| Chikorita | 02.05.2015 17:04 |
Danke für die schnelle Antwort!
Hier die Logs:
FRST.txt Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by gf (administrator) on GF-PC on 02-05-2015 17:50:14
Running from E:\AV-Tools
Loaded Profiles: gf (Available profiles: gf)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() E:\HDD Health\HDDHealthService.exe
(TeamViewer GmbH) E:\TeamViewer\TeamViewer_Service.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) G:\Steam\Steam.exe
(Valve Corporation) G:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Valve Corporation) G:\Steam\bin\steamwebhelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391192 2010-08-02] (Acronis)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-03-31] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5452488 2010-08-02] (Acronis)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2570648 2010-08-02] (Acronis)
HKU\S-1-5-21-138440890-2358658478-2415672541-1000\...\MountPoints2: {8a3dfdf4-4314-11e3-955a-806e6f6e6963} - D:\Bin\ASSETUP.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2015-04-20]
ShortcutTarget: HDDHealth.lnk -> E:\HDD Health\hddhealth.exe (PANTERASoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2013-03-28]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\gf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2540 series.lnk [2014-10-08]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-138440890-2358658478-2415672541-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-138440890-2358658478-2415672541-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-22] (Oracle Corporation)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default
FF Homepage: hxxp://www.st-gerner.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll [2013-03-30] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll [2013-03-30] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll [2014-06-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-12-19] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-138440890-2358658478-2415672541-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll [2013-03-12] (Amazon.com, Inc.)
FF Extension: Live HTTP headers - C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2013-10-19]
FF Extension: DownloadHelper - C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-08]
FF Extension: Flash and Video Download - C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-04-22]
FF Extension: Bitdefender QuickScan - C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-05-02]
FF Extension: Firebug - C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default\Extensions\firebug@software.joehewitt.com.xpi [2013-03-28]
FF Extension: NicoFox - C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default\Extensions\nicofox@littlebtc.xpi [2014-09-08]
FF Extension: RankChecker - C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default\Extensions\rankchecker@seobook.com.xpi [2013-03-28]
FF Extension: Flagfox - C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: CacheViewer Continued - C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default\Extensions\{30E08C68-889E-11E0-95EF-DA7E4824019B}.xpi [2013-03-28]
FF Extension: Web Developer - C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-03-28]
FF Extension: Adblock Plus - C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-29]
FF Extension: Screenshoter - C:\Users\gf\AppData\Roaming\Mozilla\Firefox\Profiles\yqlpejbe.default\Extensions\{d9babd10-47de-11df-9879-0800200c9a66}.xpi [2013-03-28]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2014-05-23]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Profile: C:\Users\gf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\gf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-28]
CHR Extension: (Google Drive) - C:\Users\gf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-28]
CHR Extension: (YouTube) - C:\Users\gf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-28]
CHR Extension: (Adblock Plus) - C:\Users\gf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-21]
CHR Extension: (Webpage Screenshot) - C:\Users\gf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2013-05-24]
CHR Extension: (Google Search) - C:\Users\gf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-28]
CHR Extension: (Bookmark Manager) - C:\Users\gf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\gf\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\gf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (SEO for Chrome) - C:\Users\gf\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj [2013-03-28]
CHR Extension: (Gmail) - C:\Users\gf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-28]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-03-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-03-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-03-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-03-31] (Avira Operations GmbH & Co. KG)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-05-06] (Macrovision Europe Ltd.) [File not signed]
R2 HDDHealth; e:\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; e:\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138360 2012-05-02] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138360 2012-05-02] (SlySoft, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2015-04-21] (Acronis)
S3 VASDeviceDrm; C:\Windows\System32\drivers\vasdDev.sys [1454896 2012-03-19] (ShiningMorning Inc.)
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 17:49 - 2015-05-02 17:50 - 00000000 ____D () C:\FRST
2015-05-02 16:43 - 2015-05-02 16:43 - 06980616 _____ (Sandboxie Holdings, LLC) C:\Users\gf\Downloads\SandboxieInstall.exe
2015-05-02 13:53 - 2015-05-02 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-02 10:24 - 2015-05-02 10:24 - 02347384 _____ (ESET) C:\Users\gf\Downloads\esetsmartinstaller_deu.exe
2015-05-02 10:24 - 2015-05-02 10:24 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-05-02 10:03 - 2015-05-02 10:04 - 00060438 _____ () C:\Users\gf\Documents\cc_20150502_100338.reg
2015-05-02 10:02 - 2015-05-02 10:19 - 00000000 ____D () C:\Users\gf\AppData\Roaming\QuickScan
2015-05-02 01:50 - 2015-05-02 01:50 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2015-05-02 01:40 - 2015-05-02 01:40 - 00716896 _____ (Kaspersky Lab) C:\Users\gf\Downloads\Kaspersky Security Scan.exe
2015-04-29 20:32 - 2015-04-29 20:32 - 00000000 ____D () C:\Users\gf\Tracing
2015-04-27 05:17 - 2015-04-27 05:18 - 00000000 ____D () C:\Windows\SysWOW64\䁉⸱㬳湁楴楖䝎灕⽤㔱〮㤮㔮㐰⠠剐䵅※䭗㭓䐠㭅䄠䕖㠠㌮㌮⸰㐲※䑖⁆⸸ㄱ㈮㘲㈮㐱※楗摮睯‷汕楴慭整※敓癲捩慐正ㄠ※敇浲湡㭹㐠㤴ㅡ攴づ㍣ぢ捤〹〵㜹扦㜵慡㜸㔶㜲昱㘵晣㬲㈠㈲㈴㈱㔲ⴷ䕐坐ⵅ〰〰〰㬱䐠㭅䈠䥕䑌ㄠ⸵⸰⸹〵㬴〠※㬰ㄠ※楦敲潦㭸〠※㝤ㄹ㈴户㔲㙣攴〷㘸㘷㈸ㅡ㝦捡ち㙡慥っ㘹挷※⤲
2015-04-23 15:17 - 2015-04-23 15:18 - 00000000 ____D () C:\Windows\SysWOW64\䁉⸱㬳湁楴楖䝎灕⽤㔱〮㤮㔮㐰⠠剐䵅※䭗㭓䐠㭅䄠䕖㠠㌮㌮⸰㈲※䑖⁆⸸ㄱ㈮㔲ㄮ㘹※楗摮睯‷汕楴慭整※敓癲捩慐正ㄠ※敇浲湡㭹㐠㤴ㅡ攴づ㍣ぢ捤〹〵㜹扦㜵慡㜸㔶㜲昱㘵晣㬲㈠㈲㈴㈱㔲ⴷ䕐坐ⵅ〰〰〰㬱䐠㭅䈠䥕䑌ㄠ⸵⸰⸹〵㬴〠※㬰ㄠ※楦敲潦㭸〠※㝤ㄹ㈴户㔲㙣攴〷㘸㘷㈸ㅡ㝦捡ち㙡慥っ㘹挷※⤲
2015-04-21 17:16 - 2015-04-25 01:36 - 00000000 ____D () C:\Program Files (x86)\Hard Disk Sentinel
2015-04-21 17:16 - 2015-04-21 17:16 - 00001003 _____ () C:\Users\gf\Desktop\Hard Disk Sentinel.lnk
2015-04-21 17:16 - 2015-04-21 17:16 - 00000000 ____D () C:\Windows\System32\Tasks\HardDiskSentinel
2015-04-21 17:16 - 2015-04-21 17:16 - 00000000 ____D () C:\Users\gf\AppData\Roaming\Hard Disk Sentinel
2015-04-21 17:16 - 2015-04-21 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
2015-04-21 12:32 - 2015-04-21 12:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2015-04-21 12:31 - 2015-04-21 12:31 - 00642632 _____ (EFD Software ) C:\Users\gf\Downloads\hdtune_255.exe
2015-04-21 09:44 - 2015-04-21 09:44 - 01477728 _____ (Acronis) C:\Windows\system32\Drivers\tdrpm258.sys
2015-04-21 09:44 - 2015-04-21 09:44 - 00970336 _____ (Acronis) C:\Windows\system32\Drivers\timntr.sys
2015-04-21 09:44 - 2015-04-21 09:44 - 00279136 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2015-04-21 09:44 - 2015-04-21 09:44 - 00277088 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2015-04-21 09:44 - 2015-04-21 09:44 - 00001431 _____ () C:\Users\Public\Desktop\Acronis Online Backup.lnk
2015-04-21 09:44 - 2015-04-21 09:44 - 00001139 _____ () C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk
2015-04-21 09:44 - 2015-04-21 09:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-04-21 09:44 - 2015-04-21 09:44 - 00000000 ____D () C:\Program Files (x86)\Acronis
2015-04-21 09:41 - 2015-04-21 10:24 - 00000000 ____D () C:\ProgramData\Acronis
2015-04-21 09:41 - 2015-04-21 09:49 - 00000000 ____D () C:\Users\gf\AppData\Roaming\Acronis
2015-04-21 01:06 - 2015-04-21 01:06 - 03015448 _____ (Crystal Dew World ) C:\Users\gf\Downloads\CrystalDiskInfo6_3_1-en.exe
2015-04-20 21:49 - 2015-04-20 21:52 - 00000000 ____D () C:\Users\gf\AppData\Roaming\HDDHealth
2015-04-20 21:48 - 2015-04-20 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Health
2015-04-20 21:45 - 2015-04-20 21:45 - 04211152 _____ ( ) C:\Users\gf\Downloads\hddh_10426.exe
2015-04-20 18:56 - 2015-04-20 19:15 - 00000000 ____D () C:\Users\gf\AppData\Roaming\gsmartcontrol
2015-04-20 18:55 - 2015-04-20 18:55 - 00000770 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GSmartControl.lnk
2015-04-20 18:54 - 2015-04-20 18:54 - 08267997 _____ () C:\Users\gf\Downloads\nw_21174_gsmartcontrolexe.exe
2015-04-20 09:32 - 2015-04-20 09:32 - 00000566 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-04-20 09:32 - 2015-04-20 09:32 - 00000566 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-20 09:30 - 2015-04-20 09:30 - 07969808 _____ (TeamViewer GmbH) C:\Users\gf\Downloads\TeamViewer_Setup_de.exe
2015-04-19 11:38 - 2015-04-19 11:38 - 00003534 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - bdb9c6b566684bdb9c5b593efd8370f15345b93151d7445684e3377d5375585a
2015-04-17 15:17 - 2015-04-17 17:09 - 00000000 ____D () C:\Users\gf\AppData\Roaming\Talisman
2015-04-17 13:17 - 2015-04-17 13:17 - 00000000 ____D () C:\Users\gf\AppData\Local\Days of Wonder
2015-04-14 22:49 - 2015-04-14 22:49 - 00000000 ____D () C:\Users\gf\AppData\Local\openvr
2015-04-14 19:20 - 2015-04-14 19:20 - 00003534 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - f936d472021343729cfd06cd6109d8061908c0c1033a4a68937af6481d8dd522
2015-04-14 15:54 - 2015-04-14 15:54 - 00000000 ____D () C:\Users\gf\AppData\Roaming\Wayforward
2015-04-14 09:59 - 2015-04-14 10:00 - 00000000 ____D () C:\Windows\SysWOW64\䁉⸱㬳湁楴楖䝎灕⽤㔱〮㤮㔮㐰⠠剐䵅※䭗㭓䐠㭅䄠䕖㠠㌮㌮⸰㘱※䑖⁆⸸ㄱ㈮㌲㈮㘴※楗摮睯‷汕楴慭整※敓癲捩慐正ㄠ※敇浲湡㭹㐠㤴ㅡ攴づ㍣ぢ捤〹〵㜹扦㜵慡㜸㔶㜲昱㘵晣㬲㈠㈲㈴㈱㔲ⴷ䕐坐ⵅ〰〰〰㬱䐠㭅䈠䥕䑌ㄠ⸵⸰⸹〵㬴〠※㬰ㄠ※楦敲潦㭸〠※㝤ㄹ㈴户㔲㙣攴〷㘸㘷㈸ㅡ㝦捡ち㙡慥っ㘹挷※⤲
2015-04-14 00:38 - 2015-04-14 00:38 - 00000000 ____D () C:\Users\gf\.thumbnails
2015-04-14 00:38 - 2015-04-14 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
2015-04-14 00:37 - 2015-04-14 00:37 - 65495496 _____ () C:\Users\gf\Downloads\blender-2.74-windows64.exe
2015-04-13 08:09 - 2015-04-13 17:10 - 00000000 ____D () C:\Windows\SysWOW64\䁉⸱㬳湁楴楖䝎灕⽤㔱〮㤮㔮㐰⠠剐䵅※䭗㭓䐠㭅䄠䕖㠠㌮㌮⸰㘱※䑖⁆⸸ㄱ㈮㌲㈮〱※楗摮睯‷汕楴慭整※敓癲捩慐正ㄠ※敇浲湡㭹㐠㤴ㅡ攴づ㍣ぢ捤〹〵㜹扦㜵慡㜸㔶㜲昱㘵晣㬲㈠㈲㈴㈱㔲ⴷ䕐坐ⵅ〰〰〰㬱䐠㭅䈠䥕䑌ㄠ⸵⸰⸹〵㬴〠※㬰ㄠ※楦敲潦㭸〠※㝤ㄹ㈴户㔲㙣攴〷㘸㘷㈸ㅡ㝦捡ち㙡慥っ㘹挷※⤲
2015-04-12 17:53 - 2015-04-12 18:02 - 00000000 ____D () C:\Users\gf\AppData\Roaming\MAXON
2015-04-12 17:30 - 2015-04-12 17:50 - 3366448050 _____ () C:\Users\gf\Downloads\Installer_Cinema4DR16.038_Demo.zip
2015-04-10 13:36 - 2015-04-10 13:36 - 00000000 ____D () C:\Users\gf\AppData\Local\tt
2015-04-10 13:36 - 2015-04-10 13:36 - 00000000 ____D () C:\Users\gf\AppData\Local\Ticket to Ride
2015-04-09 04:31 - 2015-04-09 04:31 - 666187443 _____ () C:\Windows\MEMORY.DMP
2015-04-09 04:31 - 2015-04-09 04:31 - 00482264 _____ () C:\Windows\Minidump\040915-20248-01.dmp
2015-04-04 00:46 - 2015-04-04 00:46 - 00000000 ____D () C:\Users\gf\AppData\Local\Colossal Order
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 17:50 - 2013-03-28 21:44 - 00000000 ____D () C:\Users\gf\AppData\Roaming\Skype
2015-05-02 17:39 - 2013-03-28 22:13 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-02 17:33 - 2013-07-24 21:31 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-02 16:31 - 2013-03-28 22:57 - 00000600 _____ () C:\Users\gf\AppData\Roaming\winscp.rnd
2015-05-02 13:53 - 2013-03-29 18:30 - 00002078 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2015-05-02 13:19 - 2013-03-28 22:11 - 00000000 ____D () C:\Users\gf\AppData\Roaming\vlc
2015-05-02 13:04 - 2013-03-28 23:14 - 00000000 ____D () C:\Users\gf\dwhelper
2015-05-02 10:01 - 2015-02-04 22:26 - 00000000 ____D () C:\Users\gf\AppData\Roaming\FileZilla
2015-05-02 10:01 - 2013-04-26 23:53 - 00000000 ____D () C:\Users\gf\AppData\Local\LogMeIn Hamachi
2015-05-02 01:49 - 2014-09-30 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-02 01:49 - 2014-03-07 18:53 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-05-02 01:49 - 2013-03-28 21:44 - 00000000 ____D () C:\ProgramData\Skype
2015-05-02 00:50 - 2013-03-29 03:08 - 00000000 ____D () C:\Users\gf\AppData\Roaming\mIRC
2015-05-01 21:45 - 2013-11-01 18:50 - 01629826 ____N () C:\Windows\WindowsUpdate.log
2015-05-01 20:38 - 2013-03-28 22:13 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-01 15:18 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-01 15:18 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-01 15:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-30 21:39 - 2011-04-12 09:43 - 00696620 _____ () C:\Windows\system32\perfh007.dat
2015-04-30 21:39 - 2011-04-12 09:43 - 00147916 _____ () C:\Windows\system32\perfc007.dat
2015-04-30 21:39 - 2009-07-14 07:13 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-30 20:41 - 2013-03-28 22:13 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-29 20:32 - 2013-11-01 18:47 - 00000000 ____D () C:\Users\gf
2015-04-29 20:31 - 2014-09-30 20:44 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-29 20:24 - 2009-07-14 06:45 - 05305920 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-28 20:38 - 2015-02-05 21:41 - 00003846 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1423165277
2015-04-28 20:38 - 2015-02-05 21:41 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-25 11:41 - 2013-11-01 20:12 - 00114784 _____ () C:\Users\gf\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-24 14:25 - 2013-04-02 13:51 - 00000000 ____D () C:\ProgramData\xml_param
2015-04-17 13:23 - 2013-03-28 23:10 - 00000040 ___SH () C:\ProgramData\.zreglib
2015-04-17 13:16 - 2013-10-03 00:19 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-09 04:31 - 2013-05-09 15:27 - 00000000 ____D () C:\Windows\Minidump
==================== Files in the root of some directories =======
2013-03-28 22:57 - 2015-05-02 16:31 - 0000600 _____ () C:\Users\gf\AppData\Roaming\winscp.rnd
2013-03-29 23:09 - 2015-03-28 19:00 - 0017408 _____ () C:\Users\gf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-28 23:10 - 2015-04-17 13:23 - 0000040 ___SH () C:\ProgramData\.zreglib
2014-10-08 17:54 - 2014-10-08 17:54 - 0000057 _____ () C:\ProgramData\Ament.ini
Some content of TEMP:
====================
C:\Users\gf\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-01 17:32
==================== End Of Log ============================
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by gf at 2015-05-02 17:51:01
Running from E:\AV-Tools
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-138440890-2358658478-2415672541-500 - Administrator - Disabled)
Gast (S-1-5-21-138440890-2358658478-2415672541-501 - Limited - Disabled)
gf (S-1-5-21-138440890-2358658478-2415672541-1000 - Administrator - Enabled) => C:\Users\gf
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{257D8E32-4971-4199-BE23-093A00A6DE91}) (Version: 14.0.5041 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.110 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Premiere Pro CS3 (HKLM-x32\...\Adobe_32fdd767b4383606e8168e834af5d90) (Version: 3 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{1701BD02-09B9-B25B-8290-C7D6A33C5A75}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.0.7.0 - SlySoft)
Aperture Tag: The Paint Gun Testing Initiative (HKLM-x32\...\Steam App 280740) (Version: - Aperture Tag Team)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
AstroPop Deluxe (HKLM-x32\...\Steam App 3340) (Version: - PopCap Games, Inc.)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
Audiosurf 2 (HKLM-x32\...\Steam App 235800) (Version: - Dylan Fitterer)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Avoid Sensory Overload (HKLM-x32\...\Steam App 286660) (Version: - 48h Studio)
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version: - Cold Beam Games)
Bejeweled 3 (HKLM-x32\...\Steam App 78000) (Version: - PopCap Games, Inc.)
