Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Internetverbindung wird kontrolliert

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.04.2015, 20:11   #1
JamesP
 
Internetverbindung wird kontrolliert - Standard

Internetverbindung wird kontrolliert



Guten Abend,

am besten einfach hier nachlesen, habe exakt das selbe Problem http://www.trojaner-board.de/159860-...trolliert.html

habe win 7 und nutze zur zeit avast, jedoch konnte avast und auch antimalewarebytes keinen virus finden. der andere thread ist deckungsgleich mit meiner situation bis auf den adwcleaner den ich nicht nutze.

die frage ist nun auch von mir ob dies ein virus ist oder nicht.

ich danke im vorraus.

mfg

/edit habe leider keinen screenshot gemacht ...

Alt 26.04.2015, 20:28   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Internetverbindung wird kontrolliert - Standard

Internetverbindung wird kontrolliert





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 26.04.2015, 21:21   #3
JamesP
 
Internetverbindung wird kontrolliert - Standard

Internetverbindung wird kontrolliert



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015
Ran by Jonas (administrator) on JONAS-PC on 26-04-2015 21:18:21
Running from C:\Users\Jonas\Desktop
Loaded Profiles: Jonas (Available profiles: Jonas)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() D:\Programme\MSI Afterburner\MSIAfterburner.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn Inc.) D:\Programme\Hamachi\hamachi-2-ui.exe
(Malwarebytes Corporation) D:\Programme\Antimalewarebytes\ Malwarebytes Anti-Malware \mbamscheduler.exe
(LogMeIn, Inc.) D:\Programme\Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) D:\Programme\Antimalewarebytes\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) D:\Programme\Antimalewarebytes\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(LogMeIn Inc.) D:\Programme\Hamachi\hamachi-2.exe
(LogMeIn, Inc.) D:\Programme\Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
() C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\Jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(MSI CO.,LTD.) C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\CPU_Ratio.exe
() D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTSS.exe
() D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\EncoderServer.exe
() D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-03-17] (MSI)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-18] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programme\Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3631448 2015-02-27] (Electronic Arts)
HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Run: [HP Officejet 4630 series (NET)] => C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Run: [Spotify Web Helper] => C:\Users\Jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Run: [Spotify] => D:\Programme\Spotify\Spotify.exe [6611512 2015-03-17] (Spotify Ltd)
HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\MountPoints2: {0a2cacb2-3ca1-11e3-bfc7-806e6f6e6963} - E:\acer.exe
HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\MountPoints2: {eb388d63-3ca1-11e3-9ee2-829eabdd274b} - G:\pushinst.exe
HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-03-10] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-10] (Avast Software s.r.o.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg64.dll [2015-03-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-11] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-10] (Avast Software s.r.o.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-05] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-11] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-3728843872-2363194956-1273056754-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @hogrefe.de/nphtspse,version=1.15 -> C:\Program Files (x86)\Hogrefe\Player\4\Bin\nphtspse.dll No File
FF Plugin-x32: @hogrefe.de/nphtspst,version=1.15 -> C:\Program Files (x86)\Hogrefe\Player\4\Bin\nphtspst.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-07]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://facebook.com/"
CHR Profile: C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-21]
CHR Extension: (Google Docs) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-15]
CHR Extension: (Google Drive) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-15]
CHR Extension: (James White) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2015-02-01]
CHR Extension: (YouTube) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-15]
CHR Extension: (Adblock Plus) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-16]
CHR Extension: (Google Search) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-15]
CHR Extension: (Avast SafePrice) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-11-12]
CHR Extension: (Hola Better Internet) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-04-14]
CHR Extension: (Avast Online Security) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (Google Wallet) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-15]
CHR Extension: (Gmail) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-15]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-10] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-10] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [967040 2015-03-20] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-03-05] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 Hamachi2Svc; D:\Programme\Hamachi\hamachi-2.exe [2490216 2015-03-30] (LogMeIn Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
R2 MBAMScheduler; D:\Programme\Antimalewarebytes\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; D:\Programme\Antimalewarebytes\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2014-01-20] (MSI) [File not signed]
S4 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [310784 2014-02-17] () [File not signed]
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2113536 2014-02-19] () [File not signed]
R3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4113408 2014-02-18] () [File not signed]
R2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2014-01-16] () [File not signed]
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2225152 2014-02-18] () [File not signed]
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2014-01-20] () [File not signed]
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [179200 2014-02-17] () [File not signed]
R3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [531968 2014-02-17] () [File not signed]
S4 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [183296 2014-01-20] () [File not signed]
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4513840 2013-10-22] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-02-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-10] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-10] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-10] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-10] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-10] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-10] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-10] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
R3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTCore64; D:\Programme\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-10] (Avast Software)
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 21:18 - 2015-04-26 21:18 - 00027559 _____ () C:\Users\Jonas\Desktop\FRST.txt
2015-04-26 21:17 - 2015-04-26 21:18 - 00000000 ____D () C:\FRST
2015-04-26 21:15 - 2015-04-26 21:15 - 02101248 _____ (Farbar) C:\Users\Jonas\Desktop\FRST64.exe
2015-04-26 21:14 - 2015-04-26 21:14 - 02224640 _____ () C:\Users\Jonas\Desktop\AdwCleaner_4.202.exe
2015-04-25 00:47 - 2015-04-26 18:12 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-25 00:47 - 2015-04-25 00:47 - 00000889 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-25 00:47 - 2015-04-25 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-25 00:47 - 2015-04-25 00:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-25 00:47 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-25 00:47 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-25 00:47 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-16 19:35 - 2015-04-16 19:37 - 00000216 _____ () C:\Users\Jonas\Desktop\uhr.txt
2015-04-13 15:43 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-13 15:43 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-13 15:43 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-13 15:43 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-10 13:16 - 2015-04-10 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 21:17 - 2013-10-24 16:50 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\Skype
2015-04-26 21:10 - 2013-10-24 14:09 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-26 20:26 - 2013-12-09 01:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-26 20:10 - 2013-10-24 14:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-26 17:19 - 2015-02-01 20:36 - 00000000 ____D () C:\Users\Jonas\AppData\Local\Spotify
2015-04-26 16:52 - 2015-02-01 20:43 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\Spotify
2015-04-26 16:48 - 2009-07-14 19:58 - 00710030 _____ () C:\Windows\system32\perfh007.dat
2015-04-26 16:48 - 2009-07-14 19:58 - 00154466 _____ () C:\Windows\system32\perfc007.dat
2015-04-26 16:48 - 2009-07-14 07:13 - 01649878 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-26 16:47 - 2013-10-24 13:48 - 01818871 _____ () C:\Windows\WindowsUpdate.log
2015-04-26 16:47 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-26 16:47 - 2009-07-14 06:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-26 16:44 - 2013-10-24 19:17 - 00000000 ____D () C:\ProgramData\Origin
2015-04-26 16:42 - 2015-02-01 23:15 - 00020948 _____ () C:\Windows\setupact.log
2015-04-26 16:42 - 2015-02-01 20:44 - 00001767 _____ () C:\Users\Jonas\Desktop\Spotify.lnk
2015-04-26 16:42 - 2015-02-01 20:36 - 00001753 _____ () C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-04-26 16:42 - 2013-12-31 00:44 - 00000000 ____D () C:\Users\Jonas\AppData\Local\LogMeIn Hamachi
2015-04-26 16:42 - 2013-10-24 14:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-26 16:42 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-25 18:17 - 2014-06-17 08:08 - 00003002 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2015-04-25 01:00 - 2015-02-02 12:36 - 00005892 _____ () C:\Windows\PFRO.log
2015-04-24 19:33 - 2014-11-07 13:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-21 00:00 - 2013-10-24 16:56 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\TS3Client
2015-04-17 21:11 - 2014-04-15 21:42 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-17 20:26 - 2013-12-09 01:15 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-17 20:26 - 2013-12-09 01:15 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-17 20:26 - 2013-12-09 01:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-16 19:16 - 2014-03-03 01:26 - 00000000 ____D () C:\Users\Jonas\AppData\Roaming\vlc
2015-04-15 22:44 - 2013-10-30 01:34 - 00000000 ____D () C:\Users\Jonas\AppData\Local\CrashDumps
2015-04-14 23:57 - 2014-01-29 02:11 - 00000000 ____D () C:\Users\Jonas\AppData\Local\ArmA 2 OA
2015-04-13 15:44 - 2014-04-06 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-13 15:44 - 2013-10-24 14:18 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-13 15:43 - 2014-04-06 15:25 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-13 15:37 - 2014-04-06 15:27 - 00001381 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-04-13 12:10 - 2013-10-24 16:50 - 00000000 ____D () C:\ProgramData\Skype
2015-04-10 13:16 - 2014-04-22 13:07 - 00000625 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-04-09 02:58 - 2014-08-11 19:33 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-09 02:58 - 2014-04-06 15:26 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-09 02:58 - 2014-04-06 15:26 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-09 02:58 - 2014-04-06 15:25 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2014-04-06 15:25 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2014-04-06 15:25 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-09 02:58 - 2014-04-06 15:25 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-09 02:58 - 2014-04-06 15:25 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-08 23:30 - 2014-04-06 15:26 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 23:30 - 2014-04-06 15:26 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30 - 2014-04-06 15:26 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30 - 2014-04-06 15:26 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30 - 2014-04-06 15:26 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 23:30 - 2014-04-06 15:26 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 19:52 - 2014-04-06 15:26 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-08 13:15 - 2013-11-07 01:18 - 00000000 ___RD () C:\Users\Jonas\Desktop\Spiele
2015-04-06 19:07 - 2013-11-07 00:21 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-03-30 15:25 - 2014-01-27 19:56 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-03-28 05:44 - 2014-06-03 10:26 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-04-06 15:27 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2014-06-03 10:26 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-04-06 15:27 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

