Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Download Protect 2.2.8 lässt sich nicht entfernen. (https://www.trojaner-board.de/168455-download-protect-2-2-8-laesst-entfernen.html)

SirHenry2 05.07.2015 10:30
Download Protect 2.2.8 lässt sich nicht entfernen.
 
Hallo
ich habe mir diesen kleinen freund eingefangen und werde ihn nicht los.
Ich habe bisher alle themen auf der seite zu den vorgängern dieses viruses oder was auch immer das ist durchgesehen und ausgeführt (nebenbei ca 20 andere troyaner und viren entdeckt und eliminiert)
Ich bitte daher um hilfe da ich nicht mehr weis was ich tun soll.

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-07-2015
Ran by Gustav (administrator) on THORSTEN on 05-07-2015 11:00:05
Running from C:\Users\Gustav\Desktop
Loaded Profiles: Gustav (Available Profiles: Gustav)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SoftPerfect) C:\Program Files\NetWorx\networx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
() C:\Windows\System32\DnsBlockUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) E:\Games\hirez\HiPatchService.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
(NVIDIA Corporation) C:\Users\Gustav\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [6607040 2015-07-01] (SoftPerfect)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3Di SBX Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [976896 2012-11-28] (Creative Technology Ltd)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\Run: [GamingMouseEditor] => C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe [3352576 2013-04-09] ()
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-04-19]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-25] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-506285681-3122066857-1050854625-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-506285681-3122066857-1050854625-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-05] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files\{A844A942-B3D2-443A-B32C-C0BBA100B421}\{5443787D-1972-4039-A222-CDC79D3800F6}.bin [2015-07-05] (Download Protect)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-05] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files (x86)\{7EF50FF5-61C4-41B8-944C-3B90755D1BEC}\{45FA8E07-5824-47B9-A601-FA53D9E57C91}.bin [2015-07-05] (Download Protect)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-506285681-3122066857-1050854625-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-506285681-3122066857-1050854625-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\DnsBlockA.dll [343584 2015-06-28] (DnsBlock)
Winsock: Catalog5 08 C:\Windows\SysWOW64\DnsBlockB.dll [343584 2015-06-28] (DnsBlock)
Winsock: Catalog5-x64 05 C:\Windows\system32\DnsBlockA.dll [434208 2015-06-28] (DnsBlock)
Winsock: Catalog5-x64 08 C:\Windows\system32\DnsBlockB.dll [433696 2015-06-28] (DnsBlock)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{51DE8119-559E-474C-9132-F0ED59BEFED4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{89028BFB-3DE7-4E6B-932D-9CFE296AB804}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{AC955F3B-68F1-49BC-8573-E52B32308E85}: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Gustav\AppData\Roaming\Mozilla\Firefox\Profiles\zq1nlzuj.default-1436025345253
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-28] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-28] ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-506285681-3122066857-1050854625-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gustav\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-18] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-09]
FF HKLM-x32\...\Firefox\Extensions: [{58D8F7FD-DDA3-4F86-AACC-B1D390884956}] - C:\Windows\Installer\{767A8037-20F1-4B4F-A964-04F4BF17A426}\{58D8F7FD-DDA3-4F86-AACC-B1D390884956}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{3BA7DD4F-A796-444B-A14A-CCD6DF993430}] - C:\Windows\Installer\{268D7C5B-ED47-44F0-B38D-76C7A1A709B4}\{3BA7DD4F-A796-444B-A14A-CCD6DF993430}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{268D7C5B-ED47-44F0-B38D-76C7A1A709B4}\{3BA7DD4F-A796-444B-A14A-CCD6DF993430}.xpi [2015-07-05]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-25] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-26] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-04-28] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-04-28] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103936 2014-06-02] (Creative Technology Ltd)
R2 DnsBlockUpdateSvc; C:\Windows\system32\DnsBlockUpdateSvc.exe [149024 2015-06-28] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-12-08] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-10-23] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R2 HiPatchService; E:\Games\hirez\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 KinectManagement; C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [98816 2013-08-20] (Microsoft Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Users\Gustav\Origin\OriginClientService.exe [2004488 2015-06-29] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-07-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-06-30] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-25] ()
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1050904 2014-06-02] (Creative Technology Ltd)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-19] (Disc Soft Ltd)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-26] (Disc Soft Ltd)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fet6x64.sys [47872 2009-06-10] (VIA Technologies, Inc.              )
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
S3 KinectCamera; C:\Windows\System32\Drivers\kinectcamera.sys [192512 2013-08-20] (Microsoft Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [70120 2015-06-15] (NetFilterSDK.com)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-05-19] (Duplex Secure Ltd.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-25] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Gustav\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GPU-Z; \??\C:\Users\Gustav\AppData\Local\Temp\GPU-Z.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 MFE_RR; \??\C:\Users\Gustav\AppData\Local\Temp\mfe_rr.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-05 11:00 - 2015-07-05 11:00 - 00023432 _____ C:\Users\Gustav\Desktop\FRST.txt
2015-07-05 10:57 - 2015-07-05 10:57 - 02112512 _____ (Farbar) C:\Users\Gustav\Desktop\FRST64.exe
2015-07-05 10:57 - 2015-07-05 10:57 - 00000000 ____D C:\Program Files\{A844A942-B3D2-443A-B32C-C0BBA100B421}
2015-07-05 10:57 - 2015-07-05 10:57 - 00000000 ____D C:\Program Files (x86)\{7EF50FF5-61C4-41B8-944C-3B90755D1BEC}
2015-07-05 10:54 - 2015-07-05 10:54 - 00050477 _____ C:\Users\Gustav\Desktop\Defogger.exe
2015-07-05 10:54 - 2015-07-05 10:54 - 00000584 _____ C:\Users\Gustav\Desktop\defogger_disable.log
2015-07-05 10:54 - 2015-07-05 10:54 - 00000020 _____ C:\Users\Gustav\defogger_reenable
2015-07-05 01:31 - 2015-07-05 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-07-05 01:31 - 2015-07-05 01:31 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-07-05 01:28 - 2015-07-05 01:28 - 04246816 _____ (Softperfect ) C:\Users\Gustav\Downloads\networx_setup.exe
2015-07-05 01:28 - 2015-07-05 01:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWorx
2015-07-05 01:28 - 2015-07-05 01:28 - 00000000 ____D C:\Program Files\NetWorx
2015-07-05 01:28 - 2015-06-15 09:25 - 00070120 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\networx.sys
2015-07-05 01:27 - 2015-07-05 01:27 - 01198368 _____ C:\Users\Gustav\Downloads\NetWorx - CHIP-Installer.exe
2015-07-05 01:10 - 2015-07-05 10:57 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-07-05 00:57 - 2015-07-05 00:57 - 00271668 _____ C:\ComboFix.txt
2015-07-05 00:49 - 2015-07-05 00:57 - 00000000 ____D C:\Qoobox
2015-07-05 00:49 - 2015-07-05 00:56 - 00000000 ____D C:\Windows\erdnt
2015-07-05 00:49 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-05 00:49 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-05 00:49 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-04 21:15 - 2015-07-04 21:18 - 651767784 _____ (Avira GmbH) C:\Users\Gustav\Downloads\rescue-system.exe
2015-07-04 19:34 - 2015-07-04 19:34 - 02870984 _____ (ESET) C:\Users\Gustav\Downloads\esetsmartinstaller_deu.exe
2015-07-04 19:15 - 2015-07-04 19:15 - 00000207 _____ C:\Windows\tweaking.com-regbackup-THORSTEN-Windows-7-Home-Premium-(64-bit).dat
2015-07-04 19:15 - 2015-07-04 19:15 - 00000000 ____D C:\RegBackup
2015-07-04 19:13 - 2015-07-05 11:00 - 00000000 ____D C:\FRST
2015-07-04 18:03 - 2015-07-04 18:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-04 17:48 - 2015-07-05 03:37 - 00000000 ____D C:\AdwCleaner
2015-07-04 17:17 - 2015-07-05 10:55 - 00003024 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-07-04 14:48 - 2015-07-04 14:48 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-04 14:48 - 2015-07-04 14:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-04 14:40 - 2015-07-05 10:55 - 00003248 _____ C:\Windows\setupact.log
2015-07-04 14:40 - 2015-07-05 03:33 - 00005276 _____ C:\Windows\PFRO.log
2015-07-04 14:40 - 2015-07-04 14:40 - 00000000 _____ C:\Windows\setuperr.log
2015-07-04 14:33 - 2015-07-04 14:33 - 00001600 _____ C:\Windows\IE11_main.log
2015-07-03 15:59 - 2015-07-03 15:59 - 00000000 ____D C:\Users\Gustav\AppData\Local\ESN
2015-07-03 15:45 - 2015-07-03 15:45 - 00001086 _____ C:\Users\Gustav\Desktop\MSI Afterburner.lnk
2015-07-02 20:11 - 2015-07-02 20:11 - 00003210 _____ C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe
2015-06-30 18:17 - 2015-06-30 18:18 - 00000000 ____D C:\Program Files (x86)\Blizzard
2015-06-28 14:06 - 2015-06-28 14:06 - 00000000 ____D C:\Users\Gustav\AppData\Local\Blizzard
2015-06-28 11:10 - 2015-06-28 11:10 - 00471968 _____ C:\Windows\SysWOW64\dns.block
2015-06-28 11:10 - 2015-06-28 11:10 - 00471968 _____ C:\Windows\system32\dns.block
2015-06-28 11:10 - 2015-06-28 11:10 - 00434208 _____ (DnsBlock) C:\Windows\system32\DnsBlockA.dll
2015-06-28 11:10 - 2015-06-28 11:10 - 00433696 _____ (DnsBlock) C:\Windows\system32\DnsBlockB.dll
2015-06-28 11:10 - 2015-06-28 11:10 - 00343584 _____ (DnsBlock) C:\Windows\SysWOW64\DnsBlockB.dll
2015-06-28 11:10 - 2015-06-28 11:10 - 00343584 _____ (DnsBlock) C:\Windows\SysWOW64\DnsBlockA.dll
2015-06-28 11:10 - 2015-06-28 11:10 - 00149024 _____ C:\Windows\system32\DnsBlockUpdateSvc.exe
2015-06-28 11:10 - 2015-06-28 11:10 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\AVG
2015-06-28 11:10 - 2015-06-28 11:10 - 00000000 ____D C:\Users\Gustav\AppData\Local\DnsBlock
2015-06-28 11:10 - 2015-06-28 11:10 - 00000000 ____D C:\Users\Gustav\AppData\Local\Avg
2015-06-28 11:10 - 2015-06-28 11:10 - 00000000 ____D C:\ProgramData\AVG
2015-06-27 21:55 - 2015-07-04 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-06-26 15:26 - 2015-06-30 18:17 - 00001194 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2015-06-24 20:36 - 2015-06-24 20:36 - 00000000 ____D C:\Windows\pss
2015-06-22 21:33 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-22 21:33 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-21 12:55 - 2015-06-21 12:55 - 00017950 _____ C:\Users\Gustav\Documents\Unbenannt 1.odt
2015-06-21 11:40 - 2015-06-21 11:40 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-06-21 11:40 - 2015-06-21 11:40 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-06-21 11:40 - 2015-06-21 11:40 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\OpenOffice
2015-06-21 11:40 - 2015-06-21 11:40 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-06-21 11:39 - 2015-06-21 11:39 - 00000000 ____D C:\Users\Gustav\Desktop\OpenOffice 4.1.1 (de) Installation Files
2015-06-21 00:18 - 2015-06-24 20:17 - 00000000 ____D C:\Users\Gustav\AppData\Local\Fallout3
2015-06-20 22:25 - 2015-06-20 22:25 - 00000000 ____D C:\Users\Gustav\Documents\Petroglyph
2015-06-20 21:30 - 2015-06-20 21:30 - 00000215 _____ C:\Users\Gustav\Desktop\Chivalry Medieval Warfare.url
2015-06-20 21:27 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-20 21:27 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-20 21:27 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-20 21:27 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-20 21:27 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-20 21:27 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-20 21:27 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-20 21:27 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-20 21:27 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-20 21:27 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-20 21:27 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-20 21:27 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-20 21:27 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-20 21:27 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-20 21:27 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-20 21:27 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-20 21:27 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-20 21:27 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-20 21:27 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-20 21:27 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-20 21:27 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-20 21:27 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-20 21:27 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-20 21:27 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-20 21:27 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-20 21:27 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-20 21:27 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-20 21:27 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-20 21:27 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-20 21:27 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-20 21:27 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-20 21:27 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-20 21:27 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-20 21:27 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-20 21:27 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-20 21:27 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-20 21:27 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-20 21:27 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-20 21:27 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-20 21:27 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-20 21:27 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-20 21:27 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-20 21:27 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-20 21:27 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-20 21:27 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-20 21:27 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-20 21:27 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-20 21:27 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-20 21:27 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-20 21:27 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-20 21:27 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-20 21:27 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-20 21:27 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-20 21:27 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-20 21:27 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-20 21:27 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-20 21:27 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-20 21:27 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-20 21:27 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-20 21:27 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-20 21:27 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-20 21:27 - 2015-05-09 05:27 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-20 21:27 - 2015-05-09 05:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-20 21:27 - 2015-05-09 05:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-20 21:27 - 2015-05-09 05:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-20 21:27 - 2015-05-09 05:26 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-20 21:27 - 2015-05-09 05:26 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-20 21:27 - 2015-05-09 05:26 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-20 21:27 - 2015-05-09 05:25 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-20 21:27 - 2015-05-09 05:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-20 21:27 - 2015-05-09 05:13 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-20 21:27 - 2015-05-09 05:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-20 21:27 - 2015-05-09 05:12 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-20 21:27 - 2015-05-09 05:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 04:01 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-20 21:27 - 2015-05-09 04:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-20 21:27 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-20 21:27 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-20 21:27 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-20 21:27 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-20 21:27 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-20 21:27 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-20 21:27 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-20 21:27 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-20 21:27 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-20 21:27 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-20 21:27 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-20 21:27 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-20 21:27 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-20 21:19 - 2015-06-20 21:19 - 00000215 _____ C:\Users\Gustav\Desktop\Grey Goo.url
2015-06-20 21:15 - 2015-06-20 21:15 - 00000214 _____ C:\Users\Gustav\Desktop\Fallout 3 - Game of the Year Edition.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-05 10:58 - 2014-04-28 22:11 - 01808091 _____ C:\Windows\WindowsUpdate.log
2015-07-05 10:56 - 2015-03-30 20:32 - 00000000 ____D C:\Users\Gustav\AppData\Local\LogMeIn Hamachi
2015-07-05 10:55 - 2014-04-28 22:36 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-05 10:55 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-05 10:54 - 2014-04-28 22:11 - 00000000 ____D C:\Users\Gustav
2015-07-05 10:53 - 2009-07-14 06:45 - 00025376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-05 10:53 - 2009-07-14 06:45 - 00025376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-05 10:51 - 2009-07-14 19:58 - 00700454 _____ C:\Windows\system32\perfh007.dat
2015-07-05 10:51 - 2009-07-14 19:58 - 00150092 _____ C:\Windows\system32\perfc007.dat
2015-07-05 10:51 - 2009-07-14 07:13 - 01624034 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-05 03:45 - 2015-01-29 16:42 - 00000000 ____D C:\Users\Gustav\AppData\Local\CrashDumps
2015-07-05 03:44 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-07-05 01:27 - 2014-10-19 12:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-05 01:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Globalization
2015-07-05 00:57 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-05 00:56 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-04 19:30 - 2014-05-09 23:27 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-04 19:06 - 2015-05-02 07:49 - 00000000 ____D C:\Users\Gustav\Desktop\Grand Theft Auto V 8, 8.1 & 10_Crack
2015-07-04 17:53 - 2015-03-20 15:08 - 00000000 ____D C:\Users\Gustav\AppData\Local\Microsoft Game Studios
2015-07-04 17:53 - 2015-03-20 15:08 - 00000000 ____D C:\ProgramData\Microsoft Games
2015-07-04 17:53 - 2015-03-20 15:07 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\Microsoft Game Studios
2015-07-04 17:53 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-04 17:50 - 2014-09-26 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2015-07-04 17:49 - 2015-02-06 23:19 - 00001058 _____ C:\Users\Public\Desktop\Theme Hospital.lnk
2015-07-04 16:14 - 2014-04-29 19:48 - 00000000 ____D C:\Users\Gustav\Steam
2015-07-04 16:08 - 2014-05-03 11:29 - 00007631 _____ C:\Users\Gustav\AppData\Local\resmon.resmoncfg
2015-07-04 14:24 - 2015-05-11 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-07-04 14:24 - 2015-03-09 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2015-07-04 14:24 - 2014-09-06 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-04 14:24 - 2014-09-01 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black & White 2
2015-07-04 14:24 - 2014-05-09 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remember Me
2015-07-04 14:24 - 2014-04-30 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-07-04 14:24 - 2014-04-29 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaNox
2015-07-04 14:21 - 2014-05-04 21:21 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\DAEMON Tools Lite
2015-07-04 14:20 - 2014-04-29 05:35 - 00000000 ____D C:\Windows\Panther
2015-07-04 14:13 - 2015-03-20 21:23 - 00003232 _____ C:\Windows\System32\Tasks\Halo 2 for Vista restart
2015-07-04 14:12 - 2014-04-28 22:22 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-04 14:11 - 2014-04-28 22:22 - 00000000 ____D C:\Users\Gustav\AppData\Local\Google
2015-07-04 14:04 - 2015-03-13 20:45 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\Mozilla
2015-07-04 11:46 - 2014-04-29 19:46 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\vlc
2015-07-03 19:41 - 2014-04-29 16:06 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\.minecraft
2015-07-03 17:43 - 2014-05-15 16:53 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-07-03 16:05 - 2014-07-01 16:50 - 00076152 _____ C:\Windows\system32\PnkBstrA.exe
2015-07-03 16:05 - 2014-05-28 23:33 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-03 16:05 - 2014-05-28 23:33 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-03 15:59 - 2014-05-28 23:33 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-03 15:58 - 2014-05-09 23:19 - 00000000 ____D C:\ProgramData\Origin
2015-07-03 15:45 - 2014-05-15 16:53 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-07-02 17:48 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-01 18:27 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-30 22:24 - 2015-05-11 21:33 - 00000000 ____D C:\Users\Gustav\AppData\Local\Battle.net
2015-06-30 18:17 - 2015-05-19 14:38 - 00001170 _____ C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2015-06-30 18:17 - 2014-05-28 23:33 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-29 20:45 - 2014-05-09 23:19 - 00000000 ____D C:\Users\Gustav\Origin
2015-06-28 16:38 - 2014-04-29 14:13 - 00000000 ____D C:\Users\Gustav\AppData\Local\Adobe
2015-06-28 16:37 - 2014-10-19 12:02 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-28 16:37 - 2014-09-28 22:37 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-28 16:37 - 2014-09-26 20:57 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-27 21:12 - 2014-05-09 23:26 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-26 23:36 - 2014-04-30 21:58 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\TS3Client
2015-06-26 15:19 - 2014-05-10 10:38 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\Origin
2015-06-25 17:43 - 2014-04-28 22:36 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-24 13:36 - 2014-10-07 16:22 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-24 13:36 - 2014-10-07 16:22 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-24 13:36 - 2014-10-07 16:20 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-24 13:36 - 2014-10-07 16:20 - 01320120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-22 21:33 - 2015-06-02 20:41 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-21 17:20 - 2009-07-14 06:45 - 00457632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-21 17:14 - 2014-04-28 22:29 - 00116328 _____ C:\Users\Gustav\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-21 13:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-21 00:15 - 2014-05-04 21:43 - 00000000 ____D C:\Users\Gustav\Documents\My Games
2015-06-20 21:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-20 21:31 - 2014-05-15 18:14 - 00000000 ____D C:\Windows\system32\MRT
2015-06-20 21:27 - 2014-05-15 18:14 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-05 21:11 - 2015-05-26 18:13 - 00000000 ____D C:\Users\Gustav\AppData\Local\Arma 3

==================== Files in the root of some directories =======

2014-07-31 20:56 - 2015-02-17 17:56 - 0000104 _____ () C:\Users\Gustav\AppData\Roaming\WB.CFG
2015-05-10 22:17 - 2015-05-10 22:17 - 0000000 ____H () C:\Users\Gustav\AppData\Local\BIT9352.tmp
2015-03-08 16:23 - 2015-04-19 15:17 - 0000000 _____ () C:\Users\Gustav\AppData\Local\Driver_LOM_8161Present.flag
2014-05-03 11:29 - 2015-07-04 16:08 - 0007631 _____ () C:\Users\Gustav\AppData\Local\resmon.resmoncfg
2015-05-10 22:16 - 2015-05-10 22:16 - 0000000 _____ () C:\Users\Gustav\AppData\Local\{92CF7355-4AD0-491B-BBCF-156B92DDE390}
2014-06-19 18:58 - 2014-06-23 13:11 - 0000040 ___SH () C:\ProgramData\.zreglib

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 14:26

==================== End of log ============================

SirHenry2 05.07.2015 10:33
FRST Additions Logfile:
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:04-07-2015
Ran by Gustav at 2015-07-05 11:00:20
Running from C:\Users\Gustav\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-506285681-3122066857-1050854625-500 - Administrator - Disabled)
Gast (S-1-5-21-506285681-3122066857-1050854625-501 - Limited - Disabled)
Gustav (S-1-5-21-506285681-3122066857-1050854625-1000 - Administrator - Enabled) => C:\Users\Gustav
HomeGroupUser$ (S-1-5-21-506285681-3122066857-1050854625-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version:  - Remedy Entertainment)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version:  - Codemasters Racing Studio)
Dishonored (HKLM-x32\...\Steam App 205100) (Version:  - Arkane Studios)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
Dungeon Siege III (HKLM-x32\...\Steam App 39160) (Version:  - Obsidian Entertainment)
Dying Light Ultimate Edition MULTi2 1.0 (HKLM-x32\...\Dying Light Ultimate Edition MULTi2 1.0) (Version:  - )
Dying Light Ultimate Edition Update 2 MULTi2 1.3.0 (HKLM-x32\...\Dying Light Ultimate Edition Update 2 MULTi2 1.3.0) (Version:  - )
Dying Light Ultimate Edition Update 3 [OFFICIAL] MULTi2 1.4.0 (HKLM-x32\...\Dying Light Ultimate Edition Update 3 [OFFICIAL] MULTi2 1.4.0) (Version:  - )
Dying Light Ultimate Edition Update 4 MULTi2 1.5.0 (HKLM-x32\...\Dying Light Ultimate Edition Update 4 MULTi2 1.5.0) (Version:  - )
Evolve (HKLM-x32\...\Steam App 273350) (Version:  - Turtle Rock Studios)
Factorio version 0.11.21 (HKLM\...\Factorio_is1) (Version:  - )
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Futuremark SystemInfo (HKLM-x32\...\{EC2B7377-A71D-4F99-87BC-792AE239D3B2}) (Version: 4.31.478.0 - Futuremark)
Gaming Mouse Editor (HKLM-x32\...\GamingMouseEditor) (Version: 13.04.0002 - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grey Goo (HKLM-x32\...\Steam App 290790) (Version:  - Petroglyph)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
Kinect for Windows Developer Toolkit v1.8.0 (HKLM\...\{44E46B4E-CB12-42A9-8784-BBE390EB9C0B}) (Version: 1.8.0.572 - Microsoft Corporation)
Kinect for Windows Drivers v1.8 (HKLM\...\{AA62B868-5D5C-46CF-BA88-386BE71D4F87}) (Version: 1.8.0.595 - Microsoft Corporation)
Kinect for Windows Runtime v1.8 (HKLM\...\{2700FAD3-F82C-4ED1-862C-5F425B2A88E6}) (Version: 1.8.0.595 - Microsoft Corporation)
Kinect for Windows SDK v1.8 (HKLM\...\{6702DAC4-51E7-440C-8012-9C0AE9D524DB}) (Version: 1.8.0.595 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Medieval Engineers (HKLM-x32\...\Steam App 333950) (Version:  - Keen Software House)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSI GamingApp (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.13 - MSI)
NetWorx 5.4 (HKLM\...\NetWorx_is1) (Version:  - Softperfect)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version:  - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
PlanetSide 2 (HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Prince of Persia The Sands of Time (HKLM-x32\...\{8C453F13-6877-4D34-8816-009ABDE306DB}) (Version: 1.00.181 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
RAF (HKLM-x32\...\{E6B43401-E818-4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Rochard (HKLM-x32\...\Steam App 107800) (Version:  - Recoil Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
SHARKOON Skiller (HKLM-x32\...\{91C25547-9534-41A5-823A-1E54BA16EA3F}) (Version: 1.00.0000 - )
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.9.2834.0 - Hi-Rez Studios)
Sound Blaster Recon3Di (HKLM-x32\...\{918F3CE9-7164-4C6D-9530-66F12EFB4585}) (Version: 1.03.00 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{536BDBFC-CA1A-4AC0-A8EB-BB2D0F1F522E}) (Version: 1.0 - Creative Technology Limited)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Spotify (HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
TmUnitedForever (HKLM-x32\...\TmUnitedForever_is1) (Version:  - Nadeo)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Ultima 8 (HKLM-x32\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts)
Unity (HKLM-x32\...\Unity) (Version: 4.6.3f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\UnityWebPlayer) (Version: 4.6.3f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.58 - NCH Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Windows Deployment Tools (HKLM-x32\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 (HKLM-x32\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM-x32\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