BIT.TRIP BEAT (HKLM-x32\...\Steam App 63700) (Version: - Gaijin Games)
BIT.TRIP CORE (HKLM-x32\...\Steam App 205060) (Version: - Gaijin Games)
BIT.TRIP FATE (HKLM-x32\...\Steam App 205080) (Version: - Gaijin Games)
BIT.TRIP FLUX (HKLM-x32\...\Steam App 205090) (Version: - Gaijin Games)
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version: - )
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version: - Gaijin Games)
BIT.TRIP VOID (HKLM-x32\...\Steam App 205070) (Version: - Gaijin Games)
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Braid (HKLM-x32\...\Steam App 26800) (Version: - Number None)
Castle of Illusion (HKLM-x32\...\Steam App 227600) (Version: - )
Catan - Städte und Ritter (HKLM-x32\...\Catan - Staedte und Ritter) (Version: 1.231 - Catan GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Chime (HKLM-x32\...\Steam App 62100) (Version: - Zoë Mode)
Chuzzle Deluxe (HKLM-x32\...\Steam App 3310) (Version: - PopCap Games, Inc.)
CINEMA 4D Demo 16.038 (HKLM\...\MAXON7B95E0E3) (Version: 16.038 - MAXON Computer GmbH)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CrystalDiskInfo 6.3.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.1 - Crystal Dew World)
Defense Grid: The Awakening (HKLM-x32\...\Steam App 18500) (Version: - Hidden Path Entertainment)
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version: - Fish Factory Games)
Disney Epic Mickey 2 (HKLM-x32\...\Steam App 245300) (Version: - Junction Point)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.44.000 - Runtime Software)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version: - Wayforward)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.03.03 - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Evoland (HKLM-x32\...\Steam App 233470) (Version: - Shiro Games)
Faerie Solitaire (HKLM-x32\...\Steam App 38600) (Version: - Subsoap)
FileZilla Client 3.10.1.1 (HKLM-x32\...\FileZilla Client) (Version: 3.10.1.1 - Tim Kosse)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free to Play (HKLM-x32\...\Steam App 245550) (Version: - Valve)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version: - Black Forest Games)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GSiteCrawler (HKLM-x32\...\GSiteCrawler) (Version: v1.23 - SOFTplus Entwicklungen GmbH, CH-6340 Baar)
GSmartControl (HKLM-x32\...\GSmartControl) (Version: 0.8.7 - Alexander Shaduri)
Half-Life (HKLM-x32\...\Steam App 70) (Version: - Valve)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: - HDS)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HDD Health v4.2 (HKLM-x32\...\HDD Health_is1) (Version: - )
HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{333E22D7-9F56-4482-A13C-1B9D35B9D641}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Iggle Pop! Deluxe (HKLM-x32\...\Steam App 3420) (Version: - PopCap Games, Inc.)
Indie Game: The Movie (HKLM-x32\...\Steam App 207080) (Version: - BlinkWorks Media)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java(TM) 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217000FF}) (Version: 7.0.0 - Oracle)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.294 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.294 - LogMeIn, Inc.) Hidden
LYNE (HKLM-x32\...\Steam App 266010) (Version: - Thomas Bowker)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mini Motor Racing EVO (HKLM-x32\...\Steam App 209520) (Version: - The Binary Mill)
mIRC (HKLM-x32\...\mIRC) (Version: 7.29 - mIRC Co. Ltd.)
Monkey Island 2: Special Edition (HKLM-x32\...\Steam App 32460) (Version: - LucasArts)
Mozilla Firefox 19.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 19.0.2 (x86 de)) (Version: 19.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 19.0.2 - Mozilla)
Nero 12 (HKLM-x32\...\{4744E147-F0F2-4140-825E-B3071FC079F1}) (Version: 12.5.01300 - Nero AG)
Nero Suite (HKLM-x32\...\NeroMultiInstaller!UninstallKey) (Version: - )
NiGHTS into Dreams... (HKLM-x32\...\Steam App 219950) (Version: - SEGA)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.1 - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Offspring Fling! (HKLM-x32\...\Steam App 211360) (Version: - Kyle Pulver)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 29.0.1795.47 (HKLM-x32\...\Opera 29.0.1795.47) (Version: 29.0.1795.47 - Opera Software ASA)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version: - PopCap Games, Inc.)
Peggle Extreme (HKLM-x32\...\Steam App 3483) (Version: - PopCap Games, Inc.)
Peggle Nights (HKLM-x32\...\Steam App 3540) (Version: - PopCap Games, Inc.)