==================== Files in the root of some directories =======

2014-10-27 19:21 - 2015-03-10 15:06 - 0000302 _____ () C:\Users\Jonas\AppData\Roaming\BreakingPoint_Login.ini
2014-10-27 19:22 - 2015-03-10 15:06 - 0001408 _____ () C:\Users\Jonas\AppData\Roaming\BreakingPoint_Options.ini
2014-04-03 23:29 - 2014-04-03 23:29 - 0007605 _____ () C:\Users\Jonas\AppData\Local\Resmon.ResmonCfg
2014-11-30 17:04 - 2014-11-30 17:04 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\Jonas\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jonas\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Jonas\AppData\Local\Temp\jshortcut-3848203736546741468.dll
C:\Users\Jonas\AppData\Local\Temp\jshortcut-4635714071111452450.dll
C:\Users\Jonas\AppData\Local\Temp\jshortcut-8655012844567121041.dll
C:\Users\Jonas\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Jonas\AppData\Local\Temp\nvStInst.exe
C:\Users\Jonas\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jonas\AppData\Local\Temp\SpotifyUninstall.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-24 21:17

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2015
Ran by Jonas at 2015-04-26 21:18:39
Running from C:\Users\Jonas\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3728843872-2363194956-1273056754-500 - Administrator - Disabled)
Gast (S-1-5-21-3728843872-2363194956-1273056754-501 - Limited - Disabled)
Jonas (S-1-5-21-3728843872-2363194956-1273056754-1000 - Administrator - Enabled) => C:\Users\Jonas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Addon Sync 2009 (HKLM-x32\...\{4E3AA543-09D7-401E-9DF2-2591D24C7C49}) (Version: 1.0.67 - YomaTools)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc)
Afterfall InSanity Extended Edition (HKLM-x32\...\Steam App 224420) (Version:  - Intoxicate Studios)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archlord2 (HKLM-x32\...\{4B23B4C1-769A-49A4-AA12-1FF72B548F5D}_is1) (Version: 1.0.0.1 - Webzen)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
ARMA 2 Army of The Czech Republic - Data cache removal (HKLM-x32\...\A2ACR Data cache removal) (Version:  - )
ARMA 2 Operation Arrowhead Uninstall (HKLM-x32\...\ARMA 2 Operation Arrowhead) (Version:  - )
ArmA 2 Uninstall (HKLM-x32\...\ArmA 2) (Version:  - )
ARMA 2: British Armed Forces - Data cache removal (HKLM-x32\...\A2BAF Data cache removal) (Version:  - )
Arma 2: British Armed Forces (HKLM-x32\...\Steam App 65700) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
ARMA 2: Private Military Company - Data cache removal (HKLM-x32\...\A2PMC Data cache removal) (Version:  - )
Arma 2: Private Military Company (HKLM-x32\...\Steam App 65720) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ArmA3Sync 1.4.54 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.4.54 - The [S.o.E] team)
Assassins Creed IV Black Flag Deluxe Edition (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version:  - WB Games Montreal)
Battlefield 2142 Deluxe Edition (HKLM-x32\...\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}) (Version:  - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
CommandCenter (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.52 - MSI)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1197 - SG INTERACTIVE)
DayZ Commander (HKLM-x32\...\{99C28455-E285-4639-B4C6-9F747C0C3D4C}) (Version: 0.92.90 - Dotjosh Studios)
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.0.9 - MSI)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP Officejet 4630 series - Grundlegende Software für das Gerät (HKLM\...\{BB830050-E345-45FC-80D3-4EF9680CFC06}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Officejet 4630 series Hilfe (HKLM-x32\...\{08B9332C-26DB-4EF3-85D6-6DC62B937681}) (Version: 31.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Live Update 5 (HKLM-x32\...\{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1) (Version: 5.0.114 - MSI)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{2301bb34-385a-4a57-877f-c54347957fad}) (Version: 4.0.6.305 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.0.6.305 - Intel Corporation) Hidden
MTA:SA v1.3.4 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.4 - Multi Theft Auto)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
Nether (HKLM-x32\...\Steam App 247730) (Version:  - Phosphor Games)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4518 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
Spotify (HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.024 - MSI)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.5 - MSI)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

