networks, Inc.
Service: BfEdge7x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2015 04:21:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.

Error: (05/25/2015 00:39:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: KillerNetManager.exe, Version: 0.0.0.0, Zeitstempel: 0x5086e9c8
Name des fehlerhaften Moduls: modSystemInfo.dll, Version: 0.0.0.0, Zeitstempel: 0x5086e99e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000087fd
ID des fehlerhaften Prozesses: 0x1844
Startzeit der fehlerhaften Anwendung: 0xKillerNetManager.exe0
Pfad der fehlerhaften Anwendung: KillerNetManager.exe1
Pfad des fehlerhaften Moduls: KillerNetManager.exe2
Berichtskennung: KillerNetManager.exe3
Vollständiger Name des fehlerhaften Pakets: KillerNetManager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: KillerNetManager.exe5

Error: (05/24/2015 00:24:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: KillerNetManager.exe, Version: 0.0.0.0, Zeitstempel: 0x5086e9c8
Name des fehlerhaften Moduls: modSystemInfo.dll, Version: 0.0.0.0, Zeitstempel: 0x5086e99e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000087fd
ID des fehlerhaften Prozesses: 0x1fc4
Startzeit der fehlerhaften Anwendung: 0xKillerNetManager.exe0
Pfad der fehlerhaften Anwendung: KillerNetManager.exe1
Pfad des fehlerhaften Moduls: KillerNetManager.exe2
Berichtskennung: KillerNetManager.exe3
Vollständiger Name des fehlerhaften Pakets: KillerNetManager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: KillerNetManager.exe5

Error: (05/23/2015 10:44:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: KillerNetManager.exe, Version: 0.0.0.0, Zeitstempel: 0x5086e9c8
Name des fehlerhaften Moduls: modSystemInfo.dll, Version: 0.0.0.0, Zeitstempel: 0x5086e99e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000087fd
ID des fehlerhaften Prozesses: 0x1814
Startzeit der fehlerhaften Anwendung: 0xKillerNetManager.exe0
Pfad der fehlerhaften Anwendung: KillerNetManager.exe1
Pfad des fehlerhaften Moduls: KillerNetManager.exe2
Berichtskennung: KillerNetManager.exe3
Vollständiger Name des fehlerhaften Pakets: KillerNetManager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: KillerNetManager.exe5

Error: (05/23/2015 01:52:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: KillerNetManager.exe, Version: 0.0.0.0, Zeitstempel: 0x5086e9c8
Name des fehlerhaften Moduls: modSystemInfo.dll, Version: 0.0.0.0, Zeitstempel: 0x5086e99e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000087fd
ID des fehlerhaften Prozesses: 0x1fe0
Startzeit der fehlerhaften Anwendung: 0xKillerNetManager.exe0
Pfad der fehlerhaften Anwendung: KillerNetManager.exe1
Pfad des fehlerhaften Moduls: KillerNetManager.exe2
Berichtskennung: KillerNetManager.exe3
Vollständiger Name des fehlerhaften Pakets: KillerNetManager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: KillerNetManager.exe5

Error: (05/22/2015 06:44:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: KillerNetManager.exe, Version: 0.0.0.0, Zeitstempel: 0x5086e9c8
Name des fehlerhaften Moduls: modSystemInfo.dll, Version: 0.0.0.0, Zeitstempel: 0x5086e99e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000087fd
ID des fehlerhaften Prozesses: 0x1bd0
Startzeit der fehlerhaften Anwendung: 0xKillerNetManager.exe0
Pfad der fehlerhaften Anwendung: KillerNetManager.exe1
Pfad des fehlerhaften Moduls: KillerNetManager.exe2
Berichtskennung: KillerNetManager.exe3
Vollständiger Name des fehlerhaften Pakets: KillerNetManager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: KillerNetManager.exe5

Error: (05/22/2015 00:26:59 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcCan't create NSS process. [6]

Error: (05/21/2015 06:06:26 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]

Error: (05/21/2015 06:06:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: KillerNetManager.exe, Version: 0.0.0.0, Zeitstempel: 0x5086e9c8
Name des fehlerhaften Moduls: modSystemInfo.dll, Version: 0.0.0.0, Zeitstempel: 0x5086e99e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000087fd
ID des fehlerhaften Prozesses: 0x4d0
Startzeit der fehlerhaften Anwendung: 0xKillerNetManager.exe0
Pfad der fehlerhaften Anwendung: KillerNetManager.exe1
Pfad des fehlerhaften Moduls: KillerNetManager.exe2
Berichtskennung: KillerNetManager.exe3
Vollständiger Name des fehlerhaften Pakets: KillerNetManager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: KillerNetManager.exe5

Error: (05/21/2015 05:34:54 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).


System errors:
=============
Error: (05/20/2015 07:55:27 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/19/2015 05:58:53 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/18/2015 10:29:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/18/2015 10:29:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (05/17/2015 00:22:24 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/16/2015 00:03:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bigfoot Networks Killer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/01/2015 02:19:32 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (04/19/2015 00:26:07 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video3Graphics Exception: ESR 0x408030=0x80000003

Error: (04/19/2015 00:26:07 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video3Graphics Exception: Const out of Bound

Error: (04/16/2015 06:21:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


Microsoft Office:
=========================
Error: (05/25/2015 04:21:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Users\Dirk\Downloads\SoftonicDownloader_fuer_snapashot.exe

Error: (05/25/2015 00:39:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: KillerNetManager.exe0.0.0.05086e9c8modSystemInfo.dll0.0.0.05086e99ec000000500000000000087fd184401d0967286f90daeC:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exeC:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dllc4fb701c-0265-11e5-bf5d-902b34558234

Error: (05/24/2015 00:24:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: KillerNetManager.exe0.0.0.05086e9c8modSystemInfo.dll0.0.0.05086e99ec000000500000000000087fd1fc401d0960bd61125b7C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exeC:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll1408ce1a-01ff-11e5-bf5d-902b34558234

Error: (05/23/2015 10:44:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: KillerNetManager.exe0.0.0.05086e9c8modSystemInfo.dll0.0.0.05086e99ec000000500000000000087fd181401d09534a8eea7c3C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exeC:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dlle6f38b0a-0127-11e5-bf5d-902b34558234

Error: (05/23/2015 01:52:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: KillerNetManager.exe0.0.0.05086e9c8modSystemInfo.dll0.0.0.05086e99ec000000500000000000087fd1fe001d094ea5f692572C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exeC:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll9d5ad6e4-00dd-11e5-bf5d-902b34558234

Error: (05/22/2015 06:44:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: KillerNetManager.exe0.0.0.05086e9c8modSystemInfo.dll0.0.0.05086e99ec000000500000000000087fd1bd001d094ae8d7c639dC:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exeC:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dllcb6e1f50-00a1-11e5-bf5d-902b34558234

Error: (05/22/2015 00:26:59 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcCan't create NSS process. [6]

Error: (05/21/2015 06:06:26 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]

Error: (05/21/2015 06:06:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: KillerNetManager.exe0.0.0.05086e9c8modSystemInfo.dll0.0.0.05086e99ec000000500000000000087fd4d001d093e00e330c6dC:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exeC:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll4c24bdcb-ffd3-11e4-bf5d-902b34558234

Error: (05/21/2015 05:34:54 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\WINDOWS\system32\svchost.exe -k netsvcsWindows Update0x81000101


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 22%
Total physical RAM: 16342.32 MB
Available physical RAM: 12654.07 MB
Total Pagefile: 18774.32 MB
Available Pagefile: 14190.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:111.79 GB) (Free:11.02 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data1) (Fixed) (Total:1863.01 GB) (Free:1332.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 4AC4CCDF)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4AC4CCD0)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of log ============================

schrauber 25.05.2015 06:07
hi,

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Buyaka 25.05.2015 12:02
Hallo,

vielen Dank für die schnelle Antwort, anbei mbam.txt:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 25.05.2015
Suchlauf-Zeit: 11:39:36
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.25.02
Rootkit Datenbank: v2015.05.24.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Dirk

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 516990
Verstrichene Zeit: 9 Min, 18 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 4
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [3d99edaac4c6c274dc9a375ecb38ae52],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [3f973c5b2e5c3ff7beb94550cd369e62],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DATAMNGRCOORDINATOR.EXE, In Quarantäne, [696d35629ded1b1b29ed82877094c23e],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DATAMNGRCOORDINATOR.EXE, In Quarantäne, [6670f3a49feb58debd59ea1ffb09a35d],

Registrierungswerte: 4
PUP.Optional.Iminent.A, HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, In Quarantäne, [a234dcbb6228ad898c7ff69f986b20e0],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, In Quarantäne, [a234dcbb6228ad898c7ff69f986b20e0],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DATAMNGRCOORDINATOR.EXE|debugger, tasklist.exe, In Quarantäne, [696d35629ded1b1b29ed82877094c23e]
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DATAMNGRCOORDINATOR.EXE|debugger, tasklist.exe, In Quarantäne, [6670f3a49feb58debd59ea1ffb09a35d]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 1
PUP.Optional.Iminent.A, C:\Users\Dirk\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl, In Quarantäne, [8d49bddaa3e79c9afb34cedcbd4620e0],