Pixel Puzzles: Japan (HKLM-x32\...\Steam App 284950) (Version: - Decaying Logic)
Pokémon Trading Card Game Online (HKLM-x32\...\{496D7B7E-EBDC-4E2B-B021-4FF03B188B69}) (Version: 1.0.0 - The Pokémon Company International)
Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version: - Telltale Games)
Portal Stories: Mel (HKLM-x32\...\Steam App 317400) (Version: - Prism Studios)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Puzzle Pirates (HKLM-x32\...\Steam App 99910) (Version: - Three Rings)
Puzzle Quest (HKLM-x32\...\Steam App 12500) (Version: - D3)
Puzzler World (HKLM-x32\...\Steam App 33650) (Version: - Ideas Pad)
Puzzler World 2 (HKLM-x32\...\Steam App 200130) (Version: - Ideas Pad)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Ragnarok Online - Free to Play - European Version (HKLM-x32\...\Steam App 250740) (Version: - Gravity Europe SAS)
Railroad Tycoon 2: Platinum (HKLM-x32\...\Steam App 7620) (Version: - PopTop)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Rexaura (HKLM-x32\...\Steam App 317790) (Version: - Benjamin Bryant)
Road Not Taken (HKLM-x32\...\Steam App 293740) (Version: - Spry Fox LLC)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version: - Roadkil.Net)
RollerCoaster Tycoon: Deluxe (HKLM-x32\...\Steam App 285310) (Version: - Chris Sawyer Productions)
RPG Maker VX Ace (HKLM-x32\...\Steam App 220700) (Version: - Enterbrain)
Rumble Box (HKLM-x32\...\Rumble Box) (Version: - The DigiPen Institute of Technology)
RUSH (HKLM-x32\...\Steam App 38720) (Version: - Two Tribes)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
Talismania Deluxe (HKLM-x32\...\Steam App 3460) (Version: - PopCap Games, Inc.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
The Ball (HKLM-x32\...\Steam App 35460) (Version: - Teotl Studios)
The Bridge (HKLM-x32\...\Steam App 204240) (Version: - )
The Secret of Monkey Island: Special Edition (HKLM-x32\...\Steam App 32360) (Version: - LucasArts)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
Thinking with Time Machine (HKLM-x32\...\Steam App 286080) (Version: - Stridemann)
Ticket to Ride (HKLM-x32\...\Steam App 108200) (Version: - Days of Wonder)
Tobe's Vertical Adventure (HKLM-x32\...\Steam App 105700) (Version: - Secret Base)
Toki Tori (HKLM-x32\...\Steam App 38700) (Version: - Two Tribes)
Toki Tori 2+ (HKLM-x32\...\Steam App 201420) (Version: - Two Tribes)
Toki Tori 2+ Level Editor (HKLM-x32\...\Steam App 237530) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 beta 14 - Ghisler Software GmbH)
Train Simulator 2013 (HKLM-x32\...\Steam App 24010) (Version: - RailSimulator.com)
Triple Town (HKLM-x32\...\Steam App 209950) (Version: - )
Type:Rider (HKLM-x32\...\Steam App 258890) (Version: - Ex Nihilo)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version: - Giant Army)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Wakfu (HKLM-x32\...\Steam App 215080) (Version: - Ankama)
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
Who Wants To Be A Millionaire? Special Editions (HKLM-x32\...\Steam App 206740) (Version: - Doublesix Games)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wondershare DVD Ripper Platinum(Build 4.6.1.0) (HKLM-x32\...\Wondershare DVD Ripper Platinum_is1) (Version: - Wondershare Software)
Xenu's Link Sleuth (HKLM-x32\...\Xenu's Link Sleuth) (Version: 1.3.8 - Tilman Hausherr)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
YOU DON'T KNOW JACK Vol. 1 XL (HKLM-x32\...\Steam App 252730) (Version: - )
YOU DON'T KNOW JACK Vol. 2 (HKLM-x32\...\Steam App 259940) (Version: - )
YOU DON'T KNOW JACK Vol. 3 (HKLM-x32\...\Steam App 259960) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
25-04-2015 16:32:46 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-05-22 21:00 - 2014-05-22 23:25 - 00003331 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
There are 52 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {07DF744C-14A8-4E1E-BE57-21BCA5F30319} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_gf => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2015-01-13] (H.D.S. Hungary)
Task: {0A4E6D6B-FF27-46D3-8F6D-5F30CAE633FC} - System32\Tasks\HP AR Program Upload - 4ce2769df0cc4e94ac26779f872ef2d7c92c72b0287e42fa9dc5e50937f4b2bc => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {19D0EBBB-F873-4F94-B58C-8A259E249D4B} - System32\Tasks\{D871E318-CAF4-45BF-8DE9-F69542C06341} => C:\Users\gf\Downloads\Nintendo_WFC_USB\Nintendo_WFC_USB\NintendoWFCReg\setup.exe [2007-09-10] ()
Task: {1B27FC83-DE81-4A26-B94D-C5C33D165C13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-28] (Google Inc.)
Task: {36BFDE03-4276-4CDC-87D9-09B448C5E13A} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2012-01-03] (ASUSTek Computer Inc.)
Task: {3C1A1410-ADB3-49DD-AB9C-21B6F6203723} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {4EBCBA58-4FC4-4F37-B87B-5F712D89EDB8} - System32\Tasks\{505A2FEF-9255-4C33-8289-535719B6EF1A} => pcalua.exe -a G:\OMS\vpnclient\vpnclient_setup.exe -d G:\OMS\vpnclient
Task: {83597FC2-32BC-4621-B503-E7FF2FF23751} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {8597AEE3-93FD-4BA2-96A7-D3D33AD46750} - System32\Tasks\HP AR Program Upload - f70c20f0cf2e4cd49865cc2e30fd8847181d6b2b3d6244fd82732c386403b69e => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {8B237B33-A927-4CA8-9CA6-743A4AFCB248} - System32\Tasks\HP AR Program Upload - 1647a1e306c148fc88bc1860fda35fa6f91285679ffc40888deb23e415054066 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {91E9D34C-D4D6-4DAA-ACB7-4ED6A0A61FCB} - System32\Tasks\AdobeAAMUpdater-1.0-gf-PC-gf => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {9A0CEE65-1AC3-4C38-90F7-AA9A35C8AE5C} - System32\Tasks\HP AR Program Upload - 3ef75c3357c94f8e8819a9bab3f54b835174c5b380704ffe8cf2ca4f16bda1eb => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {C9FDD408-1650-4C39-8F8D-F5D00CC223A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-28] (Google Inc.)
Task: {E1C52885-5834-4BF3-B918-01496E285509} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-24] (Adobe Systems Incorporated)
Task: {E6DB252C-9F6D-465B-AFBF-0F8E27D840CD} - System32\Tasks\HP AR Program Upload - f936d472021343729cfd06cd6109d8061908c0c1033a4a68937af6481d8dd522 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: {F3AAE000-55E3-4A95-BFD1-706AF9C57746} - System32\Tasks\Opera scheduled Autoupdate 1423165277 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-17] (Opera Software)
Task: {FFD0F43A-E666-4D81-BE8A-033F3D8E0FC5} - System32\Tasks\HP AR Program Upload - bdb9c6b566684bdb9c5b593efd8370f15345b93151d7445684e3377d5375585a => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-11-01 22:12 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2012-12-19 17:32 - 2012-12-19 17:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-04-20 21:48 - 2013-03-08 09:54 - 00017760 _____ () e:\HDD Health\HDDHealthService.exe
2012-12-19 17:32 - 2012-12-19 17:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-11-01 19:21 - 2009-01-15 15:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2013-11-01 19:21 - 2009-03-25 17:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-04 13:49 - 2011-03-04 13:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-03-12 18:10 - 2015-03-10 08:37 - 00775680 _____ () G:\Steam\SDL2.dll
2015-01-19 23:37 - 2014-12-02 02:29 - 05002752 _____ () G:\Steam\v8.dll
2015-01-19 23:37 - 2014-12-02 02:29 - 01612800 _____ () G:\Steam\icui18n.dll
2015-01-19 23:37 - 2014-12-02 02:29 - 01210368 _____ () G:\Steam\icuuc.dll
2014-05-22 20:45 - 2015-04-14 01:44 - 02371776 _____ () G:\Steam\video.dll
2014-08-29 08:07 - 2014-12-01 23:31 - 02396672 _____ () G:\Steam\libavcodec-56.dll