23-02-2015 20:49:16 Geplanter Prüfpunkt
02-03-2015 21:13:20 Geplanter Prüfpunkt
10-03-2015 15:58:48 Geplanter Prüfpunkt
10-03-2015 18:42:27 avast! antivirus system restore point
12-03-2015 16:13:25 DirectX wurde installiert
12-03-2015 16:15:08 DirectX wurde installiert
19-03-2015 19:16:20 Gerätetreiber-Paketinstallation: Steinberg Media Technologies GmbH
19-03-2015 19:54:15 Removed Steinberg Groove Agent ONE Vintage Beatboxes
19-03-2015 19:54:23 Removed Steinberg HALion Sonic SE Content for Cubase LE AI Elements
19-03-2015 19:54:35 Removed Steinberg Cubase LE AI Elements 7 64bit
19-03-2015 19:54:52 Removed Steinberg REVerence Content 01
19-03-2015 19:55:11 Removed Steinberg Groove Agent ONE Content
19-03-2015 19:55:22 Removed Steinberg HALion Sonic SE 64bit
19-03-2015 19:55:33 Removed Steinberg VST Amp Rack Content 01
19-03-2015 19:55:40 Removed Steinberg Midi Loop Library
19-03-2015 19:55:50 Removed Steinberg Drum Loop Expansion 01
19-03-2015 19:55:57 Removed Steinberg Upload Manager
27-03-2015 12:50:41 Geplanter Prüfpunkt
06-04-2015 22:54:34 Geplanter Prüfpunkt
13-04-2015 15:44:13 NVIDIA PhysX wird entfernt
21-04-2015 21:18:06 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {067FF7A5-AB4B-4CCF-ADC0-6961AF47537F} - System32\Tasks\{8B0DDEB3-8498-4AD6-9F58-6727A7377E63} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {2018E1F3-DE3E-4CFA-A624-6F1CB166EBB7} - System32\Tasks\{74A71055-8615-4B7A-8BCE-A165E374D9E9} => pcalua.exe -a "D:\Programme\DriverCleaner\Driver Cleaner Pro\DCleaner.exe" -d "D:\Programme\DriverCleaner\Driver Cleaner Pro"
Task: {22B70E67-D9D2-4B1B-A7F1-2ACFDFB6078A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {32C3C9E9-F940-4345-AC6C-676429782BFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {46926EFF-DF59-4E6D-8B00-64C0823CE708} - System32\Tasks\{0E7F0382-9C66-4B5B-BFDA-726820641A57} => pcalua.exe -a D:\Programme\Arschlord\JUSTArchlord.exe -d D:\Programme\Arschlord
Task: {5D3F5988-1BE8-4EF9-A4B3-06164BFAB8DF} - System32\Tasks\MSIAfterburner => D:\Programme\MSI Afterburner\MSIAfterburner.exe [2014-12-06] ()
Task: {661EBAB4-6A13-4B34-88BC-FA3E7460EF79} - System32\Tasks\{32CB1A07-A44E-4CB7-BF93-ABF7AD68DFFD} => D:\Programme\League of Legends\lol.launcher.exe [2013-06-12] ()
Task: {80809FF7-CA8B-4BB8-81A5-EB588FAB2530} - System32\Tasks\{6134E115-9A21-47BB-BA84-41C714823CFF} => D:\Programme\League of Legends\lol.launcher.exe [2013-06-12] ()
Task: {923E4025-D648-4DBB-99DD-618A06253923} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {9AF0ED81-CC09-463C-80AD-5389EDA3AAA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {A2E5D537-69B5-4E90-BE5A-F3317C1A8F04} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-10] (Avast Software s.r.o.)
Task: {A4B8BDDF-C0FB-4D22-AAF4-E702BAF3D0A8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: {BE7E1CD1-64AB-43C8-A653-EA80A6F15861} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EE4E1AA8-2D77-47F0-9E1B-6B68859501DD} - System32\Tasks\{326E6E3B-185C-4610-B51A-CB4C2F3E680E} => C:\Program Files (x86)\Dotjosh Studios\DayZ Commander\Current\DayZCommander.exe [2014-08-02] (Dotjosh Studios, LLC)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-04-06 15:26 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-05 11:41 - 2014-11-09 13:37 - 00402432 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTSSHooks64.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-06 09:03 - 2014-12-06 09:03 - 00565760 _____ () D:\Programme\MSI Afterburner\MSIAfterburner.exe
2014-04-02 20:54 - 2014-01-16 17:00 - 01985536 _____ () C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
2013-10-24 19:55 - 2014-08-10 21:29 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-02 20:54 - 2014-02-17 17:27 - 00531968 _____ () C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
2014-04-02 20:54 - 2014-02-18 15:07 - 04113408 _____ () C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
2014-11-09 13:37 - 2014-11-09 13:37 - 00197632 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTSS.exe
2014-11-09 13:37 - 2014-11-09 13:37 - 00026112 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\EncoderServer.exe
2014-11-09 13:37 - 2014-11-09 13:37 - 00088576 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2015-03-10 18:43 - 2015-03-10 18:43 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-10 18:43 - 2015-03-10 18:43 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-25 18:02 - 2015-04-25 18:02 - 02927104 _____ () C:\Program Files\AVAST Software\Avast\defs\15042500\algo.dll
2015-04-26 16:42 - 2015-04-26 16:42 - 02927104 _____ () C:\Program Files\AVAST Software\Avast\defs\15042600\algo.dll
2015-04-13 15:37 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-06-05 11:40 - 2014-11-09 13:37 - 00356864 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTSSHooks.dll
2014-01-30 12:48 - 2015-02-27 20:58 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-01-30 12:48 - 2015-02-27 20:58 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-01-30 12:48 - 2015-02-27 20:58 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-01-30 12:48 - 2015-02-27 20:58 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-01-30 12:48 - 2015-02-27 20:58 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-01-30 12:48 - 2015-02-27 20:58 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-01-30 12:48 - 2015-02-27 20:58 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-01-30 12:48 - 2015-02-27 20:58 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-04-02 22:13 - 2012-10-31 15:00 - 00991232 ____N () C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\de-DE\SBCinema.resources.dll
2014-12-06 09:01 - 2014-12-06 09:01 - 00071680 _____ () D:\Programme\MSI Afterburner\RTMUI.dll
2014-12-06 09:01 - 2014-12-06 09:01 - 00056832 _____ () D:\Programme\MSI Afterburner\RTFC.dll
2014-12-06 09:02 - 2014-12-06 09:02 - 00217600 _____ () D:\Programme\MSI Afterburner\RTCore.dll
2014-12-06 09:01 - 2014-12-06 09:01 - 00353792 _____ () D:\Programme\MSI Afterburner\RTUI.dll