Dateien: 14
PUP.Optional.GenericExt.A, C:\Users\Dirk\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl\MinibarChrome.exe, In Quarantäne, [83530b8cf298d165f090db6459a736ca],
PUP.Optional.Softonic.A, C:\Users\Dirk\Downloads\SoftonicDownloader_fuer_snapashot.exe, In Quarantäne, [14c22d6a64263600d02d92c2ad54718f],
PUP.Optional.OpenCandy, C:\Users\Dirk\Downloads\xfire_installer_46025.exe, In Quarantäne, [9c3a583f494161d50f6490bf7d89bf41],
PUP.Optional.OpenCandy, C:\Users\Dirk\Downloads\HBGary_leaked_emails.exe, In Quarantäne, [a333a0f72d5d68cebbb82d22e3236898],
PUP.Optional.Iminent.A, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehhlaekjfiiojlddgndcnefflngfmhen_0.localstorage, In Quarantäne, [1db957405238092d19980ff2c440f709],
PUP.Optional.Iminent.A, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jdkokpcldhneihjdhigfjmoeojkdcbmg_0.localstorage, In Quarantäne, [e1f531667b0f46f05eb1b15837cdc739],
PUP.Optional.Iminent.A, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, In Quarantäne, [5b7b1b7ced9df64059b254c423e1c33d],
PUP.Optional.Iminent.A, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.iminent.com_0.localstorage, In Quarantäne, [19bd7c1bddade6508c46095628ddfd03],
PUP.Optional.Iminent.A, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.iminent.com_0.localstorage-journal, In Quarantäne, [def84f48c4c602347161ec73e3229a66],
PUP.Optional.Iminent.A, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.iminent.com_0.localstorage, In Quarantäne, [884e3a5de9a18ea85b77fc638b7ab34d],
PUP.Optional.Iminent.A, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.iminent.com_0.localstorage-journal, In Quarantäne, [3c9a168104866bcb26acb2adff06f30d],
PUP.Optional.Iminent.A, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_start.iminent.com_0.localstorage, In Quarantäne, [7d594a4ddab0290d577b035c63a2ee12],
PUP.Optional.Iminent.A, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_start.iminent.com_0.localstorage-journal, In Quarantäne, [469065326f1b1f1702d0b0af70950000],
PUP.Optional.Delta.A, C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: (), Schlecht: ({"browser":{"show_home_button":true},"default_search_provider":null,"default_search_provider_data":{"template_url_data":{"alternate_urls":["{google:baseURL}#q={searchTerms}","{google:baseURL}search#q={searchTerms}","{google:baseURL}webhp#q={searchTerms}","{google:baseURL}s#q={searchTerms}","{google:baseURL}s?q={searchTerms}"],"created_by_policy":false,"date_created":"0","favicon_url":"hxxp://www.google.com/favicon.ico","id":"2","image_url":"{google:baseURL}searchbyimage/upload","image_url_post_params":"encoded_image={google:imageThumbnail},image_url={google:imageURL},sbisrc={google:imageSearchSource},original_width={google:imageOriginalWidth},original_height={google:imageOriginalHeight}","input_encodings":["UTF-8"],"instant_url":"{google:baseURL}webhp?sourceid=chrome-instant&{google:RLZ}{google:forceInstantResults}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}","instant_url_post_params":"","keyword":"google.com","last_modified":"0","new_tab_url":"{google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}","originating_url":"","prepopulate_id":1,"safe_for_autoreplace":true,"search_terms_replacement_key":"espv","search_url_post_params":"","short_name":"Google","suggestions_url":"{google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}","suggestions_url_post_params":"","synced_guid":"0C9B57F5-6736-41C4-8967-D2ABB45C1148","url":"{google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}","usage_count":0}},"extensions":{"settings":{"aakchaleigkohafkfjfjbblobjifikek":{"ack_proxy_bubble":true,"active_permissions":{"api":["notifications","proxy","storage","tabs"],"explicit_host":["hxxp://*/*","https://*/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"disable_reasons":33,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications","proxy","storage","tabs"],"explicit_host":["hxxp://*/*","https://*/*"],"manifest_permissions":[]},"incognito":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13072643057612109","lastpingday":"13076837991268608","location":1,"manifest":{"background":{"scripts":["js/background.js"]},"browser_action":{"default_icon":{"19":"icons/ButtonOn.png"},"default_popup":"html/popup.html","default_title":"ProxFlow"},"current_locale":"de","default_locale":"en","description":"Mit ProxFlow gehören Länderrestriktionen der Vergangenheit an.","homepage_url":"hxxp://proxflow.com","icons":{"128":"icons/icon128.png","16":"icons/icon16.png","48":"icons/icon48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXyM/XoPrpGXA+JxM4EpRJXgQ0xgOilxE52QvL/jsMaccVP1ZlmT7kXFLr0YD+zSijzteQjgxNHhbXb5TN2aR8VPPX+1IBfQ7q7bmo2/pppM6akF/n3src4hMIuC79KmnZ5C/FLBGZPVaXccIiFq4G6vu4+vecM8bKxV5ri8Pf1QIDAQAB","manifest_version":2,"name":"ProxFlow","permissions":["proxy","tabs","storage","notifications","hxxp://*/","https://*/"],"short_name":"ProxFlow","update_url":"https://clients2.google.com/service/update2/crx","version":"1.4.5","web_accessible_resources":["icons/icon48.png","icons/waitajax.gif","icons/close.png"]},"path":"aakchaleigkohafkfjfjbblobjifikek\\1.4.5_0","preferences":{"proxy":{"mode":"system"}},"regular_only_preferences":{},"state":0,"was_installed_by_default":false,"was_installed_by_oem":false},"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13047219953086097","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Chrome Web Store","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Store","permissions":["webstorePrivate","management"],"version":"0.2"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\web_store","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"aohghmighlieiainnegkcijnfilokake":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"u","commands":{},"content_settings":[],"creation_flags":137,"disable_reasons":1,"events":[],"exclude_from_sideload_wipeout":true,"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13067552453661403","lastpingday":"13076837991268608","location":1,"manifest":{"api_console_project_id":"619683526622","app":{"launch":{"local_path":"main.html"}},"container":"GOOGLE_DRIVE","current_locale":"de","default_locale":"en_US","description":"Dokumente erstellen und bearbeiten","icons":{"128":"icon_128.png","16":"icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJhLK6fk/BWTEvJhywpk7jDe4A2r0bGXGOLZW4/AdBp3IiD9o9nx4YjLAtv0tIPxi7MvFd/GUUbQBwHT5wQWONJj1z/0Rc2qBkiJA0yqXh42p0snuA8dCfdlhOLsp7/XTMEwAVasjV5hC4awl78eKfJYlZ+8fM/UldLWJ/51iBQwIDAQAB","manifest_version":2,"name":"Google Docs","offline_enabled":true,"update_url":"https://clients2.google.com/service/update2/crx","version":"0.9"},"page_ordinal":"n","path":"aohghmighlieiainnegkcijnfilokake\\0.9_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":true,"was_installed_by_oem":false},"apdfllckaahabafndbhieahigkjlhalf":{"ack_external":true,"active_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"app_launcher_ordinal":"w","commands":{},"content_settings":[],"creation_flags":137,"events":[],"exclude_from_sideload_wipeout":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13067552454234421","lastpingday":"13076837991268608","location":1,"manifest":{"app":{"launch":{"web_url":"https://drive.google.com/?usp=chrome_app"},"urls":["hxxp://docs.google.com/","hxxp://drive.google.com/","https://docs.google.com/","https://drive.google.com/"]},"background":{"allow_js_access":false},"current_locale":"de","default_locale":"en_US","description":"Google Drive: Alle Inhalte an einem Ort erstellen, teilen und speichern.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIl5KlKwL2TSkntkpY3naLLz5jsN0YwjhZyObcTOK6Nda4Ie21KRqZau9lx5SHcLh7pE2/S9OiArb+na2dn7YK5EvH+aRXS1ec3uxVlBhqLdnleVgwgwlg5fH95I52IeHcoeK6pR4hW/Nv39GNlI/Uqk6O6GBCCsAxYrdxww9BiQIDAQAB","manifest_version":2,"name":"Google Drive","offline_enabled":true,"options_page":"https://drive.google.com/settings","permissions":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"update_url":"https://clients2.google.com/service/update2/crx","version":"6.4"},"page_ordinal":"n","path":"apdfllckaahabafndbhieahigkjlhalf\\6.4_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"bepbmhgboaologfdajaanbcjmnhjmhfn":{"disable_reasons":1,"state":0},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"ack_external":true,"active_bit":false,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"yn","commands":{},"content_settings":[],"creation_flags":153,"events":[],"exclude_from_sideload_wipeout":true,"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13067552453938314","last_active_pingday":"13003228763832511","lastpingday":"13076837991268608","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/?feature=ytca"},"web_content":{"enabled":true,"origin":"hxxp://www.youtube.com"}},"current_locale":"de","default_locale":"en","description":"Die beliebteste Online-Video-Community der Welt","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","manifest_version":2,"name":"YouTube","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.7"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.7_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"coobgpohoikkiipiblmjeljniedjpjpf":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"y","commands":{},"content_settings":[],"creation_flags":153,"events":[],"exclude_from_sideload_wipeout":true,"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13072014288303028","lastpingday":"13076837991268608","location":1,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google.com/webhp","*://www.google.com/imgres"]},"current_locale":"de","default_locale":"en","description":"Die schnellste Suche im Web.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB","manifest_version":2,"name":"Google-Suche","permissions":[],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"0.0.0.30"},"page_ordinal":"n","path":"coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.30_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"dnhpdliibojhegemfjheidglijccjfmc":{"active_permissions":{"api":["hotwordPrivate","tabs","webConnectable"],"explicit_host":["*://*.google.co.uk/*","*://*.google.com/*","*://*.google.de/*","*://*.google.fr/*","*://*.google.ru/*","chrome://newtab/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"ephemeral_app":false,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13054464129663295","location":5,"manifest":{"background":{"persistent":false,"scripts":["manager.js"]},"externally_connectable":{"matches":["*://*.google.com/*","*://*.google.ru/*","*://*.google.co.uk/*","*://*.google.fr/*","*://*.google.de/*","chrome://newtab/"]},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDagiQy1VGkO2CHJSjVh7eU5GtuBuOlg2/cTZt7203AcevqpcDd+65S2/yd9KAELYcU6pK8nHVGYBMI6s0u+0RgXfIJ0eFOlTlgfAQWHvg8ovHtJlFJd1COrOkbntD9+s9Jobr3ldmow87aZF1bVHUY4khVP56cZe6adlVw2wK31QIDAQAB","manifest_version":2,"minimum_chrome_version":"32","name":"hotword helper","permissions":["*://*.google.com/*","*://*.google.ru/*","*://*.google.co.uk/*","*://*.google.fr/*","*://*.google.de/*","chrome://newtab/","hotwordPrivate","tabs"],"version":"0.0.2.