2014-08-29 08:07 - 2014-12-01 23:31 - 00442880 _____ () G:\Steam\libavutil-54.dll
2014-08-29 08:07 - 2014-12-01 23:31 - 00479744 _____ () G:\Steam\libavformat-56.dll
2014-08-29 08:07 - 2014-12-01 23:31 - 00332800 _____ () G:\Steam\libavresample-2.dll
2014-08-29 08:07 - 2014-12-01 23:31 - 00485888 _____ () G:\Steam\libswscale-3.dll
2013-03-28 22:10 - 2015-04-14 01:44 - 00702656 _____ () G:\Steam\bin\chromehtml.DLL
2013-03-28 22:10 - 2015-02-25 03:58 - 34641288 _____ () G:\Steam\bin\libcef.dll
2014-08-14 21:06 - 2015-02-25 03:58 - 01709960 _____ () G:\Steam\bin\ffmpegsumo.dll
2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-04-03 13:24 - 2013-03-07 16:29 - 03069848 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\gf\AppData\Local\dml8ghPuxE3zX:F6G1gU9NEJsu2QsUJVIMu0rSUsI
AlternateDataStreams: C:\Users\gf\AppData\Local\fFQQ222ghedO6HW:grWABUGxgy45EbPsjZKk
AlternateDataStreams: C:\Users\gf\AppData\Local\Temp:cYxcw1aelVVbbLobngsn5CWK
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-138440890-2358658478-2415672541-1000\...\skype.com -> hxxps://apps.skype.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-138440890-2358658478-2415672541-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\gf\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{FA6A2753-CB8A-4A59-A99F-FFC76801028A}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{FB97C692-AF67-4B0D-9799-F7A7900730A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{293F7956-2E5C-456A-916C-210153A55ACF}] => (Allow) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{383B5B34-91D3-4B76-A8CE-F671B9BF924D}] => (Allow) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{F4FC2E97-0C24-4D89-BD1A-5A0CCF2AD041}] => (Allow) C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{46EC41DC-B313-4D47-9DB9-D3E71D9597D0}] => (Allow) C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{768ACB80-7548-4A83-B51B-C6D605E39CF2}] => (Allow) C:\Program Files\Microsoft Office\Office14\outlook.exe
FirewallRules: [{89DA2102-61B1-4464-8963-ADDC7249D4B4}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{A8B35DD8-4890-4154-923C-3C9CF45B0F7B}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [TCP Query User{CA483DCF-946B-4F40-A835-367C725A7A3C}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{1501159E-6628-453C-B912-D2C98E4E6B81}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{3FC61419-8E17-439F-A265-A818FA1E961C}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{A9AC3B1E-1C23-43FF-9638-90A677DD1E49}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{378BDF67-3208-46D5-BF7D-3014D7D018C8}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{56D8631F-30E5-439D-A08F-E66C64DF6BCD}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{F9BF432C-AF42-47AF-A29D-C41CAC28BE82}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{DE90D025-65D9-4FAC-B6F1-06C3B326E71F}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{EE904AEC-437D-4981-91AA-58C9D505E79A}] => (Allow) G:\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{EF4565D5-3D91-45CE-A6C6-203F262A45D9}] => (Allow) G:\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{A1E1E71B-DE50-474C-A122-959F374D42E1}] => (Allow) G:\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{46FFB506-CFE1-4569-A03A-36B3AC2CDBE6}] => (Allow) G:\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [TCP Query User{ED508131-C7CF-442E-B5E1-2953CFB0F233}E:\steamlibrary\steamapps\common\giana sisters twisted dreams\gsgameexe_dx9.exe] => (Block) E:\steamlibrary\steamapps\common\giana sisters twisted dreams\gsgameexe_dx9.exe
FirewallRules: [UDP Query User{BA292B47-3AED-4A0C-8746-C3C21CCA3C38}E:\steamlibrary\steamapps\common\giana sisters twisted dreams\gsgameexe_dx9.exe] => (Block) E:\steamlibrary\steamapps\common\giana sisters twisted dreams\gsgameexe_dx9.exe
FirewallRules: [{2528B651-D272-4859-BE38-A2F16F652432}] => (Allow) G:\Steam\steamapps\chikorita83\sourcesdk\bin\SDKLauncher.exe
FirewallRules: [{7325D4C4-C87C-4528-9CAE-B644A4505CCE}] => (Allow) G:\Steam\steamapps\chikorita83\sourcesdk\bin\SDKLauncher.exe
FirewallRules: [{1D649951-5CAE-4C6F-8EE2-1366C97DF9A6}] => (Allow) E:\SteamLibrary\SteamApps\common\Castle of Illusion\COI.exe
FirewallRules: [{E5F83CC9-2AF4-4062-AB08-901A9683076C}] => (Allow) E:\SteamLibrary\SteamApps\common\Castle of Illusion\COI.exe
FirewallRules: [{5202F588-AA31-4393-BD1F-35D76F669807}] => (Allow) G:\Steam\steamapps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [{2ABD2A5D-658E-4A46-BD8B-1E999D79DD45}] => (Allow) G:\Steam\steamapps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [{94136110-ED68-4F02-902C-888816EDA8A6}] => (Allow) E:\SteamLibrary\SteamApps\common\TheBridge\The Bridge.exe
FirewallRules: [{7004EEF2-0BD0-4C8A-BE71-5B183739E630}] => (Allow) E:\SteamLibrary\SteamApps\common\TheBridge\The Bridge.exe
FirewallRules: [{5746F6E0-A88E-415F-858E-3F2A37036BE3}] => (Allow) E:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{64EFF676-96EF-4B3D-AF74-7FBDACCD817B}] => (Allow) E:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{F0E53B62-AA71-4389-A3FF-E1332F1661D1}] => (Allow) E:\SteamLibrary\SteamApps\common\TheBridge\The Bridge.exe
FirewallRules: [{03F1268E-5EB5-49E3-BF38-5B9F8D8DA6BF}] => (Allow) E:\SteamLibrary\SteamApps\common\TheBridge\The Bridge.exe
FirewallRules: [{7E4BFD88-C27B-42BF-8CFB-7D539A284DA7}] => (Allow) E:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{80D97A98-DD46-45CA-8096-600AE6474F7A}] => (Allow) E:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{AC57CF87-A91D-4FD8-819D-9AED8D196B71}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{6DB5C1E5-891F-46B6-9DDB-F0E2DC561A03}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{C5F3D4EE-BD66-4C70-BA25-D179FC8749DA}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{BE00A7CF-09D7-4AE4-9C9A-C7FD7B16A4BF}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{B6646617-3E3C-4734-BF2B-D33C233A7BEE}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{3A50DE2B-4681-4BC9-B0E2-CE9FC33B574C}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{1C3C374B-C780-4FC6-8246-465C0894AC8E}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{87150422-9F87-49A3-A1AE-0104D07B8DE1}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{36E432BB-CA54-49F1-A75A-24E7F94EA1BE}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{F12BB05B-6E2B-4BA9-9D4A-22C7B1B416EE}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{AF1E7EF5-B883-4158-AC5F-0CD2C290D6FC}] => (Allow) E:\SteamLibrary\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{132F2C02-0C19-4702-A935-B5572FE9BFDD}] => (Allow) E:\SteamLibrary\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{29CACF2B-DF6C-43DA-880E-FE1731146050}] => (Allow) E:\SteamLibrary\SteamApps\common\TheBridge\The Bridge.exe
FirewallRules: [{3BEF9D1B-88CD-46CA-AD12-4260FA8F83CE}] => (Allow) E:\SteamLibrary\SteamApps\common\TheBridge\The Bridge.exe
FirewallRules: [{EC1FD9DF-497F-460A-B448-000E67E93080}] => (Allow) E:\SteamLibrary\SteamApps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe
FirewallRules: [{2C49C662-7D89-4056-BD38-BA7580416AF1}] => (Allow) E:\SteamLibrary\SteamApps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe
FirewallRules: [{95BEE92F-68DD-4CB4-81A6-5812D9D8B569}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{C665280A-C533-4618-B66E-F0955DF36AAD}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{4B202B97-92AB-42DB-9A8B-60C7C40B7F6E}] => (Allow) E:\SteamLibrary\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{039891A9-163A-4F3D-ADA2-4F7A7B3A0C50}] => (Allow) E:\SteamLibrary\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{EE100F17-5279-4EDD-843F-7D773920F734}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{B9E4174E-B52D-4837-BA69-D3A40F6EE443}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{342A1233-2F1D-481F-8B83-077AFFBAC600}] => (Allow) E:\SteamLibrary\SteamApps\common\BIT.TRIP VOID\BIT.TRIP VOID.exe