05-06-2015 19:20:24 Windows Update
20-06-2015 20:44:51 Windows-Sicherung
20-06-2015 21:27:28 Windows Update
21-06-2015 00:16:07 DirectX wurde installiert
21-06-2015 00:17:09 Microsoft Visual C++ 2005 Redistributable wird installiert
21-06-2015 00:17:23 Installed Microsoft Games for Windows - LIVE Redistributable
21-06-2015 11:39:56 OpenOffice 4.1.1 wird installiert
24-06-2015 20:12:02 Windows Live ID-Anmelde-Assistent wird entfernt
26-06-2015 15:13:35 Windows Update
28-06-2015 11:07:58 Registry Reviver Restore Point (06/28/15)
28-06-2015 11:19:29 AVG PC TuneUp 2015 wird entfernt
28-06-2015 11:19:47 AVG PC TuneUp 2015 (de-DE) wird entfernt
28-06-2015 19:00:11 Windows-Sicherung
30-06-2015 18:16:49 DirectX wurde installiert
01-07-2015 17:02:43 Windows Update
04-07-2015 17:53:47 HALO 2 FÜR WINDOWS VISTA wird entfernt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-07-05 00:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {068F1A0D-F8F5-465C-BE56-C7689223A600} - System32\Tasks\{6602341C-EF3F-49D8-84BE-D50C23E5C641} => C:\Users\Gustav\Desktop\Minecraft.exe
Task: {08497201-DA45-4E2B-A149-DF57CD556264} - System32\Tasks\{86E2068F-E801-49D3-8B16-2F5F683E95DB} => E:\Games\Minecraft.exe [2014-10-24] ()
Task: {0F3E208F-921E-4947-996F-D5FD2E2A56CD} - System32\Tasks\{9421236A-C57B-4F23-82A1-D354C9ABD1B8} => D:\GXSetup.exe
Task: {186B30DE-BA2D-4345-BF61-24F8AC2EF515} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {1E99BF7C-0F07-484A-B9F4-D929B2E394D3} - System32\Tasks\{04F7973B-49B2-493D-8963-39A1399E450E} => pcalua.exe -a "E:\Games\Dying Light#\Dying Light\Uninstall.exe"
Task: {224D6883-CC7A-42AE-BD25-C0A3C57961C0} - System32\Tasks\{2490801F-8603-494A-BAD6-A021E26FF349} => C:\Users\Gustav\Desktop\FTB.exe
Task: {23377D34-7F64-412B-96F0-1928685470B7} - System32\Tasks\{90AF7913-F250-4BB8-BFD1-944E472B51EE} => pcalua.exe -a "D:\media player\MPSetup-english.exe" -d "D:\media player"
Task: {2609FFBA-BB42-4AEE-BE22-D4CA59454F3B} - System32\Tasks\{8CFE9C26-B3AE-4DED-9523-654CDBC3AF55} => pcalua.exe -a D:\Autorun.exe -d D:\
Task: {2E39E7E5-5FB5-4909-B550-DC4879599FBB} - System32\Tasks\{FDC01C68-B30F-4B53-B7DA-F4FC8739588A} => D:\Rayman2.exe
Task: {3C1A515D-4E44-4F67-8979-51224A72AC8E} - System32\Tasks\{D88B4E56-9B65-4616-8EBF-B762A7F891CB} => pcalua.exe -a "G:\James\Dead Space\__Installer\DISK1\AutoRun.exe" -d "G:\James\Dead Space\__Installer\DISK1"
Task: {3D83C211-550C-4770-90E4-4B68BD23D58F} - System32\Tasks\{7C5974DD-FC0C-4D65-800F-939A99988B56} => E:\Games\Minecraft.exe [2014-10-24] ()
Task: {4DDEB89B-C4F2-4908-86BD-48AD537417E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-28] (Adobe Systems Incorporated)
Task: {67D9869B-7A0F-47E3-9ACE-760F3CAB551B} - System32\Tasks\{52DCD87C-788E-4310-946E-70E6742A06BB} => D:\SetupUbi.exe
Task: {721B8821-D656-44DC-A176-2BE482AE1A45} - System32\Tasks\{FB80BBDB-4A76-4812-AC2A-1B3DDCCAD14B} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe [2015-06-24] (NVIDIA)
Task: {7459A599-291B-41FF-98BE-4EC67CA7A521} - System32\Tasks\{5729BEF1-2C3A-4D70-9890-36A4F11841C6} => D:\setup.exe
Task: {852BC8AF-A516-46BC-BF05-B59E9979EBAC} - System32\Tasks\{2F58775F-6A4F-476B-9F43-8AD07ED09D2E} => D:\SetupUbi.exe
Task: {90322480-4202-4028-972D-FC59C5663BB6} - System32\Tasks\{706A447A-2601-4088-B1FF-E9B01355FADC} => E:\Games\Minecraft.exe [2014-10-24] ()
Task: {935553CB-3DE7-4B7C-9D51-4345D64C304F} - System32\Tasks\Halo 2 for Vista restart => E:\Halo2 -2\startup.exe
Task: {97CF1D1A-5595-40ED-B28E-B5060DB720CC} - System32\Tasks\{435B3771-9859-4D6B-9200-6BC076E387ED} => pcalua.exe -a "E:\Games\Dead Space\__Installer\DISK1\EASetup.exe" -d "E:\Games\Dead Space\__Installer\DISK1"
Task: {A59B909E-7A47-4808-B7B6-BFE8517FD407} - System32\Tasks\{ACAFF512-EE8E-4E0D-B040-9D5D7D14D62C} => E:\Games\Minecraft.exe [2014-10-24] ()
Task: {A6F8A73D-4620-4289-AEF7-0FF89CCD4E9B} - System32\Tasks\{13DAB755-DA4B-47F7-A708-A8FF16A177DD} => pcalua.exe -a "E:\Games\DAEMON Tools Lite\InstallGadget.exe" -d "E:\Games\DAEMON Tools Lite"
Task: {AC425DA3-557B-470E-AF93-3D16B6F17961} - System32\Tasks\{0D8958B1-9D34-4898-A62D-328027B3F154} => E:\Games\Minecraft.exe [2014-10-24] ()
Task: {AF8A35FA-50B5-489C-9929-4B3CD1C93951} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-20] (Avast Software s.r.o.)
Task: {BEBE9779-7211-4218-B763-37C9F4BD9C43} - System32\Tasks\{885476D5-ACE4-46DD-84EE-55C330D62525} => pcalua.exe -a "E:\SteamLibrary\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "E:\SteamLibrary\steamapps\common\Left 4 Dead 2" -c /register
Task: {C2282CAA-A894-4CF5-BB54-1AF995287844} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {C5E595DC-C74F-44F6-A7A0-6587A6F6C71F} - System32\Tasks\{22CA0355-6B0D-4D59-A496-B6FA4B7C023F} => pcalua.exe -a E:\SteamLibrary\SteamApps\sourcemods\gmod_9_0_4\gmod_9_0_4.exe -d E:\SteamLibrary\SteamApps\sourcemods\gmod_9_0_4
Task: {C6B0ECAC-838A-4A0D-B041-B8E846A18DF6} - System32\Tasks\{39CF6098-169B-4AA8-9EDC-19E76E2724BB} => pcalua.exe -a D:\Setup.EXE -d D:\
Task: {C74D6C3C-E1D7-4A33-928E-62C121D64901} - System32\Tasks\{EEEB6983-E6C8-4CB8-9D1E-2A748444B0E9} => D:\GXSetup.exe
Task: {CABACD85-CFB9-4818-ADF8-0ECB5D9EBD23} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-06-02] ()
Task: {D73AB2AD-2B33-4F19-AF49-7F08D1286848} - System32\Tasks\{B376ED76-322B-4688-A7E5-0474ECC1EAC9} => D:\setup.exe
Task: {E5A604EC-22BE-424A-898C-B2BB5DD8194A} - System32\Tasks\{480BE51F-B87E-417B-ADBB-C23DE764E821} => pcalua.exe -a "E:\DAEMON Tools Lite\InstallGadget.exe" -d "E:\Postal 2 - Share the Pain" -c "E:\Postal 2 - Share the Pain\Postal.2.Share.The.Pain-DEViANCE.bin"
Task: {E5FF5035-47FA-45B1-B051-2A944565F277} - System32\Tasks\{48D82933-1B72-414D-8D0C-937C1FB9EDC7} => pcalua.exe -a D:\SetupUbi.exe -d D:\
Task: {FD001FDF-F137-4682-B982-413C763C858F} - System32\Tasks\{27A41081-0D70-4CB9-9688-2992DB2A59FC} => D:\SetupUbi.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-04-28 22:36 - 2015-05-28 06:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-28 22:26 - 2013-09-13 18:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-05 01:28 - 2015-04-20 10:12 - 00790016 _____ () C:\Program Files\NetWorx\sqlite.dll
2015-07-05 01:28 - 2015-06-15 09:25 - 00175592 _____ () C:\Program Files\NetWorx\nfapi.dll
2014-09-28 10:30 - 2013-04-09 17:55 - 03352576 _____ () C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe
2015-06-28 11:10 - 2015-06-28 11:10 - 00149024 _____ () C:\Windows\system32\DnsBlockUpdateSvc.exe
2013-08-08 14:30 - 2013-08-08 14:30 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-07-01 16:50 - 2015-07-03 16:05 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-04-25 23:57 - 2015-04-25 23:57 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-25 23:57 - 2015-04-25 23:57 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-04 21:18 - 2015-07-04 21:18 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070401\algo.dll
2015-03-30 20:13 - 2015-06-24 13:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-09-28 10:30 - 2010-12-02 17:56 - 00815104 _____ () C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\Data\5Mode_OEM\Forms\OSD_Text\OSD_Text.dll
2014-09-28 10:30 - 2011-01-09 20:45 - 00088064 _____ () C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\DLL\DLL_MouseDeviceManager.dll
2014-09-28 10:30 - 2011-04-06 16:06 - 00067072 _____ () C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\DLL\DLL_PenSuit.dll
2014-09-28 10:30 - 2013-01-21 14:15 - 01000448 _____ () C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\Data\5Mode_OEM\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2014-09-28 10:30 - 2011-05-20 16:52 - 00901632 _____ () C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\Data\5Mode_OEM\Forms\ProfileHint\ProfileHint.dll
2014-09-28 10:30 - 2010-09-20 14:18 - 00085504 _____ () C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\DLL\DLL_ZoomControl.dll
2014-09-28 10:30 - 2010-09-20 14:18 - 00054272 _____ () C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\DLL\DLL_ScrollbarControl.dll
2014-09-28 10:30 - 2011-04-12 15:14 - 00063488 _____ () C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\DLL\DLL_AnalyzeGesturesInRight.dll
2014-09-28 10:30 - 2010-11-01 20:16 - 00062976 _____ () C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\DLL\DLL_AnalyzeGesturesInOne.dll
2014-09-28 10:30 - 2011-08-10 13:43 - 00118272 _____ () C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\DLL\DLL_Wheel4D.dll
2013-03-12 08:19 - 2013-03-12 08:19 - 00741376 _____ () C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\de-DE\SBRcni.resources.dll
2015-04-05 17:52 - 2015-04-05 17:52 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-28 22:25 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gustav\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: EADM => "C:\Users\Gustav\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7577B7F2-472C-4DCC-A367-9DECECB89297}] => (Allow) C:\Users\Gustav\Steam\Steam.exe
FirewallRules: [{74794F96-D7C4-4B4B-8427-6B30FA2EE2AE}] => (Allow) C:\Users\Gustav\Steam\Steam.exe
FirewallRules: [TCP Query User{8F89CC28-CECB-4F87-B178-2B2EC1FBB494}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{47ACEB31-3CE6-4AF5-966A-599C4475F0A0}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A3EF6307-369F-44BD-924F-24A7A3555B6A}] => (Allow) E:\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{02EBC63C-209D-4F75-B2A0-068ABC532B44}] => (Allow) E:\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{16F49D4C-4E76-46E3-91A0-CA7483720F39}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{618BE76A-D241-400C-B28E-B584E15D9132}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{CBA11E3D-001B-4138-A08D-2C0DDA099DB8}E:\games\i.am.alive-raf\i am alive\src\system\iamalive_game.exe] => (Allow) E:\games\i.am.alive-raf\i am alive\src\system\iamalive_game.exe
FirewallRules: [UDP Query User{698E9EB8-C910-48BB-9CD1-17C74BDD4720}E:\games\i.am.alive-raf\i am alive\src\system\iamalive_game.exe] => (Allow) E:\games\i.am.alive-raf\i am alive\src\system\iamalive_game.exe
FirewallRules: [TCP Query User{76E9A9B5-744B-4A26-BFB4-68839B03DB69}G:\james\crysis 3\bin32\crysis3.exe] => (Block) G:\james\crysis 3\bin32\crysis3.exe
FirewallRules: [UDP Query User{C24CD320-1EC5-4450-8655-05C431B389A9}G:\james\crysis 3\bin32\crysis3.exe] => (Block) G:\james\crysis 3\bin32\crysis3.exe
FirewallRules: [TCP Query User{E3C51044-3594-4042-89FA-4DEBAFC05F62}G:\james\outlast\binaries\win64\olgame.exe] => (Block) G:\james\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{0D386B92-2275-4674-B653-6E41076492CC}G:\james\outlast\binaries\win64\olgame.exe] => (Block) G:\james\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{3051E96E-B789-4BE1-BEE2-2395E0F09D1E}D:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{E4FFD711-DEFC-4497-B77E-FD7449580850}D:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{5E886311-59B6-456A-86E3-EB7BF586307C}D:\james\outlast\binaries\win32\olgame.exe] => (Allow) D:\james\outlast\binaries\win32\olgame.exe
FirewallRules: [UDP Query User{4DE83046-BC8D-47DE-AA7C-627DDBDEF515}D:\james\outlast\binaries\win32\olgame.exe] => (Allow) D:\james\outlast\binaries\win32\olgame.exe
FirewallRules: [TCP Query User{B30ADB96-6A89-4D29-B984-09DEF10D3221}E:\games\crashday.exe] => (Block) E:\games\crashday.exe
FirewallRules: [UDP Query User{DCD1335D-8006-448A-88A1-A63D4DA80237}E:\games\crashday.exe] => (Block) E:\games\crashday.exe
FirewallRules: [TCP Query User{D330E8E1-142F-4B5A-9439-A87215D90C88}E:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) E:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{43C5D85A-F48D-4671-885F-0BBC91AAF675}E:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) E:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{B6D95C47-175B-4555-B1B1-AE6CD7F6CE81}] => (Allow) E:\Program Files (x86)\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{0D0AF96B-61DC-475E-9841-775837F54D17}] => (Allow) E:\Program Files (x86)\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [TCP Query User{ED2EDAC0-F352-4DE4-94FD-B51A83684DC0}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{84DCC292-526C-4019-BE11-C94FFED2506C}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3B4CE64B-698A-4B8B-A195-5F7E6F835355}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{48B73457-F9E0-4AF7-9CD1-11EF1D2CD152}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{7126162B-EA67-4BFE-B2A3-8861F2CEC993}] => (Allow) C:\Users\Gustav\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{C6E82BFC-32DE-41CD-B6E6-18531541D484}] => (Allow) C:\Users\Gustav\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{F23C14E6-88EE-46EF-A193-87ABC96A0864}] => (Allow) E:\SteamLibrary\SteamApps\common\The Ship\ship.exe
FirewallRules: [{94A3FCD0-DE91-48C1-9A91-0636C4F69095}] => (Allow) E:\SteamLibrary\SteamApps\common\The Ship\ship.exe
FirewallRules: [TCP Query User{FF3EED47-70F1-41B6-BEAD-2774375DEF0E}E:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) E:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{0898BEFA-0E2A-482B-A52C-F123579AAABD}E:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) E:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{77E49BDD-E284-4A83-96EC-EF1BB73C3201}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D824E7F2-54E8-483B-97B6-4CE4DC70400F}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{6218EA38-A001-4316-84B4-19EA3F37F0B3}] => (Allow) E:\SteamLibrary\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{FDB55FE8-5EB3-46E3-A639-D0AD4B74AA3B}] => (Allow) E:\SteamLibrary\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{53CE0991-7D42-402F-9AD8-76977CB5379D}] => (Allow) E:\SteamLibrary\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{1EABCC46-91B7-4792-A8CA-806FA1213B21}] => (Allow) E:\SteamLibrary\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{D7B93AA9-07A5-4C08-B7A7-A3AA219B3BB9}] => (Allow) E:\SteamLibrary\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{4846386F-023D-4A53-A69F-6680A967EC71}] => (Allow) E:\SteamLibrary\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{9EBBB46C-7EF5-4A8B-B677-2470F949523E}] => (Allow) E:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{594E321E-DCEA-4715-810B-6D930FA01A61}] => (Allow) E:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B05E818A-062A-4904-AB1A-1B6FC25D28CB}] => (Allow) E:\SteamLibrary\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{A2BCF37E-BEEC-4D33-A8F6-5D6EC0023C51}] => (Allow) E:\SteamLibrary\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{615DA58C-2E6F-4D23-927F-7BD8AF6715A8}] => (Allow) E:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{7F074E61-7363-40BC-ACAE-1DF57ACE0AC6}] => (Allow) E:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{094E89BB-ACEF-473B-8E64-B8D5A626A8E7}] => (Allow) E:\SteamLibrary\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{A394A96F-694B-494C-B614-583FF06CC116}] => (Allow) E:\SteamLibrary\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{CBA7E3C1-6726-4693-978D-99C1139627C2}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [UDP Query User{5C8D5883-C955-4FF2-B979-BB3F8ED9BB00}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{60CD4905-1B9B-4D0A-8CB5-764922654A6A}] => (Block) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{3CB0A324-6815-4308-8CB8-DDACE956E7E6}] => (Block) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{21CFEC49-B319-4BA6-9812-F85CB7632AAE}] => (Allow) E:\SteamLibrary\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{1C860F06-5741-4720-92FD-4987E1CE6AC9}] => (Allow) E:\SteamLibrary\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{049F051B-DF28-442A-B4E2-87F9F781B703}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{3E33461A-8480-4F3B-B2DE-6312E21B7DBA}C:\program files\java\jre8\bin\javaw.exe] => (Block) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{2D954C1B-18AC-466F-A836-C9B57A7910A7}C:\program files\java\jre8\bin\javaw.exe] => (Block) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{3575F90B-EA65-45C7-B635-4CD93841A9F3}] => (Allow) C:\Users\Gustav\Steam\bin\steamwebhelper.exe
FirewallRules: [{063A228F-2F3A-441F-AFCF-26B9EA840202}] => (Allow) C:\Users\Gustav\Steam\bin\steamwebhelper.exe
FirewallRules: [{347441F6-03BC-4B44-874A-08AE23903FE0}] => (Allow) E:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A87E906A-F720-468F-A6F9-4F206E9CBCC2}] => (Allow) E:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{985D0C4E-FE4F-4BF1-8F96-A5DE516BB256}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{AB1597B1-0BDA-4CDB-85EE-D27351AE44E3}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9371219A-849A-48A2-9875-DEE4BFB2C5F5}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{403F22CD-7461-46F6-A782-34CEB9C89034}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [TCP Query User{CDD7BD54-BA44-45FF-BF15-67F464DA07E9}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [UDP Query User{04A11609-F327-4FCF-B71D-20060965D93F}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{CDCF0FC1-EA36-449D-BAFE-7392D50002BB}] => (Block) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{527B0120-0EA5-42B3-AD49-1790B8E4606B}] => (Block) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{BBFF7B25-0822-4EC9-859C-1E430E866D91}] => (Allow) E:\SteamLibrary\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{13566A47-45B7-455C-A8C1-17512968665F}] => (Allow) E:\SteamLibrary\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{5CA5A1FF-DF5A-4BF2-B59A-E0B220C80EA5}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{9012C33E-8D1E-48C0-87AB-B91D5C4E156B}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe
FirewallRules: [TCP Query User{F474C2D8-DC06-4796-AC2C-19C2582D9D19}G:\die gilde 2 - king edition\guildii.exe] => (Allow) G:\die gilde 2 - king edition\guildii.exe
FirewallRules: [UDP Query User{4D7869E9-D263-42AF-97F1-E659B4E83249}G:\die gilde 2 - king edition\guildii.exe] => (Allow) G:\die gilde 2 - king edition\guildii.exe
FirewallRules: [{14B67799-9788-4321-A112-280ED2FF123D}] => (Block) G:\die gilde 2 - king edition\guildii.exe
FirewallRules: [{044E802A-0762-43B3-94AF-CAA18F021638}] => (Block) G:\die gilde 2 - king edition\guildii.exe
FirewallRules: [TCP Query User{747D070C-E0FD-43A8-907F-F7B804973A33}E:\games\die gilde 2 - king edition\guildii.exe] => (Allow) E:\games\die gilde 2 - king edition\guildii.exe
FirewallRules: [UDP Query User{D2445EF5-8987-4A2F-8FBC-31C6A5114102}E:\games\die gilde 2 - king edition\guildii.exe] => (Allow) E:\games\die gilde 2 - king edition\guildii.exe
FirewallRules: [{E999E6D4-E618-454D-B3CC-7156ADDFE8F8}] => (Block) E:\games\die gilde 2 - king edition\guildii.exe
FirewallRules: [{AB3D65DB-BF7E-42B5-BB44-122EF2417FD4}] => (Block) E:\games\die gilde 2 - king edition\guildii.exe
FirewallRules: [TCP Query User{982E3DE0-8E28-423C-ABCD-10EE5F440642}G:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) G:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{BE1CA212-3B78-4F07-8B96-0BC95D8F636B}G:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) G:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{01E88FE3-374D-49C8-85E7-A6765616840F}] => (Block) G:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{36CE6004-FD79-43C8-ACAE-AD1BFFF9AAB7}] => (Block) G:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{69DC5CD0-1D33-43CF-A4EE-36357A93588B}E:\games\wot\wotlauncher.exe] => (Allow) E:\games\wot\wotlauncher.exe
FirewallRules: [UDP Query User{0E387720-16E4-4779-B473-F7406F61BF67}E:\games\wot\wotlauncher.exe] => (Allow) E:\games\wot\wotlauncher.exe
FirewallRules: [{00408D53-2397-4576-97EB-76F94584E710}] => (Block) E:\games\wot\wotlauncher.exe
FirewallRules: [{F97201F9-0C78-4838-900B-A609D1708DD8}] => (Block) E:\games\wot\wotlauncher.exe
FirewallRules: [TCP Query User{BCEB2977-4ED3-4EDD-A6DF-E9EE2384D814}E:\games\wot\worldoftanks.exe] => (Allow) E:\games\wot\worldoftanks.exe
FirewallRules: [UDP Query User{9F8372D5-CCBE-4289-AB8F-876E2F296CC2}E:\games\wot\worldoftanks.exe] => (Allow) E:\games\wot\worldoftanks.exe
FirewallRules: [{B59C84C6-4531-465B-8A75-343F0B3CC06E}] => (Block) E:\games\wot\worldoftanks.exe
FirewallRules: [{BE550211-3B49-4485-BE6D-27A3F4B36EBA}] => (Block) E:\games\wot\worldoftanks.exe
FirewallRules: [{00657B8F-080D-43E6-AE59-DFD43437CEA8}] => (Allow) E:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{60670402-75D1-4EB0-9424-C93B9646DC9A}] => (Allow) E:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{3467A96A-82B6-4261-B114-F8873D8C1A8A}E:\games\hirez\hirezgames\smite\binaries\win32\smite.exe] => (Allow) E:\games\hirez\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{F6C11802-77C2-40CD-9C97-2DB1B2C4D6CA}E:\games\hirez\hirezgames\smite\binaries\win32\smite.exe] => (Allow) E:\games\hirez\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{5D3A3813-0471-4FB7-9052-EF765EDDD97A}] => (Block) E:\games\hirez\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{414EC19C-8068-4A54-AD14-C653DA27311D}] => (Block) E:\games\hirez\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{B7FFC64B-431C-42D0-A736-34EC02E8E612}C:\users\gustav\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gustav\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{49C6DA3C-1D09-4A82-8730-5111AA755F54}C:\users\gustav\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gustav\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0EB7B375-F3A0-4A2D-9A7F-06A2969E3BCF}] => (Block) C:\users\gustav\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D2B7DD6F-160B-468A-9E52-7CA2281F0BAF}] => (Block) C:\users\gustav\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8893B6C2-DE84-4F8C-8E19-3C54D6ADA5D0}] => (Allow) E:\SteamLibrary\SteamApps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{62CCA4F3-8802-4D49-B3C5-FF0D1A585598}] => (Allow) E:\SteamLibrary\SteamApps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{D855A2D0-6429-4ABA-9095-B43A98E12908}] => (Allow) E:\SteamLibrary\SteamApps\common\Rochard\Rochard.exe
FirewallRules: [{3CC80F8F-94B6-49C5-83F9-6691B7799898}] => (Allow) E:\SteamLibrary\SteamApps\common\Rochard\Rochard.exe
FirewallRules: [{7E205CA0-98C6-4693-AFF9-3E4FA4508DCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BB332A35-4B26-41FF-883E-4A9CD326AC83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{78967F7B-68E6-42EE-89C5-35B6E9AA67B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7EF7C42-7A60-4AA3-909B-2A013D17F93C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{93375B33-A494-4CF1-92D3-D69EF3B5FFD0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5E6C99EA-B3F7-4518-B079-4B2A2E99268F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{35BF01CB-7E70-4A04-8591-31F48C376679}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{49A9D999-4305-4098-BB4E-3C2ECC611991}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{965E8F9A-D83A-4255-8F9B-DAE15BE1A69A}] => (Block) C:\windows\system32\java.exe
FirewallRules: [{7908895E-8A5A-42AE-8543-53E0CCA59ACC}] => (Block) C:\windows\system32\java.exe
FirewallRules: [{5CB3C012-A870-4B3E-BE4A-1C7B3FB0D47B}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{1D471849-71F7-4CC1-9C3E-7A08C498A521}] => (Allow) E:\SteamLibrary\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{B08385B4-F298-4149-9490-14C272F0D0C8}] => (Allow) E:\SteamLibrary\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{9BAAC5F9-6B10-41F4-80FD-DB8E8302D10E}] => (Allow) E:\SteamLibrary\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{4AFFAC50-DECF-44F4-B231-F5E9CB0B0A68}] => (Allow) E:\SteamLibrary\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{5648B27A-6305-4FB8-B30B-89E44531A520}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{B30A85E1-8D39-4066-B4F9-AFA2CC13318D}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{AC92C299-BC86-46E4-8494-1FB6CA3B07BA}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{BB8692C0-3AD1-4B1E-B96C-E0E921537CDF}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [TCP Query User{1E57113E-B651-4DF9-B149-C0AACD00B8DC}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3734A30A-175A-4677-B23B-EC4BEFD27987}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{D7C3CA73-308F-4403-BF9D-E74C1A03611B}] => (Allow) E:\SteamLibrary\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{31A3492E-3C24-49F2-B378-E90E861B4F40}] => (Allow) E:\SteamLibrary\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [TCP Query User{1AF7C31B-5393-4912-B335-7520452CB72C}E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{404CA471-7D12-4A4C-A1BB-DE3A80BC5DFD}E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [{561EEC57-E791-4D59-8922-EF1739F239D2}] => (Block) E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [{7E043889-0AB6-4B1B-A149-81568709135C}] => (Block) E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [TCP Query User{2F23A7B1-EBE6-4C52-8FD5-5722FD89403A}E:\games\planetside 2\planetside2_x64.exe] => (Allow) E:\games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{11C3D4D6-1109-4CB2-89FA-5F71D2439A8E}E:\games\planetside 2\planetside2_x64.exe] => (Allow) E:\games\planetside 2\planetside2_x64.exe
FirewallRules: [{D2F4C0C2-C63A-4282-9316-C033236F967D}] => (Block) E:\games\planetside 2\planetside2_x64.exe
FirewallRules: [{2AC43897-A52B-43F5-9D9D-CF7275F84F36}] => (Block) E:\games\planetside 2\planetside2_x64.exe
FirewallRules: [{8D951AF9-230D-4780-BD6E-DA8EACD2A7EF}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{BAFC7932-B2B3-4055-9038-130D854B1E89}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{DAA39246-EB5F-4284-BD0D-F41FEE91DEE9}] => (Allow) E:\Games\Origin\Battlefield 3\bf3.exe
FirewallRules: [{6DBB6370-CB03-4E78-A299-758F3403DF3A}] => (Allow) E:\Games\Origin\Battlefield 3\bf3.exe
FirewallRules: [{EF856BC3-A23A-4E67-A249-B875E753F31C}] => (Allow) E:\SteamLibrary\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{5394AAC1-F33F-4CA6-ABEE-8AA00D66158E}] => (Allow) E:\SteamLibrary\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{B455DA37-2A41-4169-857D-89BB17FAAF58}] => (Allow) E:\SteamLibrary\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{F3D87DB0-332B-4AA5-8152-58BB145CA6AE}] => (Allow) E:\SteamLibrary\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{6BC5D71B-51B0-4931-980A-D7833840F0FA}] => (Allow) E:\Games\Origin\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{6A1A1FF7-7BF3-4ECE-9CE0-6991FBF8F90B}] => (Allow) E:\Games\Origin\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{35B2E36F-251D-4EFA-8868-178F67845A3A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{C04CD623-B80B-48A3-8DB9-479F039ED502}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{E3F3152F-5140-4A52-8023-4EB858E3389E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9D950DE5-BCAD-4E00-ABDC-27A073C07160}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{635AEF04-44AE-4420-BAE1-6420DAD2F939}] => (Allow) E:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{C692D440-BB60-4844-AC1D-C4ED9A41763E}] => (Allow) E:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{520A245D-83ED-4915-89FA-17E8737E216C}I:\james\outlast\binaries\win64\olgame.exe] => (Allow) I:\james\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{D15DFC69-158A-4231-8648-28C72B81D82E}I:\james\outlast\binaries\win64\olgame.exe] => (Allow) I:\james\outlast\binaries\win64\olgame.exe
FirewallRules: [{327A18E9-C647-43CA-94F3-1F74D12A6776}] => (Block) I:\james\outlast\binaries\win64\olgame.exe
FirewallRules: [{E57A5943-EBA8-4828-B45C-07151E4C9E66}] => (Block) I:\james\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{DF21007C-7656-4EF6-88C6-0534EF38CC6E}I:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe] => (Allow) I:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{ABA09F77-846A-4F3B-982F-02ECD38150F5}I:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe] => (Allow) I:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [{A54D5D82-F437-48E3-B45B-8DE5339019E3}] => (Block) I:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [{D4A75F62-22CF-4487-A2D7-5F6E4F76F9C6}] => (Block) I:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [{24A34181-6118-477F-B19D-651F128DB71F}] => (Allow) E:\SteamLibrary\SteamApps\common\DiRT Showdown\showdown.exe
FirewallRules: [{95EBA5D4-4C10-415C-8A16-70BD8B10F326}] => (Allow) E:\SteamLibrary\SteamApps\common\DiRT Showdown\showdown.exe
FirewallRules: [{57B4EF50-A94D-4A3A-8E3D-C8028C086D98}] => (Allow) E:\SteamLibrary\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{C6DD96FF-E2C8-4CF9-9C27-69F5B88CA474}] => (Allow) E:\SteamLibrary\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{1690587D-2277-417A-87C9-85087CBB694D}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{461A12B6-6C3F-42E2-8B82-3CDA9C54CD83}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{CCDA4F2D-B8B0-4D9E-8F1E-078D9F97003D}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{E0CE3846-3C24-492A-ADDC-A1E5230B28D7}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{0F980202-07AC-46EB-BF49-692F85860E52}] => (Allow) E:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{547C5468-6CA8-4678-A150-61ACD9D06113}] => (Allow) E:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{33A15CEE-80E1-45AF-86F3-EAC6DACBEA0B}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{BFC06251-0493-448C-96D9-1278DF5F596B}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{A9F97AE7-B93D-4BA6-B5B6-7353B50AC00E}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{2C025335-D47A-42CD-B7A0-2C90D533A2CD}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{9043F614-51A9-4728-9088-E78F781ABFBC}] => (Allow) E:\Games\Origin\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{780011AB-23D0-4D89-BFBE-32A78AA2845C}] => (Allow) E:\Games\Origin\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{7A0EB4DC-DCB3-4E49-9E4B-EE494C34D0F6}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{5985D770-98E2-4C8F-A7C9-EAC4B3F640F5}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [TCP Query User{22D6F519-26DB-425F-A17A-7FB5D5997259}E:\games\dying light#\dying light\dyinglightgame.exe] => (Allow) E:\games\dying light#\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{A1C6D93F-38F2-401D-8C87-3E93AA592B78}E:\games\dying light#\dying light\dyinglightgame.exe] => (Allow) E:\games\dying light#\dying light\dyinglightgame.exe
FirewallRules: [{00BE8224-053D-4BA8-AFDB-382690F316F7}] => (Block) E:\games\dying light#\dying light\dyinglightgame.exe
FirewallRules: [{E9654C9C-D162-455A-9226-2298189CE798}] => (Block) E:\games\dying light#\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{CF0DF077-BADB-48FF-BE88-E64F10A7B89F}E:\games\dying light\dyinglightgame.exe] => (Allow) E:\games\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{CF180DCA-360A-438E-86CF-F6E2EC487B7B}E:\games\dying light\dyinglightgame.exe] => (Allow) E:\games\dying light\dyinglightgame.exe
FirewallRules: [{D2A4315C-7162-4745-8F1D-BD15E842D24B}] => (Block) E:\games\dying light\dyinglightgame.exe
FirewallRules: [{2104FA63-7AF2-4E50-A11A-E5C7AE509058}] => (Block) E:\games\dying light\dyinglightgame.exe
FirewallRules: [{E7185FE8-14F2-4647-B661-10C983856ECF}] => (Allow) C:\Users\Gustav\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{8902FAF8-DFA5-4668-BC6C-378C8F0B92B6}] => (Allow) C:\Users\Gustav\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{1B3F00A2-3B20-46F6-AEF1-8A0FE972B7AF}] => (Allow) C:\Users\Gustav\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{59E2D7D5-5CB6-4435-A547-A79A6C51BA82}] => (Allow) C:\Users\Gustav\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [TCP Query User{9AFD0CFE-CF62-4FCB-AA10-89C996DF5211}E:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) E:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{33FC87B2-C663-4B80-8D60-C931D511F3B3}E:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) E:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{E5C780E8-6207-4467-ABD7-024273F7EF53}] => (Block) E:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{762EA348-DDCF-4DA2-AD64-BCA4E000877D}] => (Block) E:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [TCP Query User{1953B5FE-4C4B-4A23-A9D9-57A433481AF5}E:\games\unity\editor\unity.exe] => (Allow) E:\games\unity\editor\unity.exe
FirewallRules: [UDP Query User{BD0E2B24-0E32-40AD-BE20-818D58D884E8}E:\games\unity\editor\unity.exe] => (Allow) E:\games\unity\editor\unity.exe
FirewallRules: [TCP Query User{D5A23D7D-C994-4F6F-970C-17E1967F907B}E:\games\unity\monodevelop\bin\monodevelop.exe] => (Block) E:\games\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{3A0F5547-6AD9-47FB-82D5-208FA11DE0A1}E:\games\unity\monodevelop\bin\monodevelop.exe] => (Block) E:\games\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{7E78C6EF-6A4D-4D3F-B6B3-52E231934A93}E:\games\origin\titanfall\titanfall.exe] => (Allow) E:\games\origin\titanfall\titanfall.exe
FirewallRules: [UDP Query User{9CD5947D-33BA-47E6-B268-54D5B938CBC3}E:\games\origin\titanfall\titanfall.exe] => (Allow) E:\games\origin\titanfall\titanfall.exe
FirewallRules: [{C278E1ED-1106-4779-8758-428634FE5B9F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{27B4966F-452D-4EF9-ADA4-A6489923C5EC}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{28C4640B-A845-4F35-B23E-E1FD8A8B0839}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{0A307578-4336-42AC-BDD4-6B847D42173C}] => (Allow) E:\Games\Origin\Titanfall\Titanfall.exe
FirewallRules: [{DA7875BB-DF52-4F0B-BCBB-E8E062F04237}] => (Allow) E:\Games\Origin\Titanfall\Titanfall.exe
FirewallRules: [{9AA63E7B-C714-4C56-91D2-EED247ED5AC8}] => (Allow) E:\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{FA11F623-23DF-40DA-B3CA-9F94DC590A95}] => (Allow) E:\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [TCP Query User{B7A7B3F6-EF57-449E-95A2-47849DED7681}E:\games\war thunder\launcher.exe] => (Allow) E:\games\war thunder\launcher.exe
FirewallRules: [UDP Query User{174E393C-FE3D-4378-93C9-0CF5E26259CE}E:\games\war thunder\launcher.exe] => (Allow) E:\games\war thunder\launcher.exe
FirewallRules: [{DEA8D00F-724D-4A81-B767-E2E1E713A97C}] => (Block) E:\games\war thunder\launcher.exe
FirewallRules: [{C4ACF39E-CC89-413C-AB57-B415001EE9B1}] => (Block) E:\games\war thunder\launcher.exe
FirewallRules: [TCP Query User{DBF133FE-FBA1-4538-B09B-8924BC006616}E:\games\war thunder\aces.exe] => (Allow) E:\games\war thunder\aces.exe
FirewallRules: [UDP Query User{3525C6A7-D0CC-4CDC-9871-FEE61DE380C2}E:\games\war thunder\aces.exe] => (Allow) E:\games\war thunder\aces.exe
FirewallRules: [{40729180-E97A-4C2E-9CD0-C5A54E45271D}] => (Block) E:\games\war thunder\aces.exe
FirewallRules: [{7F330B00-D292-49E1-83DC-0BC6248AA520}] => (Block) E:\games\war thunder\aces.exe
FirewallRules: [TCP Query User{8C99DB61-7A12-4A83-83D1-3686C11593FC}E:\steamlibrary\steamapps\common\war thunder\launcher.exe] => (Allow) E:\steamlibrary\steamapps\common\war thunder\launcher.exe
FirewallRules: [UDP Query User{199C13C5-DC36-4DA0-ABF6-A7FD4F88A219}E:\steamlibrary\steamapps\common\war thunder\launcher.exe] => (Allow) E:\steamlibrary\steamapps\common\war thunder\launcher.exe
FirewallRules: [{6698684B-64FD-4E62-B8EF-E8E3DF6EE884}] => (Block) E:\steamlibrary\steamapps\common\war thunder\launcher.exe
FirewallRules: [{BE01D917-456E-47EB-8382-1C5309C648ED}] => (Block) E:\steamlibrary\steamapps\common\war thunder\launcher.exe
FirewallRules: [TCP Query User{E02A47A6-6C91-45B4-B203-B8C4BBF04D1C}E:\steamlibrary\steamapps\common\war thunder\aces.exe] => (Allow) E:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{E1DE174C-4F1D-46BC-903C-42FD725A7913}E:\steamlibrary\steamapps\common\war thunder\aces.exe] => (Allow) E:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [{A372A24E-C2B4-49D5-A999-06C59530BC93}] => (Block) E:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [{DECA0ABF-37AF-4457-A36A-A52EAAF7B355}] => (Block) E:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{035CE971-F432-489C-AC34-A6F622190AD8}E:\steamlibrary\steamapps\common\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{049721DE-96D6-4A24-9CBF-6EC7EE51C0EC}E:\steamlibrary\steamapps\common\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{663A8B18-27A5-44F0-9E17-729D1762EE1E}] => (Block) E:\steamlibrary\steamapps\common\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{04330E08-313C-4A6E-B079-D1B89D1AB6A3}] => (Block) E:\steamlibrary\steamapps\common\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{C542BADC-8C66-485B-B3B2-A4BA90A63F58}E:\games\rockstar games\grand theft auto v\gta5.exe] => (Block) E:\games\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{BF665FC8-A802-4D94-8D60-38C8CD92A7F0}E:\games\rockstar games\grand theft auto v\gta5.exe] => (Block) E:\games\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{188F462E-7539-451D-B34D-9731EB9C02A4}C:\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{CECAD8AC-179C-493D-B945-5283B7F01137}C:\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{4A8E7599-5554-45D3-9C77-573A6D0924CE}] => (Block) C:\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{249AF1A8-563D-4BCC-87B9-3ACFE8C3151C}] => (Block) C:\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{F408F00B-C006-4864-AA16-E7A25EFE7D0E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{00DEC23E-6B68-4ADF-B1F9-766237DFF424}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{DFCAA765-C371-4280-B6A2-373963C56560}] => (Allow) E:\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{88B8DBE4-15FF-410E-827E-3B5CD087FCF5}] => (Allow) E:\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{090B1DD0-6C6C-4703-A6B4-D8285BF327D7}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{535AB98F-ACF7-4C12-BBA8-B7B118CEE80D}] => (Allow) E:\Games\Origin\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{BF8C7991-2C6D-4035-92A0-40B8E1C0EF12}] => (Allow) E:\Games\Origin\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{D7E79EA8-B38B-4F4D-9F77-874C823E8AC0}] => (Allow) E:\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{32300F44-25DB-4AC4-9B46-D58BA5C8D634}] => (Allow) E:\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{115299C6-B9DA-4E62-8B5D-8589DA6CB1F3}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{295E2353-A83A-468A-895E-D3F7CAF712FB}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{74163291-2D85-4FCF-BF5A-A399EEEFE0E2}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{38860681-34BE-4E70-8858-ABB0B1E80A9C}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{1C3B5673-D70D-4ED9-BDF3-803EEF7B7409}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [TCP Query User{820B0D35-B1DE-41A1-BD2E-E4E9B2F7C7C0}E:\games\tmunitedforever\tmforever.exe] => (Allow) E:\games\tmunitedforever\tmforever.exe
FirewallRules: [UDP Query User{189E202C-6049-46CB-9366-8E60355005F7}E:\games\tmunitedforever\tmforever.exe] => (Allow) E:\games\tmunitedforever\tmforever.exe
FirewallRules: [{1A50BD45-1617-4CFB-8E4B-774CFE0CAA51}] => (Block) E:\games\tmunitedforever\tmforever.exe
FirewallRules: [{5555F437-A047-4001-8B81-A6C8F64F10F2}] => (Block) E:\games\tmunitedforever\tmforever.exe
FirewallRules: [{C44BA67A-E671-4DA4-A0BD-C732C922A2BF}] => (Allow) E:\SteamLibrary\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{1C843205-57F7-4E0C-AC36-57305C5E47AD}] => (Allow) E:\SteamLibrary\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{42813A4E-F3B5-449A-8D0A-F9AB2A91C0AE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{352BA25F-F316-430E-8BDC-58CAB1D0E813}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EB24EEF4-9A97-46FA-8918-544A65EE696B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EE5A71A2-23A1-48D4-9B11-FCAF13509B8B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D209CF83-3157-4277-82A7-718FCB500124}] => (Allow) E:\Games\Origin\Battlefield 4\bf4_x86.exe
FirewallRules: [{EE017CAC-2FD4-4AF0-B043-C30B9C542426}] => (Allow) E:\Games\Origin\Battlefield 4\bf4_x86.exe
FirewallRules: [{14AA0670-2F31-4525-B4AA-590B67148692}] => (Allow) E:\Games\Origin\Battlefield 4\bf4.exe
FirewallRules: [{E32021DF-37D8-4B41-B2B3-D467233F9F8E}] => (Allow) E:\Games\Origin\Battlefield 4\bf4.exe
FirewallRules: [{2ED16CAB-E452-4170-8706-885916209E8F}] => (Allow) E:\Halo2 -2\halo2.exe
FirewallRules: [{80FF6EDF-3BCF-4C81-ABA0-7D85F8FD385B}] => (Allow) E:\Halo2 -2\halo2.exe
FirewallRules: [{D11D9A05-F01D-4671-A908-E4D2A3B882B0}] => (Allow) E:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3D1017F2-0A21-441C-94C7-A90CC4CCCFB2}] => (Allow) E:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{37E74077-55F6-414C-A0C6-A54D9FDD6CCC}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{33F16789-AA8B-49EC-9084-17171438BD39}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{A66D2CB5-4E99-49D6-AF25-22E2541EEE01}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{8465BD77-027A-48EC-AC21-6AE2EBA826B8}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [TCP Query User{1DE38D1A-6D65-46B9-8F77-C6863BA9013A}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{30B1B7FF-9775-456B-AC98-B9C03DCE9FF4}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [{65B4FF95-E756-4BA4-97FE-D014EE928BA5}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [{744D818B-6290-4B05-80C9-585FEEEA31B3}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7935F6A9-532F-4C10-8A6C-C41F671DEBD5}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{EA0460A1-A9D9-4C18-A65A-1C735A9902D5}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{CE4DEDDB-DB8D-40BC-84BC-2A5F7553A4CE}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{4E062F97-0BB1-4FE6-B1F3-191FFB735A20}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{0EBA5F0A-4CCB-4CF7-825B-DBE081EBE76F}] => (Allow) E:\SteamLibrary\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{281062E7-153C-4C35-B805-AFECC5A12C0F}] => (Allow) E:\SteamLibrary\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{EC7DC16F-6E38-48F7-89B6-AEC9C2F1CF82}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{2BED5202-3B5B-4FDB-84EE-5D8AA3A5ABBA}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{D7B59541-0832-4A64-9F75-AC09A0037B3D}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{7EF93DF2-7506-4019-B2D2-F427E9FD8B9E}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{86BAFDF4-A8BC-43C3-8BBB-F6161692A7FE}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{FDD1C748-C555-4159-929A-CFE8A12B1A21}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{3A8BB0F4-73D5-4E5D-AF91-2C5BFA5D889F}E:\steamlibrary\steamapps\common\greygoo\instanceserverg.exe] => (Allow) E:\steamlibrary\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [UDP Query User{06466711-CFE0-4811-B3F2-D5DF0CC428A6}E:\steamlibrary\steamapps\common\greygoo\instanceserverg.exe] => (Allow) E:\steamlibrary\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [TCP Query User{F8EBDE8B-C395-4C03-BD2C-85FA3F69B304}E:\steamlibrary\steamapps\common\greygoo\goog.exe] => (Allow) E:\steamlibrary\steamapps\common\greygoo\goog.exe
FirewallRules: [UDP Query User{DEE1AD01-34B3-4AFE-AA54-90F08A5DBF42}E:\steamlibrary\steamapps\common\greygoo\goog.exe] => (Allow) E:\steamlibrary\steamapps\common\greygoo\goog.exe
FirewallRules: [{7A9EFB14-F278-4347-AF26-521A2AE8C1AD}] => (Block) E:\steamlibrary\steamapps\common\greygoo\goog.exe
FirewallRules: [{444B2350-65B1-4661-903F-4E6054684E59}] => (Block) E:\steamlibrary\steamapps\common\greygoo\goog.exe
FirewallRules: [{5DC4BAD4-7585-4C25-B059-2D7FB2CAF5A6}] => (Block) E:\steamlibrary\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [{A073123B-088C-4665-ABBB-70439D9F1CAA}] => (Block) E:\steamlibrary\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [{A19D34C6-0B89-45AD-AD23-AFA11179AC3B}] => (Allow) E:\Games\Origin\Battlefield 4\bf4_x86.exe
FirewallRules: [{49DD7EFF-8F39-4679-A949-57AF71591C65}] => (Allow) E:\Games\Origin\Battlefield 4\bf4_x86.exe
FirewallRules: [{A50EA333-1387-4C10-A5A9-698615A7C418}] => (Allow) E:\Games\Origin\Battlefield 4\bf4.exe
FirewallRules: [{878304E4-3628-41CC-9F6C-7342F93F125F}] => (Allow) E:\Games\Origin\Battlefield 4\bf4.exe
FirewallRules: [{F2B6E266-297C-4C10-B95E-25272A181F21}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D22F25B1-3016-4B8C-AFDD-3E801C878215}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{CE2FE137-CE48-4857-92D8-689B06FCC712}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B678F67D-1F1A-4087-BA72-456FB77ED0D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E4BD33AF-D011-470B-94BB-C4F994561F98}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2C4DD9C3-9580-41C7-AD87-740FEF194144}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9B26C5C4-6A21-4666-B660-C858E20F1B90}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{4165FD7A-0772-417D-A6F3-E3AE00EA2F6A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{B0091744-F652-4201-AE93-346493AFBAA2}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{E18E61D9-18D2-4065-B5C2-1222B5589929}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{32677B87-6DA7-4A64-B444-1E9923A1AACE}C:\program files (x86)\blizzard\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\blizzard\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{6AF55272-EF8F-4986-B21C-EEB4429EE3D9}C:\program files (x86)\blizzard\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\blizzard\hearthstone\hearthstone.exe
FirewallRules: [{35683B80-4396-4EA8-AF8F-10762CA6AE15}] => (Allow) E:\SteamLibrary\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{3366EEFA-3E06-4CCB-B535-0FE795DC16C7}] => (Allow) E:\SteamLibrary\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{1732A3B3-C9C1-4EFC-BF59-F4B37C398900}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E44E6673-E14C-4B13-9450-032DC2E8C310}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE388C1D-B32C-47A5-9664-DB447859075F}] => (Allow) C:\Program Files\NetWorx\networx.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2015 10:55:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xb0c
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 10:45:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xb5c
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 03:47:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xb0c
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 03:45:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 39.0.0.5659, Zeitstempel: 0x55934d06
Name des fehlerhaften Moduls: mozalloc.dll, Version: 39.0.0.5659, Zeitstempel: 0x55933a83
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x18b4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/05/2015 03:43:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xb18
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 03:42:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 39.0.0.5659, Zeitstempel: 0x55934d06
Name des fehlerhaften Moduls: mozalloc.dll, Version: 39.0.0.5659, Zeitstempel: 0x55933a83
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0xd5c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/05/2015 03:33:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xae4
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 01:09:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0x880
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 00:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xaf8
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 00:28:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


System errors:
=============
Error: (07/05/2015 10:55:52 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger

Error: (07/05/2015 10:55:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/05/2015 10:55:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Capability Licensing Service Interface erreicht.

Error: (07/05/2015 10:46:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger

Error: (07/05/2015 10:45:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/05/2015 10:45:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Capability Licensing Service Interface erreicht.

Error: (07/05/2015 03:47:10 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger

Error: (07/05/2015 03:47:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/05/2015 03:47:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Capability Licensing Service Interface erreicht.

Error: (07/05/2015 03:43:18 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger


Microsoft Office:
=========================
Error: (07/05/2015 10:55:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689b0c01d0b7005bab7b37C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exea24e4f0f-22f3-11e5-9a20-74d435884c44

Error: (07/05/2015 10:45:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689b5c01d0b6fefadc44ecC:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exe417ecaa1-22f2-11e5-8890-74d435884c44

Error: (07/05/2015 03:47:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689b0c01d0b6c4782397f9C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exebec81989-22b7-11e5-98cc-74d435884c44

Error: (07/05/2015 03:45:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa118b401d0b6c401d9be3fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll831cd0ba-22b7-11e5-a51c-74d435884c44

Error: (07/05/2015 03:43:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689b1801d0b6c3edd6de98C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exe3483dc08-22b7-11e5-a51c-74d435884c44

Error: (07/05/2015 03:42:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa1d5c01d0b6c3be026b21C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll199aca0a-22b7-11e5-b354-74d435884c44

Error: (07/05/2015 03:33:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689ae401d0b6c28db82b75C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exed455f652-22b5-11e5-b354-74d435884c44

Error: (07/05/2015 01:09:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d68988001d0b6ae71ec0c62C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exeb88ce46a-22a1-11e5-b611-74d435884c44

Error: (07/05/2015 00:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689af801d0b6aa3f856b01C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exe86266238-229d-11e5-b056-74d435884c44

Error: (07/05/2015 00:28:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Gustav\Downloads\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
  Date: 2015-07-05 00:53:09.846
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-05 00:53:09.830
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-06-28 11:18:05.951
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-28 11:18:05.924
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-28 11:18:05.896
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-28 11:18:05.864
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-28 11:18:05.835
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-28 11:18:05.807
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-28 11:15:28.070
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-28 11:15:28.042
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 25%
Total physical RAM: 8078.54 MB
Available physical RAM: 6033.68 MB
Total Virtual: 16155.28 MB
Available Virtual: 13905.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.47 GB) (Free:58.78 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Festplatte) (Fixed) (Total:931.51 GB) (Free:258.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Rescue Disc) (Removable) (Total:59.62 GB) (Free:59.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 4B31521B)
Partition 1: (Not Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 508AFC7B)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 59.6 GB) (Disk ID: 4A386CC0)
Partition 1: (Active) - (Size=59.6 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---

--- --- ---

M-K-D-B 05.07.2015 10:34
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

SirHenry2 05.07.2015 10:51
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-07-05 11:17:48
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 Crucial_CT240M500SSD1 rev.MU03 223,57GB
Running: Gmer-19357.exe; Driver: C:\Users\Gustav\AppData\Local\Temp\kgdcipob.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[1640] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW  0000000075492ab1 5 bytes JMP 000000010012f182
.text  C:\Program Files\AVAST Software\Avast\avastui.exe[2604] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter        00000000750c8781 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!GetModuleFileNameExW + 17        00000000749f1401 2 bytes JMP 750eb21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!EnumProcessModules + 17          00000000749f1419 2 bytes JMP 750eb346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!GetModuleInformation + 17        00000000749f1431 2 bytes JMP 75168f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!GetModuleInformation + 42        00000000749f144a 2 bytes CALL 750c489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                          * 9
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!EnumDeviceDrivers + 17          00000000749f14dd 2 bytes JMP 75168822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!GetDeviceDriverBaseNameA + 17    00000000749f14f5 2 bytes JMP 751689f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!QueryWorkingSetEx + 17          00000000749f150d 2 bytes JMP 75168718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!GetDeviceDriverBaseNameW + 17    00000000749f1525 2 bytes JMP 75168ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!GetModuleBaseNameW + 17          00000000749f153d 2 bytes JMP 750dfca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!EnumProcesses + 17              00000000749f1555 2 bytes JMP 750e68ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!GetProcessMemoryInfo + 17        00000000749f156d 2 bytes JMP 75168fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!GetPerformanceInfo + 17          00000000749f1585 2 bytes JMP 75168b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!QueryWorkingSet + 17            00000000749f159d 2 bytes JMP 751686dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!GetModuleBaseNameA + 17          00000000749f15b5 2 bytes JMP 750dfd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!GetModuleFileNameExA + 17        00000000749f15cd 2 bytes JMP 750eb2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!GetProcessImageFileNameW + 20    00000000749f16b2 2 bytes JMP 75168ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[2640] C:\Windows\syswow64\PsApi.dll!GetProcessImageFileNameW + 31    00000000749f16bd 2 bytes JMP 75168671 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                              00000000749f1401 2 bytes JMP 750eb21b C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                00000000749f1419 2 bytes JMP 750eb346 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                              00000000749f1431 2 bytes JMP 75168f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                              00000000749f144a 2 bytes CALL 750c489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                          * 9
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                  00000000749f14dd 2 bytes JMP 75168822 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                          00000000749f14f5 2 bytes JMP 751689f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                  00000000749f150d 2 bytes JMP 75168718 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                          00000000749f1525 2 bytes JMP 75168ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                00000000749f153d 2 bytes JMP 750dfca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                      00000000749f1555 2 bytes JMP 750e68ef C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                              00000000749f156d 2 bytes JMP 75168fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                00000000749f1585 2 bytes JMP 75168b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                    00000000749f159d 2 bytes JMP 751686dc C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                00000000749f15b5 2 bytes JMP 750dfd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                              00000000749f15cd 2 bytes JMP 750eb2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                          00000000749f16b2 2 bytes JMP 75168ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\PnkBstrA.exe[3612] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                          00000000749f16bd 2 bytes JMP 75168671 C:\Windows\syswow64\kernel32.dll

---- Threads - GMER 2.1 ----

Thread  C:\Windows\System32\svchost.exe [3736:6340]                                                                                  000007fef7c29688

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                                           
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                          1
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                      0x8B 0x8D 0xB5 0x03 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                           
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                          C:\Program Files (x86)\DAEMON Tools Lite\
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                          0x00 0x00 0x00 0x00 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                          0
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                      0x17 0xD8 0x63 0x15 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                                   
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                              0xD7 0x8D 0x4D 0x76 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                             
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                        0x72 0x86 0x6C 0xE0 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                                           
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                          C:\Program Files\DAEMON Tools Lite\
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                       
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                              1
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                          0x8B 0x8D 0xB5 0x03 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                       
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                              C:\Program Files (x86)\DAEMON Tools Lite\
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                              0x00 0x00 0x00 0x00 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                              0
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                          0x17 0xD8 0x63 0x15 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)               
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                  0xD7 0x8D 0x4D 0x76 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)         
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                            0x72 0x86 0x6C 0xE0 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)                       
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                              C:\Program Files\DAEMON Tools Lite\

---- EOF - GMER 2.1 ----
Code:
ComboFix 15-06-30.01 - Gustav 05.07.2015  11:40:24.2.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.8079.6299 [GMT 2:00]
ausgeführt von:: C:\Users\Gustav\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))


C:\ProgramData\ntuser.pol


(((((((((((((((((((((((  Dateien erstellt von 2015-06-05 bis 2015-07-05  ))))))))))))))))))))))))))))))


2015-07-05 09:43:21 . 2015-07-05 09:43:21        --------        d-----w-        C:\Users\Default\AppData\Local\temp
2015-07-05 09:43:21 . 2015-07-05 09:43:21        --------        d-----w-        C:\Users\Administrator\AppData\Local\temp
2015-07-05 09:39:24 . 2015-07-05 09:39:24        --------        d-----w-        C:\Program Files\{F3D4780F-89FF-47DA-B5C2-665C7DAEC81B}
2015-07-05 09:39:24 . 2015-07-05 09:39:24        --------        d-----w-        C:\Program Files (x86)\{54D19A04-A4A2-45E1-8A19-1CC49AFAED2A}
2015-07-04 23:31:29 . 2015-07-04 23:31:29        --------        d-----w-        C:\Program Files (x86)\Windows Kits
2015-07-04 23:28:43 . 2015-07-04 23:28:43        --------        d-----w-        C:\Program Files\NetWorx
2015-07-04 23:28:43 . 2015-06-15 07:25:50        70120        ----a-w-        C:\Windows\system32\drivers\networx.sys
2015-07-04 17:15:03 . 2015-07-04 17:15:03        --------        d-----w-        C:\RegBackup
2015-07-04 17:13:43 . 2015-07-05 09:00:34        --------        d-----w-        C:\FRST
2015-07-04 16:03:23 . 2015-07-04 16:03:23        --------        d-----w-        C:\ProgramData\Malwarebytes
2015-07-04 15:48:20 . 2015-07-05 01:37:48        --------        d-----w-        C:\AdwCleaner
2015-07-03 13:59:39 . 2015-07-03 13:59:39        --------        d-----w-        C:\Users\Gustav\AppData\Local\ESN
2015-07-03 12:05:32 . 2015-06-12 07:50:55        12221144        ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C1E511E5-B6D9-4B44-9721-A266CC4AF473}\mpengine.dll
2015-06-30 16:17:53 . 2015-06-30 16:18:38        --------        d-----w-        C:\Program Files (x86)\Blizzard
2015-06-28 12:06:20 . 2015-06-28 12:06:20        --------        d-----w-        C:\Users\Gustav\AppData\Local\Blizzard
2015-06-28 09:10:51 . 2015-06-28 09:10:51        --------        d-----w-        C:\Users\Gustav\AppData\Roaming\AVG
2015-06-28 09:10:45 . 2015-06-28 09:10:45        --------        d-----w-        C:\Users\Gustav\AppData\Local\Avg
2015-06-28 09:10:34 . 2015-06-28 09:10:58        --------        d-----w-        C:\ProgramData\AVG
2015-06-28 09:10:15 . 2015-06-28 09:10:15        434208        ----a-w-        C:\Windows\system32\DnsBlockA.dll
2015-06-28 09:10:15 . 2015-06-28 09:10:15        433696        ----a-w-        C:\Windows\system32\DnsBlockB.dll
2015-06-28 09:10:15 . 2015-06-28 09:10:15        343584        ----a-w-        C:\Windows\SysWow64\DnsBlockB.dll
2015-06-28 09:10:15 . 2015-06-28 09:10:15        343584        ----a-w-        C:\Windows\SysWow64\DnsBlockA.dll
2015-06-28 09:10:15 . 2015-06-28 09:10:15        --------        d-----w-        C:\Users\Gustav\AppData\Local\DnsBlock
2015-06-28 09:10:13 . 2015-06-28 09:10:13        149024        ----a-w-        C:\Windows\system32\DnsBlockUpdateSvc.exe
2015-06-27 19:55:25 . 2015-06-27 19:55:29        --------        d-----w-        C:\Program Files (x86)\Common Files\Blizzard Entertainment
2015-06-22 19:33:55 . 2015-05-19 03:29:01        46768        ----a-w-        C:\Windows\system32\drivers\nvvad64v.sys
2015-06-22 19:33:55 . 2015-05-19 03:14:42        57520        ----a-w-        C:\Windows\SysWow64\nvaudcap32v.dll
2015-06-21 09:40:57 . 2015-06-21 09:40:57        --------        d-----w-        C:\Users\Gustav\AppData\Roaming\OpenOffice
2015-06-21 09:40:05 . 2015-06-21 09:40:09        --------        d-----w-        C:\Program Files (x86)\OpenOffice 4
2015-06-20 22:18:11 . 2015-06-24 18:17:12        --------        d-----w-        C:\Users\Gustav\AppData\Local\Fallout3
.


((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2015-07-03 14:05:58 . 2014-07-01 14:50:58        76152        ----a-w-        C:\Windows\system32\PnkBstrA.exe
2015-07-03 14:05:47 . 2014-05-28 21:33:17        226168        ----a-w-        C:\Windows\SysWow64\PnkBstrB.exe
2015-07-03 14:05:41 . 2014-05-28 21:33:17        214392        ----a-w-        C:\Windows\SysWow64\PnkBstrB.ex0
2015-06-30 16:17:18 . 2014-05-28 21:33:17        76888        ----a-w-        C:\Windows\SysWow64\PnkBstrA.exe
2015-06-28 14:37:55 . 2014-09-28 20:37:34        778416        ----a-w-        C:\Windows\SysWow64\FlashPlayerApp.exe
2015-06-28 14:37:55 . 2014-09-26 18:57:35        142512        ----a-w-        C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-27 19:12:07 . 2014-05-09 21:26:56        442264        ----a-w-        C:\Windows\system32\drivers\aswsp.sys
2015-06-24 11:36:43 . 2014-10-07 14:20:18        1320120        ----a-w-        C:\Windows\SysWow64\nvspcap.dll
2015-06-24 11:36:42 . 2014-10-07 14:22:22        1316000        ----a-w-        C:\Windows\SysWow64\nvspbridge.dll
2015-06-24 11:36:31 . 2014-10-07 14:20:18        1571696        ----a-w-        C:\Windows\system32\nvspcap64.dll
2015-06-24 11:36:30 . 2014-10-07 14:22:22        1756424        ----a-w-        C:\Windows\system32\nvspbridge64.dll
2015-06-20 19:27:56 . 2014-05-15 16:14:47        140135120        ----a-w-        C:\Windows\system32\MRT.exe
2015-05-28 07:04:11 . 2015-06-02 18:41:09        982856        ----a-w-        C:\Windows\SysWow64\NvIFR.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        974480        ----a-w-        C:\Windows\SysWow64\NvFBC.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        939080        ----a-w-        C:\Windows\SysWow64\nvumdshim.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        503408        ----a-w-        C:\Windows\system32\nvEncodeAPI64.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        42719888        ----a-w-        C:\Windows\system32\nvcompiler.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        408208        ----a-w-        C:\Windows\system32\NvIFROpenGL.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        407112        ----a-w-        C:\Windows\SysWow64\nvEncodeAPI.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        37741712        ----a-w-        C:\Windows\SysWow64\nvcompiler.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        364176        ----a-w-        C:\Windows\SysWow64\NvIFROpenGL.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        31552        ----a-w-        C:\Windows\system32\nvhdap64.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        30480528        ----a-w-        C:\Windows\system32\nvoglv64.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        2986392        ----a-w-        C:\Windows\SysWow64\nvapi.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        2932368        ----a-w-        C:\Windows\system32\nvcuvid.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        2599056        ----a-w-        C:\Windows\SysWow64\nvcuvid.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        22946960        ----a-w-        C:\Windows\SysWow64\nvoglv32.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        195912        ----a-w-        C:\Windows\system32\drivers\nvhda64v.sys
2015-05-28 07:04:11 . 2015-06-02 18:41:09        1898312        ----a-w-        C:\Windows\system32\nvdispco6435306.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        175880        ----a-w-        C:\Windows\system32\nvinitx.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        16185352        ----a-w-        C:\Windows\system32\nvopencl.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        15864064        ----a-w-        C:\Windows\system32\nvd3dumx.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        1557832        ----a-w-        C:\Windows\system32\nvdispgenco6435306.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        154256        ----a-w-        C:\Windows\SysWow64\nvinit.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        150648        ----a-w-        C:\Windows\system32\nvoglshim64.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        14495448        ----a-w-        C:\Windows\system32\nvcuda.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        13304280        ----a-w-        C:\Windows\SysWow64\nvopencl.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        128512        ----a-w-        C:\Windows\SysWow64\nvoglshim32.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        11830512        ----a-w-        C:\Windows\SysWow64\nvcuda.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        1099808        ----a-w-        C:\Windows\system32\nvumdshimx.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        10995528        ----a-w-        C:\Windows\system32\drivers\nvlddmkm.sys
2015-05-28 07:04:11 . 2015-06-02 18:41:09        1059984        ----a-w-        C:\Windows\system32\NvIFR64.dll
2015-05-28 07:04:11 . 2015-06-02 18:41:09        1050440        ----a-w-        C:\Windows\system32\NvFBC64.dll
2015-05-28 07:04:11 . 2015-02-11 23:22:18        14987528        ----a-w-        C:\Windows\SysWow64\nvwgf2um.dll
2015-05-28 07:04:11 . 2014-10-08 15:25:09        1558848        ----a-w-        C:\Windows\system32\nvhdagenco6420103.dll
2015-05-28 07:04:11 . 2014-06-10 19:28:22        17486856        ----a-w-        C:\Windows\system32\nvwgf2umx.dll
2015-05-28 07:04:11 . 2014-06-10 19:28:21        12852152        ----a-w-        C:\Windows\SysWow64\nvd3dum.dll
2015-05-28 07:04:11 . 2014-04-28 20:35:17        3379680        ----a-w-        C:\Windows\system32\nvapi64.dll
2015-05-28 04:15:30 . 2014-04-28 20:36:17        937288        ----a-w-        C:\Windows\system32\nvvsvc.exe
2015-05-28 04:15:29 . 2014-04-28 20:36:17        62608        ----a-w-        C:\Windows\system32\nvshext.dll
2015-05-28 04:15:29 . 2014-04-28 20:36:17        385168        ----a-w-        C:\Windows\system32\nvmctray.dll
2015-05-28 04:15:29 . 2014-04-28 20:36:17        3491984        ----a-w-        C:\Windows\system32\nvsvc64.dll
2015-05-28 04:15:29 . 2014-04-28 20:36:17        2558608        ----a-w-        C:\Windows\system32\nvsvcr.dll
2015-05-28 04:15:28 . 2014-04-28 20:36:17        6872904        ----a-w-        C:\Windows\system32\nvcpl.dll
2015-05-28 03:52:27 . 2015-06-02 18:43:15        571024        ----a-w-        C:\Windows\SysWow64\nvStreaming.exe
2015-05-27 10:48:20 . 2014-04-28 20:36:17        4408727        ----a-w-        C:\Windows\system32\nvcoproc.bin
2015-05-19 11:26:37 . 2015-05-19 11:26:37        30352        ----a-w-        C:\Windows\system32\drivers\dtlitescsibus.sys
2015-05-19 11:26:37 . 2014-09-07 10:31:36        381608        ----a-w-        C:\Windows\system32\drivers\sptd.sys
2015-05-19 03:14:42 . 2014-04-28 20:36:53        61616        ----a-w-        C:\Windows\system32\nvaudcap64v.dll
2015-05-10 20:17:19 . 2015-05-10 20:17:19        0        ---ha-w-        C:\Users\Gustav\AppData\Local\BIT9352.tmp
2015-05-09 03:13:33 . 2015-06-20 19:27:13        44032        ----a-w-        C:\Windows\apppatch\acwow64.dll
2015-05-05 01:29:39 . 2015-05-13 23:20:53        342016        ----a-w-        C:\Windows\system32\schannel.dll
2015-05-05 01:12:49 . 2015-05-13 23:20:53        248832        ----a-w-        C:\Windows\SysWow64\schannel.dll
2015-05-01 13:17:03 . 2015-05-13 23:21:15        124112        ----a-w-        C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16:41 . 2015-05-13 23:21:15        102608        ----a-w-        C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-25 21:57:17 . 2015-04-25 21:57:17        364472        ----a-w-        C:\Windows\system32\aswBoot.exe
2015-04-25 21:57:17 . 2014-05-10 09:20:14        29168        ----a-w-        C:\Windows\system32\drivers\aswHwid.sys
2015-04-25 21:57:17 . 2014-05-09 21:26:56        93528        ----a-w-        C:\Windows\system32\drivers\aswRdr2.sys
2015-04-25 21:57:17 . 2014-05-09 21:26:56        89944        ----a-w-        C:\Windows\system32\drivers\aswMonFlt.sys
2015-04-25 21:57:17 . 2014-05-09 21:26:56        65736        ----a-w-        C:\Windows\system32\drivers\aswRvrt.sys
2015-04-25 21:57:17 . 2014-05-09 21:26:56        272248        ----a-w-        C:\Windows\system32\drivers\aswVmm.sys
2015-04-25 21:57:17 . 2014-05-09 21:26:56        137288        ----a-w-        C:\Windows\system32\drivers\aswStm.sys
2015-04-25 21:57:16 . 2015-04-25 21:57:16        43112        ----a-w-        C:\Windows\avastSS.scr
2015-04-25 21:57:15 . 2014-05-09 21:26:56        1047320        ----a-w-        C:\Windows\system32\drivers\aswSnx.sys
2015-04-20 03:17:07 . 2015-05-13 23:20:50        1647104        ----a-w-        C:\Windows\system32\DWrite.dll
2015-04-20 03:17:07 . 2015-05-13 23:20:50        1179136        ----a-w-        C:\Windows\system32\FntCache.dll
2015-04-20 02:56:29 . 2015-05-13 23:20:50        1250816        ----a-w-        C:\Windows\SysWow64\DWrite.dll
2015-04-18 03:10:57 . 2015-05-13 23:20:53        460800        ----a-w-        C:\Windows\system32\certcli.dll
2015-04-18 02:56:57 . 2015-05-13 23:20:53        342016        ----a-w-        C:\Windows\SysWow64\certcli.dll
2015-04-13 03:28:33 . 2015-05-13 23:20:48        328704        ----a-w-        C:\Windows\system32\services.exe
2015-04-10 19:42:30 . 2014-11-17 15:38:50        348672        ----a-w-        C:\Windows\SysWow64\PnkBstrB.xtr
2015-04-09 00:58:18 . 2015-04-19 14:37:08        1895568        ----a-w-        C:\Windows\system32\nvdispco6435012.dll
2015-04-09 00:58:18 . 2015-04-19 14:37:08        1557648        ----a-w-        C:\Windows\system32\nvdispgenco6435012.dll
2015-04-08 03:29:07 . 2015-05-13 23:20:49        275456        ----a-w-        C:\Windows\system32\InkEd.dll
2015-04-08 03:14:07 . 2015-05-13 23:20:48        216064        ----a-w-        C:\Windows\SysWow64\InkEd.dll


((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))


*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}]
2015-07-05 09:39:24        346112        ----a-w-        C:\Program Files (x86)\{54D19A04-A4A2-45E1-8A19-1CC49AFAED2A}\{397B39BE-9D62-4FE2-A100-E022853577AE}.bin

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GamingMouseEditor"="C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe" [2013-04-09 15:55:18 3352576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"="C:\Windows\UpdReg.EXE" [2000-05-10 23:00:00 90112]
"Sound Blaster Recon3Di SBX Control Panel"="C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" [2012-11-28 11:21:38 976896]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 02:25:54 292848]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" [2015-05-11 15:10:42 5515496]
"GamingKeyboard"="C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe" [2012-06-07 09:22:00 1803264]
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 13:29:02 3978600]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Killer Network Manager.lnk - C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize [2015-4-19 72040]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

R1 UsbCharger;UsbCharger;C:\Windows\system32\DRIVERS\UsbCharger.sys;C:\Windows\SYSNATIVE\DRIVERS\UsbCharger.sys [x]
R2 aswStm;aswStm;C:\Windows\system32\drivers\aswStm.sys;C:\Windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe;C:\Program Files\Intel\iCLS Client\HeciServer.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;C:\Windows\system32\AppleChargerSrv.exe;C:\Windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 cpuz134;cpuz134;C:\Users\Gustav\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;C:\Users\Gustav\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 cpuz136;cpuz136;C:\Windows\TEMP\cpuz136\cpuz136_x64.sys;C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 cpuz138;cpuz138;C:\Windows\TEMP\cpuz138\cpuz138_x64.sys;C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;C:\Windows\system32\DRIVERS\dtlitescsibus.sys;C:\Windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;C:\Windows\system32\EasyAntiCheat.exe;C:\Windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R3 GPU-Z;GPU-Z;C:\Users\Gustav\AppData\Local\Temp\GPU-Z.sys;C:\Users\Gustav\AppData\Local\Temp\GPU-Z.sys [x]
R3 GPUZ;GPUZ;C:\Windows\TEMP\GPUZ.sys;C:\Windows\TEMP\GPUZ.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 KinectCamera;Kinect for Windows Camera Driver;C:\Windows\system32\Drivers\kinectcamera.sys;C:\Windows\SYSNATIVE\Drivers\kinectcamera.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\MBAMSwissArmy.sys;C:\Windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MFE_RR;MFE_RR;C:\Users\Gustav\AppData\Local\Temp\mfe_rr.sys;C:\Users\Gustav\AppData\Local\Temp\mfe_rr.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 Origin Client Service;Origin Client Service;C:\Users\Gustav\Origin\OriginClientService.exe;C:\Users\Gustav\Origin\OriginClientService.exe [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;C:\Windows\system32\DRIVERS\WSDScan.sys;C:\Windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 sptd;sptd;C:\Windows\\SystemRoot\System32\Drivers\sptd.sys;C:\Windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;C:\Windows\system32\DRIVERS\iaStorA.sys;C:\Windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;C:\Windows\system32\DRIVERS\iaStorF.sys;C:\Windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;C:\Windows\system32\DRIVERS\iusb3hcs.sys;C:\Windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys;C:\Windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys;C:\Windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys;C:\Windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;C:\Windows\system32\DRIVERS\bflwfx64.sys;C:\Windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 networx;networx;C:\Windows\system32\drivers\networx.sys;C:\Windows\SYSNATIVE\drivers\networx.sys [x]
S2 aswHwid;avast! HardwareID;C:\Windows\system32\drivers\aswHwid.sys;C:\Windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys;C:\Windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 CtHdaSvc;SB Recon3D Service;C:\Windows\sysWow64\CtHdaSvc.exe;C:\Windows\sysWow64\CtHdaSvc.exe [x]
S2 DnsBlockUpdateSvc;DnsBlock Update Service;C:\Windows\system32\DnsBlockUpdateSvc.exe;C:\Windows\SYSNATIVE\DnsBlockUpdateSvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;E:\Games\hirez\HiPatchService.exe;E:\Games\hirez\HiPatchService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 KinectManagement;Kinect Management;C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe;C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe;C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 cthda;SB Recon3D HDAudio;C:\Windows\system32\drivers\cthda.sys;C:\Windows\SYSNATIVE\drivers\cthda.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys;C:\Windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 GameKB;SHARKOON Skiller;C:\Windows\system32\drivers\GameKB.sys;C:\Windows\SYSNATIVE\drivers\GameKB.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys;C:\Windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;C:\Windows\system32\DRIVERS\iusb3hub.sys;C:\Windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;C:\Windows\system32\DRIVERS\iusb3xhc.sys;C:\Windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\e22w7x64.sys;C:\Windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\system32\drivers\nvvad64v.sys;C:\Windows\SYSNATIVE\drivers\nvvad64v.sys [x]


Inhalt des "geplante Tasks" Ordners

2015-07-05 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-28 20:37:34 . 2015-06-28 14:37:55]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}]
2015-07-05 09:39:24        429056        ----a-w-        C:\Program Files\{F3D4780F-89FF-47DA-B5C2-665C7DAEC81B}\{E7DD8569-8785-409D-A673-9AF3422CA3E4}.bin

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-25 21:57:17        722400        ----a-w-        C:\Program Files\AVAST Software\Avast\ashShA64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2013-10-03 19:35:12 391152]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2013-10-03 19:35:10 771056]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2013-10-03 19:35:11 769520]
"XboxStat"="C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 15:57:30 825184]
"Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [BU]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-24 11:37:29 2754704]
"NetWorx"="C:\Program Files\NetWorx\networx.exe" [2015-07-01 07:25:24 6607040]
"ShadowPlay"="C:\Windows\system32\nvspcap64.dll" [2015-06-24 11:36:31 1571696]

------- Zusätzlicher Suchlauf -------

uLocal Page = C:\Windows\system32\blank.htm
uStart Page = https://www.google.com/?trackid=sp-006
mStart Page = https://www.google.com/?trackid=sp-006
mSearch Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
mSearch Bar = https://www.google.com/?trackid=sp-006
IE: An OneNote s&enden - C:\PROGRA~1\MIF5BA~1\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~1\MIF5BA~1\Office15\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - C:\Users\Gustav\AppData\Roaming\Mozilla\Firefox\Profiles\zq1nlzuj.default-1436025345253\

- - - - Entfernte verwaiste Registrierungseinträge - - - -

Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} - (no file)
AddRemove-DAEMON Tools Lite - C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
AddRemove-VideoPad - C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe



--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-506285681-3122066857-1050854625-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:18,cf,c4,aa,3d,32,19,64,5d,42,b8,e2,b3,d5,80,1f,1e,03,1c,63,8e,f3,a0,
  71,c6,db,9d,dd,2a,5a,73,34,a5,c8,2e,fb,bb,01,c3,1b,fb,3b,00,83,64,c4,a3,ab,\
"??"=hex:07,4e,23,13,a3,c6,19,5e,83,21,50,1c,62,84,70,28

[HKEY_USERS\S-1-5-21-506285681-3122066857-1050854625-1000\Software\SecuROM\License information*]
"datasecu"=hex:da,9a,e1,0d,bc,aa,9a,bf,22,cc,ed,31,4a,d1,83,33,bb,16,25,b1,cf,
  c5,b6,06,d4,56,42,b5,a6,ce,bf,ac,95,e9,0d,6a,22,2c,fd,09,6d,b8,48,31,17,46,\
"rkeysecu"=hex:7e,77,0c,00,78,c8,a2,e6,16,3f,86,9b,0e,4f,b1,4a

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zeit der Fertigstellung: 2015-07-05  11:44:25
ComboFix-quarantined-files.txt  2015-07-05 09:44:25
ComboFix2.txt  2015-07-04 22:57:43

Vor Suchlauf: 15 Verzeichnis(se), 63.122.272.256 Bytes frei

M-K-D-B 05.07.2015 11:03
Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

SirHenry2 05.07.2015 11:32
adw cleaner
Code:
# AdwCleaner v4.207 - Bericht erstellt 05/07/2015 um 12:08:15
# Aktualisiert 21/06/2015 von Xplode
# Datenbank : 2015-07-02.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Gustav - THORSTEN
# Gestarted von : C:\Users\Gustav\Desktop\AdwCleaner_4.207.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : networx

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWorx
Ordner Gelöscht : C:\Program Files\NetWorx

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E7BF74EE-9106-4113-B216-2F980BA29141}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Wert Gelöscht : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NetWorx_is1

***** [ Internetbrowser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v39.0 (x86 de)


*************************

AdwCleaner[R1].txt - [11428 Bytes] - [04/07/2015 17:48:53]
AdwCleaner[R2].txt - [905 Bytes] - [04/07/2015 17:51:13]
AdwCleaner[R3].txt - [1994 Bytes] - [04/07/2015 19:31:51]
AdwCleaner[R4].txt - [2385 Bytes] - [05/07/2015 03:37:32]
AdwCleaner[R5].txt - [2444 Bytes] - [05/07/2015 12:07:54]
AdwCleaner[S1].txt - [9189 Bytes] - [04/07/2015 17:49:17]
AdwCleaner[S2].txt - [963 Bytes] - [04/07/2015 17:51:59]
AdwCleaner[S3].txt - [2306 Bytes] - [05/07/2015 12:08:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2365  Bytes] ##########
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 05.07.2015
Suchlaufzeit: 12:13
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.07.05.01
Rootkit-Datenbank: v2015.07.03.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Gustav

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 423537
Abgelaufene Zeit: 4 Min., 47 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 18
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect.1, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DPBHO.DownloadProtect, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\DPBHO.DownloadProtect, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DPBHO.DownloadProtect.1, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\DPBHO.DownloadProtect.1, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}\INPROCSERVER32, , [3ee79e40e4a6f6406dd2c7886799b34d],

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 2
PUP.Optional.DownloadProtect.A, C:\Program Files\{1922B07E-16DC-424B-80CD-C4A2E008BE22}\{B1455275-B269-47D7-972F-EA23FA63EF53}.bin, , [3ee79e40e4a6f6406dd2c7886799b34d],
PUP.Optional.DownloadProtect.A, C:\Program Files (x86)\{2F340299-176A-4ED7-9FB7-C1F45A94BEB1}\{1159D9F8-678E-48CC-BE84-CD01EC4367B1}.bin, , [3ee79e40e4a6f6406dd2c7886799b34d],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
JRT txt
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.3.0 (07.04.2015:2)
OS: Windows 7 Home Premium x64
Ran by Gustav on 05.07.2015 at 12:23:09,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\Gustav\AppData\Roaming\goldengate



~~~ FireFox






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.07.2015 at 12:26:11,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-07-2015
Ran by Gustav (administrator) on THORSTEN on 05-07-2015 12:27:07
Running from C:\Users\Gustav\Desktop
Loaded Profiles: Gustav (Available Profiles: Gustav)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [NetWorx] => "C:\Program Files\NetWorx\networx.exe" /auto
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3Di SBX Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [976896 2012-11-28] (Creative Technology Ltd)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\Run: [GamingMouseEditor] => C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe [3352576 2013-04-09] ()
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-04-19]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-25] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-506285681-3122066857-1050854625-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-506285681-3122066857-1050854625-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-05] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files\{1A84662C-6EE6-4A7E-9957-BD60DF3FFA70}\{9252B9D7-716A-45AE-A9B9-5DFDE0CC0FD8}.bin [2015-07-05] (Download Protect)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-05] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-506285681-3122066857-1050854625-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-506285681-3122066857-1050854625-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\DnsBlockA.dll [343584 2015-06-28] (DnsBlock)
Winsock: Catalog5 08 C:\Windows\SysWOW64\DnsBlockB.dll [343584 2015-06-28] (DnsBlock)
Winsock: Catalog5-x64 05 C:\Windows\system32\DnsBlockA.dll [434208 2015-06-28] (DnsBlock)
Winsock: Catalog5-x64 08 C:\Windows\system32\DnsBlockB.dll [433696 2015-06-28] (DnsBlock)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{51DE8119-559E-474C-9132-F0ED59BEFED4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{89028BFB-3DE7-4E6B-932D-9CFE296AB804}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{AC955F3B-68F1-49BC-8573-E52B32308E85}: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Gustav\AppData\Roaming\Mozilla\Firefox\Profiles\zq1nlzuj.default-1436025345253
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-28] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-28] ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-506285681-3122066857-1050854625-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gustav\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-18] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-09]
FF HKLM-x32\...\Firefox\Extensions: [{58D8F7FD-DDA3-4F86-AACC-B1D390884956}] - C:\Windows\Installer\{767A8037-20F1-4B4F-A964-04F4BF17A426}\{58D8F7FD-DDA3-4F86-AACC-B1D390884956}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{C06ECDF9-1934-4979-91B0-360A669D0ADF}] - C:\Windows\Installer\{542F8CD8-9C65-450A-A521-8086587432E4}\{C06ECDF9-1934-4979-91B0-360A669D0ADF}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{542F8CD8-9C65-450A-A521-8086587432E4}\{C06ECDF9-1934-4979-91B0-360A669D0ADF}.xpi [2015-07-05]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-25] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-26] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-04-28] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-04-28] (Creative Labs) [File not signed]
S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
S2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103936 2014-06-02] (Creative Technology Ltd)
S2 DnsBlockUpdateSvc; C:\Windows\system32\DnsBlockUpdateSvc.exe [149024 2015-06-28] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-12-08] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-10-23] (Futuremark)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
S2 HiPatchService; E:\Games\hirez\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 KinectManagement; C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [98816 2013-08-20] (Microsoft Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Users\Gustav\Origin\OriginClientService.exe [2004488 2015-06-29] (Electronic Arts)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-07-03] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-06-30] ()
S2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-25] ()
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1050904 2014-06-02] (Creative Technology Ltd)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-19] (Disc Soft Ltd)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-26] (Disc Soft Ltd)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fet6x64.sys [47872 2009-06-10] (VIA Technologies, Inc.              )
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
S3 KinectCamera; C:\Windows\System32\Drivers\kinectcamera.sys [192512 2013-08-20] (Microsoft Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-05-19] (Duplex Secure Ltd.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-25] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Gustav\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GPU-Z; \??\C:\Users\Gustav\AppData\Local\Temp\GPU-Z.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 MFE_RR; \??\C:\Users\Gustav\AppData\Local\Temp\mfe_rr.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-05 12:27 - 2015-07-05 12:27 - 00020578 _____ C:\Users\Gustav\Desktop\FRST.txt
2015-07-05 12:26 - 2015-07-05 12:26 - 00001159 _____ C:\Users\Gustav\Desktop\JRT.txt
2015-07-05 12:22 - 2015-07-05 12:22 - 02952503 _____ (Malwarebytes Corporation) C:\Users\Gustav\Desktop\JRT.exe
2015-07-05 12:22 - 2015-07-05 12:22 - 00000000 ____D C:\Program Files\{1A84662C-6EE6-4A7E-9957-BD60DF3FFA70}
2015-07-05 12:22 - 2015-07-05 12:22 - 00000000 ____D C:\Program Files (x86)\{E4EE7F34-D721-4EDE-BC9C-3443FAE8E2F3}
2015-07-05 12:20 - 2015-07-05 12:20 - 00004131 _____ C:\Users\Gustav\Desktop\mbam.txt
2015-07-05 12:10 - 2015-07-05 12:22 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-07-05 12:10 - 2015-07-05 12:10 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Gustav\Desktop\mbam-setup-2.1.6.1022.exe
2015-07-05 12:07 - 2015-07-05 12:07 - 02244096 _____ C:\Users\Gustav\Desktop\AdwCleaner_4.207.exe
2015-07-05 11:39 - 2015-07-05 11:44 - 00000000 ____D C:\ComboFix
2015-07-05 11:38 - 2015-07-05 11:38 - 00001119 _____ C:\Users\Gustav\Desktop\ComboFix - Verknüpfung.lnk
2015-07-05 11:36 - 2015-07-05 11:36 - 05631262 ____R (Swearware) C:\Users\Gustav\Downloads\ComboFix.exe
2015-07-05 11:02 - 2015-07-05 11:02 - 00380416 _____ C:\Users\Gustav\Desktop\Gmer-19357.exe
2015-07-05 10:57 - 2015-07-05 10:57 - 02112512 _____ (Farbar) C:\Users\Gustav\Desktop\FRST64.exe
2015-07-05 10:54 - 2015-07-05 10:54 - 00050477 _____ C:\Users\Gustav\Desktop\Defogger.exe
2015-07-05 10:54 - 2015-07-05 10:54 - 00000020 _____ C:\Users\Gustav\defogger_reenable
2015-07-05 01:31 - 2015-07-05 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-07-05 01:31 - 2015-07-05 01:31 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-07-05 01:28 - 2015-07-05 01:28 - 04246816 _____ (Softperfect ) C:\Users\Gustav\Downloads\networx_setup.exe
2015-07-05 01:28 - 2015-06-15 09:25 - 00070120 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\networx.sys
2015-07-05 01:27 - 2015-07-05 01:27 - 01198368 _____ C:\Users\Gustav\Downloads\NetWorx - CHIP-Installer.exe
2015-07-05 00:49 - 2015-07-05 11:37 - 00000000 ____D C:\Qoobox
2015-07-05 00:49 - 2015-07-05 00:56 - 00000000 ____D C:\Windows\erdnt
2015-07-05 00:49 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-05 00:49 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-05 00:49 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-04 21:15 - 2015-07-04 21:18 - 651767784 _____ (Avira GmbH) C:\Users\Gustav\Downloads\rescue-system.exe
2015-07-04 19:34 - 2015-07-04 19:34 - 02870984 _____ (ESET) C:\Users\Gustav\Downloads\esetsmartinstaller_deu.exe
2015-07-04 19:15 - 2015-07-04 19:15 - 00000207 _____ C:\Windows\tweaking.com-regbackup-THORSTEN-Windows-7-Home-Premium-(64-bit).dat
2015-07-04 19:15 - 2015-07-04 19:15 - 00000000 ____D C:\RegBackup
2015-07-04 19:13 - 2015-07-05 12:27 - 00000000 ____D C:\FRST
2015-07-04 18:03 - 2015-07-04 18:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-04 17:48 - 2015-07-05 12:08 - 00000000 ____D C:\AdwCleaner
2015-07-04 17:17 - 2015-07-05 12:21 - 00003024 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-07-04 14:48 - 2015-07-04 14:48 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-04 14:48 - 2015-07-04 14:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-04 14:40 - 2015-07-05 12:20 - 00006872 _____ C:\Windows\PFRO.log
2015-07-04 14:40 - 2015-07-05 12:20 - 00003752 _____ C:\Windows\setupact.log
2015-07-04 14:40 - 2015-07-04 14:40 - 00000000 _____ C:\Windows\setuperr.log
2015-07-04 14:33 - 2015-07-04 14:33 - 00001600 _____ C:\Windows\IE11_main.log
2015-07-03 15:59 - 2015-07-03 15:59 - 00000000 ____D C:\Users\Gustav\AppData\Local\ESN
2015-07-03 15:45 - 2015-07-03 15:45 - 00001086 _____ C:\Users\Gustav\Desktop\MSI Afterburner.lnk
2015-07-02 20:11 - 2015-07-02 20:11 - 00003210 _____ C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe
2015-06-30 18:17 - 2015-06-30 18:18 - 00000000 ____D C:\Program Files (x86)\Blizzard
2015-06-28 14:06 - 2015-06-28 14:06 - 00000000 ____D C:\Users\Gustav\AppData\Local\Blizzard
2015-06-28 11:10 - 2015-06-28 11:10 - 00471968 _____ C:\Windows\SysWOW64\dns.block
2015-06-28 11:10 - 2015-06-28 11:10 - 00471968 _____ C:\Windows\system32\dns.block
2015-06-28 11:10 - 2015-06-28 11:10 - 00434208 _____ (DnsBlock) C:\Windows\system32\DnsBlockA.dll
2015-06-28 11:10 - 2015-06-28 11:10 - 00433696 _____ (DnsBlock) C:\Windows\system32\DnsBlockB.dll
2015-06-28 11:10 - 2015-06-28 11:10 - 00343584 _____ (DnsBlock) C:\Windows\SysWOW64\DnsBlockB.dll
2015-06-28 11:10 - 2015-06-28 11:10 - 00343584 _____ (DnsBlock) C:\Windows\SysWOW64\DnsBlockA.dll
2015-06-28 11:10 - 2015-06-28 11:10 - 00149024 _____ C:\Windows\system32\DnsBlockUpdateSvc.exe
2015-06-28 11:10 - 2015-06-28 11:10 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\AVG
2015-06-28 11:10 - 2015-06-28 11:10 - 00000000 ____D C:\Users\Gustav\AppData\Local\DnsBlock
2015-06-28 11:10 - 2015-06-28 11:10 - 00000000 ____D C:\Users\Gustav\AppData\Local\Avg
2015-06-28 11:10 - 2015-06-28 11:10 - 00000000 ____D C:\ProgramData\AVG
2015-06-27 21:55 - 2015-07-04 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-06-26 15:26 - 2015-06-30 18:17 - 00001194 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2015-06-24 20:36 - 2015-06-24 20:36 - 00000000 ____D C:\Windows\pss
2015-06-22 21:33 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-22 21:33 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-21 12:55 - 2015-06-21 12:55 - 00017950 _____ C:\Users\Gustav\Documents\Unbenannt 1.odt
2015-06-21 11:40 - 2015-06-21 11:40 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-06-21 11:40 - 2015-06-21 11:40 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-06-21 11:40 - 2015-06-21 11:40 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\OpenOffice
2015-06-21 11:40 - 2015-06-21 11:40 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-06-21 11:39 - 2015-06-21 11:39 - 00000000 ____D C:\Users\Gustav\Desktop\OpenOffice 4.1.1 (de) Installation Files
2015-06-21 00:18 - 2015-06-24 20:17 - 00000000 ____D C:\Users\Gustav\AppData\Local\Fallout3
2015-06-20 22:25 - 2015-06-20 22:25 - 00000000 ____D C:\Users\Gustav\Documents\Petroglyph
2015-06-20 21:30 - 2015-06-20 21:30 - 00000215 _____ C:\Users\Gustav\Desktop\Chivalry Medieval Warfare.url
2015-06-20 21:27 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-20 21:27 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-20 21:27 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-20 21:27 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-20 21:27 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-20 21:27 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-20 21:27 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-20 21:27 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-20 21:27 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-20 21:27 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-20 21:27 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-20 21:27 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-20 21:27 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-20 21:27 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-20 21:27 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-20 21:27 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-20 21:27 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-20 21:27 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-20 21:27 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-20 21:27 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-20 21:27 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-20 21:27 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-20 21:27 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-20 21:27 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-20 21:27 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-20 21:27 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-20 21:27 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-20 21:27 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-20 21:27 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-20 21:27 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-20 21:27 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-20 21:27 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-20 21:27 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-20 21:27 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-20 21:27 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-20 21:27 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-20 21:27 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-20 21:27 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-20 21:27 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-20 21:27 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-20 21:27 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-20 21:27 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-20 21:27 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-20 21:27 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-20 21:27 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-20 21:27 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-20 21:27 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-20 21:27 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-20 21:27 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-20 21:27 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-20 21:27 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-20 21:27 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-20 21:27 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-20 21:27 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-20 21:27 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-20 21:27 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-20 21:27 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-20 21:27 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-20 21:27 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-20 21:27 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-20 21:27 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-20 21:27 - 2015-05-09 05:27 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-20 21:27 - 2015-05-09 05:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-20 21:27 - 2015-05-09 05:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-20 21:27 - 2015-05-09 05:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-20 21:27 - 2015-05-09 05:26 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-20 21:27 - 2015-05-09 05:26 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-20 21:27 - 2015-05-09 05:26 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-20 21:27 - 2015-05-09 05:25 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-20 21:27 - 2015-05-09 05:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-20 21:27 - 2015-05-09 05:13 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-20 21:27 - 2015-05-09 05:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-20 21:27 - 2015-05-09 05:12 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-20 21:27 - 2015-05-09 05:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 04:01 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-20 21:27 - 2015-05-09 04:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-20 21:27 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-20 21:27 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-20 21:27 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-20 21:27 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-20 21:27 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-20 21:27 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-20 21:27 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-20 21:27 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-20 21:27 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-20 21:27 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-20 21:27 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-20 21:27 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-20 21:27 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-20 21:19 - 2015-06-20 21:19 - 00000215 _____ C:\Users\Gustav\Desktop\Grey Goo.url
2015-06-20 21:15 - 2015-06-20 21:15 - 00000214 _____ C:\Users\Gustav\Desktop\Fallout 3 - Game of the Year Edition.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-05 12:27 - 2014-10-19 12:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-05 12:26 - 2009-07-14 19:58 - 00700454 _____ C:\Windows\system32\perfh007.dat
2015-07-05 12:26 - 2009-07-14 19:58 - 00150092 _____ C:\Windows\system32\perfc007.dat
2015-07-05 12:26 - 2009-07-14 07:13 - 01624034 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-05 12:24 - 2014-04-28 22:11 - 01831038 _____ C:\Windows\WindowsUpdate.log
2015-07-05 12:23 - 2009-07-14 06:45 - 00025376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-05 12:23 - 2009-07-14 06:45 - 00025376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-05 12:21 - 2015-03-30 20:32 - 00000000 ____D C:\Users\Gustav\AppData\Local\LogMeIn Hamachi
2015-07-05 12:21 - 2014-05-09 23:27 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-05 12:20 - 2014-04-28 22:36 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-05 12:20 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-05 12:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PLA
2015-07-05 11:43 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-05 10:54 - 2014-04-28 22:11 - 00000000 ____D C:\Users\Gustav
2015-07-05 03:45 - 2015-01-29 16:42 - 00000000 ____D C:\Users\Gustav\AppData\Local\CrashDumps
2015-07-05 03:44 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-07-05 01:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Globalization
2015-07-05 00:57 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-04 19:06 - 2015-05-02 07:49 - 00000000 ____D C:\Users\Gustav\Desktop\Grand Theft Auto V 8, 8.1 & 10_Crack
2015-07-04 17:53 - 2015-03-20 15:08 - 00000000 ____D C:\Users\Gustav\AppData\Local\Microsoft Game Studios
2015-07-04 17:53 - 2015-03-20 15:08 - 00000000 ____D C:\ProgramData\Microsoft Games
2015-07-04 17:53 - 2015-03-20 15:07 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\Microsoft Game Studios
2015-07-04 17:53 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-04 17:50 - 2014-09-26 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2015-07-04 17:49 - 2015-02-06 23:19 - 00001058 _____ C:\Users\Public\Desktop\Theme Hospital.lnk
2015-07-04 16:14 - 2014-04-29 19:48 - 00000000 ____D C:\Users\Gustav\Steam
2015-07-04 16:08 - 2014-05-03 11:29 - 00007631 _____ C:\Users\Gustav\AppData\Local\resmon.resmoncfg
2015-07-04 14:24 - 2015-05-11 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-07-04 14:24 - 2015-03-09 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2015-07-04 14:24 - 2014-09-06 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-04 14:24 - 2014-09-01 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black & White 2
2015-07-04 14:24 - 2014-05-09 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remember Me
2015-07-04 14:24 - 2014-04-30 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-07-04 14:24 - 2014-04-29 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaNox
2015-07-04 14:21 - 2014-05-04 21:21 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\DAEMON Tools Lite
2015-07-04 14:20 - 2014-04-29 05:35 - 00000000 ____D C:\Windows\Panther
2015-07-04 14:13 - 2015-03-20 21:23 - 00003232 _____ C:\Windows\System32\Tasks\Halo 2 for Vista restart
2015-07-04 14:12 - 2014-04-28 22:22 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-04 14:11 - 2014-04-28 22:22 - 00000000 ____D C:\Users\Gustav\AppData\Local\Google
2015-07-04 14:04 - 2015-03-13 20:45 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\Mozilla
2015-07-04 11:46 - 2014-04-29 19:46 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\vlc
2015-07-03 19:41 - 2014-04-29 16:06 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\.minecraft
2015-07-03 17:43 - 2014-05-15 16:53 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-07-03 16:05 - 2014-07-01 16:50 - 00076152 _____ C:\Windows\system32\PnkBstrA.exe
2015-07-03 16:05 - 2014-05-28 23:33 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-03 16:05 - 2014-05-28 23:33 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-03 15:59 - 2014-05-28 23:33 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-03 15:58 - 2014-05-09 23:19 - 00000000 ____D C:\ProgramData\Origin
2015-07-03 15:45 - 2014-05-15 16:53 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-07-02 17:48 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-01 18:27 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-30 22:24 - 2015-05-11 21:33 - 00000000 ____D C:\Users\Gustav\AppData\Local\Battle.net
2015-06-30 18:17 - 2015-05-19 14:38 - 00001170 _____ C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2015-06-30 18:17 - 2014-05-28 23:33 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-29 20:45 - 2014-05-09 23:19 - 00000000 ____D C:\Users\Gustav\Origin
2015-06-28 16:38 - 2014-04-29 14:13 - 00000000 ____D C:\Users\Gustav\AppData\Local\Adobe
2015-06-28 16:37 - 2014-10-19 12:02 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-28 16:37 - 2014-09-28 22:37 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-28 16:37 - 2014-09-26 20:57 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-27 21:12 - 2014-05-09 23:26 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-26 23:36 - 2014-04-30 21:58 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\TS3Client
2015-06-26 15:19 - 2014-05-10 10:38 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\Origin
2015-06-25 17:43 - 2014-04-28 22:36 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-24 13:36 - 2014-10-07 16:22 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-24 13:36 - 2014-10-07 16:22 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-24 13:36 - 2014-10-07 16:20 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-24 13:36 - 2014-10-07 16:20 - 01320120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-22 21:33 - 2015-06-02 20:41 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-21 17:20 - 2009-07-14 06:45 - 00457632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-21 17:14 - 2014-04-28 22:29 - 00116328 _____ C:\Users\Gustav\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-21 13:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-21 00:15 - 2014-05-04 21:43 - 00000000 ____D C:\Users\Gustav\Documents\My Games
2015-06-20 21:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-20 21:31 - 2014-05-15 18:14 - 00000000 ____D C:\Windows\system32\MRT
2015-06-20 21:27 - 2014-05-15 18:14 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-05 21:11 - 2015-05-26 18:13 - 00000000 ____D C:\Users\Gustav\AppData\Local\Arma 3

==================== Files in the root of some directories =======

2014-07-31 20:56 - 2015-02-17 17:56 - 0000104 _____ () C:\Users\Gustav\AppData\Roaming\WB.CFG
2015-05-10 22:17 - 2015-05-10 22:17 - 0000000 ____H () C:\Users\Gustav\AppData\Local\BIT9352.tmp
2015-03-08 16:23 - 2015-04-19 15:17 - 0000000 _____ () C:\Users\Gustav\AppData\Local\Driver_LOM_8161Present.flag
2014-05-03 11:29 - 2015-07-04 16:08 - 0007631 _____ () C:\Users\Gustav\AppData\Local\resmon.resmoncfg
2015-05-10 22:16 - 2015-05-10 22:16 - 0000000 _____ () C:\Users\Gustav\AppData\Local\{92CF7355-4AD0-491B-BBCF-156B92DDE390}
2014-06-19 18:58 - 2014-06-23 13:11 - 0000040 ___SH () C:\ProgramData\.zreglib

Some files in TEMP:
====================
C:\Users\Gustav\AppData\Local\Temp\Quarantine.exe
C:\Users\Gustav\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 14:26

==================== End of log ============================

SirHenry2 05.07.2015 11:33
Additional
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:04-07-2015
Ran by Gustav at 2015-07-05 12:27:23
Running from C:\Users\Gustav\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-506285681-3122066857-1050854625-500 - Administrator - Disabled)
Gast (S-1-5-21-506285681-3122066857-1050854625-501 - Limited - Disabled)
Gustav (S-1-5-21-506285681-3122066857-1050854625-1000 - Administrator - Enabled) => C:\Users\Gustav
HomeGroupUser$ (S-1-5-21-506285681-3122066857-1050854625-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version:  - Remedy Entertainment)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version:  - Codemasters Racing Studio)
Dishonored (HKLM-x32\...\Steam App 205100) (Version:  - Arkane Studios)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
Dungeon Siege III (HKLM-x32\...\Steam App 39160) (Version:  - Obsidian Entertainment)
Dying Light Ultimate Edition MULTi2 1.0 (HKLM-x32\...\Dying Light Ultimate Edition MULTi2 1.0) (Version:  - )
Dying Light Ultimate Edition Update 2 MULTi2 1.3.0 (HKLM-x32\...\Dying Light Ultimate Edition Update 2 MULTi2 1.3.0) (Version:  - )
Dying Light Ultimate Edition Update 3 [OFFICIAL] MULTi2 1.4.0 (HKLM-x32\...\Dying Light Ultimate Edition Update 3 [OFFICIAL] MULTi2 1.4.0) (Version:  - )
Dying Light Ultimate Edition Update 4 MULTi2 1.5.0 (HKLM-x32\...\Dying Light Ultimate Edition Update 4 MULTi2 1.5.0) (Version:  - )
Evolve (HKLM-x32\...\Steam App 273350) (Version:  - Turtle Rock Studios)
Factorio version 0.11.21 (HKLM\...\Factorio_is1) (Version:  - )
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Futuremark SystemInfo (HKLM-x32\...\{EC2B7377-A71D-4F99-87BC-792AE239D3B2}) (Version: 4.31.478.0 - Futuremark)
Gaming Mouse Editor (HKLM-x32\...\GamingMouseEditor) (Version: 13.04.0002 - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grey Goo (HKLM-x32\...\Steam App 290790) (Version:  - Petroglyph)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
Kinect for Windows Developer Toolkit v1.8.0 (HKLM\...\{44E46B4E-CB12-42A9-8784-BBE390EB9C0B}) (Version: 1.8.0.572 - Microsoft Corporation)
Kinect for Windows Drivers v1.8 (HKLM\...\{AA62B868-5D5C-46CF-BA88-386BE71D4F87}) (Version: 1.8.0.595 - Microsoft Corporation)
Kinect for Windows Runtime v1.8 (HKLM\...\{2700FAD3-F82C-4ED1-862C-5F425B2A88E6}) (Version: 1.8.0.595 - Microsoft Corporation)
Kinect for Windows SDK v1.8 (HKLM\...\{6702DAC4-51E7-440C-8012-9C0AE9D524DB}) (Version: 1.8.0.595 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Medieval Engineers (HKLM-x32\...\Steam App 333950) (Version:  - Keen Software House)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSI GamingApp (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.13 - MSI)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version:  - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
PlanetSide 2 (HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Prince of Persia The Sands of Time (HKLM-x32\...\{8C453F13-6877-4D34-8816-009ABDE306DB}) (Version: 1.00.181 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
RAF (HKLM-x32\...\{E6B43401-E818-4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Rochard (HKLM-x32\...\Steam App 107800) (Version:  - Recoil Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
SHARKOON Skiller (HKLM-x32\...\{91C25547-9534-41A5-823A-1E54BA16EA3F}) (Version: 1.00.0000 - )
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.9.2834.0 - Hi-Rez Studios)
Sound Blaster Recon3Di (HKLM-x32\...\{918F3CE9-7164-4C6D-9530-66F12EFB4585}) (Version: 1.03.00 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{536BDBFC-CA1A-4AC0-A8EB-BB2D0F1F522E}) (Version: 1.0 - Creative Technology Limited)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Spotify (HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
TmUnitedForever (HKLM-x32\...\TmUnitedForever_is1) (Version:  - Nadeo)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Ultima 8 (HKLM-x32\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts)
Unity (HKLM-x32\...\Unity) (Version: 4.6.3f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\UnityWebPlayer) (Version: 4.6.3f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.58 - NCH Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Windows Deployment Tools (HKLM-x32\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 (HKLM-x32\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM-x32\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

05-06-2015 19:20:24 Windows Update
20-06-2015 20:44:51 Windows-Sicherung
20-06-2015 21:27:28 Windows Update
21-06-2015 00:16:07 DirectX wurde installiert
21-06-2015 00:17:09 Microsoft Visual C++ 2005 Redistributable wird installiert
21-06-2015 00:17:23 Installed Microsoft Games for Windows - LIVE Redistributable
21-06-2015 11:39:56 OpenOffice 4.1.1 wird installiert
24-06-2015 20:12:02 Windows Live ID-Anmelde-Assistent wird entfernt
26-06-2015 15:13:35 Windows Update
28-06-2015 11:07:58 Registry Reviver Restore Point (06/28/15)
28-06-2015 11:19:29 AVG PC TuneUp 2015 wird entfernt
28-06-2015 11:19:47 AVG PC TuneUp 2015 (de-DE) wird entfernt
28-06-2015 19:00:11 Windows-Sicherung
30-06-2015 18:16:49 DirectX wurde installiert
01-07-2015 17:02:43 Windows Update
04-07-2015 17:53:47 HALO 2 FÜR WINDOWS VISTA wird entfernt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-07-05 11:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {068F1A0D-F8F5-465C-BE56-C7689223A600} - System32\Tasks\{6602341C-EF3F-49D8-84BE-D50C23E5C641} => C:\Users\Gustav\Desktop\Minecraft.exe
Task: {08497201-DA45-4E2B-A149-DF57CD556264} - System32\Tasks\{86E2068F-E801-49D3-8B16-2F5F683E95DB} => E:\Games\Minecraft.exe [2014-10-24] ()
Task: {0F3E208F-921E-4947-996F-D5FD2E2A56CD} - System32\Tasks\{9421236A-C57B-4F23-82A1-D354C9ABD1B8} => D:\GXSetup.exe
Task: {186B30DE-BA2D-4345-BF61-24F8AC2EF515} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {1E99BF7C-0F07-484A-B9F4-D929B2E394D3} - System32\Tasks\{04F7973B-49B2-493D-8963-39A1399E450E} => pcalua.exe -a "E:\Games\Dying Light#\Dying Light\Uninstall.exe"
Task: {224D6883-CC7A-42AE-BD25-C0A3C57961C0} - System32\Tasks\{2490801F-8603-494A-BAD6-A021E26FF349} => C:\Users\Gustav\Desktop\FTB.exe
Task: {23377D34-7F64-412B-96F0-1928685470B7} - System32\Tasks\{90AF7913-F250-4BB8-BFD1-944E472B51EE} => pcalua.exe -a "D:\media player\MPSetup-english.exe" -d "D:\media player"
Task: {2609FFBA-BB42-4AEE-BE22-D4CA59454F3B} - System32\Tasks\{8CFE9C26-B3AE-4DED-9523-654CDBC3AF55} => pcalua.exe -a D:\Autorun.exe -d D:\
Task: {2E39E7E5-5FB5-4909-B550-DC4879599FBB} - System32\Tasks\{FDC01C68-B30F-4B53-B7DA-F4FC8739588A} => D:\Rayman2.exe
Task: {3C1A515D-4E44-4F67-8979-51224A72AC8E} - System32\Tasks\{D88B4E56-9B65-4616-8EBF-B762A7F891CB} => pcalua.exe -a "G:\James\Dead Space\__Installer\DISK1\AutoRun.exe" -d "G:\James\Dead Space\__Installer\DISK1"
Task: {3D83C211-550C-4770-90E4-4B68BD23D58F} - System32\Tasks\{7C5974DD-FC0C-4D65-800F-939A99988B56} => E:\Games\Minecraft.exe [2014-10-24] ()
Task: {4DDEB89B-C4F2-4908-86BD-48AD537417E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-28] (Adobe Systems Incorporated)
Task: {675F2672-BC7D-4427-AA65-CFF5600438F9} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-06-02] ()
Task: {67D9869B-7A0F-47E3-9ACE-760F3CAB551B} - System32\Tasks\{52DCD87C-788E-4310-946E-70E6742A06BB} => D:\SetupUbi.exe
Task: {721B8821-D656-44DC-A176-2BE482AE1A45} - System32\Tasks\{FB80BBDB-4A76-4812-AC2A-1B3DDCCAD14B} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe [2015-06-24] (NVIDIA)
Task: {7459A599-291B-41FF-98BE-4EC67CA7A521} - System32\Tasks\{5729BEF1-2C3A-4D70-9890-36A4F11841C6} => D:\setup.exe
Task: {852BC8AF-A516-46BC-BF05-B59E9979EBAC} - System32\Tasks\{2F58775F-6A4F-476B-9F43-8AD07ED09D2E} => D:\SetupUbi.exe
Task: {90322480-4202-4028-972D-FC59C5663BB6} - System32\Tasks\{706A447A-2601-4088-B1FF-E9B01355FADC} => E:\Games\Minecraft.exe [2014-10-24] ()
Task: {935553CB-3DE7-4B7C-9D51-4345D64C304F} - System32\Tasks\Halo 2 for Vista restart => E:\Halo2 -2\startup.exe
Task: {97CF1D1A-5595-40ED-B28E-B5060DB720CC} - System32\Tasks\{435B3771-9859-4D6B-9200-6BC076E387ED} => pcalua.exe -a "E:\Games\Dead Space\__Installer\DISK1\EASetup.exe" -d "E:\Games\Dead Space\__Installer\DISK1"
Task: {A59B909E-7A47-4808-B7B6-BFE8517FD407} - System32\Tasks\{ACAFF512-EE8E-4E0D-B040-9D5D7D14D62C} => E:\Games\Minecraft.exe [2014-10-24] ()
Task: {A6F8A73D-4620-4289-AEF7-0FF89CCD4E9B} - System32\Tasks\{13DAB755-DA4B-47F7-A708-A8FF16A177DD} => pcalua.exe -a "E:\Games\DAEMON Tools Lite\InstallGadget.exe" -d "E:\Games\DAEMON Tools Lite"
Task: {AC425DA3-557B-470E-AF93-3D16B6F17961} - System32\Tasks\{0D8958B1-9D34-4898-A62D-328027B3F154} => E:\Games\Minecraft.exe [2014-10-24] ()
Task: {AF8A35FA-50B5-489C-9929-4B3CD1C93951} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-20] (Avast Software s.r.o.)
Task: {BEBE9779-7211-4218-B763-37C9F4BD9C43} - System32\Tasks\{885476D5-ACE4-46DD-84EE-55C330D62525} => pcalua.exe -a "E:\SteamLibrary\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "E:\SteamLibrary\steamapps\common\Left 4 Dead 2" -c /register
Task: {C2282CAA-A894-4CF5-BB54-1AF995287844} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {C5E595DC-C74F-44F6-A7A0-6587A6F6C71F} - System32\Tasks\{22CA0355-6B0D-4D59-A496-B6FA4B7C023F} => pcalua.exe -a E:\SteamLibrary\SteamApps\sourcemods\gmod_9_0_4\gmod_9_0_4.exe -d E:\SteamLibrary\SteamApps\sourcemods\gmod_9_0_4
Task: {C6B0ECAC-838A-4A0D-B041-B8E846A18DF6} - System32\Tasks\{39CF6098-169B-4AA8-9EDC-19E76E2724BB} => pcalua.exe -a D:\Setup.EXE -d D:\
Task: {C74D6C3C-E1D7-4A33-928E-62C121D64901} - System32\Tasks\{EEEB6983-E6C8-4CB8-9D1E-2A748444B0E9} => D:\GXSetup.exe
Task: {D73AB2AD-2B33-4F19-AF49-7F08D1286848} - System32\Tasks\{B376ED76-322B-4688-A7E5-0474ECC1EAC9} => D:\setup.exe
Task: {E5A604EC-22BE-424A-898C-B2BB5DD8194A} - System32\Tasks\{480BE51F-B87E-417B-ADBB-C23DE764E821} => pcalua.exe -a "E:\DAEMON Tools Lite\InstallGadget.exe" -d "E:\Postal 2 - Share the Pain" -c "E:\Postal 2 - Share the Pain\Postal.2.Share.The.Pain-DEViANCE.bin"
Task: {E5FF5035-47FA-45B1-B051-2A944565F277} - System32\Tasks\{48D82933-1B72-414D-8D0C-937C1FB9EDC7} => pcalua.exe -a D:\SetupUbi.exe -d D:\
Task: {FD001FDF-F137-4682-B982-413C763C858F} - System32\Tasks\{27A41081-0D70-4CB9-9688-2992DB2A59FC} => D:\SetupUbi.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-04-25 23:57 - 2015-04-25 23:57 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-25 23:57 - 2015-04-25 23:57 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-05 12:13 - 2015-07-05 12:13 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070500\algo.dll
2015-04-05 17:52 - 2015-04-05 17:52 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-28 22:25 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gustav\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: EADM => "C:\Users\Gustav\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7577B7F2-472C-4DCC-A367-9DECECB89297}] => (Allow) C:\Users\Gustav\Steam\Steam.exe
FirewallRules: [{74794F96-D7C4-4B4B-8427-6B30FA2EE2AE}] => (Allow) C:\Users\Gustav\Steam\Steam.exe
FirewallRules: [TCP Query User{8F89CC28-CECB-4F87-B178-2B2EC1FBB494}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{47ACEB31-3CE6-4AF5-966A-599C4475F0A0}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A3EF6307-369F-44BD-924F-24A7A3555B6A}] => (Allow) E:\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{02EBC63C-209D-4F75-B2A0-068ABC532B44}] => (Allow) E:\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{16F49D4C-4E76-46E3-91A0-CA7483720F39}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{618BE76A-D241-400C-B28E-B584E15D9132}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{CBA11E3D-001B-4138-A08D-2C0DDA099DB8}E:\games\i.am.alive-raf\i am alive\src\system\iamalive_game.exe] => (Allow) E:\games\i.am.alive-raf\i am alive\src\system\iamalive_game.exe
FirewallRules: [UDP Query User{698E9EB8-C910-48BB-9CD1-17C74BDD4720}E:\games\i.am.alive-raf\i am alive\src\system\iamalive_game.exe] => (Allow) E:\games\i.am.alive-raf\i am alive\src\system\iamalive_game.exe
FirewallRules: [TCP Query User{76E9A9B5-744B-4A26-BFB4-68839B03DB69}G:\james\crysis 3\bin32\crysis3.exe] => (Block) G:\james\crysis 3\bin32\crysis3.exe
FirewallRules: [UDP Query User{C24CD320-1EC5-4450-8655-05C431B389A9}G:\james\crysis 3\bin32\crysis3.exe] => (Block) G:\james\crysis 3\bin32\crysis3.exe
FirewallRules: [TCP Query User{E3C51044-3594-4042-89FA-4DEBAFC05F62}G:\james\outlast\binaries\win64\olgame.exe] => (Block) G:\james\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{0D386B92-2275-4674-B653-6E41076492CC}G:\james\outlast\binaries\win64\olgame.exe] => (Block) G:\james\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{3051E96E-B789-4BE1-BEE2-2395E0F09D1E}D:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{E4FFD711-DEFC-4497-B77E-FD7449580850}D:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe] => (Allow) D:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{5E886311-59B6-456A-86E3-EB7BF586307C}D:\james\outlast\binaries\win32\olgame.exe] => (Allow) D:\james\outlast\binaries\win32\olgame.exe
FirewallRules: [UDP Query User{4DE83046-BC8D-47DE-AA7C-627DDBDEF515}D:\james\outlast\binaries\win32\olgame.exe] => (Allow) D:\james\outlast\binaries\win32\olgame.exe
FirewallRules: [TCP Query User{B30ADB96-6A89-4D29-B984-09DEF10D3221}E:\games\crashday.exe] => (Block) E:\games\crashday.exe
FirewallRules: [UDP Query User{DCD1335D-8006-448A-88A1-A63D4DA80237}E:\games\crashday.exe] => (Block) E:\games\crashday.exe
FirewallRules: [TCP Query User{D330E8E1-142F-4B5A-9439-A87215D90C88}E:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) E:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{43C5D85A-F48D-4671-885F-0BBC91AAF675}E:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) E:\games\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{B6D95C47-175B-4555-B1B1-AE6CD7F6CE81}] => (Allow) E:\Program Files (x86)\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{0D0AF96B-61DC-475E-9841-775837F54D17}] => (Allow) E:\Program Files (x86)\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [TCP Query User{ED2EDAC0-F352-4DE4-94FD-B51A83684DC0}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{84DCC292-526C-4019-BE11-C94FFED2506C}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3B4CE64B-698A-4B8B-A195-5F7E6F835355}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{48B73457-F9E0-4AF7-9CD1-11EF1D2CD152}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{7126162B-EA67-4BFE-B2A3-8861F2CEC993}] => (Allow) C:\Users\Gustav\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{C6E82BFC-32DE-41CD-B6E6-18531541D484}] => (Allow) C:\Users\Gustav\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{F23C14E6-88EE-46EF-A193-87ABC96A0864}] => (Allow) E:\SteamLibrary\SteamApps\common\The Ship\ship.exe
FirewallRules: [{94A3FCD0-DE91-48C1-9A91-0636C4F69095}] => (Allow) E:\SteamLibrary\SteamApps\common\The Ship\ship.exe
FirewallRules: [TCP Query User{FF3EED47-70F1-41B6-BEAD-2774375DEF0E}E:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) E:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{0898BEFA-0E2A-482B-A52C-F123579AAABD}E:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) E:\steamlibrary\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{77E49BDD-E284-4A83-96EC-EF1BB73C3201}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D824E7F2-54E8-483B-97B6-4CE4DC70400F}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{6218EA38-A001-4316-84B4-19EA3F37F0B3}] => (Allow) E:\SteamLibrary\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{FDB55FE8-5EB3-46E3-A639-D0AD4B74AA3B}] => (Allow) E:\SteamLibrary\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{53CE0991-7D42-402F-9AD8-76977CB5379D}] => (Allow) E:\SteamLibrary\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{1EABCC46-91B7-4792-A8CA-806FA1213B21}] => (Allow) E:\SteamLibrary\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{D7B93AA9-07A5-4C08-B7A7-A3AA219B3BB9}] => (Allow) E:\SteamLibrary\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{4846386F-023D-4A53-A69F-6680A967EC71}] => (Allow) E:\SteamLibrary\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{9EBBB46C-7EF5-4A8B-B677-2470F949523E}] => (Allow) E:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{594E321E-DCEA-4715-810B-6D930FA01A61}] => (Allow) E:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B05E818A-062A-4904-AB1A-1B6FC25D28CB}] => (Allow) E:\SteamLibrary\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{A2BCF37E-BEEC-4D33-A8F6-5D6EC0023C51}] => (Allow) E:\SteamLibrary\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{615DA58C-2E6F-4D23-927F-7BD8AF6715A8}] => (Allow) E:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{7F074E61-7363-40BC-ACAE-1DF57ACE0AC6}] => (Allow) E:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{094E89BB-ACEF-473B-8E64-B8D5A626A8E7}] => (Allow) E:\SteamLibrary\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{A394A96F-694B-494C-B614-583FF06CC116}] => (Allow) E:\SteamLibrary\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{CBA7E3C1-6726-4693-978D-99C1139627C2}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [UDP Query User{5C8D5883-C955-4FF2-B979-BB3F8ED9BB00}E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{60CD4905-1B9B-4D0A-8CB5-764922654A6A}] => (Block) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{3CB0A324-6815-4308-8CB8-DDACE956E7E6}] => (Block) E:\steamlibrary\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [{21CFEC49-B319-4BA6-9812-F85CB7632AAE}] => (Allow) E:\SteamLibrary\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{1C860F06-5741-4720-92FD-4987E1CE6AC9}] => (Allow) E:\SteamLibrary\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{049F051B-DF28-442A-B4E2-87F9F781B703}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{3E33461A-8480-4F3B-B2DE-6312E21B7DBA}C:\program files\java\jre8\bin\javaw.exe] => (Block) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{2D954C1B-18AC-466F-A836-C9B57A7910A7}C:\program files\java\jre8\bin\javaw.exe] => (Block) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{3575F90B-EA65-45C7-B635-4CD93841A9F3}] => (Allow) C:\Users\Gustav\Steam\bin\steamwebhelper.exe
FirewallRules: [{063A228F-2F3A-441F-AFCF-26B9EA840202}] => (Allow) C:\Users\Gustav\Steam\bin\steamwebhelper.exe
FirewallRules: [{347441F6-03BC-4B44-874A-08AE23903FE0}] => (Allow) E:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A87E906A-F720-468F-A6F9-4F206E9CBCC2}] => (Allow) E:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{985D0C4E-FE4F-4BF1-8F96-A5DE516BB256}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{AB1597B1-0BDA-4CDB-85EE-D27351AE44E3}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9371219A-849A-48A2-9875-DEE4BFB2C5F5}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{403F22CD-7461-46F6-A782-34CEB9C89034}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [TCP Query User{CDD7BD54-BA44-45FF-BF15-67F464DA07E9}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [UDP Query User{04A11609-F327-4FCF-B71D-20060965D93F}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{CDCF0FC1-EA36-449D-BAFE-7392D50002BB}] => (Block) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{527B0120-0EA5-42B3-AD49-1790B8E4606B}] => (Block) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{BBFF7B25-0822-4EC9-859C-1E430E866D91}] => (Allow) E:\SteamLibrary\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{13566A47-45B7-455C-A8C1-17512968665F}] => (Allow) E:\SteamLibrary\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{5CA5A1FF-DF5A-4BF2-B59A-E0B220C80EA5}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{9012C33E-8D1E-48C0-87AB-B91D5C4E156B}] => (Allow) E:\SteamLibrary\SteamApps\common\Warface\live\nw.exe
FirewallRules: [TCP Query User{F474C2D8-DC06-4796-AC2C-19C2582D9D19}G:\die gilde 2 - king edition\guildii.exe] => (Allow) G:\die gilde 2 - king edition\guildii.exe
FirewallRules: [UDP Query User{4D7869E9-D263-42AF-97F1-E659B4E83249}G:\die gilde 2 - king edition\guildii.exe] => (Allow) G:\die gilde 2 - king edition\guildii.exe
FirewallRules: [{14B67799-9788-4321-A112-280ED2FF123D}] => (Block) G:\die gilde 2 - king edition\guildii.exe
FirewallRules: [{044E802A-0762-43B3-94AF-CAA18F021638}] => (Block) G:\die gilde 2 - king edition\guildii.exe
FirewallRules: [TCP Query User{747D070C-E0FD-43A8-907F-F7B804973A33}E:\games\die gilde 2 - king edition\guildii.exe] => (Allow) E:\games\die gilde 2 - king edition\guildii.exe
FirewallRules: [UDP Query User{D2445EF5-8987-4A2F-8FBC-31C6A5114102}E:\games\die gilde 2 - king edition\guildii.exe] => (Allow) E:\games\die gilde 2 - king edition\guildii.exe
FirewallRules: [{E999E6D4-E618-454D-B3CC-7156ADDFE8F8}] => (Block) E:\games\die gilde 2 - king edition\guildii.exe
FirewallRules: [{AB3D65DB-BF7E-42B5-BB44-122EF2417FD4}] => (Block) E:\games\die gilde 2 - king edition\guildii.exe
FirewallRules: [TCP Query User{982E3DE0-8E28-423C-ABCD-10EE5F440642}G:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) G:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{BE1CA212-3B78-4F07-8B96-0BC95D8F636B}G:\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) G:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{01E88FE3-374D-49C8-85E7-A6765616840F}] => (Block) G:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{36CE6004-FD79-43C8-ACAE-AD1BFFF9AAB7}] => (Block) G:\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{69DC5CD0-1D33-43CF-A4EE-36357A93588B}E:\games\wot\wotlauncher.exe] => (Allow) E:\games\wot\wotlauncher.exe
FirewallRules: [UDP Query User{0E387720-16E4-4779-B473-F7406F61BF67}E:\games\wot\wotlauncher.exe] => (Allow) E:\games\wot\wotlauncher.exe
FirewallRules: [{00408D53-2397-4576-97EB-76F94584E710}] => (Block) E:\games\wot\wotlauncher.exe
FirewallRules: [{F97201F9-0C78-4838-900B-A609D1708DD8}] => (Block) E:\games\wot\wotlauncher.exe
FirewallRules: [TCP Query User{BCEB2977-4ED3-4EDD-A6DF-E9EE2384D814}E:\games\wot\worldoftanks.exe] => (Allow) E:\games\wot\worldoftanks.exe
FirewallRules: [UDP Query User{9F8372D5-CCBE-4289-AB8F-876E2F296CC2}E:\games\wot\worldoftanks.exe] => (Allow) E:\games\wot\worldoftanks.exe
FirewallRules: [{B59C84C6-4531-465B-8A75-343F0B3CC06E}] => (Block) E:\games\wot\worldoftanks.exe
FirewallRules: [{BE550211-3B49-4485-BE6D-27A3F4B36EBA}] => (Block) E:\games\wot\worldoftanks.exe
FirewallRules: [{00657B8F-080D-43E6-AE59-DFD43437CEA8}] => (Allow) E:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{60670402-75D1-4EB0-9424-C93B9646DC9A}] => (Allow) E:\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{3467A96A-82B6-4261-B114-F8873D8C1A8A}E:\games\hirez\hirezgames\smite\binaries\win32\smite.exe] => (Allow) E:\games\hirez\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{F6C11802-77C2-40CD-9C97-2DB1B2C4D6CA}E:\games\hirez\hirezgames\smite\binaries\win32\smite.exe] => (Allow) E:\games\hirez\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{5D3A3813-0471-4FB7-9052-EF765EDDD97A}] => (Block) E:\games\hirez\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{414EC19C-8068-4A54-AD14-C653DA27311D}] => (Block) E:\games\hirez\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{B7FFC64B-431C-42D0-A736-34EC02E8E612}C:\users\gustav\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gustav\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{49C6DA3C-1D09-4A82-8730-5111AA755F54}C:\users\gustav\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gustav\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0EB7B375-F3A0-4A2D-9A7F-06A2969E3BCF}] => (Block) C:\users\gustav\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D2B7DD6F-160B-468A-9E52-7CA2281F0BAF}] => (Block) C:\users\gustav\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8893B6C2-DE84-4F8C-8E19-3C54D6ADA5D0}] => (Allow) E:\SteamLibrary\SteamApps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{62CCA4F3-8802-4D49-B3C5-FF0D1A585598}] => (Allow) E:\SteamLibrary\SteamApps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{D855A2D0-6429-4ABA-9095-B43A98E12908}] => (Allow) E:\SteamLibrary\SteamApps\common\Rochard\Rochard.exe
FirewallRules: [{3CC80F8F-94B6-49C5-83F9-6691B7799898}] => (Allow) E:\SteamLibrary\SteamApps\common\Rochard\Rochard.exe
FirewallRules: [{7E205CA0-98C6-4693-AFF9-3E4FA4508DCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BB332A35-4B26-41FF-883E-4A9CD326AC83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{78967F7B-68E6-42EE-89C5-35B6E9AA67B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7EF7C42-7A60-4AA3-909B-2A013D17F93C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{93375B33-A494-4CF1-92D3-D69EF3B5FFD0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5E6C99EA-B3F7-4518-B079-4B2A2E99268F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{35BF01CB-7E70-4A04-8591-31F48C376679}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{49A9D999-4305-4098-BB4E-3C2ECC611991}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{965E8F9A-D83A-4255-8F9B-DAE15BE1A69A}] => (Block) C:\windows\system32\java.exe
FirewallRules: [{7908895E-8A5A-42AE-8543-53E0CCA59ACC}] => (Block) C:\windows\system32\java.exe
FirewallRules: [{5CB3C012-A870-4B3E-BE4A-1C7B3FB0D47B}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{1D471849-71F7-4CC1-9C3E-7A08C498A521}] => (Allow) E:\SteamLibrary\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{B08385B4-F298-4149-9490-14C272F0D0C8}] => (Allow) E:\SteamLibrary\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{9BAAC5F9-6B10-41F4-80FD-DB8E8302D10E}] => (Allow) E:\SteamLibrary\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{4AFFAC50-DECF-44F4-B231-F5E9CB0B0A68}] => (Allow) E:\SteamLibrary\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{5648B27A-6305-4FB8-B30B-89E44531A520}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{B30A85E1-8D39-4066-B4F9-AFA2CC13318D}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{AC92C299-BC86-46E4-8494-1FB6CA3B07BA}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{BB8692C0-3AD1-4B1E-B96C-E0E921537CDF}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [TCP Query User{1E57113E-B651-4DF9-B149-C0AACD00B8DC}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3734A30A-175A-4677-B23B-EC4BEFD27987}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{D7C3CA73-308F-4403-BF9D-E74C1A03611B}] => (Allow) E:\SteamLibrary\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{31A3492E-3C24-49F2-B378-E90E861B4F40}] => (Allow) E:\SteamLibrary\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [TCP Query User{1AF7C31B-5393-4912-B335-7520452CB72C}E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{404CA471-7D12-4A4C-A1BB-DE3A80BC5DFD}E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [{561EEC57-E791-4D59-8922-EF1739F239D2}] => (Block) E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [{7E043889-0AB6-4B1B-A149-81568709135C}] => (Block) E:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [TCP Query User{2F23A7B1-EBE6-4C52-8FD5-5722FD89403A}E:\games\planetside 2\planetside2_x64.exe] => (Allow) E:\games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{11C3D4D6-1109-4CB2-89FA-5F71D2439A8E}E:\games\planetside 2\planetside2_x64.exe] => (Allow) E:\games\planetside 2\planetside2_x64.exe
FirewallRules: [{D2F4C0C2-C63A-4282-9316-C033236F967D}] => (Block) E:\games\planetside 2\planetside2_x64.exe
FirewallRules: [{2AC43897-A52B-43F5-9D9D-CF7275F84F36}] => (Block) E:\games\planetside 2\planetside2_x64.exe
FirewallRules: [{8D951AF9-230D-4780-BD6E-DA8EACD2A7EF}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{BAFC7932-B2B3-4055-9038-130D854B1E89}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{DAA39246-EB5F-4284-BD0D-F41FEE91DEE9}] => (Allow) E:\Games\Origin\Battlefield 3\bf3.exe
FirewallRules: [{6DBB6370-CB03-4E78-A299-758F3403DF3A}] => (Allow) E:\Games\Origin\Battlefield 3\bf3.exe
FirewallRules: [{EF856BC3-A23A-4E67-A249-B875E753F31C}] => (Allow) E:\SteamLibrary\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{5394AAC1-F33F-4CA6-ABEE-8AA00D66158E}] => (Allow) E:\SteamLibrary\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{B455DA37-2A41-4169-857D-89BB17FAAF58}] => (Allow) E:\SteamLibrary\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{F3D87DB0-332B-4AA5-8152-58BB145CA6AE}] => (Allow) E:\SteamLibrary\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{6BC5D71B-51B0-4931-980A-D7833840F0FA}] => (Allow) E:\Games\Origin\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{6A1A1FF7-7BF3-4ECE-9CE0-6991FBF8F90B}] => (Allow) E:\Games\Origin\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{35B2E36F-251D-4EFA-8868-178F67845A3A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{C04CD623-B80B-48A3-8DB9-479F039ED502}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{E3F3152F-5140-4A52-8023-4EB858E3389E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9D950DE5-BCAD-4E00-ABDC-27A073C07160}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{635AEF04-44AE-4420-BAE1-6420DAD2F939}] => (Allow) E:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{C692D440-BB60-4844-AC1D-C4ED9A41763E}] => (Allow) E:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{520A245D-83ED-4915-89FA-17E8737E216C}I:\james\outlast\binaries\win64\olgame.exe] => (Allow) I:\james\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{D15DFC69-158A-4231-8648-28C72B81D82E}I:\james\outlast\binaries\win64\olgame.exe] => (Allow) I:\james\outlast\binaries\win64\olgame.exe
FirewallRules: [{327A18E9-C647-43CA-94F3-1F74D12A6776}] => (Block) I:\james\outlast\binaries\win64\olgame.exe
FirewallRules: [{E57A5943-EBA8-4828-B45C-07151E4C9E66}] => (Block) I:\james\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{DF21007C-7656-4EF6-88C6-0534EF38CC6E}I:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe] => (Allow) I:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{ABA09F77-846A-4F3B-982F-02ECD38150F5}I:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe] => (Allow) I:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [{A54D5D82-F437-48E3-B45B-8DE5339019E3}] => (Block) I:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [{D4A75F62-22CF-4487-A2D7-5F6E4F76F9C6}] => (Block) I:\james\dishonored die maske des zorns game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [{24A34181-6118-477F-B19D-651F128DB71F}] => (Allow) E:\SteamLibrary\SteamApps\common\DiRT Showdown\showdown.exe
FirewallRules: [{95EBA5D4-4C10-415C-8A16-70BD8B10F326}] => (Allow) E:\SteamLibrary\SteamApps\common\DiRT Showdown\showdown.exe
FirewallRules: [{57B4EF50-A94D-4A3A-8E3D-C8028C086D98}] => (Allow) E:\SteamLibrary\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{C6DD96FF-E2C8-4CF9-9C27-69F5B88CA474}] => (Allow) E:\SteamLibrary\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{1690587D-2277-417A-87C9-85087CBB694D}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{461A12B6-6C3F-42E2-8B82-3CDA9C54CD83}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{CCDA4F2D-B8B0-4D9E-8F1E-078D9F97003D}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{E0CE3846-3C24-492A-ADDC-A1E5230B28D7}] => (Allow) E:\SteamLibrary\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{0F980202-07AC-46EB-BF49-692F85860E52}] => (Allow) E:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{547C5468-6CA8-4678-A150-61ACD9D06113}] => (Allow) E:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{33A15CEE-80E1-45AF-86F3-EAC6DACBEA0B}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{BFC06251-0493-448C-96D9-1278DF5F596B}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{A9F97AE7-B93D-4BA6-B5B6-7353B50AC00E}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{2C025335-D47A-42CD-B7A0-2C90D533A2CD}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{9043F614-51A9-4728-9088-E78F781ABFBC}] => (Allow) E:\Games\Origin\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{780011AB-23D0-4D89-BFBE-32A78AA2845C}] => (Allow) E:\Games\Origin\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{7A0EB4DC-DCB3-4E49-9E4B-EE494C34D0F6}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{5985D770-98E2-4C8F-A7C9-EAC4B3F640F5}] => (Allow) E:\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [TCP Query User{22D6F519-26DB-425F-A17A-7FB5D5997259}E:\games\dying light#\dying light\dyinglightgame.exe] => (Allow) E:\games\dying light#\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{A1C6D93F-38F2-401D-8C87-3E93AA592B78}E:\games\dying light#\dying light\dyinglightgame.exe] => (Allow) E:\games\dying light#\dying light\dyinglightgame.exe
FirewallRules: [{00BE8224-053D-4BA8-AFDB-382690F316F7}] => (Block) E:\games\dying light#\dying light\dyinglightgame.exe
FirewallRules: [{E9654C9C-D162-455A-9226-2298189CE798}] => (Block) E:\games\dying light#\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{CF0DF077-BADB-48FF-BE88-E64F10A7B89F}E:\games\dying light\dyinglightgame.exe] => (Allow) E:\games\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{CF180DCA-360A-438E-86CF-F6E2EC487B7B}E:\games\dying light\dyinglightgame.exe] => (Allow) E:\games\dying light\dyinglightgame.exe
FirewallRules: [{D2A4315C-7162-4745-8F1D-BD15E842D24B}] => (Block) E:\games\dying light\dyinglightgame.exe
FirewallRules: [{2104FA63-7AF2-4E50-A11A-E5C7AE509058}] => (Block) E:\games\dying light\dyinglightgame.exe
FirewallRules: [{E7185FE8-14F2-4647-B661-10C983856ECF}] => (Allow) C:\Users\Gustav\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{8902FAF8-DFA5-4668-BC6C-378C8F0B92B6}] => (Allow) C:\Users\Gustav\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{1B3F00A2-3B20-46F6-AEF1-8A0FE972B7AF}] => (Allow) C:\Users\Gustav\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{59E2D7D5-5CB6-4435-A547-A79A6C51BA82}] => (Allow) C:\Users\Gustav\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [TCP Query User{9AFD0CFE-CF62-4FCB-AA10-89C996DF5211}E:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) E:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{33FC87B2-C663-4B80-8D60-C931D511F3B3}E:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) E:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{E5C780E8-6207-4467-ABD7-024273F7EF53}] => (Block) E:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{762EA348-DDCF-4DA2-AD64-BCA4E000877D}] => (Block) E:\steamlibrary\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [TCP Query User{1953B5FE-4C4B-4A23-A9D9-57A433481AF5}E:\games\unity\editor\unity.exe] => (Allow) E:\games\unity\editor\unity.exe
FirewallRules: [UDP Query User{BD0E2B24-0E32-40AD-BE20-818D58D884E8}E:\games\unity\editor\unity.exe] => (Allow) E:\games\unity\editor\unity.exe
FirewallRules: [TCP Query User{D5A23D7D-C994-4F6F-970C-17E1967F907B}E:\games\unity\monodevelop\bin\monodevelop.exe] => (Block) E:\games\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{3A0F5547-6AD9-47FB-82D5-208FA11DE0A1}E:\games\unity\monodevelop\bin\monodevelop.exe] => (Block) E:\games\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{7E78C6EF-6A4D-4D3F-B6B3-52E231934A93}E:\games\origin\titanfall\titanfall.exe] => (Allow) E:\games\origin\titanfall\titanfall.exe
FirewallRules: [UDP Query User{9CD5947D-33BA-47E6-B268-54D5B938CBC3}E:\games\origin\titanfall\titanfall.exe] => (Allow) E:\games\origin\titanfall\titanfall.exe
FirewallRules: [{C278E1ED-1106-4779-8758-428634FE5B9F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{27B4966F-452D-4EF9-ADA4-A6489923C5EC}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{28C4640B-A845-4F35-B23E-E1FD8A8B0839}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{0A307578-4336-42AC-BDD4-6B847D42173C}] => (Allow) E:\Games\Origin\Titanfall\Titanfall.exe
FirewallRules: [{DA7875BB-DF52-4F0B-BCBB-E8E062F04237}] => (Allow) E:\Games\Origin\Titanfall\Titanfall.exe
FirewallRules: [{9AA63E7B-C714-4C56-91D2-EED247ED5AC8}] => (Allow) E:\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{FA11F623-23DF-40DA-B3CA-9F94DC590A95}] => (Allow) E:\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [TCP Query User{B7A7B3F6-EF57-449E-95A2-47849DED7681}E:\games\war thunder\launcher.exe] => (Allow) E:\games\war thunder\launcher.exe
FirewallRules: [UDP Query User{174E393C-FE3D-4378-93C9-0CF5E26259CE}E:\games\war thunder\launcher.exe] => (Allow) E:\games\war thunder\launcher.exe
FirewallRules: [{DEA8D00F-724D-4A81-B767-E2E1E713A97C}] => (Block) E:\games\war thunder\launcher.exe
FirewallRules: [{C4ACF39E-CC89-413C-AB57-B415001EE9B1}] => (Block) E:\games\war thunder\launcher.exe
FirewallRules: [TCP Query User{DBF133FE-FBA1-4538-B09B-8924BC006616}E:\games\war thunder\aces.exe] => (Allow) E:\games\war thunder\aces.exe
FirewallRules: [UDP Query User{3525C6A7-D0CC-4CDC-9871-FEE61DE380C2}E:\games\war thunder\aces.exe] => (Allow) E:\games\war thunder\aces.exe
FirewallRules: [{40729180-E97A-4C2E-9CD0-C5A54E45271D}] => (Block) E:\games\war thunder\aces.exe
FirewallRules: [{7F330B00-D292-49E1-83DC-0BC6248AA520}] => (Block) E:\games\war thunder\aces.exe
FirewallRules: [TCP Query User{8C99DB61-7A12-4A83-83D1-3686C11593FC}E:\steamlibrary\steamapps\common\war thunder\launcher.exe] => (Allow) E:\steamlibrary\steamapps\common\war thunder\launcher.exe
FirewallRules: [UDP Query User{199C13C5-DC36-4DA0-ABF6-A7FD4F88A219}E:\steamlibrary\steamapps\common\war thunder\launcher.exe] => (Allow) E:\steamlibrary\steamapps\common\war thunder\launcher.exe
FirewallRules: [{6698684B-64FD-4E62-B8EF-E8E3DF6EE884}] => (Block) E:\steamlibrary\steamapps\common\war thunder\launcher.exe
FirewallRules: [{BE01D917-456E-47EB-8382-1C5309C648ED}] => (Block) E:\steamlibrary\steamapps\common\war thunder\launcher.exe
FirewallRules: [TCP Query User{E02A47A6-6C91-45B4-B203-B8C4BBF04D1C}E:\steamlibrary\steamapps\common\war thunder\aces.exe] => (Allow) E:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{E1DE174C-4F1D-46BC-903C-42FD725A7913}E:\steamlibrary\steamapps\common\war thunder\aces.exe] => (Allow) E:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [{A372A24E-C2B4-49D5-A999-06C59530BC93}] => (Block) E:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [{DECA0ABF-37AF-4457-A36A-A52EAAF7B355}] => (Block) E:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{035CE971-F432-489C-AC34-A6F622190AD8}E:\steamlibrary\steamapps\common\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{049721DE-96D6-4A24-9CBF-6EC7EE51C0EC}E:\steamlibrary\steamapps\common\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{663A8B18-27A5-44F0-9E17-729D1762EE1E}] => (Block) E:\steamlibrary\steamapps\common\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{04330E08-313C-4A6E-B079-D1B89D1AB6A3}] => (Block) E:\steamlibrary\steamapps\common\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{C542BADC-8C66-485B-B3B2-A4BA90A63F58}E:\games\rockstar games\grand theft auto v\gta5.exe] => (Block) E:\games\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{BF665FC8-A802-4D94-8D60-38C8CD92A7F0}E:\games\rockstar games\grand theft auto v\gta5.exe] => (Block) E:\games\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{188F462E-7539-451D-B34D-9731EB9C02A4}C:\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{CECAD8AC-179C-493D-B945-5283B7F01137}C:\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{4A8E7599-5554-45D3-9C77-573A6D0924CE}] => (Block) C:\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{249AF1A8-563D-4BCC-87B9-3ACFE8C3151C}] => (Block) C:\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{F408F00B-C006-4864-AA16-E7A25EFE7D0E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{00DEC23E-6B68-4ADF-B1F9-766237DFF424}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{DFCAA765-C371-4280-B6A2-373963C56560}] => (Allow) E:\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{88B8DBE4-15FF-410E-827E-3B5CD087FCF5}] => (Allow) E:\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{090B1DD0-6C6C-4703-A6B4-D8285BF327D7}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{535AB98F-ACF7-4C12-BBA8-B7B118CEE80D}] => (Allow) E:\Games\Origin\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{BF8C7991-2C6D-4035-92A0-40B8E1C0EF12}] => (Allow) E:\Games\Origin\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{D7E79EA8-B38B-4F4D-9F77-874C823E8AC0}] => (Allow) E:\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{32300F44-25DB-4AC4-9B46-D58BA5C8D634}] => (Allow) E:\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{115299C6-B9DA-4E62-8B5D-8589DA6CB1F3}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{295E2353-A83A-468A-895E-D3F7CAF712FB}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{74163291-2D85-4FCF-BF5A-A399EEEFE0E2}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{38860681-34BE-4E70-8858-ABB0B1E80A9C}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{1C3B5673-D70D-4ED9-BDF3-803EEF7B7409}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [TCP Query User{820B0D35-B1DE-41A1-BD2E-E4E9B2F7C7C0}E:\games\tmunitedforever\tmforever.exe] => (Allow) E:\games\tmunitedforever\tmforever.exe
FirewallRules: [UDP Query User{189E202C-6049-46CB-9366-8E60355005F7}E:\games\tmunitedforever\tmforever.exe] => (Allow) E:\games\tmunitedforever\tmforever.exe
FirewallRules: [{1A50BD45-1617-4CFB-8E4B-774CFE0CAA51}] => (Block) E:\games\tmunitedforever\tmforever.exe
FirewallRules: [{5555F437-A047-4001-8B81-A6C8F64F10F2}] => (Block) E:\games\tmunitedforever\tmforever.exe
FirewallRules: [{C44BA67A-E671-4DA4-A0BD-C732C922A2BF}] => (Allow) E:\SteamLibrary\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{1C843205-57F7-4E0C-AC36-57305C5E47AD}] => (Allow) E:\SteamLibrary\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{42813A4E-F3B5-449A-8D0A-F9AB2A91C0AE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{352BA25F-F316-430E-8BDC-58CAB1D0E813}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EB24EEF4-9A97-46FA-8918-544A65EE696B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EE5A71A2-23A1-48D4-9B11-FCAF13509B8B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D209CF83-3157-4277-82A7-718FCB500124}] => (Allow) E:\Games\Origin\Battlefield 4\bf4_x86.exe
FirewallRules: [{EE017CAC-2FD4-4AF0-B043-C30B9C542426}] => (Allow) E:\Games\Origin\Battlefield 4\bf4_x86.exe
FirewallRules: [{14AA0670-2F31-4525-B4AA-590B67148692}] => (Allow) E:\Games\Origin\Battlefield 4\bf4.exe
FirewallRules: [{E32021DF-37D8-4B41-B2B3-D467233F9F8E}] => (Allow) E:\Games\Origin\Battlefield 4\bf4.exe
FirewallRules: [{2ED16CAB-E452-4170-8706-885916209E8F}] => (Allow) E:\Halo2 -2\halo2.exe
FirewallRules: [{80FF6EDF-3BCF-4C81-ABA0-7D85F8FD385B}] => (Allow) E:\Halo2 -2\halo2.exe
FirewallRules: [{D11D9A05-F01D-4671-A908-E4D2A3B882B0}] => (Allow) E:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3D1017F2-0A21-441C-94C7-A90CC4CCCFB2}] => (Allow) E:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{37E74077-55F6-414C-A0C6-A54D9FDD6CCC}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{33F16789-AA8B-49EC-9084-17171438BD39}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{A66D2CB5-4E99-49D6-AF25-22E2541EEE01}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{8465BD77-027A-48EC-AC21-6AE2EBA826B8}] => (Allow) E:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [TCP Query User{1DE38D1A-6D65-46B9-8F77-C6863BA9013A}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{30B1B7FF-9775-456B-AC98-B9C03DCE9FF4}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [{65B4FF95-E756-4BA4-97FE-D014EE928BA5}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [{744D818B-6290-4B05-80C9-585FEEEA31B3}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7935F6A9-532F-4C10-8A6C-C41F671DEBD5}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{EA0460A1-A9D9-4C18-A65A-1C735A9902D5}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{CE4DEDDB-DB8D-40BC-84BC-2A5F7553A4CE}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{4E062F97-0BB1-4FE6-B1F3-191FFB735A20}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{0EBA5F0A-4CCB-4CF7-825B-DBE081EBE76F}] => (Allow) E:\SteamLibrary\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{281062E7-153C-4C35-B805-AFECC5A12C0F}] => (Allow) E:\SteamLibrary\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{EC7DC16F-6E38-48F7-89B6-AEC9C2F1CF82}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{2BED5202-3B5B-4FDB-84EE-5D8AA3A5ABBA}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{D7B59541-0832-4A64-9F75-AC09A0037B3D}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{7EF93DF2-7506-4019-B2D2-F427E9FD8B9E}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{86BAFDF4-A8BC-43C3-8BBB-F6161692A7FE}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{FDD1C748-C555-4159-929A-CFE8A12B1A21}] => (Allow) E:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{3A8BB0F4-73D5-4E5D-AF91-2C5BFA5D889F}E:\steamlibrary\steamapps\common\greygoo\instanceserverg.exe] => (Allow) E:\steamlibrary\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [UDP Query User{06466711-CFE0-4811-B3F2-D5DF0CC428A6}E:\steamlibrary\steamapps\common\greygoo\instanceserverg.exe] => (Allow) E:\steamlibrary\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [TCP Query User{F8EBDE8B-C395-4C03-BD2C-85FA3F69B304}E:\steamlibrary\steamapps\common\greygoo\goog.exe] => (Allow) E:\steamlibrary\steamapps\common\greygoo\goog.exe
FirewallRules: [UDP Query User{DEE1AD01-34B3-4AFE-AA54-90F08A5DBF42}E:\steamlibrary\steamapps\common\greygoo\goog.exe] => (Allow) E:\steamlibrary\steamapps\common\greygoo\goog.exe
FirewallRules: [{7A9EFB14-F278-4347-AF26-521A2AE8C1AD}] => (Block) E:\steamlibrary\steamapps\common\greygoo\goog.exe
FirewallRules: [{444B2350-65B1-4661-903F-4E6054684E59}] => (Block) E:\steamlibrary\steamapps\common\greygoo\goog.exe
FirewallRules: [{5DC4BAD4-7585-4C25-B059-2D7FB2CAF5A6}] => (Block) E:\steamlibrary\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [{A073123B-088C-4665-ABBB-70439D9F1CAA}] => (Block) E:\steamlibrary\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [{A19D34C6-0B89-45AD-AD23-AFA11179AC3B}] => (Allow) E:\Games\Origin\Battlefield 4\bf4_x86.exe
FirewallRules: [{49DD7EFF-8F39-4679-A949-57AF71591C65}] => (Allow) E:\Games\Origin\Battlefield 4\bf4_x86.exe
FirewallRules: [{A50EA333-1387-4C10-A5A9-698615A7C418}] => (Allow) E:\Games\Origin\Battlefield 4\bf4.exe
FirewallRules: [{878304E4-3628-41CC-9F6C-7342F93F125F}] => (Allow) E:\Games\Origin\Battlefield 4\bf4.exe
FirewallRules: [{F2B6E266-297C-4C10-B95E-25272A181F21}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D22F25B1-3016-4B8C-AFDD-3E801C878215}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{CE2FE137-CE48-4857-92D8-689B06FCC712}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B678F67D-1F1A-4087-BA72-456FB77ED0D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E4BD33AF-D011-470B-94BB-C4F994561F98}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2C4DD9C3-9580-41C7-AD87-740FEF194144}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9B26C5C4-6A21-4666-B660-C858E20F1B90}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{4165FD7A-0772-417D-A6F3-E3AE00EA2F6A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{B0091744-F652-4201-AE93-346493AFBAA2}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{E18E61D9-18D2-4065-B5C2-1222B5589929}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{32677B87-6DA7-4A64-B444-1E9923A1AACE}C:\program files (x86)\blizzard\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\blizzard\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{6AF55272-EF8F-4986-B21C-EEB4429EE3D9}C:\program files (x86)\blizzard\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\blizzard\hearthstone\hearthstone.exe
FirewallRules: [{35683B80-4396-4EA8-AF8F-10762CA6AE15}] => (Allow) E:\SteamLibrary\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{3366EEFA-3E06-4CCB-B535-0FE795DC16C7}] => (Allow) E:\SteamLibrary\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{1732A3B3-C9C1-4EFC-BF59-F4B37C398900}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E44E6673-E14C-4B13-9450-032DC2E8C310}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE388C1D-B32C-47A5-9664-DB447859075F}] => (Allow) C:\Program Files\NetWorx\networx.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2015 00:20:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0x868
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 00:09:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xb1c
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 11:38:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xb6c
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 10:55:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xb0c
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 10:45:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xb5c
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 03:47:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xb0c
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 03:45:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 39.0.0.5659, Zeitstempel: 0x55934d06
Name des fehlerhaften Moduls: mozalloc.dll, Version: 39.0.0.5659, Zeitstempel: 0x55933a83
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x18b4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/05/2015 03:43:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xb18
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3

Error: (07/05/2015 03:42:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 39.0.0.5659, Zeitstempel: 0x55934d06
Name des fehlerhaften Moduls: mozalloc.dll, Version: 39.0.0.5659, Zeitstempel: 0x55933a83
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0xd5c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/05/2015 03:33:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.31.8.1, Zeitstempel: 0x521c9c4b
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d689
ID des fehlerhaften Prozesses: 0xae4
Startzeit der fehlerhaften Anwendung: 0xHeciServer.exe0
Pfad der fehlerhaften Anwendung: HeciServer.exe1
Pfad des fehlerhaften Moduls: HeciServer.exe2
Berichtskennung: HeciServer.exe3


System errors:
=============
Error: (07/05/2015 00:25:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Software Protection" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (07/05/2015 00:23:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/05/2015 00:23:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/05/2015 00:23:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/05/2015 00:23:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/05/2015 00:23:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Qualcomm Atheros Killer Service V2" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/05/2015 00:23:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/05/2015 00:23:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/05/2015 00:23:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/05/2015 00:23:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Kinect Management" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (07/05/2015 00:20:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d68986801d0b70c3f592ea0C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exe85fa06a8-22ff-11e5-b91b-74d435884c44

Error: (07/05/2015 00:09:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689b1c01d0b70a950847ddC:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exedba8e5c1-22fd-11e5-9528-74d435884c44

Error: (07/05/2015 11:38:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689b6c01d0b706445d4c20C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exe8afe81dc-22f9-11e5-bedc-74d435884c44

Error: (07/05/2015 10:55:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689b0c01d0b7005bab7b37C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exea24e4f0f-22f3-11e5-9a20-74d435884c44

Error: (07/05/2015 10:45:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689b5c01d0b6fefadc44ecC:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exe417ecaa1-22f2-11e5-8890-74d435884c44

Error: (07/05/2015 03:47:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689b0c01d0b6c4782397f9C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exebec81989-22b7-11e5-98cc-74d435884c44

Error: (07/05/2015 03:45:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa118b401d0b6c401d9be3fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll831cd0ba-22b7-11e5-a51c-74d435884c44

Error: (07/05/2015 03:43:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689b1801d0b6c3edd6de98C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exe3483dc08-22b7-11e5-a51c-74d435884c44

Error: (07/05/2015 03:42:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa1d5c01d0b6c3be026b21C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll199aca0a-22b7-11e5-b354-74d435884c44

Error: (07/05/2015 03:33:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeciServer.exe1.31.8.1521c9c4bHeciServer.exe1.31.8.1521c9c4b40000015000000000005d689ae401d0b6c28db82b75C:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files\Intel\iCLS Client\HeciServer.exed455f652-22b5-11e5-b354-74d435884c44


CodeIntegrity Errors:
===================================
  Date: 2015-07-05 11:43:10.049
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-05 11:43:10.034
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-05 11:43:10.003
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-05 11:43:09.987
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-05 00:53:09.846
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-05 00:53:09.830
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-06-28 11:18:05.951
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-28 11:18:05.924
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-28 11:18:05.896
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-28 11:18:05.864
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 32%
Total physical RAM: 8078.54 MB
Available physical RAM: 5436.59 MB
Total Virtual: 16155.28 MB
Available Virtual: 13605.37 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.47 GB) (Free:58.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Festplatte) (Fixed) (Total:931.51 GB) (Free:258.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Rescue Disc) (Removable) (Total:59.62 GB) (Free:59.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 4B31521B)
Partition 1: (Not Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 508AFC7B)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 59.6 GB) (Disk ID: 4A386CC0)
Partition 1: (Active) - (Size=59.6 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---

M-K-D-B 05.07.2015 11:37
Servus,



bevor wir weitermachen, habe ich eine Frage.

Hast du DNSBlock bewusst/absichtlich installiert bzw. kennst du das Programm?
Zitat:
Winsock: Catalog5 05 C:\Windows\SysWOW64\DnsBlockA.dll [343584 2015-06-28] (DnsBlock)
Winsock: Catalog5 08 C:\Windows\SysWOW64\DnsBlockB.dll [343584 2015-06-28] (DnsBlock)
Winsock: Catalog5-x64 05 C:\Windows\system32\DnsBlockA.dll [434208 2015-06-28] (DnsBlock)
Winsock: Catalog5-x64 08 C:\Windows\system32\DnsBlockB.dll [433696 2015-06-28] (DnsBlock)
S2 DnsBlockUpdateSvc; C:\Windows\system32\DnsBlockUpdateSvc.exe [149024 2015-06-28] ()
2015-06-28 11:10 - 2015-06-28 11:10 - 00471968 _____ C:\Windows\SysWOW64\dns.block
2015-06-28 11:10 - 2015-06-28 11:10 - 00471968 _____ C:\Windows\system32\dns.block
2015-06-28 11:10 - 2015-06-28 11:10 - 00434208 _____ (DnsBlock) C:\Windows\system32\DnsBlockA.dll
2015-06-28 11:10 - 2015-06-28 11:10 - 00433696 _____ (DnsBlock) C:\Windows\system32\DnsBlockB.dll
2015-06-28 11:10 - 2015-06-28 11:10 - 00343584 _____ (DnsBlock) C:\Windows\SysWOW64\DnsBlockB.dll
2015-06-28 11:10 - 2015-06-28 11:10 - 00343584 _____ (DnsBlock) C:\Windows\SysWOW64\DnsBlockA.dll
2015-06-28 11:10 - 2015-06-28 11:10 - 00149024 _____ C:\Windows\system32\DnsBlockUpdateSvc.exe

SirHenry2 05.07.2015 12:16
Ich habe eifrig darüber nachgedacht.
Ich kann mich an etwas erinnern aber wofür auch immer es ist benutzen tu ich es nicht.:wtf:

M-K-D-B 05.07.2015 12:30
Zitat:
Zitat von SirHenry2 (Beitrag 1484890)
Ich kann mich an etwas erinnern aber wofür auch immer es ist benutzen tu ich es nicht.:wtf:
Zwingend notwendig ist es wohl nicht, es gibt kaum Hits bei Google. Es wurde auch erst Ende Juni installiert... nicht, dass es von der Adware kommt... ;)

Löschen oder nicht? :blabla:

SirHenry2 05.07.2015 12:32
Weg damit :pfui:

M-K-D-B 05.07.2015 12:55
Servus,



ok, dann geht es so weiter:




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
S2 DnsBlockUpdateSvc; C:\Windows\system32\DnsBlockUpdateSvc.exe [149024 2015-06-28] ()
C:\Windows\system32\DnsBlockUpdateSvc.exe
FF HKLM-x32\...\Firefox\Extensions: [{58D8F7FD-DDA3-4F86-AACC-B1D390884956}] - C:\Windows\Installer\{767A8037-20F1-4B4F-A964-04F4BF17A426}\{58D8F7FD-DDA3-4F86-AACC-B1D390884956}.xpi
C:\Windows\Installer\{767A8037-20F1-4B4F-A964-04F4BF17A426}
FF HKLM-x32\...\Firefox\Extensions: [{C06ECDF9-1934-4979-91B0-360A669D0ADF}] - C:\Windows\Installer\{542F8CD8-9C65-450A-A521-8086587432E4}\{C06ECDF9-1934-4979-91B0-360A669D0ADF}.xpi
C:\Windows\Installer\{542F8CD8-9C65-450A-A521-8086587432E4}
FF Extension: Download Protect - C:\Windows\Installer\{542F8CD8-9C65-450A-A521-8086587432E4}\{C06ECDF9-1934-4979-91B0-360A669D0ADF}.xpi [2015-07-05]
C:\Program Files\{1922B07E-16DC-424B-80CD-C4A2E008BE22}
C:\Program Files (x86)\{2F340299-176A-4ED7-9FB7-C1F45A94BEB1}
C:\Windows\system32\dns.block
C:\Windows\SysWOW64\dns.block
C:\Windows\system32\DnsBlockA.dll
C:\Windows\system32\DnsBlockB.dll
C:\Windows\SysWOW64\DnsBlockB.dll
C:\Windows\SysWOW64\DnsBlockA.dll
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-506285681-3122066857-1050854625-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-506285681-3122066857-1050854625-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Winsock: Catalog5 05 C:\Windows\SysWOW64\DnsBlockA.dll [343584 2015-06-28] (DnsBlock)
Winsock: Catalog5 08 C:\Windows\SysWOW64\DnsBlockB.dll [343584 2015-06-28] (DnsBlock)
Winsock: Catalog5-x64 05 C:\Windows\system32\DnsBlockA.dll [434208 2015-06-28] (DnsBlock)
Winsock: Catalog5-x64 08 C:\Windows\system32\DnsBlockB.dll [433696 2015-06-28] (DnsBlock)
C:\Users\Gustav\AppData\Local\DnsBlock
RemoveProxy:
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    :filefind
    *DnsBlock*

    :folderfind
    *DnsBlock*
    *downloadprotect*

    :regfind
    DnsBlock
    downloadprotect
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 3
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.




Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST.

SirHenry2 05.07.2015 13:00
er sagt not found bei dem systenlock link
soll ich manuell suchen ?

M-K-D-B 05.07.2015 13:03
Zitat:
Zitat von SirHenry2 (Beitrag 1484896)
er sagt not found bei dem systenlock link
soll ich manuell suchen ?
dann mach das hier bei Schritt 2:

  • Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in die Zeile:
    Code:
    DnsBlock;downloadprotect;
  • Drücke auf Search Registry.
  • FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
  • Am Ende erstellt FRST eine Textdatei Search.txt.
  • Poste mir deren Inhalt mit deiner nächsten Antwort.

SirHenry2 05.07.2015 13:55
Code:
Fix result of Farbar Recovery Scan Tool (x64) Version:04-07-2015
Ran by Gustav at 2015-07-05 13:58:07 Run:7
Running from C:\Users\Gustav\Desktop\Aufräumsachen
Loaded Profiles: Gustav (Available Profiles: Gustav)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
S2 DnsBlockUpdateSvc; C:\Windows\system32\DnsBlockUpdateSvc.exe [149024 2015-06-28] ()
C:\Windows\system32\DnsBlockUpdateSvc.exe
FF HKLM-x32\...\Firefox\Extensions: [{58D8F7FD-DDA3-4F86-AACC-B1D390884956}] - C:\Windows\Installer\{767A8037-20F1-4B4F-A964-04F4BF17A426}\{58D8F7FD-DDA3-4F86-AACC-B1D390884956}.xpi
C:\Windows\Installer\{767A8037-20F1-4B4F-A964-04F4BF17A426}
FF HKLM-x32\...\Firefox\Extensions: [{C06ECDF9-1934-4979-91B0-360A669D0ADF}] - C:\Windows\Installer\{542F8CD8-9C65-450A-A521-8086587432E4}\{C06ECDF9-1934-4979-91B0-360A669D0ADF}.xpi
C:\Windows\Installer\{542F8CD8-9C65-450A-A521-8086587432E4}
FF Extension: Download Protect - C:\Windows\Installer\{542F8CD8-9C65-450A-A521-8086587432E4}\{C06ECDF9-1934-4979-91B0-360A669D0ADF}.xpi [2015-07-05]
C:\Program Files\{1922B07E-16DC-424B-80CD-C4A2E008BE22}
C:\Program Files (x86)\{2F340299-176A-4ED7-9FB7-C1F45A94BEB1}
C:\Windows\system32\dns.block
C:\Windows\SysWOW64\dns.block
C:\Windows\system32\DnsBlockA.dll
C:\Windows\system32\DnsBlockB.dll
C:\Windows\SysWOW64\DnsBlockB.dll
C:\Windows\SysWOW64\DnsBlockA.dll
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-506285681-3122066857-1050854625-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-506285681-3122066857-1050854625-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Winsock: Catalog5 05 C:\Windows\SysWOW64\DnsBlockA.dll [343584 2015-06-28] (DnsBlock)
Winsock: Catalog5 08 C:\Windows\SysWOW64\DnsBlockB.dll [343584 2015-06-28] (DnsBlock)
Winsock: Catalog5-x64 05 C:\Windows\system32\DnsBlockA.dll [434208 2015-06-28] (DnsBlock)
Winsock: Catalog5-x64 08 C:\Windows\system32\DnsBlockB.dll [433696 2015-06-28] (DnsBlock)
C:\Users\Gustav\AppData\Local\DnsBlock
RemoveProxy:
CMD: netsh winsock reset
EmptyTemp:
end
       
*****************

Processes closed successfully.
DnsBlockUpdateSvc => Service removed successfully
C:\Windows\system32\DnsBlockUpdateSvc.exe => moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{58D8F7FD-DDA3-4F86-AACC-B1D390884956} => value removed successfully
C:\Windows\Installer\{767A8037-20F1-4B4F-A964-04F4BF17A426} => moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{C06ECDF9-1934-4979-91B0-360A669D0ADF} => value removed successfully
C:\Windows\Installer\{542F8CD8-9C65-450A-A521-8086587432E4} => moved successfully.
C:\Windows\Installer\{542F8CD8-9C65-450A-A521-8086587432E4}\{C06ECDF9-1934-4979-91B0-360A669D0ADF}.xpi not found.
"C:\Program Files\{1922B07E-16DC-424B-80CD-C4A2E008BE22}" => File/Folder not found.
"C:\Program Files (x86)\{2F340299-176A-4ED7-9FB7-C1F45A94BEB1}" => File/Folder not found.
C:\Windows\system32\dns.block => moved successfully.
C:\Windows\SysWOW64\dns.block => moved successfully.
C:\Windows\system32\DnsBlockA.dll => moved successfully.
C:\Windows\system32\DnsBlockB.dll => moved successfully.
C:\Windows\SysWOW64\DnsBlockB.dll => moved successfully.
C:\Windows\SysWOW64\DnsBlockA.dll => moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => key removed successfully
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKU\S-1-5-21-506285681-3122066857-1050854625-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
Winsock: Catalog entry 000000000005 => removed successfully
Winsock: Catalog entry 000000000008 => removed successfully
Winsock: Catalog entry 000000000005 => removed successfully
Winsock: Catalog entry 000000000008 => removed successfully
C:\Users\Gustav\AppData\Local\DnsBlock => moved successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========


=========  netsh winsock reset =========

Die Initialisierungsfunktion InitHelperDll in NSHHTTP.DLL konnte nicht gestartet werden. Fehlercode 11003

Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= End of CMD: =========

EmptyTemp: => 61.3 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 13:58:11 ====
Code:
Farbar Recovery Scan Tool (x64) Version:04-07-2015
Ran by Gustav at 2015-07-05 14:51:56
Running from C:\Users\Gustav\Desktop\Aufräumsachen
Boot Mode: Normal

================== Search Registry: "DnsBlock;downloadprotect" ===========


===================== Search result for "downloadprotect" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}]
""="DownloadProtect Extension"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}\VersionIndependentProgID]
""="DPBHO.DownloadProtect"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DPBHO.DownloadProtect]
""="DownloadProtect Extension"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DPBHO.DownloadProtect.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}]
""="IDownloadProtect"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}]
""="DownloadProtect Extension"

====== End of Search ======
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-07-2015
Ran by Gustav (administrator) on THORSTEN on 05-07-2015 14:54:36
Running from C:\Users\Gustav\Desktop\Aufräumsachen
Loaded Profiles: Gustav (Available Profiles: Gustav)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) E:\Games\hirez\HiPatchService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
() C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [NetWorx] => "C:\Program Files\NetWorx\networx.exe" /auto
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3Di SBX Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [976896 2012-11-28] (Creative Technology Ltd)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\...\Run: [GamingMouseEditor] => C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe [3352576 2013-04-09] ()
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-04-19]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-25] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-506285681-3122066857-1050854625-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-506285681-3122066857-1050854625-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-05] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files\{1A84662C-6EE6-4A7E-9957-BD60DF3FFA70}\{9252B9D7-716A-45AE-A9B9-5DFDE0CC0FD8}.bin [2015-07-05] (Download Protect)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-05] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{51DE8119-559E-474C-9132-F0ED59BEFED4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{89028BFB-3DE7-4E6B-932D-9CFE296AB804}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{AC955F3B-68F1-49BC-8573-E52B32308E85}: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Gustav\AppData\Roaming\Mozilla\Firefox\Profiles\zq1nlzuj.default-1436025345253
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-28] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-28] ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-506285681-3122066857-1050854625-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gustav\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-18] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-09]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-25] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-25] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-26] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-04-28] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-04-28] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103936 2014-06-02] (Creative Technology Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-12-08] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-10-23] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R2 HiPatchService; E:\Games\hirez\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 KinectManagement; C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [98816 2013-08-20] (Microsoft Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Users\Gustav\Origin\OriginClientService.exe [2004488 2015-06-29] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-07-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-06-30] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-25] ()
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1050904 2014-06-02] (Creative Technology Ltd)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-19] (Disc Soft Ltd)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-26] (Disc Soft Ltd)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fet6x64.sys [47872 2009-06-10] (VIA Technologies, Inc.              )
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
S3 KinectCamera; C:\Windows\System32\Drivers\kinectcamera.sys [192512 2013-08-20] (Microsoft Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-05-19] (Duplex Secure Ltd.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-25] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Gustav\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GPU-Z; \??\C:\Users\Gustav\AppData\Local\Temp\GPU-Z.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 MFE_RR; \??\C:\Users\Gustav\AppData\Local\Temp\mfe_rr.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-05 13:24 - 2015-07-05 14:54 - 00000000 ____D C:\Users\Gustav\Desktop\Aufräumsachen
2015-07-05 12:22 - 2015-07-05 12:22 - 00000000 ____D C:\Program Files\{1A84662C-6EE6-4A7E-9957-BD60DF3FFA70}
2015-07-05 12:22 - 2015-07-05 12:22 - 00000000 ____D C:\Program Files (x86)\{E4EE7F34-D721-4EDE-BC9C-3443FAE8E2F3}
2015-07-05 12:10 - 2015-07-05 13:59 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-07-05 11:39 - 2015-07-05 11:44 - 00000000 ____D C:\ComboFix
2015-07-05 11:36 - 2015-07-05 11:36 - 05631262 ____R (Swearware) C:\Users\Gustav\Downloads\ComboFix.exe
2015-07-05 10:54 - 2015-07-05 10:54 - 00000020 _____ C:\Users\Gustav\defogger_reenable
2015-07-05 01:31 - 2015-07-05 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-07-05 01:31 - 2015-07-05 01:31 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-07-05 01:28 - 2015-07-05 01:28 - 04246816 _____ (Softperfect ) C:\Users\Gustav\Downloads\networx_setup.exe
2015-07-05 01:28 - 2015-06-15 09:25 - 00070120 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\networx.sys
2015-07-05 01:27 - 2015-07-05 01:27 - 01198368 _____ C:\Users\Gustav\Downloads\NetWorx - CHIP-Installer.exe
2015-07-05 00:49 - 2015-07-05 11:37 - 00000000 ____D C:\Qoobox
2015-07-05 00:49 - 2015-07-05 00:56 - 00000000 ____D C:\Windows\erdnt
2015-07-05 00:49 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-05 00:49 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-05 00:49 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-05 00:49 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-04 21:15 - 2015-07-04 21:18 - 651767784 _____ (Avira GmbH) C:\Users\Gustav\Downloads\rescue-system.exe
2015-07-04 19:34 - 2015-07-04 19:34 - 02870984 _____ (ESET) C:\Users\Gustav\Downloads\esetsmartinstaller_deu.exe
2015-07-04 19:15 - 2015-07-04 19:15 - 00000207 _____ C:\Windows\tweaking.com-regbackup-THORSTEN-Windows-7-Home-Premium-(64-bit).dat
2015-07-04 19:15 - 2015-07-04 19:15 - 00000000 ____D C:\RegBackup
2015-07-04 19:13 - 2015-07-05 14:54 - 00000000 ____D C:\FRST
2015-07-04 18:03 - 2015-07-04 18:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-04 17:48 - 2015-07-05 12:08 - 00000000 ____D C:\AdwCleaner
2015-07-04 17:17 - 2015-07-05 13:59 - 00003024 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-07-04 14:48 - 2015-07-04 14:48 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-04 14:48 - 2015-07-04 14:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-04 14:40 - 2015-07-05 13:59 - 00003920 _____ C:\Windows\setupact.log
2015-07-04 14:40 - 2015-07-05 13:58 - 00007456 _____ C:\Windows\PFRO.log
2015-07-04 14:40 - 2015-07-04 14:40 - 00000000 _____ C:\Windows\setuperr.log
2015-07-04 14:33 - 2015-07-04 14:33 - 00001600 _____ C:\Windows\IE11_main.log
2015-07-03 15:59 - 2015-07-03 15:59 - 00000000 ____D C:\Users\Gustav\AppData\Local\ESN
2015-07-03 15:45 - 2015-07-03 15:45 - 00001086 _____ C:\Users\Gustav\Desktop\MSI Afterburner.lnk
2015-07-02 20:11 - 2015-07-02 20:11 - 00003210 _____ C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe
2015-06-30 18:17 - 2015-06-30 18:18 - 00000000 ____D C:\Program Files (x86)\Blizzard
2015-06-28 14:06 - 2015-06-28 14:06 - 00000000 ____D C:\Users\Gustav\AppData\Local\Blizzard
2015-06-28 11:10 - 2015-06-28 11:10 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\AVG
2015-06-28 11:10 - 2015-06-28 11:10 - 00000000 ____D C:\Users\Gustav\AppData\Local\Avg
2015-06-28 11:10 - 2015-06-28 11:10 - 00000000 ____D C:\ProgramData\AVG
2015-06-27 21:55 - 2015-07-04 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-06-26 15:26 - 2015-06-30 18:17 - 00001194 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2015-06-24 20:36 - 2015-06-24 20:36 - 00000000 ____D C:\Windows\pss
2015-06-22 21:33 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-22 21:33 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-21 12:55 - 2015-06-21 12:55 - 00017950 _____ C:\Users\Gustav\Documents\Unbenannt 1.odt
2015-06-21 11:40 - 2015-06-21 11:40 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-06-21 11:40 - 2015-06-21 11:40 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-06-21 11:40 - 2015-06-21 11:40 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\OpenOffice
2015-06-21 11:40 - 2015-06-21 11:40 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-06-21 11:39 - 2015-06-21 11:39 - 00000000 ____D C:\Users\Gustav\Desktop\OpenOffice 4.1.1 (de) Installation Files
2015-06-21 00:18 - 2015-06-24 20:17 - 00000000 ____D C:\Users\Gustav\AppData\Local\Fallout3
2015-06-20 22:25 - 2015-06-20 22:25 - 00000000 ____D C:\Users\Gustav\Documents\Petroglyph
2015-06-20 21:30 - 2015-06-20 21:30 - 00000215 _____ C:\Users\Gustav\Desktop\Chivalry Medieval Warfare.url
2015-06-20 21:27 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-20 21:27 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-20 21:27 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-20 21:27 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-20 21:27 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-20 21:27 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-20 21:27 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-20 21:27 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-20 21:27 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-20 21:27 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-20 21:27 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-20 21:27 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-20 21:27 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-20 21:27 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-20 21:27 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-20 21:27 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-20 21:27 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-20 21:27 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-20 21:27 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-20 21:27 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-20 21:27 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-20 21:27 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-20 21:27 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-20 21:27 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-20 21:27 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-20 21:27 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-20 21:27 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-20 21:27 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-20 21:27 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-20 21:27 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-20 21:27 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-20 21:27 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-20 21:27 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-20 21:27 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-20 21:27 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-20 21:27 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-20 21:27 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-20 21:27 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-20 21:27 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-20 21:27 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-20 21:27 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-20 21:27 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-20 21:27 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-20 21:27 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-20 21:27 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-20 21:27 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-20 21:27 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-20 21:27 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-20 21:27 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-20 21:27 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-20 21:27 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-20 21:27 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-20 21:27 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-20 21:27 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-20 21:27 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-20 21:27 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-20 21:27 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-20 21:27 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-20 21:27 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-20 21:27 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-20 21:27 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-20 21:27 - 2015-05-09 05:27 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-20 21:27 - 2015-05-09 05:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-20 21:27 - 2015-05-09 05:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-20 21:27 - 2015-05-09 05:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-20 21:27 - 2015-05-09 05:26 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-20 21:27 - 2015-05-09 05:26 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-20 21:27 - 2015-05-09 05:26 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-20 21:27 - 2015-05-09 05:25 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-20 21:27 - 2015-05-09 05:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-20 21:27 - 2015-05-09 05:13 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-20 21:27 - 2015-05-09 05:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-20 21:27 - 2015-05-09 05:12 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-20 21:27 - 2015-05-09 05:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 04:01 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-20 21:27 - 2015-05-09 04:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-20 21:27 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-20 21:27 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-20 21:27 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-20 21:27 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-20 21:27 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-20 21:27 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-20 21:27 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-20 21:27 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-20 21:27 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-20 21:27 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-20 21:27 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-20 21:27 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-20 21:27 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-20 21:27 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-20 21:19 - 2015-06-20 21:19 - 00000215 _____ C:\Users\Gustav\Desktop\Grey Goo.url
2015-06-20 21:15 - 2015-06-20 21:15 - 00000214 _____ C:\Users\Gustav\Desktop\Fallout 3 - Game of the Year Edition.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-05 14:53 - 2009-07-14 06:45 - 00025376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-05 14:53 - 2009-07-14 06:45 - 00025376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-05 14:51 - 2009-07-14 19:58 - 00700454 _____ C:\Windows\system32\perfh007.dat
2015-07-05 14:51 - 2009-07-14 19:58 - 00150092 _____ C:\Windows\system32\perfc007.dat
2015-07-05 14:51 - 2009-07-14 07:13 - 01624034 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-05 14:50 - 2015-03-30 20:32 - 00000000 ____D C:\Users\Gustav\AppData\Local\LogMeIn Hamachi
2015-07-05 14:50 - 2014-04-28 22:11 - 01841187 _____ C:\Windows\WindowsUpdate.log
2015-07-05 14:49 - 2014-10-19 12:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-05 13:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-05 13:58 - 2014-04-28 22:36 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-05 13:58 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-07-05 12:21 - 2014-05-09 23:27 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-05 12:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PLA
2015-07-05 11:43 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-05 10:54 - 2014-04-28 22:11 - 00000000 ____D C:\Users\Gustav
2015-07-05 03:45 - 2015-01-29 16:42 - 00000000 ____D C:\Users\Gustav\AppData\Local\CrashDumps
2015-07-05 01:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Globalization
2015-07-05 00:57 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-04 19:06 - 2015-05-02 07:49 - 00000000 ____D C:\Users\Gustav\Desktop\Grand Theft Auto V 8, 8.1 & 10_Crack
2015-07-04 17:53 - 2015-03-20 15:08 - 00000000 ____D C:\Users\Gustav\AppData\Local\Microsoft Game Studios
2015-07-04 17:53 - 2015-03-20 15:08 - 00000000 ____D C:\ProgramData\Microsoft Games
2015-07-04 17:53 - 2015-03-20 15:07 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\Microsoft Game Studios
2015-07-04 17:53 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-04 17:50 - 2014-09-26 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2015-07-04 17:49 - 2015-02-06 23:19 - 00001058 _____ C:\Users\Public\Desktop\Theme Hospital.lnk
2015-07-04 16:14 - 2014-04-29 19:48 - 00000000 ____D C:\Users\Gustav\Steam
2015-07-04 16:08 - 2014-05-03 11:29 - 00007631 _____ C:\Users\Gustav\AppData\Local\resmon.resmoncfg
2015-07-04 14:24 - 2015-05-11 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-07-04 14:24 - 2015-03-09 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2015-07-04 14:24 - 2014-09-06 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-04 14:24 - 2014-09-01 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black & White 2
2015-07-04 14:24 - 2014-05-09 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remember Me
2015-07-04 14:24 - 2014-04-30 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-07-04 14:24 - 2014-04-29 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaNox
2015-07-04 14:21 - 2014-05-04 21:21 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\DAEMON Tools Lite
2015-07-04 14:20 - 2014-04-29 05:35 - 00000000 ____D C:\Windows\Panther
2015-07-04 14:13 - 2015-03-20 21:23 - 00003232 _____ C:\Windows\System32\Tasks\Halo 2 for Vista restart
2015-07-04 14:12 - 2014-04-28 22:22 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-04 14:11 - 2014-04-28 22:22 - 00000000 ____D C:\Users\Gustav\AppData\Local\Google
2015-07-04 14:04 - 2015-03-13 20:45 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\Mozilla
2015-07-04 11:46 - 2014-04-29 19:46 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\vlc
2015-07-03 19:41 - 2014-04-29 16:06 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\.minecraft
2015-07-03 17:43 - 2014-05-15 16:53 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-07-03 16:05 - 2014-07-01 16:50 - 00076152 _____ C:\Windows\system32\PnkBstrA.exe
2015-07-03 16:05 - 2014-05-28 23:33 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-03 16:05 - 2014-05-28 23:33 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-03 15:59 - 2014-05-28 23:33 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-03 15:58 - 2014-05-09 23:19 - 00000000 ____D C:\ProgramData\Origin
2015-07-03 15:45 - 2014-05-15 16:53 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-07-02 17:48 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-01 18:27 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-30 22:24 - 2015-05-11 21:33 - 00000000 ____D C:\Users\Gustav\AppData\Local\Battle.net
2015-06-30 18:17 - 2015-05-19 14:38 - 00001170 _____ C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2015-06-30 18:17 - 2014-05-28 23:33 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-29 20:45 - 2014-05-09 23:19 - 00000000 ____D C:\Users\Gustav\Origin
2015-06-28 16:38 - 2014-04-29 14:13 - 00000000 ____D C:\Users\Gustav\AppData\Local\Adobe
2015-06-28 16:37 - 2014-10-19 12:02 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-28 16:37 - 2014-09-28 22:37 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-28 16:37 - 2014-09-26 20:57 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-27 21:12 - 2014-05-09 23:26 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-26 23:36 - 2014-04-30 21:58 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\TS3Client
2015-06-26 15:19 - 2014-05-10 10:38 - 00000000 ____D C:\Users\Gustav\AppData\Roaming\Origin
2015-06-25 17:43 - 2014-04-28 22:36 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-24 13:36 - 2014-10-07 16:22 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-24 13:36 - 2014-10-07 16:22 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-24 13:36 - 2014-10-07 16:20 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-24 13:36 - 2014-10-07 16:20 - 01320120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-22 21:33 - 2015-06-02 20:41 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-21 17:20 - 2009-07-14 06:45 - 00457632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-21 17:14 - 2014-04-28 22:29 - 00116328 _____ C:\Users\Gustav\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-21 13:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-21 00:15 - 2014-05-04 21:43 - 00000000 ____D C:\Users\Gustav\Documents\My Games
2015-06-20 21:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-20 21:31 - 2014-05-15 18:14 - 00000000 ____D C:\Windows\system32\MRT
2015-06-20 21:27 - 2014-05-15 18:14 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-05 21:11 - 2015-05-26 18:13 - 00000000 ____D C:\Users\Gustav\AppData\Local\Arma 3

==================== Files in the root of some directories =======

2014-07-31 20:56 - 2015-02-17 17:56 - 0000104 _____ () C:\Users\Gustav\AppData\Roaming\WB.CFG
2015-05-10 22:17 - 2015-05-10 22:17 - 0000000 ____H () C:\Users\Gustav\AppData\Local\BIT9352.tmp
2015-03-08 16:23 - 2015-04-19 15:17 - 0000000 _____ () C:\Users\Gustav\AppData\Local\Driver_LOM_8161Present.flag
2014-05-03 11:29 - 2015-07-04 16:08 - 0007631 _____ () C:\Users\Gustav\AppData\Local\resmon.resmoncfg
2015-05-10 22:16 - 2015-05-10 22:16 - 0000000 _____ () C:\Users\Gustav\AppData\Local\{92CF7355-4AD0-491B-BBCF-156B92DDE390}
2014-06-19 18:58 - 2014-06-23 13:11 - 0000040 ___SH () C:\ProgramData\.zreglib

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 14:26

==================== End of log ============================


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:46 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131