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\37.0.2062.103\\resources\\hotword_helper","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"eemcgdkfndhakfknompkggombfjjjeno":{"active_permissions":{"api":["bookmarks","bookmarkManagerPrivate","metricsPrivate","systemPrivate","tabs"],"explicit_host":["chrome://favicon/*","chrome://resources/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13047219953086097","location":5,"manifest":{"chrome_url_overrides":{"bookmarks":"main.html"},"content_security_policy":"object-src 'none'; script-src chrome://resources 'self'","description":"Bookmark Manager","icons":{},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQcByy+eN9jzazWF/DPn7NW47sW7lgmpk6eKc0BQM18q8hvEM3zNm2n7HkJv/R6fU+X5mtqkDuKvq5skF6qqUF4oEyaleWDFhd1xFwV7JV+/DU7bZ00w2+6gzqsabkerFpoP33ZRIw7OviJenP0c0uWqDWF8EGSyMhB3txqhOtiQIDAQAB","manifest_version":2,"name":"Bookmark Manager","permissions":["bookmarks","bookmarkManagerPrivate","metricsPrivate","systemPrivate","tabs","chrome://favicon/","chrome://resources/"],"version":"0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\bookmark_manager","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"ennkphjdgehloodpbhlhldgbnhmacadg":{"active_permissions":{"api":[],"explicit_host":["chrome://settings-frame/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["app.runtime.onLaunched"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13047219953086097","location":5,"manifest":{"app":{"background":{"scripts":["settings_app.js"]}},"description":"Settings","display_in_launcher":false,"icons":{"128":"settings_app_icon_128.png","16":"settings_app_icon_16.png","32":"settings_app_icon_32.png","48":"settings_app_icon_48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoVDPGX6fvKPVVgc+gnkYlGqHuuapgFDyKhsy4z7UzRLO/95zXPv8h8e5EacqbAQJLUbP6DERH5jowyNEYVxq9GJyntJMwP1ejvoz/52hnY3CCGGCmttmKzzpp5zwLuq3iZf8bslwywfflNUYtaCFSDa0TtrBZz0aOPrAAd/AhNwIDAQAB","manifest_version":2,"name":"Settings","permissions":["chrome://settings-frame/"],"version":"0.2"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\settings_app","preferences":{},"regular_only_preferences":{},"running":false,"was_installed_by_default":false,"was_installed_by_oem":false},"flliilndjeohchalpbbcdekjklbdgfkk":{"ack_external":true,"active_permissions":{"api":["cookies","storage","tabs","webNavigation","webRequest","webRequestBlocking"],"explicit_host":["chrome://favicon/*","hxxp://*/*","https://*/*"],"manifest_permissions":[],"scriptable_host":["*://*/*"]},"commands":{},"content_settings":[],"creation_flags":9,"disable_reasons":8192,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["cookies","storage","tabs","webNavigation","webRequest","webRequestBlocking"],"explicit_host":["chrome://favicon/*","hxxp://*/*","https://*/*"],"manifest_permissions":[],"scriptable_host":["*://*/*"]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076254070500909","lastpingday":"13076837991268608","location":6,"manifest":{"background":{"scripts":["js/bunches/background.js"]},"browser_action":{"default_icon":{"16":"img/avira_icon16.png","19":"img/avira_logo.png","24":"img/avira_icon24.png","32":"img/avira_icon32.png","38":"img/avira_logo.png"},"default_title":"Avira Browser Safety"},"content_scripts":[{"css":["css/content/content.css"],"js":["js/bunches/content.js"],"matches":["*://*/*"]},{"css":["css/content/search.css"],"js":["js/bunches/search.js"],"matches":["*://*/*"]},{"js":["js/bunches/content_start.js"],"matches":["*://*/*"],"run_at":"document_start"}],"content_security_policy":"script-src 'self' https://cdn.mxpnl.com hxxp://localhost:4000 https://localhost https://avira.com https://www.avira.com https://www.tt.avira.com; object-src 'self'","current_locale":"de","default_locale":"en","description":"Schützt Ihre Privatsphäre durch Blockieren von Online-Gefahren.","icons":{"128":"img/avira_icon128.png","16":"img/avira_icon16.png","48":"img/avira_icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl3UicGZTgzDr3crrsAxjwue3gjDfxGKIxaipQBP8smbkQ2GuKVO9nojCLRzdn7TkB+Xo60aTqHC2hQhby0MMyjAvgqjXR2cE+99PtB4Hpvf7k/EOO7VMT2ndm/lVM9cJUtNq3A7GUxTqmL78akNAxgjZK0n2onNqpmiVHxufCmq8tlU+5NtJkk6ioRATpjdsjAxqeuRyglwzx0cPVMpXg8fUXp2EhwFYsDevN6f+7Sm0QujCmjOy11yjlz8XfnX3ODVCwByureqJLuTJpw5SMOykz4LHmUwiIvPdOZXJ9eiduedncVqDMuPTMWwWpkD3uV95pnmFNKE/6GxIx2dhwIDAQAB","manifest_version":2,"name":"Avira Browserschutz","options_page":"html/top.html#settings/General","options_ui":{"chrome_style":true,"open_in_tab":true,"page":"html/top.html#settings/General"},"permissions":["tabs","storage","webNavigation","webRequest","webRequestBlocking","cookies","hxxp://*/*","https://*/*","chrome://favicon/"],"update_url":"https://clients2.google.com/service/update2/crx","version":"1.4.7","web_accessible_resources":["html/top.html","html/blocked.html","img/serp_info_safe.svg","img/serp_info_unsafe.svg","css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png","img/absb-checks.png","img/absb-attention.png","img/absb-close.png"]},"path":"flliilndjeohchalpbbcdekjklbdgfkk\\1.4.7_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":false,"was_installed_by_oem":false},"gfdkimpbcpahaombhbimeihdjnejgicl":{"active_permissions":{"api":["feedbackPrivate"],"explicit_host":["chrome://resources/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["feedbackPrivate.onFeedbackRequested","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13047219953086097","location":5,"manifest":{"app":{"background":{"scripts":["js/event_handler.js"]},"content_security_policy":"default-src 'none'; script-src 'self' chrome://resources; style-src 'unsafe-inline' *; img-src *; media-src 'self'"},"description":"User feedback extension","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"32":"images/icon32.png","64":"images/icon64.png"},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMZElzFX2J1g1nRQ/8S3rg/1CjFyDltWOxQg+9M8aVgNVxbutEWFQz+oQzIP9BB67mJifULgiv12ToFKsae4NpEUR8sPZjiKDIHumc6pUdixOm8SJ5Rs16SMR6+VYxFUjlVW+5CA3IILptmNBxgpfyqoK0qRpBDIhGk1KDEZ4zqQIDAQAB","manifest_version":2,"name":"Feedback","permissions":["feedbackPrivate","chrome://resources/"],"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\feedback","preferences":{},"regular_only_preferences":{},"running":false,"was_installed_by_default":false,"was_installed_by_oem":false},"gmlllbghnfkpflemihljekbapjopfjik":{"ack_external":true,"active_permissions":{"api":["activeTab","bookmarks","bookmarkManagerPrivate","fileSystem","fileSystem.write","identity","identity.email","management","metricsPrivate","notifications","preferencesPrivate","storage","tabs","webConnectable"],"explicit_host":["*://*.google.com/*","chrome://favicon/*"],"manifest_permissions":[{"chrome_ui_overrides":true}]},"commands":{"_execute_page_action":{"suggested_key":"Ctrl+D","was_assigned":true}},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["activeTab","bookmarks","bookmarkManagerPrivate","fileSystem","fileSystem.write","identity","identity.email","management","metricsPrivate","notifications","preferencesPrivate","storage","tabs","webConnectable"],"explicit_host":["*://*.google.com/*","chrome://favicon/*"],"manifest_permissions":[{"chrome_ui_overrides":true}]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13075581496336912","lastpingday":"13076837991268608","location":10,"manifest":{"background":{"persistent":true,"scripts":["bootstrap.js","background_compiled.js"]},"chrome_ui_overrides":{"bookmarks_ui":{"remove_bookmark_shortcut":true,"remove_button":true}},"chrome_url_overrides":{"bookmarks":"bookmarks.html"},"commands":{"_execute_page_action":{"description":"Stars popup","suggested_key":{"default":"Ctrl+D"}}},"content_security_policy":"script-src 'self' https://*.google.com https://*.gstatic.com; object-src 'self'","current_locale":"de","default_locale":"en","description":"Bookmark Manager","externally_connectable":{"matches":["*://*.google.com/*"]},"icons":{"16":"icons/bookmarks16.png","32":"icons/bookmarks32.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDO1rEc7Du17LBzIOf1nXMC4JM4suAzgaswHRjJhaE4/fNIXxrTjqaDH5tpU7huX8RdVyuu3zggdP36mpqhLYNzCf9fgnvhZEGpsXYqedWXapQ4nrVca4Xg5SB8/K7oRS+dnMwwxYjED434qTyfiSiJoXVo7MXa+qBckMQ6Wf0t0QIDAQAB","manifest_version":2,"minimum_chrome_version":"42","name":"Bookmark Manager","oauth2":{"client_id":"610799782257-avhfi6rijk0n02t94linmllq54ool5kf.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/chromesync"]},"page_action":{"default_icon":{"19":"icons/collected19.png"},"default_title":"Star Page"},"permissions":["activeTab","bookmarks","bookmarkManagerPrivate","chrome://favicon/","identity","identity.email","management","metricsPrivate","notifications","preferencesPrivate","storage","tabs","*://*.google.com/*",{"fileSystem":["write"]}],"update_url":"https://clients2.google.com/service/update2/crx","version":"2.2015.506.11355"},"path":"gmlllbghnfkpflemihljekbapjopfjik\\2.2015.506.11355_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"jdpbajmogfhlafbipjjklkdhloplicgc":{"active_permissions":{"api":["contextMenus","notifications","tabs"],"explicit_host":["hxxp://*/*","https://*/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["contextMenus","notifications","tabs"],"explicit_host":["hxxp://*/*","https://*/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069560762237041","lastpingday":"13076837991268608","location":1,"manifest":{"background":{"scripts":["jquery.js","background.js"]},"content_security_policy":"script-src 'self' https://*.google.com https://*.google-analytics.com https://*.doubleclick.net; object-src 'self'","description":"Flash Player - save your favorite flash and easily run in player later!","icons":{"128":"img/ico_128.png","16":"img/ico_16.png","48":"img/ico_48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/yKLX1TTIES6749NgwHx/NUaFNVv/EUL4ivQCH7IyglURV/YIaL4QbOawkKho+r29ULN2Nu2reYl7aK/uYcP3P0+xuBd3dV7STFJdReqeyIfQlE9RJACIXKoKUNxlWtwQO1lv06c1Pm0Mhimp2L3EIbxIrqRXh1egjPvDr6Z0GZ9OVUotaL21gpqQ5Ry1xcMZE5rDmaZX0TomI71+tjReMhFJmnhXSJdbmM050hjJXD+3OEKFmd7Jpn/dpv3oSSoMRP36e4jl9likOi/mU5aH1og0SGZKf46xDF4PCH/unwTi0PhtDeJ9vf0tB9Kl1nFqG3Ho5hOQ7JsCKTY92ujQIDAQAB","manifest_version":2,"name":"Flash Player","options_page":"options.html","permissions":["tabs","hxxp://*/*","https://*/*","contextMenus","notifications"],"update_url":"https://clients2.google.com/service/update2/crx","version":"1.4"},"path":"jdpbajmogfhlafbipjjklkdhloplicgc\\1.4_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"kmendfapggjehodndflmmgagdbamhnfd":{"active_permissions":{"api":["cryptotokenPrivate","externally_connectable.all_urls","hid","tabs","u2fDevices","usb",{"usbDevices":[{"interfaceId":-1,"productId":529,"vendorId":4176}]},"webConnectable"],"explicit_host":["hxxp://*/*","https://*/*","https://www.gstatic.