FirewallRules: [{5929ABA8-D8A3-4E6B-8661-5868CADAA271}] => (Allow) E:\SteamLibrary\SteamApps\common\BIT.TRIP VOID\BIT.TRIP VOID.exe
FirewallRules: [{F98F1341-2474-4E32-AA98-4F4B02FBFEC4}] => (Allow) E:\SteamLibrary\SteamApps\common\BIT.TRIP FATE\BIT.TRIP FATE.exe
FirewallRules: [{9B0D772C-F7FE-4B83-AD2F-25795E5085EF}] => (Allow) E:\SteamLibrary\SteamApps\common\BIT.TRIP FATE\BIT.TRIP FATE.exe
FirewallRules: [{C1D2BCF3-B588-4C0B-A84C-87086CC37876}] => (Allow) E:\SteamLibrary\SteamApps\common\BIT.TRIP CORE\BIT.TRIP CORE.exe
FirewallRules: [{C800D64D-6E38-4A07-B2AF-307521D54B8D}] => (Allow) E:\SteamLibrary\SteamApps\common\BIT.TRIP CORE\BIT.TRIP CORE.exe
FirewallRules: [{539437C0-E768-41E3-83EE-9DFCEBA30F8B}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{3C5E6F32-8E6D-454C-BBA7-4340DDEB9AC2}] => (Allow) E:\SteamLibrary\SteamApps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{1F21541B-C4A4-44A5-AD59-941736148C2E}] => (Allow) E:\SteamLibrary\SteamApps\common\Ragnarok_Europe\Registration.exe
FirewallRules: [{7A711D79-CC74-4B11-BF55-19B1333A10A8}] => (Allow) E:\SteamLibrary\SteamApps\common\Ragnarok_Europe\Registration.exe
FirewallRules: [{DFF5D904-97F4-4FF8-BE4B-954876672698}] => (Allow) E:\SteamLibrary\SteamApps\common\Ragnarok_Europe\Setup.exe
FirewallRules: [{D62157E1-80B2-4C34-842B-E1FB3A13126C}] => (Allow) E:\SteamLibrary\SteamApps\common\Ragnarok_Europe\Setup.exe
FirewallRules: [{2E49967F-5831-4107-B327-483F35A6DE46}] => (Allow) E:\SteamLibrary\SteamApps\common\DuckTales Remastered\executable\DuckTales.exe
FirewallRules: [{6F3F945B-77FF-4514-B16F-70E37555B468}] => (Allow) E:\SteamLibrary\SteamApps\common\DuckTales Remastered\executable\DuckTales.exe
FirewallRules: [{CB297986-AE6C-47A1-AF58-F70A6D87FC24}] => (Allow) G:\Steam\steamapps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{0951E2C0-12F0-45E0-9F37-E70DF47BEA40}] => (Allow) G:\Steam\steamapps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{73A759CA-BDC0-4492-B7F9-A8C01F40B5EC}] => (Allow) E:\SteamLibrary\SteamApps\common\RPGVXAce\RPGVXAce.exe
FirewallRules: [{3D7EF40C-88F8-4783-B901-26C793F61AE6}] => (Allow) E:\SteamLibrary\SteamApps\common\RPGVXAce\RPGVXAce.exe
FirewallRules: [{CC4946C2-C8D6-4D8D-8AED-BF3DB4E65D0D}] => (Allow) G:\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{B2EFFFDE-8DE3-4247-A5C7-C1B818B9177A}] => (Allow) G:\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{A2406606-A300-41E4-A233-5EBF9D4E0B43}] => (Allow) E:\SteamLibrary\SteamApps\common\Free to Play\FTP.exe
FirewallRules: [{D6468A90-1B95-4942-8E46-B9BF5A105C6D}] => (Allow) E:\SteamLibrary\SteamApps\common\Free to Play\FTP.exe
FirewallRules: [{59C4D771-A0FC-4D30-9056-29FBE7BAF144}] => (Allow) E:\SteamLibrary\SteamApps\common\bittriprunner2\runner2.exe
FirewallRules: [{B508A19B-E652-4547-8995-08E3E71EB190}] => (Allow) E:\SteamLibrary\SteamApps\common\bittriprunner2\runner2.exe
FirewallRules: [{96FED009-BA6E-468E-8EC4-45F7E1DE93C1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D3ACA3D5-6700-451F-82EB-187BBC536808}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3B2A5D3B-F788-4BAC-B881-6FB67A2BFC9C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3D6E33A9-C269-49A8-816E-F352A795421D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{10B04A92-1810-4417-AE38-F2E2D674341E}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DD761676-D6CE-41FA-A040-A326FA9A5742}] => (Allow) E:\SteamLibrary\SteamApps\common\Thinking with Time Machine\TWTM.exe
FirewallRules: [{86343912-2995-479D-8B6F-8CE2390C9269}] => (Allow) E:\SteamLibrary\SteamApps\common\Thinking with Time Machine\TWTM.exe
FirewallRules: [{B98DF3F8-1E02-4154-BB46-82BBE360B8E9}] => (Allow) E:\SteamLibrary\SteamApps\common\Indie Game The Movie\IGTM.exe
FirewallRules: [{BBC4B023-4E8D-4760-A9F5-4346EBD3AFCD}] => (Allow) E:\SteamLibrary\SteamApps\common\Indie Game The Movie\IGTM.exe
FirewallRules: [{A8CC8008-6B03-4721-A739-76841EFB941C}] => (Allow) G:\Steam\steamapps\common\portal 2\bin\SDKLauncher.exe
FirewallRules: [{8A981D33-1726-4623-BC46-5517610277E6}] => (Allow) G:\Steam\steamapps\common\portal 2\bin\SDKLauncher.exe
FirewallRules: [{84ED7CF3-6522-4B7F-8B9A-86CCEFB07E37}] => (Allow) E:\SteamLibrary\SteamApps\common\Avoid Sensory Overload\avoid.exe
FirewallRules: [{E700B279-8F4D-4709-9AC7-2603080DC873}] => (Allow) E:\SteamLibrary\SteamApps\common\Avoid Sensory Overload\avoid.exe
FirewallRules: [{15FCED5E-194C-45D1-B198-3A67D8CF4DCC}] => (Allow) E:\SteamLibrary\SteamApps\common\Pixel Puzzles Japan\Pixel Puzzles - Japan.exe
FirewallRules: [{5E1F629D-70C8-4A9B-86A9-66EA269A4E41}] => (Allow) E:\SteamLibrary\SteamApps\common\Pixel Puzzles Japan\Pixel Puzzles - Japan.exe
FirewallRules: [{BADBB276-1A42-4CD7-AD6F-CF9B25FDFE1B}] => (Allow) E:\SteamLibrary\SteamApps\common\bit_trip_flux\BIT.TRIP FLUX.exe
FirewallRules: [{1DDBEC15-8AF2-404C-AFF3-CF870D2AED93}] => (Allow) E:\SteamLibrary\SteamApps\common\bit_trip_flux\BIT.TRIP FLUX.exe
FirewallRules: [{CDB232A1-B56C-49EC-9984-9F6ED0E9B9B5}] => (Allow) E:\SteamLibrary\SteamApps\common\Type Rider\TypeRider.exe
FirewallRules: [{C497D7ED-73AE-45CA-82B1-F5B70A40282D}] => (Allow) E:\SteamLibrary\SteamApps\common\Type Rider\TypeRider.exe
FirewallRules: [{FE90E4FA-E194-4E89-B197-7B683D8E8E01}] => (Allow) E:\SteamLibrary\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{455817B7-85DC-4B6C-99D8-192D2D3A30AA}] => (Allow) E:\SteamLibrary\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{0CF10DB9-1C61-48B8-9EB2-5F69055D6DD3}] => (Allow) E:\SteamLibrary\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{7D0C50CC-8F4A-4A38-B125-19116645F58E}] => (Allow) E:\SteamLibrary\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{2714F0A9-74FE-4AD9-9316-BC64E1169CB8}] => (Allow) E:\SteamLibrary\SteamApps\common\LYNE\LYNE.exe
FirewallRules: [{5873E19E-9B39-4F8D-9CAE-48FB382C088D}] => (Allow) E:\SteamLibrary\SteamApps\common\LYNE\LYNE.exe
FirewallRules: [{41D89EBA-D1F9-457A-BD9C-09940A9A7B10}] => (Allow) E:\SteamLibrary\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{1DE4465D-93D2-4655-B69B-140C6AC148F7}] => (Allow) E:\SteamLibrary\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{D37932FD-96CA-4C8D-81BF-4C20ECCAC09C}] => (Allow) G:\Steam\steamapps\common\Aperture Tag\portal2.exe
FirewallRules: [{2A6D96D8-FA20-4379-BC18-BD570E476B4A}] => (Allow) G:\Steam\steamapps\common\Aperture Tag\portal2.exe
FirewallRules: [{65FC510A-AD58-46D3-BA19-A3587D7BA2F0}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8299BE70-B60B-4ACE-A592-94118F0206CA}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{69F119D7-5ADD-443E-A1E0-9D0D51FB7ACC}] => (Allow) E:\SteamLibrary\SteamApps\common\RoadNotTaken\RoadNotTaken.exe
FirewallRules: [{1E7A59BD-6C32-4C43-8929-FF78B052A433}] => (Allow) E:\SteamLibrary\SteamApps\common\RoadNotTaken\RoadNotTaken.exe
FirewallRules: [{BBBC1489-FE10-4E65-A395-90DCD2865B12}] => (Allow) E:\SteamLibrary\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{94DBF2BA-E5AA-47CC-A790-01FFE717E59E}] => (Allow) E:\SteamLibrary\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{DE93AF7A-9780-4D0A-95C6-432C46595AB0}] => (Allow) E:\SteamLibrary\SteamApps\common\Thinking with Time Machine\bin\SDKLauncher.exe
FirewallRules: [{BC9F23C2-C660-492C-BAEA-99CBA8B6A4FB}] => (Allow) E:\SteamLibrary\SteamApps\common\Thinking with Time Machine\bin\SDKLauncher.exe