2014-12-06 09:02 - 2014-12-06 09:02 - 00649216 _____ () D:\Programme\MSI Afterburner\RTHAL.dll
2015-03-10 18:43 - 2015-03-10 18:43 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-10 18:43 - 2015-03-10 18:43 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll
2015-03-10 18:43 - 2015-03-10 18:43 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00056832 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTFC.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00353792 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTUI.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00071680 _____ () D:\Programme\MSI Afterburner\RIVA\RivaTuner Statistics Server\RTMUI.dll
2014-04-02 20:56 - 2013-09-17 03:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-17 21:11 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-17 21:11 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2015-04-17 21:11 - 2015-04-13 23:55 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Jonas\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Jonas\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Jonas\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Jonas\AppData\Roaming:NT2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3728843872-2363194956-1273056754-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CommandCenter => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe
MSCONFIG\startupreg: Fast Boot => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
MSCONFIG\startupreg: iTunesHelper => "D:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LiveUpdate 5 => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: MBCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{C964CF3B-C868-4A4D-82FB-1DC2F4EEED7F}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{85F8946D-95E5-43EB-A3C4-47C12304AC20}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{57C12CC0-2EC3-4373-86F4-8E35A262DDD9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FD40F426-F1B3-4D36-9825-3BE5CE8A2DA9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{11376261-4D1C-4EF8-A72D-A3C759E787D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2625AB0C-0C87-4853-94CA-E4FEDBF575A6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{351BEA94-675E-459E-976A-1C128C4AE11A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ED90717B-5EEA-41BF-AD03-D76606EB41A0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D630D27D-F6C8-483D-A218-6AE590949EB2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{3DCD3B14-DD0D-4C7D-95AF-76AF7D73B36B}D:\programme\skype\phone\skype.exe] => (Allow) D:\programme\skype\phone\skype.exe
FirewallRules: [UDP Query User{5FBBD407-67C8-4FF9-AAED-F0031669A5CB}D:\programme\skype\phone\skype.exe] => (Allow) D:\programme\skype\phone\skype.exe
FirewallRules: [{3C513716-1FE0-4D11-8AA1-AFB0F71CFDC3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6D7F3D9C-B693-4CBE-BB90-431C099809E3}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{70F9AB8F-107E-47E2-87D1-D49CE77ECB33}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [TCP Query User{46156F90-3073-4303-883F-3271B78AFD79}D:\programme\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => (Allow) D:\programme\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [UDP Query User{15C16BB7-DA1B-4BDB-B9D0-3B260D237A9E}D:\programme\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => (Allow) D:\programme\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [{14F04D83-A359-4BA8-912A-2718AAB43810}] => (Allow) D:\Programme\RGSC\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{5668ABFD-E3BF-4252-A9F6-AAD33857E24D}] => (Allow) D:\Programme\RGSC\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{7D4AD19E-11D1-43FC-81F5-6116F7E3B1B6}] => (Allow) D:\Programme\Splinter Cell BL\Blacklist_Launcher.exe
FirewallRules: [{916FC418-C086-4885-8D77-D109BE0E1039}] => (Allow) D:\Programme\Splinter Cell BL\Blacklist_Launcher.exe
FirewallRules: [{61156FEF-0F40-45D8-A67C-0369E91B7AB0}] => (Allow) D:\Programme\Splinter Cell BL\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{FA786CC1-A022-4EBB-B0F1-81AB9906C6D0}] => (Allow) D:\Programme\Splinter Cell BL\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{C47951EA-78CC-4073-AD89-5FA3626B9423}] => (Allow) D:\Programme\Splinter Cell BL\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{27F4B2FA-C75A-467D-8172-72D71F72F42A}] => (Allow) D:\Programme\Splinter Cell BL\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{8A0A59EB-5CA4-4EF0-9C05-C1FDC63F12EF}] => (Allow) D:\Programme\Splinter Cell BL\src\SYSTEM\gu.exe
FirewallRules: [{F51633D2-4A4D-4CA3-B11F-8FFF4934C723}] => (Allow) D:\Programme\Splinter Cell BL\src\SYSTEM\gu.exe
FirewallRules: [{0F3E80BD-869A-4F67-80DF-DE6C2C4D788A}] => (Allow) D:\Programme\Uplay\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{0D91E452-719D-4DA0-B823-8099F4906022}] => (Allow) D:\Programme\Uplay\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [TCP Query User{7D758F8E-F055-46B5-B3D2-28E0455C4DE8}D:\programme\battlefield 2142\bf2142.exe] => (Allow) D:\programme\battlefield 2142\bf2142.exe
FirewallRules: [UDP Query User{CC1C40E3-A5A1-44FB-BC2A-43BC415D05E8}D:\programme\battlefield 2142\bf2142.exe] => (Allow) D:\programme\battlefield 2142\bf2142.exe
FirewallRules: [{2D5961A5-168B-404D-B635-60B91908A5BF}] => (Allow) D:\Programme\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{86288E17-2574-49A7-96F7-AA688212ED91}] => (Allow) D:\Programme\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{54DF1AEF-6045-4C41-B67A-53D7E1950FE4}] => (Allow) D:\Programme\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{3441453B-1EA9-41E7-B330-5E350C307E25}] => (Allow) D:\Programme\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{4D333135-1FDD-4893-B736-1384F4E07BBE}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{1327514D-E162-4288-A488-FD82709D760F}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{90D9BB06-335F-42D1-B375-79F62570FE18}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{4767D312-45D6-4D62-8A2B-09E22E13AD66}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{D38AEFA3-3A15-45D3-8DAA-202A6E563027}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{4C271AD2-1348-4248-992B-B3630AE1FDC3}] => (Allow) D:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [TCP Query User{4318795E-A352-4304-BDE5-B77FACDCE71A}D:\programme\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\programme\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{3102A9EE-1951-40AA-A646-2EA069FC4D8E}D:\programme\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\programme\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{8070A3B3-29DD-4A74-8717-E6BABC6E056F}D:\programme\call of duty - world at war\codwawmp.exe] => (Block) D:\programme\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{28715F85-9E3B-473D-98C5-637EF25EF0E5}D:\programme\call of duty - world at war\codwawmp.exe] => (Block) D:\programme\call of duty - world at war\codwawmp.exe
FirewallRules: [TCP Query User{05EFCB79-D179-4E1D-9049-49C01D857B86}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{7C545AA3-AA02-435A-8B4D-B6A29AC2B67D}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{DC038755-7840-4EC4-AFD0-559892C2ACA9}D:\programme\steam\steam.exe] => (Allow) D:\programme\steam\steam.exe
FirewallRules: [UDP Query User{B546F596-C974-44FE-AA51-D98FFD6FF441}D:\programme\steam\steam.exe] => (Allow) D:\programme\steam\steam.exe
FirewallRules: [TCP Query User{285D18DA-BDBE-4CF9-80BB-A49134B083B8}D:\programme\call of duty - world at war\codwaw2.exe] => (Allow) D:\programme\call of duty - world at war\codwaw2.exe
FirewallRules: [UDP Query User{E9AF433D-B61D-4737-BC1A-FCC981836F99}D:\programme\call of duty - world at war\codwaw2.exe] => (Allow) D:\programme\call of duty - world at war\codwaw2.exe
FirewallRules: [{1EBC8A4D-426C-4E5F-905A-107C5C3967BA}] => (Allow) C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\PerfTune.exe
FirewallRules: [{D7275809-0782-4B3B-A987-1FE45C770EEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D7A7CE7E-7FB7-457E-BC2D-681768A6058F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E4FCC796-0214-4CEB-9CFE-46AA7D7A8527}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E0315E48-3840-4599-94D3-373C9CA1861D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{467BAB08-1EA0-4D13-87EB-4246248854E5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{408B7C52-B7D7-4D65-A884-080BDF1FB889}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ADCF57E3-B9E7-480B-A608-3E40677821EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B2C7C0D1-9139-4D1D-B7FA-22C739998A6E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E61023FF-0583-4DC2-9464-7DE0BD078A33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{67BAD71F-BF9E-4BD2-BAD1-7C6E750F6846}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{65AA7443-6A63-4DDC-A864-B450C8CD5A13}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E52006B9-C7E3-45F9-AE34-F6E5617D980B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F20EBB78-C66F-4E2A-BBB1-B2417A5D4821}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{23E1780F-F8FC-4A7D-847F-5B75699ED757}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{65B05299-E1D3-43DB-AC73-35459A7949D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{70BC6EA9-99D5-420C-A7E8-4706DB03CA8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C34A39F3-0737-4A0B-B73B-1EBE4F22F7FD}] => (Allow) D:\Programme\Steam\SteamApps\common\Nether\Launcher\Launcher.exe
FirewallRules: [{12F2F98F-EF22-4D7C-A40F-8DD16DFA39FD}] => (Allow) D:\Programme\Steam\SteamApps\common\Nether\Launcher\Launcher.exe
FirewallRules: [TCP Query User{1E71369E-7699-42CE-8494-98F6D8B511CC}D:\programme\steam\steamapps\common\nether\game\binaries\win64\nether.exe] => (Allow) D:\programme\steam\steamapps\common\nether\game\binaries\win64\nether.exe
FirewallRules: [UDP Query User{5FC11757-BCC5-491F-8E3F-C0A5E9FA89BD}D:\programme\steam\steamapps\common\nether\game\binaries\win64\nether.exe] => (Allow) D:\programme\steam\steamapps\common\nether\game\binaries\win64\nether.exe
FirewallRules: [{C24193C0-E3B0-4FF1-AA77-F9D0940C1AC6}] => (Allow) D:\Programme\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{6E81BB66-32BE-412E-AB06-059DC467B5AB}] => (Allow) D:\Programme\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{7A7AC981-0FE2-45C0-A9C3-05F4DA161AAD}] => (Allow) D:\Programme\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{E17C6D68-0353-42D2-8156-5E184743B4F3}] => (Allow) D:\Programme\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{63DC12F5-003A-4ADA-8E0A-EA3E630EEC8E}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{7174020F-F187-4281-9B9F-4A541EC4DCEE}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{5359EF6E-5809-42A3-824D-5389D7CC65BF}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{BF723D1F-8FE4-40C3-8515-50448FFA5B78}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [TCP Query User{42003748-019E-486F-A88B-D2742581964B}D:\programme\dayzlauncher\dayzlauncher\dayzlauncher.exe] => (Block) D:\programme\dayzlauncher\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{08056199-C61F-4B85-B809-567A9A7C53AF}D:\programme\dayzlauncher\dayzlauncher\dayzlauncher.exe] => (Block) D:\programme\dayzlauncher\dayzlauncher\dayzlauncher.exe
FirewallRules: [{59D0B5E5-C4D9-4BF8-8EBF-9D6AE963E536}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{838645FD-78B1-4045-969F-6DBF52B6EA47}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2C9F8D89-68D0-4325-B5D3-8B3BC0C30B2A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5AD4680D-4906-4EA4-9E89-4903942A2017}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9C3B2493-FD88-4150-AD84-4D612CDA48B3}] => (Allow) D:\Programme\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{5A8E6DE1-E037-401F-809E-A84D55043635}] => (Allow) D:\Programme\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{27F6389E-A110-4818-8274-9A9406D5B14E}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{80BB1E5D-E955-4791-B93E-A2E33AF27DE7}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{72774BE3-13B3-4831-B0C8-3D6BA2E10CBA}] => (Allow) D:\Programme\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{42540116-BE08-4B0C-9931-270690D56C97}] => (Allow) D:\Programme\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{DB996F36-ED5D-4ED8-BA66-30C4B0B58E94}] => (Allow) D:\Programme\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{1B4FA859-A8B6-431B-BED8-E53B2967B767}] => (Allow) D:\Programme\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{BC9C0D66-2120-491D-8B4A-F2A16F0B6300}] => (Allow) D:\Programme\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{D27F34EA-3479-4D13-9EF3-3F6DE02D0179}] => (Allow) D:\Programme\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{71770921-100F-4CA2-B3B3-8612A628C408}] => (Allow) D:\Programme\Steam\SteamApps\common\Afterfall InSanity\Binaries\Win32\InSanity-Win32-Shipping.exe
FirewallRules: [{B21A0D1A-0630-46AC-8E7C-C860F228F1BB}] => (Allow) D:\Programme\Steam\SteamApps\common\Afterfall InSanity\Binaries\Win32\InSanity-Win32-Shipping.exe
FirewallRules: [{3608F771-7B01-4F8E-978A-AB1982299D64}] => (Allow) D:\Programme\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{17AD0D7E-6B86-4937-814C-31A4B207512C}] => (Allow) D:\Programme\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [TCP Query User{1E60DA56-7736-4FD3-92AC-2B54FD4794AC}D:\programme\breaking point (arma3)\breakingpoint.exe] => (Block) D:\programme\breaking point (arma3)\breakingpoint.exe
FirewallRules: [UDP Query User{95074FA1-8CC3-4B0F-BE4F-A2CF5407AC2E}D:\programme\breaking point (arma3)\breakingpoint.exe] => (Block) D:\programme\breaking point (arma3)\breakingpoint.exe
FirewallRules: [TCP Query User{BCFB4635-FB36-4283-87B8-387ED656B6B3}C:\users\jonas\appdata\local\apps\2.0\yznze9jd.rlr\rq8rqve2.p5q\epoc..tion_0000000000000000_0000.0000_027e7bf728a0a5d7\epoch launcher.exe] => (Block) C:\users\jonas\appdata\local\apps\2.0\yznze9jd.rlr\rq8rqve2.p5q\epoc..tion_0000000000000000_0000.0000_027e7bf728a0a5d7\epoch launcher.exe
FirewallRules: [UDP Query User{79829D97-B557-4ED8-8884-7D61399F1840}C:\users\jonas\appdata\local\apps\2.0\yznze9jd.rlr\rq8rqve2.p5q\epoc..tion_0000000000000000_0000.0000_027e7bf728a0a5d7\epoch launcher.exe] => (Block) C:\users\jonas\appdata\local\apps\2.0\yznze9jd.rlr\rq8rqve2.p5q\epoc..tion_0000000000000000_0000.0000_027e7bf728a0a5d7\epoch launcher.exe
FirewallRules: [{7E14423A-5F99-4774-9710-D5405CB5DBB6}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe
FirewallRules: [{90F0A9A9-AF72-41DF-B8FE-30595B5256D4}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe
FirewallRules: [{78B8BCD2-8954-4145-9F07-897039025826}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe
FirewallRules: [{DD783AC5-98C4-4486-837F-72464ACAB561}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe
FirewallRules: [{00CBBD64-89B1-46C4-A1BE-AD7AB76F5D11}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{F3D40EC2-E2B0-48FC-91B1-E1D799041ADD}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\DLCsetup\PMC\datacachepreprocessor.exe
FirewallRules: [{29123D3E-E1CE-449F-972D-0AE4882FEE05}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\DLCsetup\PMC\datacachepreprocessor.exe
FirewallRules: [{DEB2C1B1-4382-4A18-96D0-A5874C685C7A}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\DLCsetup\ACR\datacachepreprocessor.exe
FirewallRules: [{9ABF058F-B7DF-49F4-8B68-14C6E05F132F}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\DLCsetup\ACR\datacachepreprocessor.exe
FirewallRules: [{C2317AA3-70D5-4CF8-B682-614DB458B42B}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\DLCsetup\BAF\datacachepreprocessor.exe
FirewallRules: [{45576F3C-B6F7-4341-AA19-03D3E8ABAC03}] => (Allow) D:\Programme\Steam\SteamApps\common\arma 2 operation arrowhead\DLCsetup\BAF\datacachepreprocessor.exe
FirewallRules: [TCP Query User{C388E5CD-9884-441E-B271-0D6FB8B94F73}D:\programme\spotify\spotify\spotify.exe] => (Allow) D:\programme\spotify\spotify\spotify.exe
FirewallRules: [UDP Query User{5660A152-6038-4BE1-B263-438C9DD6C80F}D:\programme\spotify\spotify\spotify.exe] => (Allow) D:\programme\spotify\spotify\spotify.exe
FirewallRules: [{3FF91C9F-C9E2-452E-84B7-20A9EFCFDBBA}] => (Block) D:\programme\spotify\spotify\spotify.exe
FirewallRules: [{4B3BC523-5852-47AD-9048-439325640F04}] => (Block) D:\programme\spotify\spotify\spotify.exe
FirewallRules: [TCP Query User{2257A44B-3AF4-4D11-AB54-5011F28A046C}D:\programme\spotify\spotify.exe] => (Allow) D:\programme\spotify\spotify.exe
FirewallRules: [UDP Query User{177A9FAB-3C32-46DC-A22A-DB1E9818B878}D:\programme\spotify\spotify.exe] => (Allow) D:\programme\spotify\spotify.exe
FirewallRules: [{9D2D55A9-8833-4156-BF6A-9FE520065218}] => (Block) D:\programme\spotify\spotify.exe
FirewallRules: [{FC01FE32-85F1-49F3-960B-F02F45CFBB1D}] => (Block) D:\programme\spotify\spotify.exe
FirewallRules: [{14DFACE4-9BF2-4710-9BE3-956017C243F5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9B4C2954-18AD-4E6C-872D-9A9BEF8D36DF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{FAFAA210-A8B2-48AA-82E5-7E719BB5B998}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{F455FCBC-3219-4230-93C8-03B805D09DB7}C:\users\jonas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{032BCA69-4B59-4874-8203-5024733A8981}C:\users\jonas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jonas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{32B0E9CB-0971-48A4-B5BD-374125AAAC9A}] => (Block) C:\users\jonas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{86F47016-AB1E-4813-AAF7-8EBBB3B313BB}] => (Block) C:\users\jonas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7F941748-13AA-4771-819E-CDAF185780D8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2015 01:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034

Error: (04/24/2015 01:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8034

Error: (04/24/2015 01:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/24/2015 01:45:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7004

Error: (04/24/2015 01:45:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7004

Error: (04/24/2015 01:45:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/24/2015 01:45:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006

Error: (04/24/2015 01:45:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6006

Error: (04/24/2015 01:45:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/24/2015 01:44:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5007


System errors:
=============
Error: (04/25/2015 01:00:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MSISuperIO_CC" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/19/2015 08:15:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/19/2015 08:14:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎19.‎04.‎2015 um 20:13:58 unerwartet heruntergefahren.

Error: (04/14/2015 06:03:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/14/2015 06:03:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (04/13/2015 03:32:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/13/2015 03:32:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (04/10/2015 01:16:08 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/07/2015 07:50:32 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (04/07/2015 07:50:32 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.


Microsoft Office Sessions:
=========================
Error: (04/24/2015 01:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034

Error: (04/24/2015 01:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8034

Error: (04/24/2015 01:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/24/2015 01:45:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7004

Error: (04/24/2015 01:45:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7004

Error: (04/24/2015 01:45:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/24/2015 01:45:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006

Error: (04/24/2015 01:45:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6006

Error: (04/24/2015 01:45:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/24/2015 01:44:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5007


CodeIntegrity Errors:
===================================
  Date: 2015-03-01 23:31:55.692
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-01 23:31:55.639
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-01 23:31:50.086
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-01 23:31:50.033
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-01 21:31:12.748
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-01 21:31:12.696
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-01 21:31:07.673
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-01 21:31:07.621
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-02-28 23:27:55.996
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-02-28 23:27:55.937
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 34%
Total physical RAM: 8136 MB
Available physical RAM: 5308.41 MB
Total Pagefile: 16270.17 MB
Available Pagefile: 12901.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:40.92 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:394.15 GB) NTFS
Drive e: (acer_ S242HL) (CDROM) (Total:0.23 GB) (Free:0 GB) CDFS
Drive f: () (Removable) (Total:7.52 GB) (Free:7.45 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 035E6137)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8A972791)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 7.6 GB) (Disk ID: 3A5EF7E8)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)

==================== End Of Log ============================
         
__________________

Alt 26.04.2015, 21:34   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Internetverbindung wird kontrolliert - Standard

Internetverbindung wird kontrolliert



Zitat:
Zitat von JamesP Beitrag anzeigen
die frage ist nun auch von mir ob dies ein virus ist oder nicht.

Versuch mal bitte einen Screenshot zu machen. Der alte Thread hat auch keine mehr...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 26.04.2015, 21:40   #5
JamesP
 
Internetverbindung wird kontrolliert - Standard

Internetverbindung wird kontrolliert



geht leider nicht also es ist seit dem nicht mehr erschienen :/ sah aber ich sag mal vom layout aus wie ein ganz normales pop-up bzw eine meldung von chrome ..

/edit: was ich vergessen habe zu schreiben ist ich konnte zwei felder anklicken entweder "einstellungen wiederherstellen" oder ein anderes aber ich bin gerade nicht sicher was dort stand. ich dachte mir es würde von chrome kommen und klickte auf einstellungen wiederherstellen. ich glaube auf dem anderen stand "weitere informationen" oder so etwas..


Geändert von JamesP (26.04.2015 um 21:47 Uhr)

Alt 26.04.2015, 22:51   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Internetverbindung wird kontrolliert - Standard

Internetverbindung wird kontrolliert



Was hast Du denn gerade gemacht als das gekommen ist?
Ein "Virus" ist das wohl nicht. Wäre zumindest kein schlauer...
__________________
--> Internetverbindung wird kontrolliert

Alt 02.05.2015, 18:29   #7
JamesP
 
Internetverbindung wird kontrolliert - Standard

Internetverbindung wird kontrolliert



servus
habe nun die meldung erneut bekommen und diesmal einen screenshot hxxp://www.picfront.org/d/9h0p gemacht. habe auf "weitere informationen" geklickt und wurde hierher verwiesen: https://support.google.com/chrome/answer/6029416?p=ui_settings_api_extension&rd=1

Geändert von JamesP (02.05.2015 um 18:36 Uhr)

Alt 02.05.2015, 18:54   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Internetverbindung wird kontrolliert - Standard

Internetverbindung wird kontrolliert



Gibst das Bild auch größer?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.05.2015, 19:01   #9
JamesP
 
Internetverbindung wird kontrolliert - Standard

Internetverbindung wird kontrolliert



bekomms irgendwie nicht gebacken das groß zu machen .. hier ist der link: hxxp://www.picfront.org/d/9h0p

geht nur wenn man hxxp zu http macht

Alt 02.05.2015, 19:12   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Internetverbindung wird kontrolliert - Standard

Internetverbindung wird kontrolliert



Naja, Du hast ja auch dementsprechende Erweiterungen. Böse Malware ist das bestimmt keine. Zumindest kenne ich davon keine, die sich meldet und dem User einen Hinweis gibt.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.05.2015, 19:15   #11
JamesP
 
Internetverbindung wird kontrolliert - Standard

Internetverbindung wird kontrolliert



okay das klingt ja gut haha

vielen dank trotzdem für deine hilfe

Alt 02.05.2015, 19:16   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Internetverbindung wird kontrolliert - Standard

Internetverbindung wird kontrolliert



Alles klar.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Internetverbindung wird kontrolliert
.html, abend, adwcleaner, andere, avast, beste, besten, einfach, frage, guten, inter, interne, internetverbindung, konnte, kontrolliert, nutze, problem, situation, thread, verbindung, virus, win, win 7, win 7 u



Ähnliche Themen: Internetverbindung wird kontrolliert


  1. Internetverbindung wird kontrolliert
    Plagegeister aller Art und deren Bekämpfung - 11.08.2015 (9)
  2. internet wird kontrolliert-Chrome
    Plagegeister aller Art und deren Bekämpfung - 31.05.2015 (11)
  3. Internetverbindung wird kontrolliert
    Plagegeister aller Art und deren Bekämpfung - 18.10.2014 (1)
  4. PC wird mit Internetverbindung total langsam
    Log-Analyse und Auswertung - 29.11.2012 (9)
  5. PC wird mit Internetverbindung extrem langsam
    Plagegeister aller Art und deren Bekämpfung - 19.08.2012 (4)
  6. Internetverbindung wird getrennt
    Log-Analyse und Auswertung - 14.11.2009 (2)
  7. Internetverbindung wird einfach getrennt
    Log-Analyse und Auswertung - 30.12.2008 (8)
  8. Wird mein PC von außen kontrolliert?
    Log-Analyse und Auswertung - 21.12.2008 (8)
  9. Internetverbindung wird unterbrochen
    Plagegeister aller Art und deren Bekämpfung - 13.11.2008 (3)
  10. Internetverbindung wird regelmäßig unterbrochen
    Mülltonne - 08.10.2008 (0)
  11. Internetverbindung wird langsamer
    Log-Analyse und Auswertung - 01.10.2008 (0)
  12. Internetverbindung wird von selbst getrennt
    Plagegeister aller Art und deren Bekämpfung - 26.11.2007 (2)
  13. Internetverbindung wird andauernd unterbrochen
    Plagegeister aller Art und deren Bekämpfung - 12.01.2007 (12)
  14. internetverbindung wird einfach getrennt
    Plagegeister aller Art und deren Bekämpfung - 02.11.2006 (6)
  15. Internetverbindung wird direkt unterbrochen
    Log-Analyse und Auswertung - 24.09.2006 (12)
  16. Internetverbindung wird getrennt
    Plagegeister aller Art und deren Bekämpfung - 20.02.2005 (3)
  17. Internetverbindung wird getrennt
    Log-Analyse und Auswertung - 11.11.2004 (5)

Zum Thema Internetverbindung wird kontrolliert - Guten Abend, am besten einfach hier nachlesen, habe exakt das selbe Problem http://www.trojaner-board.de/159860-...trolliert.html habe win 7 und nutze zur zeit avast, jedoch konnte avast und auch antimalewarebytes keinen virus finden. - Internetverbindung wird kontrolliert...
Archiv
Du betrachtest: Internetverbindung wird kontrolliert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.