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["runtime.onConnectExternal","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076786662121584","location":5,"manifest":{"background":{"persistent":false,"scripts":["util.js","b64.js","sha256.js","countdown.js","countdowntimer.js","devicestatuscodes.js","approvedorigins.js","errorcodes.js","gnubbycodetypes.js","webrequest.js","gnubbymsgtypes.js","messagetypes.js","factoryregistry.js","closeable.js","requesthelper.js","webrequestsender.js","enroller.js","requestqueue.js","signer.js","origincheck.js","textfetcher.js","appid.js","watchdog.js","cryptotokenorigincheck.js","cryptotokenapprovedorigins.js","gnubbydevice.js","hidgnubbydevice.js","usbgnubbydevice.js","gnubbies.js","gnubby.js","gnubby-u2f.js","gnubbyfactory.js","singlesigner.js","multiplesigner.js","generichelper.js","inherits.js","individualattest.js","devicefactoryregistry.js","usbhelper.js","usbenrollhandler.js","usbsignhandler.js","usbgnubbyfactory.js","googlecorpindividualattest.js","cryptotokenbackground.js"]},"description":"CryptoToken Component Extension","externally_connectable":{"accepts_tls_channel_id":true,"ids":["fjajfjhkeibgmiggdfehjplbhmfkialk"],"matches":["\u003Call_urls>"]},"incognito":"split","key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7zRobvA+AVlvNqkHSSVhh1sEWsHSqz4oR/XptkDe/Cz3+gW9ZGumZ20NCHjaac8j1iiesdigp8B1LJsd/2WWv2Dbnto4f8GrQ5MVphKyQ9WJHwejEHN2K4vzrTcwaXqv5BSTXwxlxS/mXCmXskTfryKTLuYrcHEWK8fCHb+0gvr8b/kvsi75A1aMmb6nUnFJvETmCkOCPNX5CHTdy634Ts/x0fLhRuPlahk63rdf7agxQv5viVjQFk+tbgv6aa9kdSd11Js/RZ9yZjrFgHOBWgP4jTBqud4+HUglrzu8qynFipyNRLCZsaxhm+NItTyNgesxLdxZcwOz56KD1Q4IQIDAQAB","manifest_version":2,"name":"CryptoTokenExtension","permissions":["hid","u2fDevices","usb","cryptotokenPrivate","externally_connectable.all_urls","tabs","https://*/*","hxxp://*/*",{"usbDevices":[{"productId":529,"vendorId":4176}]}],"version":"0.9.22"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\cryptotoken","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"lccekmodgklaepjeofjdjpbminllajkg":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13076850304762459","lastpingday":"13076837991268608","location":10,"manifest":{"description":"Support files for Chrome Hotwording.","export":{"resources":["audio/*","_platform_specific/*","hotword_*.nmf"],"whitelist":["nbpagnldghgfoolbancepceaanlmhfmd"]},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxhwmnepSrtvEcatE9K4SxOUTy6U1LNpuaT3BNr12cuehQT5YAGeUcgeIMQmE0/h/EefU53TcjUEn9vgE8+aSZW0VirROE36hfcWpqyxf9jh0mPRluLIxCW+ObD/B5YoXj0kxTWIaDQqKYBJyo+QCRwef5hwfAoUoDggnYDRHHG4z3mfZJ4duY2H3ISEw4/tsvAm8SxCZm+W6laCV0AkJxO+s4bNNC0z0Y5+G3nw24uV8cdMnfQcFUWJncnwqDSTUp7vOZb570Wv02TD+qhpA2rlF0/ym6edXoKzapR4+SQQllDXZ0yLZ3GQ6uf7IsCufSoYPoIsmYExHrlZbgVkWwIDAQAB","manifest_version":2,"minimum_chrome_version":"39","name":"Chrome Hotword Shared Module","platforms":[{"lang":"de","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_de/"},{"lang":"de","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_de/"},{"lang":"de","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_de/"},{"lang":"en-AU","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_en-au/"},{"lang":"en-AU","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_en-au/"},{"lang":"en-AU","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_en-au/"},{"lang":"en-GB","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_en-gb/"},{"lang":"en-GB","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_en-gb/"},{"lang":"en-GB","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_en-gb/"},{"lang":"es","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_es/"},{"lang":"es","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_es/"},{"lang":"es","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_es/"},{"lang":"fr","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_fr/"},{"lang":"fr","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_fr/"},{"lang":"fr","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_fr/"},{"lang":"it","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_it/"},{"lang":"it","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_it/"},{"lang":"it","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_it/"},{"lang":"ja","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_ja/"},{"lang":"ja","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_ja/"},{"lang":"ja","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_ja/"},{"lang":"ko","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_ko/"},{"lang":"ko","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_ko/"},{"lang":"ko","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_ko/"},{"lang":"pt-BR","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_pt-br/"},{"lang":"pt-BR","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_pt-br/"},{"lang":"pt-BR","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_pt-br/"},{"lang":"ru","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_ru/"},{"lang":"ru","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_ru/"},{"lang":"ru","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_ru/"},{"nacl_arch":"arm","sub_package_path":"_platform_specific/arm_/"},{"nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_/"},{"nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_/"}],"update_url":"https://clients2.google.com/service/update2/crx","version":"0.3.0.5"},"path":"lccekmodgklaepjeofjdjpbminllajkg\\0.3.0.5_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"mfehgcgbbipciphmccgaenjidiccnmng":{"active_permissions":{"api":["cloudPrintPrivate"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13047219953086097","location":5,"manifest":{"app":{"launch":{"web_url":"https://www.google.com/cloudprint"},"urls":["https://www.google.com/cloudprint/enable_chrome_connector"]},"description":"Cloud Print","display_in_launcher":false,"icons":{},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqOhnwk4+HXVfGyaNsAQdU/js1Na56diW08oF1MhZiwzSnJsEaeuMN9od9q9N4ZdK3o1xXOSARrYdE+syV7Dl31nf6qz3A6K+D5NHe6sSB9yvYlIiN37jdWdrfxxE0pRYEVYZNTe3bzq3NkcYJlOdt1UPcpJB+isXpAGUKUvt7EQIDAQAB","name":"Cloud Print","permissions":["cloudPrintPrivate"],"version":"0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\cloud_print","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"mfffpogegjflfpflabcdkioaeobkgjik":{"active_permissions":{"api":["webRequest","webRequestBlocking"],"explicit_host":["\u003Call_urls>","chrome://favicon/*"],"manifest_permissions":[],"scriptable_host":["\u003Call_urls>"]},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13047225900967196","location":5,"manifest":{"background":{"scripts":["background.js","channel.js"]},"content_scripts":[{"all_frames":true,"js":["channel.js","desktop_injected.js"],"matches":["\u003Call_urls>"]}],"content_security_policy":"default-src 'self'; script-src 'self'; frame-src *; style-src 'self' 'unsafe-inline'","description":"GAIA Component Extension","key":"MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQC4L17nAfeTd6Xhtx96WhQ6DSr8KdHeQmfzgCkieKLCgUkWdwB9G1DCuh0EPMDn1MdtSwUAT7xE36APEzi0X/UpKjOVyX8tCC3aQcLoRAE0aJAvCcGwK7qIaQaczHmHKvPC2lrRdzSoMMTC5esvHX+ZqIBMi123FOL0dGW6OPKzIwIBIw==","manifest_version":2,"name":"GaiaAuthExtension","permissions":["\u003Call_urls>","tabs","webRequest"],"version":"0.0.1","web_accessible_resources":["main.css","main.html","main.js","util.js"]},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\gaia_auth","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"mgndgikekgjfcpckkfioiadnlibdjbkf":{"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"n","commands":{},"content_settings":[],"creation_flags":1,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13047219953086097","location":5,"manifest":{"app":{"launch":{"web_url":"hxxp://THIS-WILL-BE-REPLACED"}},"description":"Chrome as an app","display_in_launcher":true,"display_in_new_tab_page":false,"icons":{"128":"product_logo_128.png","16":"product_logo_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNuYLEQ1QPMcc5HfWI/9jiEf6FdJWqEtgRmIeI7qtjPLBM5oje+Ny2E2mTAhou5qdJiO2CHWdU1DQXY2F7Zu2gZaKZgHLfK4WimHxUT5Xd9/aro/R9PCzjguM1BLusiWYc9xlj1IsZpyiN1hcjU7SCnBhv1feQlv2WSB5KRiXwhQIDAQAB","name":"Chrome","version":"0.1"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\chrome_app","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"mhjfbmdgcfjbbpaeojofohoefgiehjai":{"active_permissions":{"api":[],"explicit_host":["\u003Call_urls>","chrome://favicon/*"],"manifest_permissions":[],"scriptable_host":["chrome://print/*"]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13073839066817189","location":5,"manifest":{"content_scripts":[{"js":["content_script.js"],"matches":["chrome://print/*"]}],"content_security_policy":"script-src 'self' chrome://resources; object-src *; plugin-types application/x-google-chrome-pdf","description":"","incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDN6hM0rsDYGbzQPQfOygqlRtQgKUXMfnSjhIBL7LnReAVBEd7ZmKtyN2qmSasMl4HZpMhVe2rPWVVwBDl6iyNE/Kok6E6v6V3vCLGsOpQAuuNVye/3QxzIldzG/jQAdWZiyXReRVapOhZtLjGfywCvlWq7Sl/e3sbc0vWybSDI2QIDAQAB","manifest_version":2,"mime_types":["application/pdf"],"mime_types_handler":"index.html","name":"Chrome PDF Viewer","offline_enabled":true,"permissions":["\u003Call_urls>"],"version":"1","web_accessible_resources":["index.html","index.html"]},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\42.0.2311.90\\resources\\pdf","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"nbpagnldghgfoolbancepceaanlmhfmd":{"active_permissions":{"api":["audioCapture","hotwordPrivate","idle","management","metricsPrivate","tabs","unlimitedStorage","webConnectable"],"explicit_host":["*://*.google.at/*","*://*.google.ca/*","*://*.google.co.jp/*","*://*.google.co.kr/*","*://*.google.co.nz/*","*://*.google.co.uk/*","*://*.google.co.za/*","*://*.google.com.au/*","*://*.google.com.br/*","*://*.google.com.mx/*","*://*.google.com/*","*://*.google.de/*","*://*.google.es/*","*://*.google.fr/*","*://*.google.it/*","*://*.google.ru/*","chrome://newtab/*","chrome://resources/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["hotwordPrivate.onDeleteSpeakerModel","hotwordPrivate.onEnabledChanged","hotwordPrivate.onSpeakerModelExists","management.onInstalled","runtime.onMessageExternal","runtime.onStartup"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13073839066814255","location":5,"manifest":{"background":{"persistent":false,"scripts":["chrome://resources/js/cr.js","chrome://resources/js/util.js","chrome://resources/js/cr/event_target.js","constants.js","keep_alive.js","logging.js","metrics.js","nacl_manager.js","state_manager.js","base_session_manager.js","always_on_manager.js","launcher_manager.js","page_audio_manager.js","training_manager.js","manager.js"]},"content_security_policy":"object-src 'none'; script-src chrome://resources 'self'","import":[{"id":"lccekmodgklaepjeofjdjpbminllajkg"}],"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbHXRPiq2De9EJ+4pvNN6uE/D2avxrqyLSpA/Hq3II+btkPl1gboY3oUPTfevpVOFa90Y1c1b3/W682dXqybT0klIvFLKhdQx0LiVqSUQyIaDrwOCSo/ZcukbEwDRojegWymCjHvX6WZk4kKZzTJYzY1vrp0TWKLhttEMN9KFmowIDAQAB","manifest_version":2,"minimum_chrome_version":"38","name":"Hotword triggering","permissions":["*://*.google.at/*","*://*.google.ca/*","*://*.google.com/*","*://*.google.com.au/*","*://*.google.com.mx/*","*://*.google.com.br/*","*://*.google.co.jp/*","*://*.google.co.kr/*","*://*.google.co.nz/*","*://*.google.co.uk/*","*://*.google.co.za/*","*://*.google.de/*","*://*.google.es/*","*://*.google.fr/*","*://*.google.it/*","*://*.google.ru/*","chrome://newtab/","chrome://resources/","audioCapture","hotwordPrivate","idle","management","metricsPrivate","tabs","unlimitedStorage"],"version":"0.0.1.4"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\42.0.2311.90\\resources\\hotword","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"neajdppkdcdipfabeoofebfddakdcjhd":{"active_permissions":{"api":["systemPrivate","ttsEngine"],"explicit_host":["https://www.google.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["ttsEngine.onPause","ttsEngine.onResume","ttsEngine.onSpeak","ttsEngine.onStop"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13047219953086097","location":5,"manifest":{"background":{"persistent":false,"scripts":["tts_extension.js"]},"description":"Component extension providing speech via the Google network text-to-speech service.","key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GSbNUMGygqQTNDMFGIjZNcwXsHLzkNkHjWbuY37PbNdSDZ4VqlVjzbWqODSe+MjELdv5Keb51IdytnoGYXBMyqKmWpUrg+RnKvQ5ibWr4MW9pyIceOIdp9GrzC1WZGgTmZismYR3AjaIpufZ7xDdQQv+XrghPWCkdVqLN+qZDA1HU+DURznkMICiDDSH2sU0egm9UbWfS218bZqzKeQDiC3OnTPlaxcbJtKUuupIm5knjze3Wo9Ae9poTDMzKgchg0VlFCv3uqox+wlD8sjXBoyBCCK9HpImdVAF1a7jpdgiUHpPeV/26oYzM9/grltwNR3bzECQgSpyXp0eyoegwIDAQAB","manifest_version":2,"name":"Google Network Speech","permissions":["systemPrivate","ttsEngine","https://www.google.com/"],"tts_engine":{"voices":[{"event_types":["start","end","error"],"gender":"female","lang":"en-US","remote":true,"voice_name":"Google US English"},{"event_types":["start","end","error"],"gender":"male","lang":"en-GB","remote":true,"voice_name":"Google UK English Male"},{"event_types":["start","end","error"],"gender":"female","lang":"en-GB","remote":true,"voice_name":"Google UK English Female"},{"event_types":["start","end","error"],"gender":"female","lang":"es-ES","remote":true,"voice_name":"Google Español"},{"event_types":["start","end","error"],"gender":"female","lang":"fr-FR","remote":true,"voice_name":"Google Français"},{"event_types":["start","end","error"],"gender":"female","lang":"it-IT","remote":true,"voice_name":"Google Italiano"},{"event_types":["start","end","error"],"gender":"female","lang":"de-DE","remote":true,"voice_name":"Google Deutsch"},{"event_types":["start","end","error"],"gender":"female","lang":"ja-JP","remote":true,"voice_name":"Google æ?¥æ?¬äºº"},{"event_types":["start","end","error"],"gender":"female","lang":"ko-KR","remote":true,"voice_name":"Google í??êµ*ì?"},{"event_types":["start","end","error"],"gender":"female","lang":"zh-CN","remote":true,"voice_name":"Google ä¸*å?½ç??"}]},"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\network_speech_synthesis","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"nkeimhogjdpnpccoofpliimaahmaaome":{"active_permissions":{"api":["alarms","desktopCapture","processes","webConnectable","webrtcAudioPrivate","webrtcLoggingPrivate","system.cpu"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["runtime.onConnectExternal","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13047219953086097","location":5,"manifest":{"background":{"page":"background.html","persistent":false},"externally_connectable":{"matches":["https://*.google.com/hangouts*","*://localhost/*"]},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAQt2ZDdPfoSe/JI6ID5bgLHRCnCu9T36aYczmhw/tnv6QZB2I6WnOCMZXJZlRdqWc7w9jo4BWhYS50Vb4weMfh/I0On7VcRwJUgfAxW2cHB+EkmtI1v4v/OU24OqIa1Nmv9uRVeX0GjhQukdLNhAE6ACWooaf5kqKlCeK+1GOkQIDAQAB","manifest_version":2,"name":"Google+ Hangouts","permissions":["alarms","desktopCapture","system.cpu","webrtcAudioPrivate","webrtcLoggingPrivate"],"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\hangout_services","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"nmmhkkegccagdldgiimedpiccmgmieda":{"ack_external":true,"active_permissions":{"api":["identity","webview"],"explicit_host":["https://wallet-web.sandbox.google.com/*","https://wallet.google.com/*","https://www.google.com/*","https://www.googleapis.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":137,"events":["app.runtime.onLaunched","runtime.onConnectExternal"],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["identity","webview"],"explicit_host":["https://wallet-web.sandbox.google.com/*","https://wallet.google.com/*","https://www.google.com/*","https://www.googleapis.com/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076083795769094","lastpingday":"13076837991268608","location":10,"manifest":{"app":{"background":{"scripts":["craw_background.js"]}},"current_locale":"de","default_locale":"en","description":"Google Wallet für digitale Produkte","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"128":"images/icon_128.png","16":"images/icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB","manifest_version":2,"minimum_chrome_version":"29","name":"Google Wallet","oauth2":{"auto_approve":true,"client_id":"203784468217.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/sierra","https://www.googleapis.com/auth/sierrasandbox","https://www.googleapis.com/auth/chromewebstore","https://www.googleapis.com/auth/chromewebstore.readonly"]},"permissions":["identity","webview","https://wallet.google.com/","https://wallet-web.sandbox.google.com/","https://www.google.com/","https://www.googleapis.com/*"],"update_url":"https://clients2.google.com/service/update2/crx","version":"0.1.1.0"},"path":"nmmhkkegccagdldgiimedpiccmgmieda\\0.1.1.0_0","preferences":{},"regular_only_preferences":{},"running":false,"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"pafkbggdmjlpgkdkcbjmhmfcdpncadgh":{"active_permissions":{"api":["alarms","background","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","pushMessaging.onMessage","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13047494520443494","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","identity","metricsPrivate","notifications","pushMessaging","storage","tabs","webstorePrivate","\u003Call_urls>"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\google_now","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_bit":false,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"events":[],"exclude_from_sideload_wipeout":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13072014288556453","last_active_pingday":"13047202800207632","lastpingday":"13076837991268608","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"de","default_locale":"en","description":"Schneller E-Mail-Dienst mit Suchfunktion und wenig Spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Google Mail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"drouwnt@gmail.com","username":"drouwnt@gmail.com"}},"homepage":"about:blank","homepage_is_newtabpage":true,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"2CBC0781DE9966B41905E02ED20B6812A15EF013CCA7CD0E5743ADDAF1B0B68B"},"default_search_provider":{"keyword":"423B332A0043B3B76F8EFDBDAD56501CB6B1A7BB9BBC0B9D4BF8DD3FDDD98097","name":"FABB21EEC7F9F5E574A454FD2310CFA17F271AD1BD80B492C9FFEE912964B976","search_url":"316CD526D39B2EFC53202FDE8F3B07620D58BC57FB030AB3F82CF547D2C96477"},"default_search_provider_data":{"template_url_data":"8BA686CA96C80F853839E62053D90319056E1AF408B82E600C0377E498C47238"},"extensions":{"settings":{"aakchaleigkohafkfjfjbblobjifikek":"5A995156451CFBDBC1FAAD5375BC276EBF2B104F331147BCF48AA8D1C1C39B84","ahfgeienlihckogmohjhadlkjgocpleb":"69ED083A423594044425AD029CB4857F22F76ECDC9B905F674D4D61DE88C32C8","aohghmighlieiainnegkcijnfilokake":"4E0E145742BE11F8716111399FA86E58BD6AD33179E477F1BBE26734BB64ADBD","apdfllckaahabafndbhieahigkjlhalf":"500868CAE3BE6E2BF4A23C363AE1DEE3800B770F7284ED30C1E2669F1E6E938F","bepbmhgboaologfdajaanbcjmnhjmhfn":"E7976F2AB596465B057399729FDFA8AE6064D30CE58585C3F1A1A2630D0C54F0","blpcfgokakmgnkcojhhkbfbldkacnbeo":"DF34360CEF409DFE2802DDE1A854A6B04999DC9124EE6D6B61F397B4D665BD66","coobgpohoikkiipiblmjeljniedjpjpf":"DCE56BA0EC86FCADFEE1E2AC25943291B4861FC74E7B8AB34AA9C38D85A4EEE4","dnhpdliibojhegemfjheidglijccjfmc":"99B4D109F7C02B5928CF9ED4229AF1EA092D2895AE770BE79250E3517FBE5B29","eemcgdkfndhakfknompkggombfjjjeno":"FC40B5C4307DD3CC980DE319FF0C186D0D5A317FD3E0F0EE4BCF4E38F963028A","ennkphjdgehloodpbhlhldgbnhmacadg":"EF1694639A2291E47A2E7D405EF06C08BA5AE29C357B9378C95FA4C6F9943770","flliilndjeohchalpbbcdekjklbdgfkk":"6EDD6DA7CE9129E948DA361B98A4FE03357C62502734134A9C563D3A000679AD","gfdkimpbcpahaombhbimeihdjnejgicl":"67B8120E99A674957972C6E11EBD62D7272B91C0DDF132737465F8DC8B78DA7A","gmlllbghnfkpflemihljekbapjopfjik":"BAB31A95009C6460F2B269CD24D1B4BDCDE7DA4B6F3EA379BEF76E4C0295BCE2","jdpbajmogfhlafbipjjklkdhloplicgc":"4F994A526979E6BB74522BE9B65553831E230754B930C3D35242D4487A26BF8A","kmendfapggjehodndflmmgagdbamhnfd":"F7AECCEAA189DF82528EED674FC51181F4FD2136F1E0234AF018E3DDC018FBDB","lccekmodgklaepjeofjdjpbminllajkg":"487A41E3276741D666540608B339FD055C676B8B57812B2A4804E0774C7EB5FB","mfehgcgbbipciphmccgaenjidiccnmng":"B970462856B2995A209661159BA123924DBBA97FAE1D4EAD63CD5ACD14E6FCA6","mfffpogegjflfpflabcdkioaeobkgjik":"F8D55818D384762C332EBCAAEC6B723E1D21DC2FC223158DC1099537D8865E5E","mgndgikekgjfcpckkfioiadnlibdjbkf":"2129DE2A0596675848130C9DE6B1AF649F161806E7BE07D26F02F5175BEDA347","mhjfbmdgcfjbbpaeojofohoefgiehjai":"0448BCBBE77FAF18F293F5DB28FC5BEA8C280AB67B9ED8CACB746DB6C131E053","nbpagnldghgfoolbancepceaanlmhfmd":"42A536755706BE2D10DFCAC87A5F08F664FE10DC81C3E04227216C2467AF263B","neajdppkdcdipfabeoofebfddakdcjhd":"905E0B656F5D9B658BBCC0FEB3E449CB49DEDAD01EEC5ED889469E48BB421679","nkeimhogjdpnpccoofpliimaahmaaome":"7997CB559389EF3C060C8028F4E5EB3A1BEA805B8F2742177BCCE0E47A7387B6","nmmhkkegccagdldgiimedpiccmgmieda":"7547F15BA3A82C9896FDE191EC2062D7B8D6EAB52C9D723F84A2214D781C174B","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"13B92D45C56B92259AED3E3FEF4E28270E43E82B0A98B3B0CA75E966647F6E28","pjkljhegncpnkpknbcohdijeoejaedia":"7E711C4130909CD990B267533C8825B795BEF5C1FDDD553EAE83B165A94E20EE"}},"google":{"services":{"last_username":"44DB17BB2A55377E714517D9ABB92C70B59B0551B21AA4784F36B7DC71939CB4","username":"D0CCE8EA8CF884D2B95727F445F9F14688ECC31E2C55801922315F5BFAE5F40B"}},"homepage":"2765B0E1AC3BA63671BE20EC14C9E78506412C807E200ED9A6AC2C35EF9315D7","homepage_is_newtabpage":"7422329E120EA230B628BD8F1AF660E41E6906AE83EE9AB7AE64B7F6D97AA75A","pinned_tabs":"37434CA542B8127552BC03EA9D572546EBA44F574A2DE64B366D8383C5C70EC3","prefs":{"preference_reset_time":"63CDC45CA5C465691C72F066CF80EAD8FB02F5009F36FC1FDEC5BB388E25E816"},"profile":{"reset_prompt_memento":"C8163042571F923258FAD16BA3685E606839769612E50D728CD35D2820879366"},"safebrowsing":{"incidents_sent":"760DF2BFE1BE95E5386231B53ACE3BEB5B3EF70DCB032912E752F59915963090"},"search_provider_overrides":"26628B91310F6E4FCFA8178665644ADE5E07E3A672FA284CC247ECE0F4A47CAC","session":{"restore_on_startup":"A6A281C91816391A5B56974C02556AD67C5027A2ED9022002456CAB96082A2E4","startup_urls":"7FD92C9C4AF22A3E47A5AEE9BE7B23B6441C2CCC5A71B40D2B66838C2801D946"},"software_reporter":{"prompt_reason":"8F17FA10D8B790F4120F61A19E32CB9CB846C0E61015BBB6CB74930212BA51E1","prompt_seed":"97901F1B313E6CB70BB822E53D71A79C8445395C976B400AD7FB9AFB11F575FD","prompt_version":"F2D683C40365D34B2B19FD9E0140D8FAAD172C542E213DC8FC89379669419673"},"sync":{"remaining_rollback_tries":"63AA0DBD852AA3A7EAE4A381D2857D121EA5E08CF21B307287864DF8CE472514"}},"super_mac":"9571D49E2AD1A63280F8D339603CE6DBACF8D1FE956AC66699665A38A11C76C1"},"session":{"restore_on_startup":5,"startup_urls":["hxxp://www.delta-search.com/?affID=119776&tt=100512_4_&babsrc=HP_ss&mntrId=74e4f76d0000000000000ceee6a8aa49","hxxp://start.iminent.com/?appId=70C301B4-0B7E-40C7-A2D7-9E43C1B4D306","hxxp://search.iminent.com/?appId=70C301B4-0B7E-40C7-A2D7-9E43C1B4D306"],"urls_to_restore_on_startup":null},"sync":{"remaining_rollback_tries":0}}), Ersetzt,[07cfaaedabdff4421641f3774eb8da26]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Und AdwCleaner.txt:

Code:
# AdwCleaner v4.205 - Bericht erstellt 25/05/2015 um 12:19:22
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-24.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Dirk - BUYAKA
# Gestarted von : D:\Downloads\AdwCleaner_4.205.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\ExpressFiles
Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\pdfforge
Datei Gelöscht : C:\WINDOWS\Reimage.ini
Datei Gelöscht : C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\ko2e0n80.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_snagit.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_snagit.softonic.de_0.localstorage-journal
Datei Gelöscht : C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal

***** [ Geplante Tasks ] *****

Task Gelöscht : Express FilesUpdate

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gelöscht : HKCU\Software\ExpressFiles
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Reimage
Schlüssel Gelöscht : HKCU\Software\DownLite
Schlüssel Gelöscht : HKLM\SOFTWARE\ExpressFiles
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Reimage

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v37.0.2 (x86 de)

[ko2e0n80.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.adapters", "{\"start.iminent.com\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"expireTime\":\"14087228007[...]
[ko2e0n80.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"b7110a40-a16f-4a12-a411-bd0b6014905a\",\"name\":\"Superfish\",\"addonId\":2,\"url\":\"//www.superfish.com/ws/sf_main.jsp\",\"queryStri[...]
[ko2e0n80.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent102", "1409163149955");
[ko2e0n80.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent109", "1409607425093");
[ko2e0n80.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent110", "1409484642362");
[ko2e0n80.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent111", "1409607424871");
[ko2e0n80.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent112", "1409607426595");
[ko2e0n80.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.registerToolbarEvent122", "1409607425151");
[ko2e0n80.default\prefs.js] - Zeile Gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");

-\\ Google Chrome v43.0.2357.65


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [5096 Bytes] - [25/05/2015 12:11:24]
AdwCleaner[S0].txt - [4824 Bytes] - [25/05/2015 12:19:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4883  Bytes] ##########
und zu guter Letzt JRT.txt:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.9 (05.24.2015:1)
OS: Windows 8.1 x64
Ran by Dirk on 25.05.2015 at 12:28:34,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-3411081457-3890955146-2593942546-1002



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_AE66652699FDF5CB54FF6437594D0294



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}



~~~ Files

Successfully deleted: [File] C:\Users\Dirk\appdata\local\google\chrome\user data\default\local storage\http_www.best-deals-products.com_0.localstorage
Successfully deleted: [File] C:\Users\Dirk\appdata\local\google\chrome\user data\default\local storage\http_www.best-deals-products.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Dirk\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage
Successfully deleted: [File] C:\Users\Dirk\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Dirk\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage
Successfully deleted: [File] C:\Users\Dirk\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Dirk\appdata\local\google\chrome\user data\default\local storage\https_www.best-deals-products.com_0.localstorage
Successfully deleted: [File] C:\Users\Dirk\appdata\local\google\chrome\user data\default\local storage\https_www.best-deals-products.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Dirk\appdata\local\google\chrome\user data\default\local storage\https_www.superfish.com_0.localstorage
Successfully deleted: [File] C:\Users\Dirk\appdata\local\google\chrome\user data\default\local storage\https_www.superfish.com_0.localstorage-journal



~~~ Folders

Successfully deleted: [Folder] C:\WINDOWS\syswow64\ai_recyclebin



~~~ FireFox

Emptied folder: C:\Users\Dirk\AppData\Roaming\mozilla\firefox\profiles\ko2e0n80.default\minidumps [10 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.05.2015 at 12:29:59,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Neuer FRST Scan:

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 01
Ran by Dirk (administrator) on BUYAKA on 25-05-2015 13:01:49
Running from D:\Downloads
Loaded Profiles: Dirk (Available Profiles: Dirk)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-04-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [885760 2012-02-22] (Creative Technology Ltd)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [542560 2012-11-09] (ROCCAT GmbH)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5119600 2012-05-11] (VIA)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [LifeCam] => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PowerDVD14Agent] => D:\Power DvD\PowerDVD14\PowerDVD14Agent.exe [795672 2014-04-28] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.OE.Systray.exe [128760 2015-05-07] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\Run: [Google Update] => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-15] (Google Inc.)
HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7435320 2015-05-22] (GOG.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Networks Killer Network Manager.lnk [2013-01-17]
ShortcutTarget: Bigfoot Networks Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-08-07]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013-01-26]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-23] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-23] (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-23] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-23] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{68927ED1-1B66-4CC7-A556-99F8C5008778}: [NameServer] 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\ko2e0n80.default
FF SelectedSearchEngine:
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dirk\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: @talk.google.com/O1DPlugin -> C:\Users\Dirk\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-03-10] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Dirk\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dirk\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Avira Browser Safety - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\ko2e0n80.default\Extensions\abs@avira.com [2015-05-16]
FF Extension: ProxTube - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\ko2e0n80.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-12]

Chrome:
=======
CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browser Safety) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-25]
CHR Extension: (Bookmark Manager) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25]
CHR Extension: (Google Wallet) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-24]
CHR Extension: (Google Docs) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-26]
CHR Extension: (Google Drive) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-24]
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-26]
CHR Extension: (Google Search) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-26]
CHR Extension: (Google Sheets) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-24]
CHR Extension: (Google Wallet) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-04-16] (Avira Operations GmbH & Co. KG)
S2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [342528 2012-11-09] (AVerMedia) []
S2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) []
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [206584 2015-05-07] (Avira Operations GmbH & Co. KG)
S2 Bigfoot Networks Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [492032 2012-10-23] () []
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-01-25] (Creative Labs) []
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-01-25] (Creative Labs) []
S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) []
S2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103424 2013-02-14] (Creative Technology Ltd)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1743928 2015-05-22] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6516792 2015-05-22] (GOG.com)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-08] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) []
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) []
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-08] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-08] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) []
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVer330; C:\Windows\system32\DRIVERS\AVer330.sys [1471104 2013-01-07] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 BfEdge7x64; C:\Windows\system32\DRIVERS\Edge7x64.sys [31336 2012-10-23] (Bigfoot Networks, Inc.)
R3 BFN7x64; C:\Windows\System32\drivers\Xeno7x64.sys [157288 2012-10-23] (Bigfoot Networks, Inc.)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1044760 2013-02-14] (Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [28440 2013-02-14] (Creative Technology Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34408 2013-10-14] (Microsoft Corporation)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-25 12:29 - 2015-05-25 12:29 - 00003048 _____ () C:\Users\Dirk\Desktop\JRT.txt
2015-05-25 12:28 - 2015-05-25 12:28 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-BUYAKA-Windows-8.1-(64-bit).dat
2015-05-25 12:28 - 2015-05-25 12:28 - 00000000 ____D () C:\RegBackup
2015-05-25 12:25 - 2015-05-25 12:25 - 00004983 _____ () C:\Users\Dirk\Desktop\AdwCleaner[S0].txt
2015-05-25 12:11 - 2015-05-25 12:19 - 00000000 ____D () C:\AdwCleaner
2015-05-25 12:08 - 2015-05-25 12:08 - 00058963 _____ () C:\Users\Dirk\Desktop\mbam.txt
2015-05-25 11:38 - 2015-05-25 12:06 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-25 11:38 - 2015-05-25 11:38 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-25 11:38 - 2015-05-25 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-25 11:38 - 2015-05-25 11:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-25 11:38 - 2015-05-25 11:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-25 11:38 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-05-25 11:38 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-25 11:38 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-25 04:22 - 2015-05-25 13:01 - 00000000 ____D () C:\FRST
2015-05-21 18:08 - 2015-05-21 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2015-05-20 01:15 - 2015-05-12 04:34 - 00571024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-05-20 01:13 - 2015-05-13 08:52 - 00195912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-05-20 01:13 - 2015-05-13 08:52 - 00031552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 42718864 _____ () C:\WINDOWS\system32\nvcompiler.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 37741712 _____ () C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 22945424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 16145176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 15858728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 14455296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 10972304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-05-20 01:13 - 2015-05-12 08:27 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 02599056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435286.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435286.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01099808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01050256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00982672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00974480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00939080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00878816 _____ () C:\WINDOWS\system32\nvmcumd.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00502896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00407296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00364176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-05-19 20:17 - 2015-05-25 02:52 - 00000000 ____D () C:\Users\Dirk\Documents\The Witcher 3
2015-05-19 20:17 - 2015-05-19 20:17 - 00000000 ____D () C:\Users\Dirk\AppData\Local\GalaxyCommunicationService
2015-05-19 20:17 - 2015-05-19 20:17 - 00000000 ____D () C:\GOG Games
2015-05-18 22:25 - 2015-05-18 22:25 - 00001077 _____ () C:\Users\Public\Desktop\GOG Galaxy.lnk
2015-05-18 22:25 - 2015-05-18 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-05-18 22:25 - 2015-05-18 22:25 - 00000000 ____D () C:\ProgramData\GOG.com
2015-05-18 22:25 - 2015-05-18 22:25 - 00000000 ____D () C:\Program Files (x86)\GalaxyClient
2015-05-14 03:09 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:09 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:02 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 18:02 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 18:02 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 18:02 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 18:02 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 18:02 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 18:02 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 18:02 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 18:02 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 18:02 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 18:02 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 18:02 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 18:02 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 18:02 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 18:02 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 18:02 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 18:02 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 18:01 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 18:01 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 18:01 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 18:01 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 18:01 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 18:01 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 18:01 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 18:00 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 18:00 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 18:00 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 18:00 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 18:00 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 18:00 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 18:00 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 18:00 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 18:00 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 18:00 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 18:00 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 18:00 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 18:00 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 18:00 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 18:00 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 18:00 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 18:00 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 18:00 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 18:00 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 18:00 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 18:00 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 18:00 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 18:00 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 18:00 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 18:00 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 18:00 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 18:00 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 18:00 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 18:00 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 18:00 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 18:00 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 18:00 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 18:00 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 18:00 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 18:00 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 18:00 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 18:00 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 18:00 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 18:00 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 18:00 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 18:00 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 18:00 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 18:00 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 18:00 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 18:00 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 18:00 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 18:00 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 18:00 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 18:00 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-13 18:00 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-13 18:00 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 18:00 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 18:00 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 18:00 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 18:00 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-04-30 18:46 - 2015-04-30 18:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-28 00:04 - 2015-04-28 00:04 - 00000922 _____ () C:\Users\Dirk\AppData\Local\recently-used.xbel
2015-04-27 19:35 - 2015-04-27 19:35 - 00000000 ____D () C:\Users\Dirk\Documents\Job-Card

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-25 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-25 12:46 - 2013-06-16 15:13 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002UA.job
2015-05-25 12:38 - 2014-09-14 21:58 - 00000000 __RDO () C:\Users\Dirk\OneDrive
2015-05-25 12:33 - 2014-09-14 21:39 - 01201108 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-25 12:26 - 2013-01-19 17:43 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-25 12:24 - 2014-03-18 12:03 - 01807578 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-25 12:24 - 2014-03-18 11:25 - 00775384 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-25 12:24 - 2014-03-18 11:25 - 00164104 _____ () C:\WINDOWS\system32\perfc007.dat
2015-05-25 12:22 - 2013-08-22 16:46 - 00396854 _____ () C:\WINDOWS\setupact.log
2015-05-25 12:22 - 2013-06-10 18:44 - 00000000 ___RD () C:\Users\Dirk\Dropbox
2015-05-25 12:22 - 2013-06-10 18:40 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\Dropbox
2015-05-25 12:22 - 2013-02-20 21:24 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\Raptr
2015-05-25 12:22 - 2013-01-19 17:43 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-25 12:19 - 2014-09-14 21:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-25 12:19 - 2014-03-18 03:50 - 00417844 _____ () C:\WINDOWS\PFRO.log
2015-05-25 12:19 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-25 12:19 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-25 12:08 - 2014-02-03 01:40 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-25 11:12 - 2014-12-23 19:51 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{67A2C813-F999-4C25-B04F-888AB6118E69}
2015-05-25 04:41 - 2013-01-20 00:59 - 00000000 ____D () C:\Users\Dirk\Documents\Outlook-Dateien
2015-05-25 02:00 - 2014-08-19 18:21 - 00000000 ____D () C:\Users\Dirk\AppData\Local\Adobe
2015-05-23 21:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-23 18:46 - 2013-06-16 15:13 - 00001078 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002Core.job
2015-05-21 18:08 - 2013-01-22 19:02 - 00514462 _____ () C:\WINDOWS\DirectX.log
2015-05-21 17:35 - 2015-04-04 17:18 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-21 17:35 - 2015-04-04 17:18 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-21 17:35 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-20 01:15 - 2014-09-14 21:39 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-20 01:15 - 2013-01-19 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-19 18:42 - 2013-02-20 21:24 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-05-19 18:41 - 2013-06-16 15:13 - 00004074 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002UA
2015-05-19 18:41 - 2013-06-16 15:13 - 00003694 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002Core
2015-05-19 18:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-19 00:07 - 2014-10-07 20:44 - 00000000 ____D () C:\Users\Dirk\AppData\Local\The Witcher
2015-05-18 22:25 - 2014-03-06 23:27 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-18 19:39 - 2013-01-20 15:15 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\vlc
2015-05-17 13:48 - 2013-01-20 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-17 13:47 - 2015-04-02 12:03 - 00001233 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-05-17 13:47 - 2013-01-20 16:10 - 00000000 ____D () C:\ProgramData\Avira
2015-05-17 13:47 - 2013-01-20 16:10 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-05-17 12:21 - 2015-04-18 04:30 - 00000080 _____ () C:\Users\Dirk\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-05-17 03:13 - 2015-01-10 01:12 - 00000000 ____D () C:\Users\Dirk\AppData\Local\Genymobile
2015-05-17 03:13 - 2015-01-10 01:12 - 00000000 ____D () C:\Users\Dirk\.VirtualBox
2015-05-17 01:21 - 2013-01-19 17:43 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 01:21 - 2013-01-19 17:43 - 00003868 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 13:30 - 2014-04-06 16:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 13:30 - 2014-04-06 16:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 13:30 - 2014-02-03 01:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-14 13:30 - 2013-08-22 16:44 - 05126792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-14 03:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-14 03:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-14 03:10 - 2013-01-20 00:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-14 03:09 - 2013-07-14 13:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-14 03:06 - 2013-01-21 00:20 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-14 03:05 - 2014-04-06 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 03:04 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 08:52 - 2015-03-21 15:49 - 01558848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-05-12 08:27 - 2015-03-21 15:49 - 13263568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-05-12 08:27 - 2014-09-14 21:39 - 00112784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-05-12 08:27 - 2014-09-14 21:39 - 00105288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-05-12 08:27 - 2014-08-19 22:15 - 30478992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-05-12 08:27 - 2014-08-19 22:15 - 17540416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-12 08:27 - 2014-08-19 22:15 - 15048816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-05-12 08:27 - 2014-08-19 22:14 - 12849056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-05-12 08:27 - 2014-08-19 22:14 - 11790144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-05-12 08:27 - 2014-08-19 22:14 - 03363224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-05-12 08:27 - 2014-08-19 22:14 - 00031710 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-05-12 08:27 - 2014-08-19 22:13 - 02971776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 06872392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 03490448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-12 05:30 - 2014-09-14 21:39 - 00385352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-11 20:15 - 2013-06-10 18:44 - 00001070 _____ () C:\Users\Dirk\Desktop\Dropbox.lnk
2015-05-11 20:15 - 2013-06-10 18:40 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-11 19:01 - 2014-09-14 21:39 - 04391871 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-05-10 18:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-08 02:35 - 2014-12-15 21:00 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-05-08 02:35 - 2013-11-16 20:59 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-05-08 02:34 - 2014-12-15 21:00 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-05-08 02:34 - 2013-11-16 20:59 - 01570672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-05-05 19:59 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-03 15:55 - 2014-02-07 19:15 - 00000000 ____D () C:\Users\Dirk\Desktop\Herten
2015-04-28 00:11 - 2013-06-16 11:54 - 00000000 ____D () C:\Users\Dirk\.gimp-2.8

==================== Files in the root of some directories =======

2013-12-24 00:37 - 2013-12-24 00:37 - 0000092 _____ () C:\Users\Dirk\AppData\Local\fusioncache.dat
2015-04-28 00:04 - 2015-04-28 00:04 - 0000922 _____ () C:\Users\Dirk\AppData\Local\recently-used.xbel
2013-08-07 19:44 - 2014-09-15 19:15 - 0001338 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Dirk\AppData\Local\Temp\avgnt.exe
C:\Users\Dirk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptkilfq.dll
C:\Users\Dirk\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dirk\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Dirk\AppData\Local\Temp\nvStInst.exe
C:\Users\Dirk\AppData\Local\Temp\Quarantine.exe
C:\Users\Dirk\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Dirk\AppData\Local\Temp\sqlite3.dll
C:\Users\Dirk\AppData\Local\Temp\Uninstaller-18212.exe
C:\Users\Dirk\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-25 12:38

==================== End of log ============================

schrauber 25.05.2015 19:44

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Buyaka 26.05.2015 19:59
So nun fertig mit allem:

FRST:

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-05-2015
Ran by Dirk (administrator) on BUYAKA on 26-05-2015 20:55:56
Running from D:\Downloads
Loaded Profiles: Dirk (Available Profiles: Dirk)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CyberLink Corp.) D:\Power DvD\PowerDVD14\PowerDVD14Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.OE.Systray.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-04-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [885760 2012-02-22] (Creative Technology Ltd)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [542560 2012-11-09] (ROCCAT GmbH)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5119600 2012-05-11] (VIA)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [LifeCam] => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PowerDVD14Agent] => D:\Power DvD\PowerDVD14\PowerDVD14Agent.exe [795672 2014-04-28] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.OE.Systray.exe [128760 2015-05-07] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\Run: [Google Update] => C:\Users\Dirk\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-15] (Google Inc.)
HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7435320 2015-05-22] (GOG.com)
HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe [927920 2015-04-14] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Networks Killer Network Manager.lnk [2013-01-17]
ShortcutTarget: Bigfoot Networks Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-08-07]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-12-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013-01-26]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3411081457-3890955146-2593942546-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-23] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-23] (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-23] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-23] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{68927ED1-1B66-4CC7-A556-99F8C5008778}: [NameServer] 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\ko2e0n80.default
FF SelectedSearchEngine:
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dirk\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: @talk.google.com/O1DPlugin -> C:\Users\Dirk\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Dirk\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-3411081457-3890955146-2593942546-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-03-10] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Dirk\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dirk\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Avira Browser Safety - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\ko2e0n80.default\Extensions\abs@avira.com [2015-05-26]
FF Extension: ProxTube - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\ko2e0n80.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-12]

Chrome:
=======
CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browser Safety) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-25]
CHR Extension: (Bookmark Manager) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25]
CHR Extension: (Google Wallet) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-24]
CHR Extension: (Google Docs) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-26]
CHR Extension: (Google Drive) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-24]
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-26]
CHR Extension: (Google Search) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-26]
CHR Extension: (Google Sheets) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-24]
CHR Extension: (Google Wallet) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-04-16] (Avira Operations GmbH & Co. KG)
S2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [342528 2012-11-09] (AVerMedia) []
S2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) []
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [206584 2015-05-07] (Avira Operations GmbH & Co. KG)
S2 Bigfoot Networks Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [492032 2012-10-23] () []
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-01-25] (Creative Labs) []
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-01-25] (Creative Labs) []
S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) []
S2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103424 2013-02-14] (Creative Technology Ltd)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1743928 2015-05-22] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6516792 2015-05-22] (GOG.com)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-08] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) []
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) []
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-08] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-08] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) []
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVer330; C:\Windows\system32\DRIVERS\AVer330.sys [1471104 2013-01-07] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 BfEdge7x64; C:\Windows\system32\DRIVERS\Edge7x64.sys [31336 2012-10-23] (Bigfoot Networks, Inc.)
R3 BFN7x64; C:\Windows\System32\drivers\Xeno7x64.sys [157288 2012-10-23] (Bigfoot Networks, Inc.)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1044760 2013-02-14] (Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [28440 2013-02-14] (Creative Technology Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34408 2013-10-14] (Microsoft Corporation)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 20:52 - 2015-05-26 20:52 - 00000888 _____ () C:\Users\Dirk\Desktop\checkup.txt
2015-05-26 20:50 - 2015-05-26 20:50 - 00852630 _____ () C:\Users\Dirk\Desktop\SecurityCheck.exe
2015-05-26 00:22 - 2015-05-26 00:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2015-05-25 13:29 - 2015-05-26 18:01 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3411081457-3890955146-2593942546-1002
2015-05-25 12:28 - 2015-05-25 12:28 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-BUYAKA-Windows-8.1-(64-bit).dat
2015-05-25 12:28 - 2015-05-25 12:28 - 00000000 ____D () C:\RegBackup
2015-05-25 12:11 - 2015-05-25 12:19 - 00000000 ____D () C:\AdwCleaner
2015-05-25 11:38 - 2015-05-25 12:06 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-25 11:38 - 2015-05-25 11:38 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-25 11:38 - 2015-05-25 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-25 11:38 - 2015-05-25 11:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-25 11:38 - 2015-05-25 11:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-25 11:38 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-05-25 11:38 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-25 11:38 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-25 04:22 - 2015-05-26 20:55 - 00000000 ____D () C:\FRST
2015-05-20 01:15 - 2015-05-12 04:34 - 00571024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-05-20 01:13 - 2015-05-13 08:52 - 00195912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-05-20 01:13 - 2015-05-13 08:52 - 00031552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 42718864 _____ () C:\WINDOWS\system32\nvcompiler.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 37741712 _____ () C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 22945424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 16145176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 15858728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 14455296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 10972304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-05-20 01:13 - 2015-05-12 08:27 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 02599056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435286.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435286.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01099808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 01050256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00982672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00974480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00939080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00878816 _____ () C:\WINDOWS\system32\nvmcumd.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00502896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00407296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00364176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-05-20 01:13 - 2015-05-12 08:27 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-05-19 20:17 - 2015-05-25 13:40 - 00000000 ____D () C:\Users\Dirk\Documents\The Witcher 3
2015-05-19 20:17 - 2015-05-19 20:17 - 00000000 ____D () C:\Users\Dirk\AppData\Local\GalaxyCommunicationService
2015-05-19 20:17 - 2015-05-19 20:17 - 00000000 ____D () C:\GOG Games
2015-05-18 22:25 - 2015-05-18 22:25 - 00001077 _____ () C:\Users\Public\Desktop\GOG Galaxy.lnk
2015-05-18 22:25 - 2015-05-18 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-05-18 22:25 - 2015-05-18 22:25 - 00000000 ____D () C:\ProgramData\GOG.com
2015-05-18 22:25 - 2015-05-18 22:25 - 00000000 ____D () C:\Program Files (x86)\GalaxyClient
2015-05-14 03:09 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:09 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:02 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 18:02 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 18:02 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 18:02 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 18:02 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 18:02 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 18:02 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 18:02 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 18:02 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 18:02 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 18:02 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 18:02 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 18:02 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 18:02 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 18:02 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 18:02 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 18:02 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 18:01 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 18:01 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 18:01 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 18:01 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 18:01 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 18:01 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 18:01 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 18:00 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 18:00 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 18:00 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 18:00 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 18:00 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 18:00 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 18:00 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 18:00 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 18:00 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 18:00 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 18:00 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 18:00 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 18:00 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 18:00 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 18:00 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 18:00 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 18:00 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 18:00 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 18:00 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 18:00 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 18:00 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 18:00 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 18:00 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 18:00 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 18:00 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 18:00 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 18:00 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 18:00 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 18:00 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 18:00 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 18:00 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 18:00 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 18:00 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 18:00 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 18:00 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 18:00 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 18:00 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 18:00 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 18:00 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 18:00 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 18:00 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 18:00 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 18:00 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 18:00 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 18:00 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 18:00 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 18:00 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 18:00 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 18:00 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-13 18:00 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-13 18:00 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 18:00 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 18:00 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 18:00 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 18:00 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-04-30 18:46 - 2015-04-30 18:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-28 00:04 - 2015-04-28 00:04 - 00000922 _____ () C:\Users\Dirk\AppData\Local\recently-used.xbel
2015-04-27 19:35 - 2015-04-27 19:35 - 00000000 ____D () C:\Users\Dirk\Documents\Job-Card

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 20:46 - 2013-06-16 15:13 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002UA.job
2015-05-26 20:43 - 2014-09-14 21:39 - 01375636 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-26 20:26 - 2013-01-19 17:43 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-26 20:23 - 2013-01-20 00:59 - 00000000 ____D () C:\Users\Dirk\Documents\Outlook-Dateien
2015-05-26 20:08 - 2014-02-03 01:40 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-26 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-26 19:18 - 2014-03-18 12:03 - 01807578 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-26 19:18 - 2014-03-18 11:25 - 00775384 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-26 19:18 - 2014-03-18 11:25 - 00164104 _____ () C:\WINDOWS\system32\perfc007.dat
2015-05-26 18:46 - 2013-06-16 15:13 - 00001078 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002Core.job
2015-05-26 18:30 - 2013-06-10 18:44 - 00000000 ___RD () C:\Users\Dirk\Dropbox
2015-05-26 17:57 - 2013-08-22 16:46 - 00398163 _____ () C:\WINDOWS\setupact.log
2015-05-26 17:57 - 2013-06-10 18:40 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\Dropbox
2015-05-26 17:57 - 2013-02-20 21:24 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\Raptr
2015-05-26 17:56 - 2014-09-14 21:58 - 00000000 __RDO () C:\Users\Dirk\OneDrive
2015-05-26 17:56 - 2013-01-19 17:43 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-26 07:19 - 2014-12-23 19:51 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{67A2C813-F999-4C25-B04F-888AB6118E69}
2015-05-26 07:19 - 2014-08-19 18:21 - 00000000 ____D () C:\Users\Dirk\AppData\Local\Adobe
2015-05-25 12:19 - 2014-09-14 21:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-25 12:19 - 2014-03-18 03:50 - 00417844 _____ () C:\WINDOWS\PFRO.log
2015-05-25 12:19 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-25 12:19 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-23 21:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-21 18:08 - 2013-01-22 19:02 - 00514462 _____ () C:\WINDOWS\DirectX.log
2015-05-21 17:35 - 2015-04-04 17:18 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-21 17:35 - 2015-04-04 17:18 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-21 17:35 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-20 01:15 - 2014-09-14 21:39 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-20 01:15 - 2013-01-19 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-19 18:42 - 2013-02-20 21:24 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-05-19 18:41 - 2013-06-16 15:13 - 00004074 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002UA
2015-05-19 18:41 - 2013-06-16 15:13 - 00003694 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3411081457-3890955146-2593942546-1002Core
2015-05-19 18:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-19 00:07 - 2014-10-07 20:44 - 00000000 ____D () C:\Users\Dirk\AppData\Local\The Witcher
2015-05-18 22:25 - 2014-03-06 23:27 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-18 19:39 - 2013-01-20 15:15 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\vlc
2015-05-17 13:48 - 2013-01-20 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-17 13:47 - 2015-04-02 12:03 - 00001233 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-05-17 13:47 - 2013-01-20 16:10 - 00000000 ____D () C:\ProgramData\Avira
2015-05-17 13:47 - 2013-01-20 16:10 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-05-17 12:21 - 2015-04-18 04:30 - 00000080 _____ () C:\Users\Dirk\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-05-17 03:13 - 2015-01-10 01:12 - 00000000 ____D () C:\Users\Dirk\AppData\Local\Genymobile
2015-05-17 03:13 - 2015-01-10 01:12 - 00000000 ____D () C:\Users\Dirk\.VirtualBox
2015-05-17 01:21 - 2013-01-19 17:43 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 01:21 - 2013-01-19 17:43 - 00003868 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 13:30 - 2014-04-06 16:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 13:30 - 2014-04-06 16:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 13:30 - 2014-02-03 01:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-14 13:30 - 2013-08-22 16:44 - 05126792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-14 03:15 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-14 03:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-14 03:10 - 2013-01-20 00:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-14 03:09 - 2013-07-14 13:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-14 03:06 - 2013-01-21 00:20 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-14 03:05 - 2014-04-06 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 03:04 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 08:52 - 2015-03-21 15:49 - 01558848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-05-12 08:27 - 2015-03-21 15:49 - 13263568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-05-12 08:27 - 2014-09-14 21:39 - 00112784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-05-12 08:27 - 2014-09-14 21:39 - 00105288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-05-12 08:27 - 2014-08-19 22:15 - 30478992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-05-12 08:27 - 2014-08-19 22:15 - 17540416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-12 08:27 - 2014-08-19 22:15 - 15048816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-05-12 08:27 - 2014-08-19 22:14 - 12849056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-05-12 08:27 - 2014-08-19 22:14 - 11790144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-05-12 08:27 - 2014-08-19 22:14 - 03363224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-05-12 08:27 - 2014-08-19 22:14 - 00031710 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-05-12 08:27 - 2014-08-19 22:13 - 02971776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 06872392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 03490448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-12 05:30 - 2014-09-14 21:39 - 00385352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-12 05:30 - 2014-09-14 21:39 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-11 20:15 - 2013-06-10 18:44 - 00001070 _____ () C:\Users\Dirk\Desktop\Dropbox.lnk
2015-05-11 20:15 - 2013-06-10 18:40 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-11 19:01 - 2014-09-14 21:39 - 04391871 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-05-10 18:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-08 02:35 - 2014-12-15 21:00 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-05-08 02:35 - 2013-11-16 20:59 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-05-08 02:34 - 2014-12-15 21:00 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-05-08 02:34 - 2013-11-16 20:59 - 01570672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-05-05 19:59 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-03 15:55 - 2014-02-07 19:15 - 00000000 ____D () C:\Users\Dirk\Desktop\Herten
2015-04-28 00:11 - 2013-06-16 11:54 - 00000000 ____D () C:\Users\Dirk\.gimp-2.8

==================== Files in the root of some directories =======

2013-12-24 00:37 - 2013-12-24 00:37 - 0000092 _____ () C:\Users\Dirk\AppData\Local\fusioncache.dat
2015-04-28 00:04 - 2015-04-28 00:04 - 0000922 _____ () C:\Users\Dirk\AppData\Local\recently-used.xbel
2013-08-07 19:44 - 2014-09-15 19:15 - 0001338 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Dirk\AppData\Local\Temp\avgnt.exe
C:\Users\Dirk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3ra_ll.dll
C:\Users\Dirk\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dirk\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Dirk\AppData\Local\Temp\nvStInst.exe
C:\Users\Dirk\AppData\Local\Temp\Quarantine.exe
C:\Users\Dirk\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Dirk\AppData\Local\Temp\sqlite3.dll
C:\Users\Dirk\AppData\Local\Temp\Uninstaller-18212.exe
C:\Users\Dirk\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-25 12:38

==================== End of log ============================
ESET Log:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d284462846769f43afaa251696c24f95
# engine=24032
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-26 06:44:16
# local_time=2015-05-26 08:44:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 6611087 57547149 0 0
# scanned=522465
# found=11
# cleaned=0
# scan_time=5209
sh=A2937BC88EE943D9A46E1B6CD857FD0B4C024954 ft=1 fh=2ba4034b143a9a4b vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3411081457-3890955146-2593942546-1002\$R5C7WWR.exe"
sh=BC72850ECE0B06438BA7213AD3D89650A935844D ft=1 fh=1d9313f90e5dc68b vn="Win32/ReImageRepair.F evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3411081457-3890955146-2593942546-1002\$R8CBQ0D.exe"
sh=DF25B03308327717D62D62B48EB6AAC7EE7AB5A0 ft=1 fh=bf7b77ea4fb475b5 vn="Variante von Win32/SoftonicDownloader.G evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3411081457-3890955146-2593942546-1002\$RN2EM11.exe"
sh=BCFFAD87C84F4AA816141E810BD81228309F6468 ft=1 fh=0e1ca143a45b7f8e vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3411081457-3890955146-2593942546-1002\$RRTGMUE.exe"
sh=BC72850ECE0B06438BA7213AD3D89650A935844D ft=1 fh=1d9313f90e5dc68b vn="Win32/ReImageRepair.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dirk\AppData\Local\Microsoft\Windows\INetCache\IE\9XW3A8DW\ReimagePackage1814x64a[1].exe"
sh=1447092BA29779C726829611180994E17718C412 ft=1 fh=23f22b72eb3a5b90 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dirk\Downloads\PDFCreator-1_7_2_setup_offline.exe"
sh=79B43FA8CED4B8A9B6EC7E05C11D00293BB1CC53 ft=1 fh=83a7d8fab6aebedc vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dirk\Downloads\speedupmypc_7a27b95b_.exe"
sh=E79CE0DA43C79F2A4E48A4F4A02905DE783FBD16 ft=1 fh=a9eb553813c219ce vn="NSIS/StartPage.CC Trojaner" ac=I fn="C:\Users\Dirk\Downloads\vlc-2.1.4-win64.exe"
sh=A05A1A41259A62B3FA5E4909951EA7B02C65822C ft=1 fh=25798cc4f539e8fd vn="MSIL/FakeTool.XU Trojaner" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-3411081457-3890955146-2593942546-1002\$RAQRFS5.exe"
sh=8ACDBA3002CA715CFD9B103DD1A76B9D4D1411A3 ft=0 fh=0000000000000000 vn="MSIL/FakeTool.XU Trojaner" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-3411081457-3890955146-2593942546-1002\$RXU4TI0.rar"
sh=45E7449F1A82158B429BE44611AE49BCEFDAB6E1 ft=1 fh=dffb77abfb1a8bfc vn="Win32/ReImageRepair.F evtl. unerwünschte Anwendung" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-3411081457-3890955146-2593942546-1002\$RZUB3HO.exe"
Und zu guter Letzt Security Check:

Code:
Results of screen317's Security Check version 1.001 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus   
Windows Defender 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 25 
 Java version 32-bit out of Date!
 Adobe Flash Player        17.0.0.169 
 Adobe Reader XI 
 Mozilla Firefox (37.0.2)
 Google Chrome (43.0.2357.65)
 Google Chrome (43.0.2357.81)
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
Bisher keine Probleme mehr.

schrauber 27.05.2015 07:04
Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\$Recycle.Bin

D:\$RECYCLE.BIN
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.pngAbsicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Buyaka 29.05.2015 18:22
Hallo,

ok hab soweit alles ausgeführt, anbei entsprechende Logs:

Fixlog:

Code:
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-05-2015
Ran by Dirk at 2015-05-29 19:04:16 Run:1
Running from D:\Downloads
Loaded Profiles: Dirk (Available Profiles: Dirk)
Boot Mode: Normal
==============================================

fixlist content:
*****************
C:\$Recycle.Bin

D:\$RECYCLE.BIN
Emptytemp:
       
*****************

C:\$Recycle.Bin => Moved successfully.
D:\$RECYCLE.BIN => Moved successfully.
EmptyTemp: => Removed 2.6 GB temporary data.


The system needed a reboot.

==== End of Fixlog 19:05:20 ====
Soweit funktioniert alles noch und die Tabs öffnen sich ebenfalls nicht mehr.

Vielen Dank für die äußerst effektive Hilfe.

schrauber 30.05.2015 13:30
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:12 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55