FirewallRules: [{56CB47BF-6B38-4AC8-A97F-EF76A6E7EE1F}] => (Allow) E:\SteamLibrary\SteamApps\common\Thinking with Time Machine\bin\p2map_publish.exe
FirewallRules: [{7A1B2680-1D21-4B4B-B893-29DA5E2B1058}] => (Allow) E:\SteamLibrary\SteamApps\common\Thinking with Time Machine\bin\p2map_publish.exe
FirewallRules: [{B216B666-8D02-42D3-9AFB-FF02B3F19BE6}] => (Allow) E:\SteamLibrary\SteamApps\common\Wakfu\transition\transition.exe
FirewallRules: [{B85232A4-8582-4801-A2E6-9976397E1500}] => (Allow) E:\SteamLibrary\SteamApps\common\Wakfu\transition\transition.exe
FirewallRules: [{B7974CE2-4031-477E-BB07-39AFF06874C2}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{7A7094D5-871F-4910-AB34-5992B4CDCCFB}] => (Allow) LPort=5357
FirewallRules: [{31CA59DA-27E7-4F33-99E4-41D52E050077}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6BB82E35-F331-450F-901B-DADFF66105FA}] => (Allow) E:\SteamLibrary\SteamApps\common\Disney Epic Mickey 2\DEM2.exe
FirewallRules: [{0D5F1D00-66BA-46C5-91E4-4E7870D313F2}] => (Allow) E:\SteamLibrary\SteamApps\common\Disney Epic Mickey 2\DEM2.exe
FirewallRules: [{BC076163-11A2-4B61-B69B-AC1FF582F7AC}] => (Allow) E:\SteamLibrary\SteamApps\common\Disney Epic Mickey 2\Launch.exe
FirewallRules: [{50D88482-F042-4D71-A7CC-B83D026FAA7E}] => (Allow) E:\SteamLibrary\SteamApps\common\Disney Epic Mickey 2\Launch.exe
FirewallRules: [{26931267-934D-4976-A228-D101C7D8AA30}] => (Allow) E:\SteamLibrary\SteamApps\common\Peggle Extreme\PeggleExtreme.exe
FirewallRules: [{837DC36C-5D71-4888-B64B-1A6B78EFDCA5}] => (Allow) E:\SteamLibrary\SteamApps\common\Peggle Extreme\PeggleExtreme.exe
FirewallRules: [{E379EF46-FDC8-487C-8C02-E4560989173C}] => (Allow) E:\SteamLibrary\SteamApps\common\Puzzle Pirates\java_vm\bin\javaw.exe
FirewallRules: [{4B533A2E-F548-4AF5-816D-C852820122B7}] => (Allow) E:\SteamLibrary\SteamApps\common\Puzzle Pirates\java_vm\bin\javaw.exe
FirewallRules: [{3DEF8542-5429-4EB7-A86B-CF52B68F93E9}] => (Allow) E:\SteamLibrary\SteamApps\common\WWTBAM\Binaries\Win32\ShippingPC-WWTBAMGame.exe
FirewallRules: [{6274800D-53FA-4A1D-A21F-1262F7E2DC44}] => (Allow) E:\SteamLibrary\SteamApps\common\WWTBAM\Binaries\Win32\ShippingPC-WWTBAMGame.exe
FirewallRules: [{67AFBACC-572B-4346-A281-6B1907049EA8}] => (Allow) E:\SteamLibrary\SteamApps\common\Talismania Deluxe\Talismania.exe
FirewallRules: [{272EB782-2937-4A62-88B2-1ED77B1BFB09}] => (Allow) E:\SteamLibrary\SteamApps\common\Talismania Deluxe\Talismania.exe
FirewallRules: [{657FE458-9EBC-4EFE-8AE0-454D3A4992B4}] => (Allow) E:\SteamLibrary\SteamApps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{8CBEBA99-EF05-458F-BC98-B98308A3D9D4}] => (Allow) E:\SteamLibrary\SteamApps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{025E41A9-92BB-4DC8-8498-DE8E2A940F40}] => (Allow) E:\SteamLibrary\SteamApps\common\Iggle Pop Deluxe\IgglePop.exe
FirewallRules: [{E64AD8B8-9BEF-4446-9620-FD9E0172D51C}] => (Allow) E:\SteamLibrary\SteamApps\common\Iggle Pop Deluxe\IgglePop.exe
FirewallRules: [{8730F872-2307-45B3-9344-F352184536AF}] => (Allow) E:\SteamLibrary\SteamApps\common\Chuzzle Deluxe\chuzzle.exe
FirewallRules: [{1542DE0F-D77A-4105-9512-7A0B0D7C8FEB}] => (Allow) E:\SteamLibrary\SteamApps\common\Chuzzle Deluxe\chuzzle.exe
FirewallRules: [{65AB7AA7-1A89-4A6B-B252-32086D624D59}] => (Allow) E:\SteamLibrary\SteamApps\common\AstroPop Deluxe\WinAP.exe
FirewallRules: [{953FD74A-EA90-440C-844C-2F3B5F4A1840}] => (Allow) E:\SteamLibrary\SteamApps\common\AstroPop Deluxe\WinAP.exe
FirewallRules: [{46E541CD-F0C1-479B-AA05-D570354E7759}] => (Allow) E:\SteamLibrary\SteamApps\common\Defy Gravity\DefyGravity.exe
FirewallRules: [{F7C6F81B-3576-467D-BC4C-45C0D093491D}] => (Allow) E:\SteamLibrary\SteamApps\common\Defy Gravity\DefyGravity.exe
FirewallRules: [{D6B67EDF-464B-4D0D-A1E9-9708E473F21B}] => (Allow) E:\SteamLibrary\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{6CA9D5BC-F3EF-438E-BE54-378926F3C156}] => (Allow) E:\SteamLibrary\SteamApps\common\NiGHTS Into Dreams\Launcher.exe
FirewallRules: [{376757ED-EF09-4816-AB68-D5FDE46821E9}] => (Allow) G:\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{C8B97A3D-1850-4BAE-BA6F-55BE791BA785}] => (Allow) G:\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{177CE43F-6D4D-4AD1-B87E-AF2CABF8D034}] => (Allow) E:\SteamLibrary\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{38D74A2F-6A72-4CBA-996E-59BC447C8E25}] => (Allow) E:\SteamLibrary\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{99E2339F-B674-402E-BDEE-DE51F0793C01}] => (Allow) E:\SteamLibrary\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{7B09A39C-0316-4E80-8436-480546B286C7}] => (Allow) E:\SteamLibrary\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{1F4DFC93-B61F-42D2-936A-92FE5A624325}] => (Allow) E:\SteamLibrary\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{97ADFABB-A5A6-4A5C-B61D-201999A2A596}] => (Allow) E:\SteamLibrary\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{1890EDD2-2933-409B-9F85-CDAB583B820F}] => (Allow) E:\SteamLibrary\SteamApps\common\DefenseGridTheAwakening\DefenseGrid.exe
FirewallRules: [{1596BF41-C9EE-47E4-BD95-720673C99144}] => (Allow) E:\SteamLibrary\SteamApps\common\DefenseGridTheAwakening\DefenseGrid.exe
FirewallRules: [{EA96EE8F-2A6A-4EF9-8F0A-A3685837C318}] => (Allow) E:\SteamLibrary\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{261C5B84-A73B-4953-9C34-670CFD8B9486}] => (Allow) E:\SteamLibrary\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{5336DCE8-DA4F-4D0A-93D6-7C0AF615D7A4}] => (Allow) E:\SteamLibrary\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{F8F9708E-77DE-41B7-8A82-6143DB092E85}] => (Allow) E:\SteamLibrary\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{DFEC4737-DB56-46A1-A3C2-06FD7C4BE27F}] => (Allow) G:\Steam\steamapps\common\audiosurf\engine\QuestViewer.exe
FirewallRules: [{79695EA1-9AFE-42F1-B71C-A56B3160FB5D}] => (Allow) G:\Steam\steamapps\common\audiosurf\engine\QuestViewer.exe
FirewallRules: [{AD059112-6F9B-49D1-8E60-D39E0B2B48E1}] => (Allow) E:\SteamLibrary\SteamApps\common\Beat Hazard\BeatHazard.exe
FirewallRules: [{C4C7D51A-B097-4C5F-B55F-9A18B3C1C8AB}] => (Allow) E:\SteamLibrary\SteamApps\common\Beat Hazard\BeatHazard.exe
FirewallRules: [{A83812EC-256C-419D-966F-4274E70A524B}] => (Allow) E:\SteamLibrary\SteamApps\common\Beat Hazard\runme.exe
FirewallRules: [{D123780B-8C67-4F8B-AA32-20243347E9DB}] => (Allow) E:\SteamLibrary\SteamApps\common\Beat Hazard\runme.exe
FirewallRules: [{28301403-42DF-4EB1-876C-D1A29DA32068}] => (Allow) E:\SteamLibrary\SteamApps\common\Toki Tori 2\tokitori2.exe
FirewallRules: [{3FD51513-A966-465D-8018-2600B4326B63}] => (Allow) E:\SteamLibrary\SteamApps\common\Toki Tori 2\tokitori2.exe
FirewallRules: [{EB6806C6-AE6D-4ECE-8D9A-4BB3C047332D}] => (Allow) E:\SteamLibrary\SteamApps\common\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{78F8DF39-9532-4B39-882A-4288C367014E}] => (Allow) E:\SteamLibrary\SteamApps\common\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{788E371A-DC20-4E40-864B-C62DA3D97D9A}] => (Allow) E:\SteamLibrary\SteamApps\common\BIT.TRIP BEAT\BEAT.exe
FirewallRules: [{6C785306-421B-4250-A8EA-56F81674CF81}] => (Allow) E:\SteamLibrary\SteamApps\common\BIT.TRIP BEAT\BEAT.exe
FirewallRules: [{0FC72348-3C96-4965-BAC9-0F8DECDBF72E}] => (Allow) E:\SteamLibrary\SteamApps\common\BIT.TRIP RUNNER\RUNNER.exe
FirewallRules: [{1DA21375-8AD9-49DC-B73B-67D976172C95}] => (Allow) E:\SteamLibrary\SteamApps\common\BIT.TRIP RUNNER\RUNNER.exe
FirewallRules: [{F9933D70-5893-40A4-BC71-3DBD1EFCB639}] => (Allow) E:\SteamLibrary\SteamApps\common\Braid\braid.exe
FirewallRules: [{B728DC05-A9C2-4DCC-B4CF-066941CC2928}] => (Allow) E:\SteamLibrary\SteamApps\common\Braid\braid.exe
FirewallRules: [{58441DBC-71A9-466A-938C-8CAE30B1FE75}] => (Allow) E:\SteamLibrary\SteamApps\common\Chime\Chime.exe
FirewallRules: [{77E99F93-35BF-44C7-8680-A65D20F90765}] => (Allow) E:\SteamLibrary\SteamApps\common\Chime\Chime.exe
FirewallRules: [{CA44358B-B5EE-4244-9F8C-E852640A5B20}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EB859C72-F311-48FC-A86F-A25782E77576}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8101C4B5-805B-460F-B088-E77A7F44C807}] => (Allow) E:\SteamLibrary\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{1868D676-F9BF-4083-B81F-7CFECF56EFEE}] => (Allow) E:\SteamLibrary\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{DA5FFBAC-CFF8-42A3-AF66-FFECED12387F}] => (Allow) E:\SteamLibrary\SteamApps\common\Monkey2\Monkey2.exe
FirewallRules: [{A65F4878-E6FF-40CC-B28C-37E8FFA4ED61}] => (Allow) E:\SteamLibrary\SteamApps\common\Monkey2\Monkey2.exe
FirewallRules: [{9A536064-4CD0-4743-929E-85C7388672AC}] => (Allow) E:\SteamLibrary\SteamApps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{16101F1A-0F72-4727-A39F-63197AAF39EE}] => (Allow) E:\SteamLibrary\SteamApps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{C1944906-B82E-4485-9638-D3A236BA1E46}] => (Allow) E:\SteamLibrary\SteamApps\common\Railroad Tycoon 2 Platinum\RT2_PLAT.EXE
FirewallRules: [{3ED2E081-F9F2-46D3-A36F-48D0042AD16B}] => (Allow) E:\SteamLibrary\SteamApps\common\Railroad Tycoon 2 Platinum\RT2_PLAT.EXE
FirewallRules: [{6DC18175-764B-4D7A-AC47-DC71998B6510}] => (Allow) E:\SteamLibrary\SteamApps\common\RUSH\rush.exe
FirewallRules: [{C54E7CFB-3528-4E47-A9A8-4D8CCA1DB183}] => (Allow) E:\SteamLibrary\SteamApps\common\RUSH\rush.exe
FirewallRules: [{225F093E-9858-43D2-A6F3-C96CBF8119B2}] => (Allow) E:\SteamLibrary\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{E9F4AAD7-F2B3-40B2-8F8E-11044FA30C48}] => (Allow) E:\SteamLibrary\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{8A982750-6093-45A2-A2DF-E44959443119}] => (Allow) E:\SteamLibrary\SteamApps\common\The Ball\Binaries\Win32\TheBall.exe
FirewallRules: [{0C173CB7-AE2B-4832-A139-4044453B3C27}] => (Allow) E:\SteamLibrary\SteamApps\common\The Ball\Binaries\Win32\TheBall.exe
FirewallRules: [{5B85B9EB-1E10-4DC4-82FA-E39872006303}] => (Allow) E:\SteamLibrary\SteamApps\common\The Secret of Monkey Island Special Edition\MISE.exe
FirewallRules: [{B49C9C12-741C-4806-BA9F-80B80172E582}] => (Allow) E:\SteamLibrary\SteamApps\common\The Secret of Monkey Island Special Edition\MISE.exe
FirewallRules: [{CFFA043B-1ADA-4A17-8A16-0F28C596C644}] => (Allow) E:\SteamLibrary\SteamApps\common\Tobe's Vertical Adventure\Tobe's Vertical Adventure.exe
FirewallRules: [{DE766A58-32B3-432B-8DFA-747A293767CD}] => (Allow) E:\SteamLibrary\SteamApps\common\Tobe's Vertical Adventure\Tobe's Vertical Adventure.exe
FirewallRules: [{508330B1-5CE7-442A-A1E8-3CEF4A12B54B}] => (Allow) E:\SteamLibrary\SteamApps\common\Toki Tori\tokitori.exe
FirewallRules: [{AECE7C96-1FAE-4B7E-92E7-8719C222E804}] => (Allow) E:\SteamLibrary\SteamApps\common\Toki Tori\tokitori.exe
FirewallRules: [{4BC3294D-D03A-4291-8463-4A8B2B26DD33}] => (Allow) E:\TeamViewer\TeamViewer.exe
FirewallRules: [{C41751F8-51C7-4EA1-8550-565E2D37F5CB}] => (Allow) E:\TeamViewer\TeamViewer.exe
FirewallRules: [{0E2D6F04-E101-4E65-BA0A-DF873A00F6A7}] => (Allow) E:\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F60C97F5-3D16-4957-A8AC-4E5F4C53C213}] => (Allow) E:\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AD740462-BF90-409C-A947-BBFAED1F9765}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2015 10:24:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/02/2015 10:24:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/02/2015 10:24:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/02/2015 10:24:49 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/01/2015 03:11:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/01/2015 02:55:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/01/2015 00:59:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Cities.exe, Version: 5.0.0.59127, Zeitstempel: 0x54dc75a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000052fc6
ID des fehlerhaften Prozesses: 0xd00
Startzeit der fehlerhaften Anwendung: 0xCities.exe0
Pfad der fehlerhaften Anwendung: Cities.exe1
Pfad des fehlerhaften Moduls: Cities.exe2
Berichtskennung: Cities.exe3
Error: (05/01/2015 01:28:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8143
Error: (05/01/2015 01:28:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8143
Error: (05/01/2015 01:28:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (05/01/2015 07:27:42 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (05/01/2015 02:45:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (05/01/2015 01:01:31 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error: (05/01/2015 01:01:30 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error: (05/01/2015 01:01:30 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error: (05/01/2015 01:01:28 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error: (05/01/2015 01:01:28 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error: (05/01/2015 01:01:27 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error: (05/01/2015 01:01:27 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error: (05/01/2015 01:01:27 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Microsoft Office Sessions:
=========================
Error: (05/02/2015 10:24:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\gf\Downloads\esetsmartinstaller_deu.exe
Error: (05/02/2015 10:24:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\gf\Downloads\esetsmartinstaller_deu.exe
Error: (05/02/2015 10:24:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\gf\Downloads\esetsmartinstaller_deu.exe
Error: (05/02/2015 10:24:49 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\gf\Downloads\esetsmartinstaller_deu.exe
Error: (05/01/2015 03:11:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/01/2015 02:55:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/01/2015 00:59:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Cities.exe5.0.0.5912754dc75a7ntdll.dll6.1.7601.177254ec4aa8ec00000050000000000052fc6d0001d083fb6735d45dE:\SteamLibrary\steamapps\common\Cities_Skylines\Cities.exeC:\Windows\SYSTEM32\ntdll.dll1baebc99-eff1-11e4-bc40-3085a9423d7d
Error: (05/01/2015 01:28:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8143
Error: (05/01/2015 01:28:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8143
Error: (05/01/2015 01:28:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 46%
Total physical RAM: 8174.12 MB
Available physical RAM: 4357.21 MB
Total Pagefile: 16346.43 MB
Available Pagefile: 12986.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:150.16 GB) (Free:73.16 GB) NTFS
Drive d: () (Fixed) (Total:29.3 GB) (Free:3.1 GB) NTFS
Drive e: (Volume) (Fixed) (Total:771.48 GB) (Free:72.76 GB) NTFS
Drive f: (programme) (Fixed) (Total:9.77 GB) (Free:2.31 GB) NTFS
Drive g: (400gig) (Fixed) (Total:426.7 GB) (Free:6.12 GB) NTFS
Drive h: (backup) (Fixed) (Total:9.77 GB) (Free:2.42 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C10428D2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=150.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=9.8 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 521F1822)
Partition 1: (Not Active) - (Size=29.3 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=426.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit