Untitled

FIRST.TXT :
[SPOILER]
[Code]
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2015 01
Ran by Giommi (administrator) on GIOMMI-PC on 27-04-2015 18:57:27
Running from C:\Users\Giommi\Downloads
Loaded Profiles: Giommi (Available profiles: Giommi & fbwuser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Englisch (USA)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(Perfect Privacy) C:\Program Files (x86)\Perfect Privacy VPN Manager\VPNManagerService.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.243\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\LoLPatcher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.140\deploy\LolClient.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Run: [GoogleChromeAutoLaunch_7E290A021AA3DB674CDF04B2A02A17DA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\MountPoints2: {a979fb4b-4bc3-11e3-b891-ed20bf864bd7} - F:\setup.exe
HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Winlogon: [Shell] C:\Users\Giommi\AppData\Local\Temp\Jldht\Jldht.exe <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3551031480-2449454405-1511854611-1000] => 210.210.183.210:80
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1402570575&from=wpm0612&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1402570575&from=wpm0612&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1399667495&from=exp&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1399667495&from=exp&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1402570575&from=wpm0612&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1402570575&from=wpm0612&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1399667495&from=exp&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1399667495&from=exp&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnslOMtHhBUAfIgCz4i_0GnOT7CWIXUeBqS-mUlYsEb93Oy__TbFt8iHGWxFSK7YFw,,&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnslOMtHhBUAfIgCz4i_0GnOT7CWIXUeBqS-mUlYsEb93Oy__TbFt8iHGWxFSK7YFw,,&q={searchTerms}
HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnslOMtHhBUAfIgCz4i_0GnOT7CWIXUeBqS-mUlYsEb93Oy__TbFt8iHGWxFSK7YFw,,&q={searchTerms}
HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ch.msn.com/
HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnsp5KW8n0fOw0_a38_kYiVoblSdu0xc7kIIpPSrDdDDGww4IqazXmBbEAzAsDVgvA,,
HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnslOMtHhBUAfIgCz4i_0GnOT7CWIXUeBqS-mUlYsEb93Oy__TbFt8iHGWxFSK7YFw,,&q={searchTerms}
HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1402570575&from=wpm0612&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-3551031480-2449454405-1511854611-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: No Name -> {34D5A80A-992D-4F07-9509-66E9E133BAAF} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: iMacros Browser Helper Object -> {34D5A80A-992D-4F07-9509-66E9E133BAAF} -> D:\iMacros\iMacrosBHO.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-30] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-30] (Oracle Corporation)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3551031480-2449454405-1511854611-1000 -> No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File
Toolbar: HKU\S-1-5-21-3551031480-2449454405-1511854611-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Windows\SysWOW64\PrxerNsp.dll [56424 2014-09-29] ()
Winsock: Catalog5-x64 09 C:\Windows\system32\PrxerNsp.dll [57448 2014-09-29] ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1399667495&from=exp&uid=INTELXSSDSC2CW120A3XXXXXXXXXXXXXXXXXXX_CVCV213106WS120BGN

FireFox:
========
FF ProfilePath: C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default
FF NewTab: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnsvfkgQS6di7tVwkNZkHtW-0E8QsKdGGmS5f7QRDrf5VSFOHG_LUIzr8zyJjpi19A,,
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://www.hackforums.net/
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlOhVN7wIfArz6RfEtU4nRT5jo80F14OPncD3u6pqKjFykzLKh3MelsBLVeVcM5Eoh0ui4iJaNNnTRnslOMtHhBUAfIgCz4i_0GnOT7CWIXUeBqS-mUlYsEb93Oy__TbFt8iHGWxFSK7YFw,,&q=
FF NetworkProxy: "http", "61.166.55.153"
FF NetworkProxy: "http_port", 11110
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll [2013-03-16] ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll [2013-03-16] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3551031480-2449454405-1511854611-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-05-28] ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml [2014-06-12]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml [2014-06-11]
FF Extension: Avira Browser Safety - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\abs@avira.com [2015-03-15]
FF Extension: shortcut - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\shortcutff@gmail.com [2014-07-28]
FF Extension: iMacros for Firefox - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-02-22]
FF Extension: Snap.Do  - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\{89ee5e93-fb7c-cd6f-bcd5-bb193fd46fd4} [2014-03-16]
FF Extension: Live HTTP headers - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2013-07-27]
FF Extension: Flash and Video Download - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-03-23]
FF Extension: Acunetix Web Scanner - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\acunetixwebscanner@attila.gerendi.xpi [2014-01-01]
FF Extension: Elite Proxy Switcher - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\eliteproxyswitcher@my-proxy.com.xpi [2013-08-01]
FF Extension: IPFlood - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\ipfuck@p4ul.info.xpi [2014-11-16]
FF Extension: One Click Proxy - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\jid0-zXo3XFGyiDalgkeEO4UYJTUwo2I@jetpack.xpi [2015-03-27]
FF Extension: Firefox Plug-n-Hack - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\jid1-CZ1BeoFM9Mmlzg@jetpack.xpi [2013-10-22]
FF Extension: Proxy Tool - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\proxytool@proxylist.co.xpi [2014-11-26]
FF Extension: Tab Auto Reload - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\TabAutoReload@schuzak.jp.xpi [2014-11-16]
FF Extension: Adblock Plus - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-30]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-03-23]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-23]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Giommi\AppData\Roaming\Mozilla\Firefox\Profiles\r0xqwq0h.default\extensions\shortcutff@gmail.com

Chrome:
=======
CHR HomePage: Default -> hxxp://www.hackforums.net/
CHR StartupUrls: Default -> "hxxp://www.hackforums.net/"
CHR Profile: C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-01-29]
CHR Extension: (Google Slides) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-01]
CHR Extension: (Google Docs) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-01]
CHR Extension: (Google Drive) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-01]
CHR Extension: (YouTube) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-01]
CHR Extension: (Adblock Plus) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-01]
CHR Extension: (Google Search) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-01]
CHR Extension: (Google Sheets) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-01]
CHR Extension: (Avira Browser Safety) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-18]
CHR Extension: (Bookmark Manager) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Live HTTP Headers) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaiioopjkcekapmldfgbebdclcnpgnlo [2014-12-01]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Skype Click to Call) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-12-01]
CHR Extension: (Google Wallet) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-01]
CHR Extension: (WebRTC Block) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nphkkbaidamjmhfanlpblblcadhfbkdm [2015-02-02]
CHR Extension: (Header Hacker) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\phnffahgegfkcobeaapbenpmdnkifigc [2014-12-01]
CHR Extension: (Gmail) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-01]
CHR Extension: (Custom JavaScript for websites ) - C:\Users\Giommi\AppData\Local\Google\Chrome\User Data\Default\Extensions\poakhlngfciodnhlhhgnaaelnpjljija [2014-12-29]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Giommi\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

Locked "4fb3a122aa14784e" service could not be unlocked. <===== ATTENTION

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [107552 2014-07-29] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] ()
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-04-22] () [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-10-29] ()
R2 postgresql-x64-9.2; C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe [88576 2014-10-20] (PostgreSQL Global Development Group) [File not signed]
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)
R2 VPNManager; C:\Program Files (x86)\Perfect Privacy VPN Manager\VPNManagerService.exe [17408 2015-02-13] (Perfect Privacy) [File not signed]
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 AcuWVSSchedulerv8; C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [X]
S2 metasploitPostgreSQL; "D:\Metasploit\postgresql\bin\pg_ctl.exe" runservice -N "metasploitPostgreSQL" -D "D:/Metasploit/postgresql/data" [X]
S2 metasploitProSvc; D:\Metasploit\ruby\bin\ruby.exe -C "D:\Metasploit\apps\pro\engine" prosvc_service.rb -E production
S2 metasploitThin; D:\Metasploit\ruby\bin\ruby.exe -C "D:\Metasploit\apps\pro\ui" thin_service.rb
S2 metasploitWorker; D:\Metasploit\ruby\bin\ruby.exe -C "D:\Metasploit\apps\pro\ui" worker_service.rb
S4 nlsvc; "C:\Program Files\NetLimiter 3\nlsvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 4fb3a122aa14784e; C:\Windows\System32\Drivers\4fb3a122aa14784e.sys [75704 2014-11-27] () <===== ATTENTION Necurs Rootkit?
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-21] () [File not signed]
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] () [File not signed]
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] () [File not signed]
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] () [File not signed]
R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] () [File not signed]
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2736640 2011-08-31] () [File not signed]
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] () [File not signed]
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] () [File not signed]
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] () [File not signed]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] ()
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] () [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] () [File not signed]
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] () [File not signed]
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] () [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] () [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] () [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] () [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] () [File not signed]
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-14] () [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] () [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-21] () [File not signed]
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-14] () [File not signed]
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] () [File not signed]
S3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-14] () [File not signed]
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] () [File not signed]
R0 CNG; C:\Windows\System32\Drivers\cng.sys [458712 2013-07-04] () [File not signed]
S3 Compbatt; C:\Windows\system32\drivers\compbatt.sys [21584 2009-07-14] () [File not signed]
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-21] () [File not signed]
S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-14] () [File not signed]
R1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-21] () [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-21] () [File not signed]
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [103064 2013-05-02] () [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] () [File not signed]
R0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] () [File not signed]
S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [71168 2010-11-21] () [File not signed]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] () [File not signed]
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2013-11-13] () [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-05] () [File not signed]
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [983488 2013-08-01] () [File not signed]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] () [File not signed]
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] () [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] () [File not signed]
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [66728 2013-08-05] () [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] () [File not signed]
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] () [File not signed]
S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-14] () [File not signed]
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] () [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] () [File not signed]
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-14] () [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] () [File not signed]
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] () [File not signed]
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] ()
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] () [File not signed]
S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-14] () [File not signed]
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [33856 2009-03-18] () [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] () [File not signed]
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-21] () [File not signed]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-21] () [File not signed]
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-14] () [File not signed]
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-14] () [File not signed]
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-14] () [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-21] () [File not signed]
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-21] () [File not signed]
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] () [File not signed]
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] () [File not signed]
S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [36928 2012-12-07] () [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-21] () [File not signed]
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] () [File not signed]
S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] () [File not signed]
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-11] () [File not signed]
S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-14] () [File not signed]
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [3707864 2013-11-05] () [File not signed]
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] () [File not signed]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] () [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] () [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-21] () [File not signed]
R3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] () [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] () [File not signed]
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] () [File not signed]
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [273792 2010-11-21] () [File not signed]
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-14] () [File not signed]
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-21] () [File not signed]
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [30208 2009-04-29] () [File not signed]
S3 KProcessHacker2; C:\Program Files\Process Hacker 2\kprocesshacker.sys [39576 2013-11-13] (wj32)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2013-09-25] () [File not signed]
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [154560 2013-09-25] () [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] () [File not signed]
R3 LADF_CaptureOnly; C:\Windows\System32\DRIVERS\ladfGSCamd64.sys [410008 2013-04-15] () [File not signed]
R3 LADF_RenderOnly; C:\Windows\System32\DRIVERS\ladfGSRamd64.sys [102808 2013-04-15] () [File not signed]
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [22408 2009-11-24] () [File not signed]
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] () [File not signed]
S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [16008 2009-11-24] () [File not signed]
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-01-11] () [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] () [File not signed]
S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-14] () [File not signed]
S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-14] () [File not signed]
S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-14] () [File not signed]
S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-14] () [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] () [File not signed]
S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-14] () [File not signed]
S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-14] () [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] () [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] () [File not signed]
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2013-03-30] () [File not signed]
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] () [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] () [File not signed]
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] () [File not signed]
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-21] () [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] () [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] () [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] () [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] () [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] () [File not signed]
R0 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-21] () [File not signed]
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-21] () [File not signed]
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] ()
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] () [File not signed]
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] () [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] () [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] () [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] () [File not signed]
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-21] ()
R1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-14] () [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] () [File not signed]
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-14] () [File not signed]
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] () [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] () [File not signed]
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] () [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] () [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] () [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] () [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-21] () [File not signed]
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-21] ()
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] () [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-21] () [File not signed]
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] () [File not signed]
R3 NLNdisMP; C:\Windows\System32\DRIVERS\nlndis.sys [32688 2013-06-12] () [File not signed]
S3 NLNdisPT; C:\Windows\System32\DRIVERS\nlndis.sys [32688 2013-06-12] () [File not signed]
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-18] () [File not signed]
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] ()
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] () [File not signed]
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1656680 2013-04-12] ()
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] () [File not signed]
R3 NVHDA; C:\Windows\System32\drivers\nvhda64v.sys [196384 2013-06-16] () [File not signed]
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [12613408 2013-11-14] () [File not signed]
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-11] () [File not signed]
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-11] () [File not signed]
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] () [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] () [File not signed]
S3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-14] () [File not signed]
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] () [File not signed]
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] () [File not signed]
S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] () [File not signed]
S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-14] () [File not signed]
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] () [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] () [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-21] () [File not signed]
S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-14] () [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-21] () [File not signed]
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-08-08] () [File not signed]
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] () [File not signed]
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] () [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] () [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] () [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] () [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-21] () [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] () [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] () [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-21] () [File not signed]
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] () [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] () [File not signed]
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-21] () [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] () [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] () [File not signed]
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [20992 2010-11-21] () [File not signed]
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-28] ()
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] () [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] () [File not signed]
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-21] () [File not signed]
S3 SaiK0728; C:\Windows\System32\DRIVERS\SaiK0728.sys [180584 2012-12-05] () [File not signed]
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-02-01] () [File not signed]
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-02-01] () [File not signed]
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-21] () [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] () [File not signed]
R3 ScreamBAudioSvc; C:\Windows\System32\drivers\ScreamingBAudio64.sys [38992 2014-02-07] () [File not signed]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] ()
S3 Serenum; C:\Windows\system32\drivers\serenum.sys [23552 2009-07-14] () [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] () [File not signed]
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-14] () [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] () [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] () [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] () [File not signed]
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-14] () [File not signed]
S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-14] () [File not signed]
S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-14] () [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] () [File not signed]
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] ()
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] () [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] () [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] () [File not signed]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [203672 2013-05-02] () [File not signed]
S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-14] () [File not signed]
R3 StillCam; C:\Windows\system32\drivers\serscan.sys [12288 2009-07-14] () [File not signed]
R0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46464 2010-11-21] () [File not signed]
S3 storvsc; C:\Windows\system32\drivers\storvsc.sys [34688 2010-11-21] () [File not signed]
R3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-14] () [File not signed]
S3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [88960 2010-11-21] () [File not signed]
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2014-11-05] () [File not signed]
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] () [File not signed]
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [38632 2012-07-24] () [File not signed]
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] () [File not signed]
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2012-07-15] () [File not signed]
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2013-09-08] () [File not signed]
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2013-09-08] () [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] () [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] () [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] () [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-21] () [File not signed]
R1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [63360 2010-11-21] () [File not signed]
S3 terminpt; C:\Windows\system32\drivers\terminpt.sys [34816 2010-11-21] () [File not signed]
R3 TPM; C:\Windows\System32\drivers\tpm.sys [38400 2009-07-14] () [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] () [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-21] () [File not signed]
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [31232 2010-11-21] () [File not signed]
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-21] () [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] () [File not signed]
S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-14] () [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-21] () [File not signed]
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] () [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-21] () [File not signed]
S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-14] () [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] () [File not signed]
R3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109824 2013-07-12] () [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-09-04] () [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] () [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [52736 2013-09-04] () [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-09-04] () [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-09-04] () [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] () [File not signed]
S3 usbscan; C:\Windows\system32\drivers\usbscan.sys [42496 2013-07-03] () [File not signed]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] () [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-09-04] () [File not signed]
S1 VBoxDrv; C:\Windows\System32\DRIVERS\VBoxDrv.sys [922704 2015-03-16] () [File not signed]
S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [141440 2015-03-16] () [File not signed]
S3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [156360 2015-03-16] () [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-09-09] () [File not signed]
S1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [128592 2015-03-16] () [File not signed]
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] () [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] () [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] () [File not signed]
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-21] () [File not signed]
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] () [File not signed]
S3 vmbus; C:\Windows\system32\drivers\vmbus.sys [199552 2010-11-21] () [File not signed]
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [21760 2010-11-21] () [File not signed]
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] () [File not signed]
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] () [File not signed]
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] () [File not signed]
S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-14] () [File not signed]
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] () [File not signed]
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] () [File not signed]
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] () [File not signed]
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] () [File not signed]
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-14] () [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] () [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] () [File not signed]
S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-14] () [File not signed]
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] () [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] () [File not signed]
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] () [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-21] () [File not signed]
R3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-14] () [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] () [File not signed]
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] () [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] () [File not signed]
S3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [74960 2010-08-19] () [File not signed]
S3 zttap200; C:\Windows\System32\DRIVERS\zttap200.sys [31896 2014-03-05] ()
S1 A2DDA; \??\D:\EEK\bin\a2ddax64.sys [X]
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
S3 cleanhlp; \??\D:\EEK\bin\cleanhlp64.sys [X]
S3 EagleX64; \??\C:\Users\Giommi\AppData\Local\Temp\EagleX64.sys [X]
S1 nltdi; \??\C:\Program Files\NetLimiter 3\nltdi.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-27 18:57 - 2015-04-27 18:57 - 02100736 _____ (Farbar) C:\Users\Giommi\Downloads\FRST64.exe
2015-04-27 18:57 - 2015-04-27 18:57 - 00057469 _____ () C:\Users\Giommi\Downloads\FRST.txt
2015-04-27 18:57 - 2015-04-27 18:57 - 00000000 ____D () C:\FRST
2015-04-26 22:12 - 2015-04-26 22:12 - 00028132 _____ () C:\Users\Giommi\Downloads\wp-admin-bar-removal.zip
2015-04-26 16:35 - 2015-04-26 16:35 - 00141475 _____ () C:\Users\Giommi\Desktop\timelessshishalounge.wordpress.2015-04-26.xml
2015-04-25 18:44 - 2015-04-25 18:44 - 00000433 _____ () C:\Users\Giommi\Desktop\TEST.bat
2015-04-25 18:44 - 2004-06-11 15:33 - 00290304 _____ (Microsoft Corporation) C:\Windows\system32\subinacl.exe
2015-04-25 18:43 - 2015-04-25 18:43 - 00000000 ____D () C:\Program Files (x86)\Windows Resource Kits
2015-04-25 18:42 - 2015-04-25 18:42 - 00379392 _____ () C:\Users\Giommi\Downloads\subinacl.msi
2015-04-25 18:32 - 2015-04-25 18:32 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (7).diagcab
2015-04-25 18:29 - 2015-04-25 18:29 - 00347816 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\MicrosoftFixit.wu.LB.12635343534526075.1.1.Run.exe
2015-04-25 18:26 - 2015-04-27 18:51 - 00000952 _____ () C:\Windows\setupact.log
2015-04-25 18:26 - 2015-04-25 18:26 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-25 16:28 - 2015-04-25 16:28 - 00000677 _____ () C:\Users\Giommi\Desktop\Start Emsisoft Emergency Kit.lnk
2015-04-25 16:23 - 2015-04-25 16:24 - 154627352 _____ () C:\Users\Giommi\Downloads\EmsisoftEmergencyKit.exe
2015-04-25 01:29 - 2015-04-25 01:30 - 11093840 _____ () C:\Users\Giommi\Desktop\ts3_recording_15_04_25_1_29_54.wav
2015-04-25 00:49 - 2015-04-25 00:49 - 00199924 _____ () C:\Users\Giommi\Downloads\ClownfishVoiceChanger-v1.30.ts3_plugin
2015-04-24 22:01 - 2015-04-24 22:01 - 00005920 _____ () C:\Users\Giommi\Downloads\LOL_OPGG_Observer_2079025603_replay (2).bat
2015-04-21 20:50 - 2015-04-21 20:50 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (6).diagcab
2015-04-21 20:46 - 2015-04-21 20:47 - 00689664 _____ () C:\Users\Giommi\Downloads\MicrosoftFixit50202.msi
2015-04-21 20:32 - 2015-04-21 20:32 - 11313360 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\WindowsUpdateAgent-7.6-x64 (1).exe
2015-04-21 20:32 - 2015-04-21 20:32 - 00347816 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\MicrosoftFixit.wu.Run (1).exe
2015-04-21 20:15 - 2015-04-21 20:15 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (5).diagcab
2015-04-21 20:07 - 2015-04-21 20:08 - 22660464 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\LifeCam3.60 (1).exe
2015-04-21 20:07 - 2015-04-21 20:07 - 03272560 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\StudioFW1033.exe
2015-04-21 19:05 - 2015-04-21 19:05 - 00347816 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\MicrosoftFixit.wu.LB.182353091937150.1.1.Run.exe
2015-04-20 22:35 - 2015-04-20 22:35 - 00394754 _____ () C:\Users\Giommi\Downloads\soundboard-1.0b5-win64.ts3_plugin
2015-04-19 22:00 - 2015-04-19 22:02 - 00000227 _____ () C:\Users\Giommi\Desktop\Information.txt
2015-04-19 21:52 - 2015-04-19 22:03 - 02450341 _____ () C:\Users\Giommi\Desktop\Drophack Pack.rar
2015-04-16 20:57 - 2015-04-16 20:59 - 00000000 ____D () C:\Program Files (x86)\Perfect Privacy VPN Manager
2015-04-16 20:57 - 2015-04-16 20:57 - 00001154 _____ () C:\Users\Public\Desktop\VPN Manager.lnk
2015-04-16 20:57 - 2015-04-16 20:57 - 00000000 ____D () C:\Users\Giommi\AppData\Local\Perfect_Privacy
2015-04-16 20:57 - 2015-04-16 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Privacy VPN
2015-04-16 13:12 - 2015-04-16 13:12 - 00233063 _____ () C:\Users\Giommi\Downloads\ppConfig_win.zip
2015-04-16 13:06 - 2015-04-16 13:06 - 00000000 ____D () C:\Users\Giommi\Desktop\Tor Browser
2015-04-16 13:04 - 2015-04-16 13:06 - 34736426 _____ () C:\Users\Giommi\Downloads\torbrowser-install-4.0.8_de.exe
2015-04-15 23:31 - 2015-04-15 23:33 - 00000000 ____D () C:\Users\Giommi\AppData\Local\Drophack
2015-04-15 22:55 - 2015-04-15 22:55 - 00743424 _____ () C:\Users\Giommi\Downloads\ILMerge.msi
2015-04-15 22:28 - 2015-04-15 22:31 - 00000000 ____D () C:\Program Files (x86)\Eazfuscator.NET
2015-04-15 22:28 - 2015-04-15 22:30 - 00000000 ____D () C:\Users\Giommi\AppData\Local\Gapotchenko
2015-04-15 22:28 - 2015-04-15 22:28 - 06230016 _____ () C:\Users\Giommi\Downloads\Eazfuscator.NET 4.8 Setup.msi
2015-04-15 13:37 - 2015-04-18 22:19 - 00000000 ____D () C:\Users\Giommi\Desktop\BH
2015-04-13 22:10 - 2015-04-13 22:10 - 00000121 _____ () C:\Users\Giommi\Desktop\Netflix.url
2015-04-13 21:47 - 2015-04-13 21:47 - 00314908 _____ () C:\Users\Giommi\Downloads\netflix.7z
2015-04-12 19:29 - 2015-04-12 19:32 - 00000000 ____D () C:\Program Files (x86)\Nmap
2015-04-12 16:42 - 2015-04-12 16:42 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (4).diagcab
2015-04-12 03:44 - 2015-04-12 03:44 - 00347816 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\MicrosoftFixit.wu.LB.1035225393423321.4.1.Run.exe
2015-04-12 02:30 - 2015-04-12 02:30 - 11313360 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\WindowsUpdateAgent-7.6-x64.exe
2015-04-12 02:30 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-12 02:30 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-12 02:30 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-12 02:30 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-12 02:30 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-12 02:30 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-12 02:30 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-12 02:30 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-12 02:30 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-12 02:30 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-12 02:30 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-12 02:30 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-12 02:30 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-12 02:30 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-12 02:21 - 2015-04-12 02:21 - 00347816 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\MicrosoftFixit.wu.Run.exe
2015-04-12 02:20 - 2015-04-12 02:20 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (3).diagcab
2015-04-12 02:20 - 2015-04-12 02:20 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (2).diagcab
2015-04-10 20:33 - 2015-04-10 20:33 - 00000955 _____ () C:\Users\Giommi\Desktop\Vega.lnk
2015-04-10 20:33 - 2015-04-10 20:33 - 00000955 _____ () C:\Users\fbwuser\Desktop\Vega.lnk
2015-04-10 20:33 - 2015-04-10 20:33 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vega
2015-04-10 20:33 - 2015-04-10 20:33 - 00000000 ____D () C:\Program Files (x86)\Vega
2015-04-10 20:32 - 2015-04-10 20:32 - 28647618 _____ () C:\Users\Giommi\Downloads\VegaSetup64 (2).exe
2015-04-08 17:46 - 2015-04-08 17:48 - 27694160 _____ () C:\Users\Giommi\Desktop\ts3_recording_15_04_08_17_46_21.wav
2015-04-08 11:56 - 2015-04-08 11:56 - 00000000 ____D () C:\Users\Default
2015-04-06 15:23 - 2015-04-06 15:23 - 00159144 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\WindowsActivationUpdate.exe
2015-04-06 15:06 - 2015-04-06 15:07 - 31603056 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\LifeCam3.0.exe
2015-04-06 15:06 - 2015-04-06 15:06 - 29546352 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\LifeCam3.22.exe
2015-04-05 21:00 - 2015-04-05 21:00 - 11835440 _____ () C:\Users\Giommi\Downloads\-Kamui-+Cookiezi+skin+original+(Okinawa6).rar
2015-04-03 22:46 - 2005-10-28 17:53 - 00000000 ____D () C:\Users\Giommi\Desktop\sharpSsh.bin
2015-04-03 22:45 - 2015-04-03 22:46 - 00148111 _____ () C:\Users\Giommi\Downloads\sharpSsh_Binaries (2).zip
2015-04-03 02:47 - 2015-04-03 02:47 - 00000000 ____D () C:\Users\Giommi\Desktop\Drophack
2015-04-03 02:39 - 2005-10-28 17:47 - 00167936 _____ (tamirgal.com) C:\Users\Giommi\Desktop\Tamir.sharpSsh.dll
2015-04-03 02:38 - 2015-04-03 02:39 - 00000124 _____ () C:\Users\Giommi\Downloads\sharpSsh_Binaries.zip
2015-04-02 23:07 - 2015-04-02 23:07 - 00010240 _____ () C:\Users\Giommi\Downloads\Get LOL IP.exe
2015-04-02 20:48 - 2015-04-02 20:51 - 00000194 _____ () C:\Users\Giommi\Downloads\LeagueSharp-master.zip
2015-04-02 20:46 - 2015-04-02 20:46 - 00000000 ____D () C:\Users\Giommi\AppData\Local\LeagueSharp
2015-04-02 20:45 - 2015-04-03 01:44 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\LS5E39C1A3
2015-04-01 20:10 - 2015-04-01 20:10 - 00000000 ____D () C:\Users\Giommi\AppData\Local\Microsoft Games
2015-04-01 17:35 - 2015-04-01 17:35 - 01118920 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\NDP452-KB2901954-Web.exe
2015-04-01 15:51 - 2015-04-19 21:52 - 00000000 ____D () C:\Users\Giommi\Desktop\Drophack Server
2015-04-01 15:37 - 2015-04-16 21:21 - 00001472 _____ () C:\Users\Giommi\Desktop\smsniff.cfg
2015-04-01 15:23 - 2015-04-01 15:23 - 00215136 _____ (NirSoft) C:\Users\Giommi\Desktop\smsniff.exe
2015-04-01 14:01 - 2015-04-19 14:12 - 00000000 ____D () C:\Users\Giommi\Downloads\LeagueSharp
2015-04-01 13:53 - 2015-04-01 13:56 - 04512659 _____ ( ) C:\Users\Giommi\Downloads\LeagueSharp-update (1).exe
2015-04-01 13:41 - 2015-04-01 13:49 - 04512659 _____ ( ) C:\Users\Giommi\Downloads\LeagueSharp-update.exe
2015-04-01 13:34 - 2015-04-01 13:34 - 00000218 _____ () C:\Users\Giommi\.recently-used.xbel
2015-03-31 21:34 - 2015-03-31 21:34 - 00011713 _____ () C:\Users\Giommi\Downloads\ack (1)
2015-03-31 21:34 - 2015-03-31 21:34 - 00011713 _____ () C:\Users\Giommi\Desktop\ack
2015-03-31 21:12 - 2015-03-31 21:18 - 00001162 _____ () C:\Users\Giommi\Desktop\ntp.pl
2015-03-31 21:12 - 2013-01-27 20:20 - 00001638 _____ () C:\Users\Giommi\Desktop\dos.pl
2015-03-31 20:52 - 2015-03-31 20:52 - 00001179 _____ () C:\Users\Giommi\Desktop\g3m.pl
2015-03-31 20:50 - 2014-12-07 22:44 - 00007168 _____ () C:\Users\Giommi\Desktop\LOLIP.exe
2015-03-30 23:25 - 2015-03-30 23:25 - 00009266 _____ () C:\Users\Giommi\Downloads\SocksiPy.zip
2015-03-30 23:19 - 2015-03-30 23:19 - 00037271 _____ () C:\Users\Giommi\Desktop\rudy.py.txt
2015-03-30 23:19 - 2015-03-30 23:19 - 00000000 _____ () C:\Users\Giommi\Desktop\Neues Textdokument (5).txt
2015-03-30 12:53 - 2015-03-30 12:53 - 00000000 ____D () C:\ProgramData\Sun
2015-03-30 12:51 - 2015-03-30 12:51 - 00001814 _____ () C:\Users\Giommi\Downloads\download.vv
2015-03-30 12:45 - 2015-03-30 12:45 - 00561064 _____ (Oracle Corporation) C:\Users\Giommi\Downloads\chromeinstall-8u40.exe
2015-03-29 22:29 - 2015-04-05 18:04 - 00000000 ____D () C:\Users\Giommi\AppData\Local\LoLFrencher
2015-03-29 20:27 - 2015-03-29 20:27 - 00000000 ____D () C:\Users\Giommi\Desktop\Sedona
2015-03-29 16:22 - 2015-04-25 20:10 - 00058430 _____ () C:\Windows\WindowsUpdate.log
2015-03-29 16:10 - 2015-03-29 16:10 - 00002061 _____ () C:\Users\Public\Desktop\EasyTax 2014 AG.lnk
2015-03-29 16:10 - 2015-03-29 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyTax 2014 AG
2015-03-29 16:09 - 2015-03-29 16:10 - 44057112 _____ (HWI Solutions AG) C:\Users\Giommi\Downloads\EasyTax2014AG_windowsJRE_1_1-2.exe
2015-03-29 16:07 - 2015-03-29 16:07 - 00000000 _____ () C:\Users\Giommi\java0.log.lck
2015-03-29 16:07 - 2015-03-29 16:07 - 00000000 _____ () C:\Users\Giommi\java0.log
2015-03-28 20:38 - 2015-03-28 20:38 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic (1).diagcab
2015-03-28 19:35 - 2015-03-28 19:35 - 00302011 _____ () C:\Users\Giommi\Downloads\WindowsUpdateDiagnostic.diagcab
2015-03-28 18:45 - 2015-03-28 18:45 - 03273584 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\StudioFW1031 (1).exe
2015-03-28 17:34 - 2015-03-28 17:34 - 00002043 _____ () C:\Users\Public\Desktop\Microsoft LifeCam.lnk
2015-03-28 17:34 - 2015-03-28 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
2015-03-28 17:34 - 2015-03-28 17:34 - 00000000 ____D () C:\Program Files\Microsoft LifeCam
2015-03-28 17:34 - 2015-03-28 17:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft LifeCam
2015-03-28 17:22 - 2015-03-28 17:22 - 03273584 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\StudioFW1031.exe
2015-03-28 17:20 - 2015-03-28 17:20 - 22660464 _____ (Microsoft Corporation) C:\Users\Giommi\Downloads\LifeCam3.60.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-27 18:57 - 2012-08-28 06:28 - 00700804 _____ () C:\Windows\system32\perfh007.dat
2015-04-27 18:57 - 2012-08-28 06:28 - 00150272 _____ () C:\Windows\system32\perfc007.dat
2015-04-27 18:57 - 2009-07-14 07:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-27 18:54 - 2013-07-26 22:42 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\TS3Client
2015-04-27 18:54 - 2012-08-28 18:25 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\Skype
2015-04-27 18:53 - 2013-12-04 23:48 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-27 18:51 - 2015-01-02 20:47 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-04-27 18:51 - 2013-03-03 22:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-27 18:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-27 13:14 - 2013-12-04 23:48 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-27 13:12 - 2012-08-27 23:04 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2A523F14-06ED-41FB-A4ED-8DAFF72BBBD1}
2015-04-27 12:33 - 2012-08-28 18:21 - 00000000 ____D () C:\Users\Giommi\AppData\Local\Adobe
2015-04-27 12:31 - 2009-07-14 06:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-27 12:31 - 2009-07-14 06:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-26 01:24 - 2014-07-30 17:19 - 00109680 _____ () C:\Users\Giommi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-26 01:24 - 2009-07-14 06:45 - 05074424 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-25 18:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-25 18:21 - 2015-01-26 21:44 - 00000000 ____D () C:\Users\Giommi\Desktop\LazyAim
2015-04-25 18:21 - 2014-06-04 13:41 - 00000000 ____D () C:\ProgramData\Performancer
2015-04-25 16:47 - 2013-08-05 22:21 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\Winamp
2015-04-25 16:47 - 2013-06-24 18:25 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-25 16:47 - 2012-09-18 20:05 - 00000000 ____D () C:\Users\Giommi\AppData\Local\CrashDumps
2015-04-25 16:35 - 2014-09-17 13:00 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\Nano
2015-04-22 22:20 - 2015-03-23 13:53 - 00000035 _____ () C:\Windows\vidplaylist.ini
2015-04-19 22:22 - 2015-01-15 23:36 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\Tox
2015-04-19 16:48 - 2015-01-17 04:38 - 00000104 _____ () C:\Users\Giommi\Desktop\Neues Textdokument (3).txt
2015-04-19 03:09 - 2014-10-26 17:11 - 00000600 _____ () C:\Users\Giommi\AppData\Local\PUTTY.RND
2015-04-18 21:53 - 2009-07-14 07:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-17 19:15 - 2014-12-01 14:14 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-15 23:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\catroot2.bak
2015-04-15 22:42 - 2013-04-25 18:43 - 00000000 ____D () C:\Users\Giommi\Documents\Visual Studio 2012
2015-04-15 22:04 - 2013-08-01 21:25 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\FileZilla
2015-04-14 12:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-13 21:43 - 2015-02-27 14:54 - 00000811 _____ () C:\netflixacc.txt
2015-04-13 21:43 - 2012-08-28 18:30 - 00000000 ____D () C:\Users\Giommi\Documents\Visual Studio 2010
2015-04-12 19:34 - 2014-06-11 02:01 - 00000000 ____D () C:\Users\Giommi\.zenmap
2015-04-08 20:17 - 2014-12-10 16:03 - 00000000 ____D () C:\Users\Giommi\AppData\Local\osu!
2015-04-08 11:56 - 2015-02-18 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-08 11:56 - 2015-02-18 14:37 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-08 11:56 - 2012-12-22 17:47 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-02 23:42 - 2013-11-10 17:01 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\.purple
2015-04-02 20:27 - 2014-08-10 13:00 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\BoL
2015-04-01 17:39 - 2012-08-28 18:29 - 01600288 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-01 15:52 - 2014-12-25 04:52 - 00000600 _____ () C:\Users\Giommi\AppData\Roaming\winscp.rnd
2015-04-01 13:34 - 2012-08-27 22:12 - 00000000 ____D () C:\Users\Giommi
2015-04-01 13:01 - 2013-11-11 21:35 - 00000000 ____D () C:\Users\Giommi\AppData\Local\gtk-2.0
2015-04-01 12:44 - 2015-02-18 14:41 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\Avira
2015-04-01 12:43 - 2015-02-18 14:37 - 00000000 ____D () C:\ProgramData\Avira
2015-03-30 23:11 - 2015-03-20 22:45 - 00000000 ____D () C:\Users\Giommi\Desktop\Projekt Offshore Server
2015-03-30 13:03 - 2015-03-15 03:12 - 00000000 ____D () C:\Users\Giommi\Desktop\Xtreme
2015-03-30 12:53 - 2015-03-23 13:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-30 12:53 - 2014-05-14 22:31 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-30 12:46 - 2014-09-17 17:39 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-29 23:34 - 2015-01-26 21:21 - 00000000 ____D () C:\Users\Giommi\Desktop\VPS CHEAP
2015-03-29 16:10 - 2014-02-19 13:58 - 00000000 ____D () C:\Users\Giommi\AppData\Roaming\EasyTax
2015-03-29 16:10 - 2013-02-17 20:15 - 00000000 ____D () C:\Program Files (x86)\EasyTax

==================== Files in the root of some directories =======

2014-12-25 04:52 - 2015-04-01 15:52 - 0000600 _____ () C:\Users\Giommi\AppData\Roaming\winscp.rnd
2014-08-24 20:04 - 2015-01-04 21:20 - 0004608 _____ () C:\Users\Giommi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-25 14:37 - 2014-12-25 21:06 - 0000276 _____ () C:\Users\Giommi\AppData\Local\logs.dat
2014-12-25 22:03 - 2014-12-25 22:03 - 0000135 _____ () C:\Users\Giommi\AppData\Local\melt.bat
2014-10-26 17:11 - 2015-04-19 03:09 - 0000600 _____ () C:\Users\Giommi\AppData\Local\PUTTY.RND
2014-11-25 20:59 - 2014-11-25 20:59 - 0001467 _____ () C:\Users\Giommi\AppData\Local\recently-used.xbel
2012-11-05 20:18 - 2012-11-05 20:18 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-03-16 22:14 - 2014-03-16 22:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Giommi\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys
[2010-11-21 05:23] - [2010-11-21 05:23] - 0295808 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\System32\Drivers\volsnap.sys No Company Name <===== ATTENTION!


testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2015-04-14 12:45

==================== End Of Log ============================
[/Code]
[/spoiler]

Addition.txt
[Spoiler]
[Code]
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2015 01
Ran by Giommi at 2015-04-27 18:57:45
Running from C:\Users\Giommi\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3551031480-2449454405-1511854611-500 - Administrator - Disabled)
fbwuser (S-1-5-21-3551031480-2449454405-1511854611-1005 - Limited - Enabled) => C:\Users\fbwuser
Giommi (S-1-5-21-3551031480-2449454405-1511854611-1000 - Administrator - Enabled) => C:\Users\Giommi
Guest (S-1-5-21-3551031480-2449454405-1511854611-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3551031480-2449454405-1511854611-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-3551031480-2449454405-1511854611-1008 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\uTorrent) (Version: 3.4.2.34537 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Acunetix Web Vulnerability Scanner 8.0 (HKLM-x32\...\{DBD76811-6CF0-4A15-9436-B779C3A36929}_is1) (Version: 8.0 - Acunetix)
Acunetix Web Vulnerability Scanner 9.5 (HKLM-x32\...\{ffec63c3-090d-45ea-afd7-eab07edb5822}_is1) (Version: 9.5 - Acunetix)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.1.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.265 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (32 Bit) (HKLM-x32\...\{7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
AMIP (remove only) (HKLM-x32\...\AMIP) (Version:  - )
Andy OS (HKLM-x32\...\Andy OS) (Version: 0.41 - Andy OS, Inc)
Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.3.2 - Angry IP Scanner)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassins Creed IV Black Flag (HKLM-x32\...\Assassins Creed IV Black Flag_is1) (Version: 1.0.4.0 - )
Assassins Creed Unity (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRVbml0eQ==_is1) (Version: 1 - )
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
AuraKingdom-DE (HKLM-x32\...\AuraKingdom-DE) (Version:  - )
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
Bitcoin Core (64-bit) (HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Bitcoin Core (64-bit)) (Version: 0.9.3 - Bitcoin Core project)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version:  - )
Call of Duty Ghosts (HKLM-x32\...\Q2FsbG9mRHV0eUdob3N0cw==_is1) (Version: 1 - )
Camtasia Studio 8 (HKLM-x32\...\{B1F8F5EB-75E2-40C3-9A50-7907F1C910F1}) (Version: 8.0.3.994 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 5.3.0.0341 - Code Laboratories, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Cross DJ LE 2.0.2 (HKLM-x32\...\MixVibes Cross DJ LE 2.0.2) (Version: 2.0.2 - MixVibes)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DB Browser for SQLite (HKLM-x32\...\SqliteBrowser3) (Version: 3.4.0 - oldsch00l)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dethroned! (HKLM-x32\...\Steam App 269390) (Version:  - Treehouse Ltd)
DLL Suite 2013 (HKLM-x32\...\{885843E7-6CAC-4791-B7BF-1CD516017954}_is1) (Version:  - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EasyTax 2012 AG 1.02 (HKLM-x32\...\3785-6780-1293-3574) (Version: 1.02 - HWI Solutions AG)
EasyTax 2013 AG 1.0 (HKLM-x32\...\4093-4123-1528-3000) (Version: 1.0 - HWI Solutions AG)
EasyTax 2014 AG 1.1 (HKLM-x32\...\5677-8571-9647-3678) (Version: 1.1 - HWI Solutions AG)
Eazfuscator.NET (HKLM-x32\...\{6CC522B4-DFF7-4BA4-9DBD-149C8BCED8C8}) (Version: 4.8.144 - Gapotchenko)
FileZilla Client 3.7.2 (HKLM-x32\...\FileZilla Client) (Version: 3.7.2 - Tim Kosse)
FlorensiaEN 2.01.01 (HKLM-x32\...\FlorensiaEN) (Version: 2.01.01 - AHA Entertainment)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - )
HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.)
Horizon Assistant (HKLM-x32\...\Horizon Assistant) (Version: 1.4.7.12 - upc cablecom GmbH)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{A9C5381E-F415-4EDC-95A2-9164218FEA8A}) (Version: 27.0.847.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Hilfe (HKLM-x32\...\{6B953497-169C-4929-9AA9-A9F510347468}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
ILMerge (HKLM-x32\...\{B7B9AF9F-408C-4168-985B-9861055B58C5}) (Version: 2.12.0803 - Microsoft)
iMacros Version 9.0.0.2379 (HKLM-x32\...\{9C5118F7-E26D-4fc0-B7F4-4A067A0808FA}_is1) (Version: 9.0.0.2379 - iOpus)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java SE Development Kit 7 Update 13 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170130}) (Version: 1.7.0.130 - Oracle)
JetBrains dotPeek 1.2 (HKLM-x32\...\{2F536C85-F8AF-4A7C-ACC5-67566B8C810A}) (Version: 1.2.1.226 - JetBrains Inc)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{F6E484FB-BC48-4A63-8186-E25DF4607B3B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
Metasploit (HKLM-x32\...\Metasploit 4.11.0) (Version: 4.11.0 - Rapid7)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{f9024a51-ab45-4a46-b597-ce12f74963c7}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Minecraft1.6.2 (HKLM-x32\...\Minecraft1.6.2) (Version:  - )
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version:  - Virtual Heroes)
MorphVOX Pro (HKLM-x32\...\{87e86c41-0052-42d8-b164-60f261e1708c}) (Version: 4.4.17.22603 - Screaming Bee)
MorphVOX Pro (x32 Version: 4.4.17.22603 - Screaming Bee) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Naruto Shippuden Ultimate Ninja Storm Revolution (HKLM-x32\...\Naruto Shippuden Ultimate Ninja Storm Revolution_is1) (Version:  - )
NetLimiter 3 (HKLM-x32\...\NetLimiter 3 3.0.0.11) (Version: 3.0.0.11 - Locktime Software)
NetLimiter 3 (Version: 3.0.0.11 - Locktime Software) Hidden
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
Nmap 6.40 (HKLM-x32\...\Nmap) (Version:  - )
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2 - )
Notification Center (HKLM-x32\...\{384FA0C0-BB19-4CA0-8DB4-5FD4E938277F}) (Version: 0.7.7.813 - BlueStack Systems, Inc.)
NVIDIA 3D Vision Controller-Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN 2.3.6-I601  (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
Opera Mobile Emulator (HKLM-x32\...\{1826D0CA-F479-4430-9EFE-86E8E783505B}_is1) (Version:  - Opera Software ASA)
Oracle VM VirtualBox 4.3.26 (HKLM\...\{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}) (Version: 4.3.26 - Oracle Corporation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
osu! (HKLM-x32\...\{9303881e-fc8f-4490-9b42-d7e35019b81f}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\{030F4BB3-F3C3-4A74-905C-44672D1ECB76}) (Version: 0.47.284 - Overwolf)
PAYDAY 2 (HKLM-x32\...\PAYDAY 2_is1) (Version: 1.0.0.0 - )
PAYDAY 2 version 1.23.2 (Update 50) (HKLM-x32\...\{1D0A2701-07CF-4E21-87CE-88EC3EB61BC1}_is1) (Version: 1.23.2 (Update 50) - DigitalZone)
Performancer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{dfc86759}) (Version:  - 24soft) <==== ATTENTION
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version:  - )
PostgreSQL 9.2  (HKLM\...\PostgreSQL 9.2) (Version: 9.2 - PostgreSQL Global Development Group)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
S4 League_EU (HKLM-x32\...\{2D99FCE1-6594-4F2D-86C6-EC1436C699F7}) (Version: 1.00.0000 - )
S4 League_EU (HKLM-x32\...\{3A5C0E18-0AA4-4304-A212-B1E0BC303000}) (Version: 1.00.0000 - )
S4 League_EU (HKLM-x32\...\{7AE7FB08-2C7B-4A02-8134-7582652A3C3E}) (Version: 1.00.0000 - )
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 4.14 (64-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC)
SixaxisPairTool 0.2.5 (HKLM-x32\...\SixaxisPairTool_is1) (Version: 0.2.5 - Dancing Pixel Studios)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.24.8 (HKLM\...\{F31F1F66-5685-4C21-906E-20CB74C7BCDF}) (Version: 7.0.24.8 - Mad Catz)
Smart Technology Volume Tracker 7.0.23.0 (HKLM\...\{7C2F1B90-E6E6-4ECF-B626-4545CF6EEB2D}) (Version: 7.0.23.0 - Mad Catz)
SongReference Video Playlist v1.0 (HKLM-x32\...\SongReference Video Playlist) (Version: 1_0 - SongReference.com)
Spotify (HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Spotnet (HKLM-x32\...\{12947715-B6F0-4597-816F-5E13FB647921}_is1) (Version: 1.8.1 - Spotnet)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteamWorld Dig (HKLM-x32\...\Steam App 252410) (Version:  - Image&amp;Form)
Strawberry Perl (64-bit) (HKLM\...\{70919690-6C9B-1014-A8F1-1DC63567E6CE}) (Version: 5.18.2002 - strawberryperl.com project)
Studie zur Verbesserung von HP Deskjet 3520 series Produkten (HKLM\...\{E75A77D7-A854-44D6-A46B-82332AD79E9E}) (Version: 27.0.847.0 - Hewlett-Packard Co.)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Telerik JustDecompile Q3 2014 (HKLM-x32\...\{593F0F6D-77CC-45E2-832D-03B0AF44253B}) (Version: 14.3.1021.0 - Telerik AD)
Thief (HKLM-x32\...\VGhpZWY=_is1) (Version: 1 - )
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TP-LINK Wireless Client Utility (HKLM-x32\...\{385C8E5A-0B4F-4DCD-BBBD-2A8AE0400A76}) (Version: 7.0 - TP-LINK)
Tunngle Version Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Vega 1.0 (HKLM-x32\...\Vega) (Version: 1.0 - Subgraph)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Virtual DJ Pro Full - Atomix Productions (HKLM-x32\...\Virtual DJ Pro Full - Atomix Productions) (Version:  - )
VirtualDJ 8 (HKLM-x32\...\{9652ACA0-38A4-4BF8-B15E-2317D41D0AE3}) (Version: 8.0.2139.0 - Atomix Productions)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VPN Manager 1.6.71.0 (HKLM-x32\...\VPN Manager) (Version: 1.6.71.0 - Perfect-Privacy)
War of the Roses (HKLM-x32\...\Steam App 42160) (Version:  - Fatshark)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Ino-Co Plus)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-19 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.1.2 (HKLM-x32\...\winscp3_is1) (Version: 5.1.2 - Martin Prikryl)
Wireshark 1.8.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.2 - The Wireshark developer community, http://www.wireshark.org)
WTFast 3.5 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.5.3.400 - Initex & AAA Internet Publishing)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
XSplit Broadcaster (HKLM-x32\...\{F8A47958-47CC-4B57-AE7D-7DDC0A86BEF5}) (Version: 1.3.1311.1201 - SplitMediaLabs)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-12-25 15:33 - 00001499 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	bsbackup.mine.nu
127.0.0.1	bshades.eu
127.0.0.1	blackshades.ru
0.0.0.0       rad.msn.com127.0.0.1                   anchorfree.net
127.0.0.1                   rss2search.com
127.0.0.1                   techbrowsing.com
127.0.0.1                   box.anchorfree.net
127.0.0.2                   www.mefeedia.com
127.0.0.1                   anchorfree.us
127.0.0.1                   a433.com
127.0.0.3                   www.anchorfree.net
127.0.0.1                   rpt.anchorfree.net
127.0.0.1                   delivery.anchorfree.us/land.php
127.0.0.1                   hsselite.com
127.0.0.1                   www.hsselite.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {198E9081-9C68-4058-ACBF-2C74BC2404FF} - System32\Tasks\{83CAD12B-C0D7-48D5-8297-2D57095572DF} => pcalua.exe -a C:\Users\Giommi\Downloads\lgs510.exe -d C:\Users\Giommi\Downloads
Task: {1B0E1B7B-FD70-42EF-95DB-96CCBF6A3F0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-01] (Google Inc.)
Task: {1C720E01-9076-449C-A371-5DA91E867A4A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {289D9832-ADAC-4FAB-B6F9-27F0F0D17C1C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {2A440229-F0B4-4AFB-AB13-5D6FCFA3ADE0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {4D0A4F34-A9C7-4FEA-9F27-5CD071C23752} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe
Task: {55DCEC9C-F276-4B28-85F7-757F626B821D} - System32\Tasks\{6E98C2CE-90EB-47E5-BC67-F8D5667FF0F5} => pcalua.exe -a C:\Users\Giommi\Desktop\WebHacking\Symlink\SYMLINK\KalydoPlayer_4.10.01.exe -d C:\Users\Giommi\Desktop\WebHacking\Symlink\SYMLINK
Task: {7DB04E06-2438-4D5D-B2B1-16ABBEF9CF94} - System32\Tasks\{0F78F309-C2DE-456C-BCCE-FE88EE282F71} => Chrome.exe http://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain
Task: {8A8A9D09-90AC-4C81-B762-40BA15DFA0DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {9B75CC75-7C5E-4624-8274-093920B07849} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-01] (Google Inc.)
Task: {9E3F1BDC-C022-4942-9241-FCC8949F0720} - System32\Tasks\{FCAEF866-F598-4FEB-A391-9282ED6EB66C} => pcalua.exe -a "C:\Users\Giommi\Downloads\V7_Keyboard_SD7_0_23_0_x64_Drivers (1).exe" -d C:\Users\Giommi\Downloads
Task: {B1E352F7-62E9-4161-9652-F1CE58BB8D01} - System32\Tasks\{0F54EE2E-781A-44DC-BB3C-20AC6B137D39} => pcalua.exe -a C:\Users\Giommi\Desktop\JRATS\Jar2Exe.exe -d C:\Users\Giommi\Desktop\JRATS
Task: {BE1ED2DC-3F23-42F5-A4A3-02E9466427DE} - \BrowserProtect No Task File <==== ATTENTION
Task: {EA38D5C3-B510-40F1-B53F-1B084193158F} - System32\Tasks\AdobeAAMUpdater-1.0-Giommi-PC-Giommi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {F367E66D-2962-41DD-8CAC-3F15861B02EA} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-09-11 17:10 - 2013-08-02 04:12 - 00043520 _____ () C:\Windows\system32\CSRSRV.dll
2009-07-14 01:19 - 2009-07-14 03:41 - 00036864 _____ () C:\Windows\system32\pcwum.dll
2009-07-14 01:19 - 2009-07-14 03:41 - 00036864 _____ () C:\Windows\system32\pcwum.DLL
2009-07-14 01:19 - 2009-07-14 03:41 - 00036864 _____ () C:\Windows\System32\pcwum.dll
2014-09-29 02:06 - 2012-11-22 18:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll
2009-07-14 01:19 - 2009-07-14 03:41 - 00036864 _____ () c:\windows\system32\pcwum.dll
2013-11-19 20:30 - 2013-11-11 17:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-17 00:34 - 2014-05-17 00:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2014-04-22 22:47 - 2014-04-22 22:46 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2014-04-22 22:47 - 2014-04-22 22:46 - 00151552 _____ () C:\Windows\KMService.exe
2012-10-23 19:05 - 2014-10-29 20:39 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-07 19:37 - 2014-10-20 09:40 - 00176640 _____ () C:\Program Files\PostgreSQL\9.2\bin\LIBPQ.dll
2015-01-07 19:37 - 2014-02-05 11:16 - 01336832 _____ () C:\Program Files\PostgreSQL\9.2\bin\libxml2.dll
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-03-15 03:08 - 2014-03-15 03:08 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-15 03:08 - 2014-03-15 03:08 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-15 03:08 - 2014-03-15 03:08 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2012-07-30 16:13 - 2014-08-17 01:49 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2012-07-30 16:13 - 2014-08-17 01:49 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-15 03:08 - 2014-03-15 03:08 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-15 03:08 - 2014-03-15 03:08 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2015-04-25 00:50 - 2015-04-25 00:51 - 00207360 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\ClownfishForTeamspeak_win64.dll
2012-07-30 16:13 - 2014-08-17 01:49 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-04-20 22:35 - 2015-04-20 22:35 - 00486912 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\soundboard.dll
2013-10-27 00:05 - 2014-08-17 01:49 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-15 03:08 - 2014-03-15 03:08 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2012-08-28 18:01 - 2012-05-29 11:47 - 01300376 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-04-08 09:55 - 2015-04-08 09:55 - 02324472 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.243\deploy\LoLLauncher.exe
2015-04-08 09:55 - 2015-04-08 09:55 - 03800568 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\LoLPatcher.exe
2013-07-25 21:29 - 2013-07-25 21:29 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.140\deploy\LolClient.exe
2014-05-17 02:11 - 2014-05-17 02:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 02:37 - 2014-05-17 02:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-03-08 07:17 - 2013-03-08 07:17 - 07816192 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2013-03-08 07:17 - 2013-03-08 07:17 - 00188416 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
2013-03-08 07:17 - 2013-03-08 07:17 - 01425920 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2013-03-08 07:17 - 2013-03-08 07:17 - 00336896 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2013-03-08 07:17 - 2013-03-08 07:17 - 00096256 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2013-08-06 19:43 - 2013-08-06 19:43 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-04-17 19:15 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-17 19:15 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2015-04-08 09:55 - 2015-04-08 09:55 - 01672184 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.27\deploy\RiotLauncher.dll
2013-07-25 21:29 - 2013-07-25 21:29 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.140\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\...\localhost -> hxxps://localhost


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3551031480-2449454405-1511854611-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 62.2.24.158 - 62.2.17.60

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AcuWVSSchedulerv8 => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: DefaultTabSearch => 2
MSCONFIG\Services: DefaultTabUpdate => 2
MSCONFIG\Services: Disc Soft Bus Service => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: LPTSystemUpdater => 2
MSCONFIG\Services: metasploitProSvc => 2
MSCONFIG\Services: metasploitThin => 2
MSCONFIG\Services: metasploitWorker => 2
MSCONFIG\Services: nlsvc => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: PassThru Service => 2
MSCONFIG\Services: Update lucky leap => 2
MSCONFIG\Services: Util lucky leap => 2
MSCONFIG\Services: Wpm => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PrivateTunnel.lnk => C:\Windows\pss\PrivateTunnel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Giommi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Giommi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Giommi\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: Application Experience => C:\Users\Giommi\AppData\Roaming\Microsoft\AeLookupSvi.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Audio Treiber x64 => C:\Users\Giommi\AppData\Roaming\AudioTreiber_x64.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: Avirnt => C:\Users\Giommi\AppData\Roaming\Microsoft\Pluguin.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Coin Miner => C:\Program Files (x86)\CoinMiner\coinminer.exe a
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun
MSCONFIG\startupreg: EADM => "D:\origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: GoogleChromeAutoLaunch_7E290A021AA3DB674CDF04B2A02A17DA => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HKCU => C:\Windows\SysWOW64\InstallDir\svchost.exe
MSCONFIG\startupreg: HKLM => C:\Windows\system32\InstallDir\svchost.exe
MSCONFIG\startupreg: HP Deskjet 3520 series (NET) => "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN27A111C905SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: InstaShot => C:\Users\Giommi\Desktop\InstaShot\InstaShot\bin\Debug\InstaShot.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiloByte => C:\Users\Giommi\Desktop\KiloByte\KiloByte\bin\Debug\KiloByte.exe
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Microsoft => C:\Users\Giommi\Desktop\Hacking\Pandora Rat v2.0\Pandora Rat\crypted.exe
MSCONFIG\startupreg: MurGee.com Auto Clicker => C:\Program Files (x86)\Auto Clicker\AutoClicker.exe :silent
MSCONFIG\startupreg: NetLimiter => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: ProfilerU => C:\Program Files\SmartTechnology\Software\ProfilerU.exe
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: S4Linject => C:\ProgramData\Microsoft\Windows\Start Menu\Programs\msupdt\microsoftUp2date.exe
MSCONFIG\startupreg: SaiMfd => C:\Program Files\SmartTechnology\Software\SaiMfd.exe
MSCONFIG\startupreg: SaiVolume => C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Server => "C:\Program Files (x86)\Java\jre7\bin\javaw.exe" -jar "C:\Users\Giommi\AppData\Local\Temp\Server9060676699719166660.jar"
MSCONFIG\startupreg: serverDELETE => C:\Users\Giommi\AppData\Roaming\server.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Speech Recognition => "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
MSCONFIG\startupreg: Spotify => "C:\Users\Giommi\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Giommi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Giommi\Downloads\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: wincores => C:\Users\Giommi\AppData\Roaming\wincores\wincores.exe
MSCONFIG\startupreg: Windef.exe => "C:\Windows\WinLog.exe"
MSCONFIG\startupreg: windows => C:\Users\Giommi\AppData\Local\Temp\Rar$EXa0.124\Twitch Viewer Faker 2014 FINAL Multi Proxy Bot\Twitch Viewer Faker 2014  Multi Proxy Bot.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: WSHelperSetup.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{BD47E202-D74B-448B-987B-1475B674FD1F}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{5F0B204C-8739-48F9-A416-0511CA3B5224}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{356508C6-D943-43AD-982D-04A982AA8C69}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{C28B0847-B6D8-4913-A196-DE2DB1744BD3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{03207705-DBFD-4348-BB91-D737DEA20CD1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{48ABB4CE-C2BF-4A69-887E-ACD5C484F32B}] => (Allow) LPort=51563
FirewallRules: [{080DDD60-5AD0-4281-BB3B-D44F2C738814}] => (Allow) LPort=5000
FirewallRules: [{9E66B158-9D63-4A42-90DA-DBE5ED6FB3A6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1BFAFB86-7614-4A36-98F5-13588D65134F}] => (Allow) LPort=2869
FirewallRules: [{26B0874C-F883-42D1-A869-A90F90EF3E0F}] => (Allow) LPort=1900
FirewallRules: [{07BA6593-4F57-4C34-9D76-7FD3F0A7FF42}] => (Allow) D:\games\AC3SP.exe
FirewallRules: [{02663718-AC3D-4D86-96DE-DF1F00113F2A}] => (Allow) D:\games\AC3SP.exe
FirewallRules: [{2DF0723D-842B-48CB-BB8C-FAE944F1F46E}] => (Allow) D:\games\AC3MP.exe
FirewallRules: [{776A3519-E94E-4AF8-859E-08475BA5FEAB}] => (Allow) D:\games\AC3MP.exe
FirewallRules: [{FA4D73DF-2766-4858-9841-0B65418B4497}] => (Allow) D:\games\AssassinsCreed3.exe
FirewallRules: [{D7D8A0AC-1D0A-42EC-AF2A-E3B465D65249}] => (Allow) D:\games\AssassinsCreed3.exe
FirewallRules: [{045C310A-9D6F-4B0C-97CA-D28166E12183}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{5E3F75F1-3D71-40BA-92D6-2BEF2CF5EEDE}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{FDE6C95E-4F94-4CDE-B146-CD6E26BC6821}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{59647ED8-BCD5-4B72-B755-D9ED7AC25414}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{E2B508C0-8E87-4B13-8837-442DE630C480}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{E924E688-5A00-4A42-BE91-95345A5D0666}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{B7BE5FEE-422B-4E85-8C47-36B54D8976C2}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{E632628D-2491-4E70-B936-AF065AFCB174}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6E04FCA3-2A00-463C-B65C-7F2A177F7BFC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CD05DF48-4A20-4BB8-9DB7-A8AA55FD29E5}] => (Allow) D:\games\AC3SP.exe
FirewallRules: [{D7AE4187-7C74-4BE3-8D22-B0BAAEFA988A}] => (Allow) D:\games\AC3SP.exe
FirewallRules: [{B605C5C9-8FB4-40E7-999F-D0FA6CC7ED08}] => (Allow) D:\games\AC3MP.exe
FirewallRules: [{91136FA3-5EC7-4493-AD44-8E8F6120F1AC}] => (Allow) D:\games\AC3MP.exe
FirewallRules: [{C15F5C76-E480-49A6-8C8F-ED528047299E}] => (Allow) D:\games\AssassinsCreed3.exe
FirewallRules: [{21FD760E-67B7-48AC-8963-686F6E596950}] => (Allow) D:\games\AssassinsCreed3.exe
FirewallRules: [{EE254CBC-47AF-4E39-8CB9-93097D843934}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{34AB3929-B4ED-44F2-BAF2-C6931CC5CA6C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{26898CB7-E7D3-4BE2-9C71-C957275DA762}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{C59DC812-FEEB-4F6E-9727-4081B8D518B0}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{AF04F5C6-F5B2-4AD1-AB00-D54B20FA9330}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{AA5E1613-5394-42BE-98DD-405725FFB29F}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{8E2C80F9-5000-48B2-B939-E718419882CC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{16842496-844B-4948-824E-E81933416A3B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B867A8F1-19A2-409D-BE2C-02D7339186EA}] => (Allow) D:\games\Battlefield 4\bf4_x86.exe
FirewallRules: [{49228F6F-7FD0-4C1D-8F24-A90C7E657217}] => (Allow) D:\games\Battlefield 4\bf4_x86.exe
FirewallRules: [{F91C8B85-7611-4F8E-A459-32B8F81C9136}] => (Allow) D:\games\Battlefield 4\bf4.exe
FirewallRules: [{2E057AA9-17EE-46C8-8F2B-8C6A68690260}] => (Allow) D:\games\Battlefield 4\bf4.exe
FirewallRules: [{4FDD16B5-FB22-48A6-BD57-D6AE06720E58}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{EED2D2A7-3A53-4D5A-8F0B-EAA07F395EDA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C2CE0D8D-AEE4-446D-A56A-FD8D65AD554F}] => (Allow) D:\games\WoR\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9764E6AC-E288-441F-B62E-6A983FFA07B2}] => (Allow) D:\games\WoR\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0A4664F3-1844-49F7-B2AC-3577DFFC579F}] => (Allow) D:\games\WoR\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{7FF54C10-0440-4ED0-BBF6-510A7A5D53E1}] => (Allow) D:\games\WoR\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2196FF98-B850-4121-8C0D-A27A618A2D08}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{E976C0BF-B806-46DC-9888-58FD9A1D13F5}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
FirewallRules: [{B58ECC6E-2F7A-4CEF-B999-9113B6112298}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE6563FC-CF14-4FEB-A0F5-8FC2F951F4F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9088D182-088C-4935-B8AD-A8786A008B3A}] => (Allow) D:\games\WoR\SteamApps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{ED561A2D-1D98-4D29-8B51-C61F834810C8}] => (Allow) D:\games\WoR\SteamApps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{C83F690E-333F-4A8F-A869-800EFCB021BB}] => (Allow) D:\games\WoR\SteamApps\common\Alien Swarm\swarm.exe
FirewallRules: [{7D0F9A16-029B-4A11-9738-F12A624532AB}] => (Allow) D:\games\WoR\SteamApps\common\Alien Swarm\swarm.exe
FirewallRules: [{932BBE79-E59F-4AE1-A8EA-E702AF663DED}] => (Allow) D:\games\SimCity\SimCity\SimCity.exe
FirewallRules: [{3B292A4A-8AE8-4FCD-8768-3D2872CA84E5}] => (Allow) D:\games\SimCity\SimCity\SimCity.exe
FirewallRules: [{ABA9A7B4-1A0D-453C-840E-78CE6717DB49}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
FirewallRules: [{24C90EF6-FCD7-4648-B44E-090DA67563C6}] => (Allow) D:\games\Watchdogs\bin\Watch_Dogs.exe
FirewallRules: [{917E8FBD-6002-4B53-B3A8-03C995E5DC03}] => (Allow) D:\games\Watchdogs\bin\Watch_Dogs.exe
FirewallRules: [{E9581E44-8EBE-45E9-860D-051AAFC7FCE3}] => (Allow) D:\games\WoR\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{0B1CDF1A-8CE0-4678-B259-92322BC80938}] => (Allow) D:\games\WoR\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{A15AF55B-103C-4322-BB3C-532CD10102B6}] => (Allow) D:\games\WoR\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{E17A7667-78ED-4F6B-BA50-C74EC7F86614}] => (Allow) D:\games\WoR\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{14362DF8-CEA1-4567-AD47-2515094DE51C}] => (Allow) D:\games\WoR\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{87484B3A-1F3A-4655-85FA-9F54633B0DEC}] => (Allow) D:\games\WoR\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{EE7D60FF-C019-4FBE-9116-A375D82094BF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5DAA6912-205A-4005-AAEE-CE3CC5A63A11}] => (Block) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{77B6550C-F720-4AE8-B892-D9110FB34B99}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{542B261B-0676-4CE1-BAE5-763A9D47C829}] => (Block) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CD69DC97-DB26-4ED4-BF15-407C07660E7C}] => (Block) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7AB834B0-0845-4A30-B39F-818FC14DD463}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A712905A-539C-4BC2-9737-BC32EFDEBA81}] => (Allow) D:\games\WoR\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{084E6F88-5592-4E3D-B684-83960983BF47}] => (Allow) D:\games\WoR\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{88AD6BEA-E222-4BA8-8499-EDA8DA9850C6}] => (Allow) D:\games\WoR\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5C8A850B-5DB9-454C-ABA7-CF60CABBEEC7}] => (Allow) D:\games\WoR\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BFFBEE7D-EDF7-4B7B-BB6C-888FCF04CB08}] => (Allow) D:\games\WoR\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{D91FE9C6-174D-4215-8DB8-3E30AB15D9AE}] => (Allow) D:\games\WoR\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{01C44A0C-BA7B-44C1-A24B-9E4DFE5E2A5F}] => (Allow) D:\games\WoR\SteamApps\common\War of the Roses\wotr.exe
FirewallRules: [{366BBC42-484F-494F-8E5D-419AB338D60B}] => (Allow) D:\games\WoR\SteamApps\common\War of the Roses\wotr.exe
FirewallRules: [{810D65AF-4FD0-49C1-8D82-DD9A0A882D82}] => (Allow) D:\games\WoR\SteamApps\common\War of the Roses\loader.exe
FirewallRules: [{4D6E71A3-8A18-4181-A465-9D951DF44088}] => (Allow) D:\games\WoR\SteamApps\common\War of the Roses\loader.exe
FirewallRules: [{CA93EB4F-4380-4827-8EE3-80F3CAB009EA}] => (Allow) D:\games\WoR\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{12899C65-3E42-4759-B1E0-A769F9026410}] => (Allow) D:\games\WoR\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{CE345921-3FCC-4CBC-AFA1-B65AA9851981}] => (Allow) C:\Users\Giommi\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{DF9ECC27-639B-49B4-A685-1E74321E6C47}] => (Allow) C:\Users\Giommi\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{D0FB9CE4-6AB3-4360-BE1A-44F23CFBE4B5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B26DFAEB-5F6B-4A91-9290-8A2A48533075}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DFC70A10-8877-434D-82F3-97FF34923292}] => (Allow) D:\games\WoR\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{870D2F3A-4BE6-473A-889A-DD128B90141D}] => (Allow) D:\games\WoR\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{B534C9F7-424F-4501-86AF-05236702878C}] => (Allow) D:\games\WoR\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{2B2FFE48-ADAF-4997-B417-3B2E94D35BED}] => (Allow) D:\games\WoR\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{8C11838C-6FAE-4D44-A882-F01743EFF4DC}] => (Allow) D:\games\WoR\SteamApps\common\SteamWorld Dig\SteamWorldDig.exe
FirewallRules: [{8DF2A991-AF9E-421A-948E-A166A447FD63}] => (Allow) D:\games\WoR\SteamApps\common\SteamWorld Dig\SteamWorldDig.exe
FirewallRules: [{0171A1E5-3FA5-41FA-B40E-32B1B972F7A6}] => (Allow) D:\games\WoR\SteamApps\common\Warlock - Master of the Arcane\Game.exe
FirewallRules: [{5CC736C8-E665-4C0D-A9F4-B7D1EF40710D}] => (Allow) D:\games\WoR\SteamApps\common\Warlock - Master of the Arcane\Game.exe
FirewallRules: [{B5B6F803-8ACB-4C16-8CC8-515467A14741}] => (Allow) D:\games\WoR\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{EB5F08B5-D4B8-411C-B9FF-D81925D7FEC6}] => (Allow) D:\games\WoR\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{9564D200-D537-4569-80DB-2400DBBA99FC}] => (Allow) C:\Users\Giommi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E77C7795-6775-4140-AEBF-9E1EABA1B88B}] => (Allow) C:\Users\Giommi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CA1C4C19-B3DF-4296-8087-4A1FDA841A20}] => (Allow) D:\games\WoR\SteamApps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{0518D09F-90BD-4058-A460-2EFBD8242970}] => (Allow) D:\games\WoR\SteamApps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{E56617F3-AAB2-460A-A8BB-AED536E3E83B}] => (Allow) D:\games\WoR\SteamApps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{7DD8902C-CB1E-4CC8-B712-EE50109EA39A}] => (Allow) D:\games\WoR\SteamApps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{C1C38A51-04EC-4344-A278-9F4F697FF5AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C3CE5C2A-CA46-4957-A538-ED98E8DA80F3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BEE5429C-3EEE-42D4-B0FC-7195CF978AAE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C8564025-3B0D-474B-BE27-FEFE80A14CF7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9B18B27F-B430-4AA6-9793-DC9A97EF9433}] => (Allow) D:\games\WoR\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{CA6595CA-9023-41DE-B959-B2D0C0E45067}] => (Allow) D:\games\WoR\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{30562F16-0B4D-4327-B0B3-CB8C526A6FA1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{743486D9-C8B3-457D-ACE8-EDA55B7DEFD9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E8227159-8DA5-4480-AFED-2D0B10FB5A06}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D1A58D8A-80FD-40C5-93E9-A625619E98CE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{49A8E7B2-532D-4F3B-A75E-CE481FFDCFFD}] => (Allow) D:\games\WoR\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{527B724C-133F-4F86-A746-12EA3704E3F0}] => (Allow) D:\games\WoR\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B70E7F06-D3AE-48B9-8178-0F74A02AB72D}] => (Allow) D:\games\WoR\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{CBDB3E4E-BA8B-440D-BE70-A1C94A4B8655}] => (Allow) D:\games\WoR\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{0B01713A-25CA-4506-86FE-30C07A1069C4}] => (Allow) D:\games\WoR\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{95B1CF4D-C5F6-496C-BC3F-4C28E6AEB6F6}] => (Allow) D:\games\WoR\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{62F0FEF4-D490-4419-AF0A-FF36B4E17F9A}] => (Allow) D:\games\WoR\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{1A3DB179-BB1A-48A3-B148-76AADB4DCCC2}] => (Allow) D:\games\WoR\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{0BD15D11-758A-4C8C-8F31-D0BA74AABB51}] => (Allow) D:\games\WoR\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{C6774F96-1D7F-40A9-9584-829D63003DEC}] => (Allow) D:\games\WoR\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{2A9535E9-C2AE-4BA7-9FDE-5CF0345A2E8C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C05E5E4D-B4B0-4111-A482-C8B144F32F9E}] => (Allow) C:\Users\Giommi\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{09E65526-5739-44CB-8788-AE74A9826CE7}] => (Allow) C:\Users\Giommi\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{164026D6-3279-41B4-BCFF-D4C8D5DCE37B}] => (Allow) D:\games\WoR\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{40637AFD-E2E5-4258-B940-415A90F7EF7A}] => (Allow) D:\games\WoR\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{C6BDF3F8-CC73-44A3-A246-26D40F290438}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{B9921114-3DE9-43C0-BB36-F1748574BDA3}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{EED64F62-BBC5-40BD-8983-5E50FCD2556C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{351C7EDD-C804-49A5-97D3-58010F1A386A}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{42B35CC9-2A05-4D17-ACC2-86F987548502}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{848CFA92-9E5B-4559-BB2A-EA9B4E6EB702}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{5ABF3251-E561-4125-8230-7668CC0FCF5F}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{FADF2C75-665A-4AFA-8946-DC41889EF6AE}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{09E0B7F1-755C-4983-939E-49D7F95147D4}] => (Allow) C:\ProgramData\PAYDAY 2\crime.exe
FirewallRules: [{96A0BAA7-2FF0-4544-A083-5F759EE7E2D5}] => (Allow) C:\ProgramData\PAYDAY 2\crime.exe
FirewallRules: [{CE92688E-E2A8-4659-A3E4-C6C78D97B883}] => (Allow) \crime.exe
FirewallRules: [{2DC6DBEC-F723-4B2E-BEB7-8E9B37BFB5D7}] => (Allow) \crime.exe
FirewallRules: [{461E45A6-136B-42EA-BB7E-FE222F5481ED}] => (Allow) D:\games\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{BC97FC17-6A75-4755-9517-9E83921959F7}] => (Allow) D:\games\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{73551F7B-5B33-4F3D-B9E1-37426BA0021B}] => (Allow) D:\games\WoR\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{CC63B070-CBAF-4D92-8D76-5F4A7CF75E8B}] => (Allow) D:\games\WoR\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{86E5F8D0-CD8F-4FE1-8836-51E358C919F5}] => (Allow) D:\games\WoR\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{DA76937B-1662-4B19-AE21-6826B744A218}] => (Allow) D:\games\WoR\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{07CF3DA2-030E-41B4-B123-C449347D3AA7}] => (Allow) D:\games\WoR\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{1759793F-7A94-4C23-B8D3-EB1C30DACC57}] => (Allow) D:\games\WoR\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{0394E522-9B84-4E79-8D6D-7041881A1B16}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CCA3CC1B-5C75-467E-B3CD-3D4AA9204234}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D0E29EA3-976C-4F86-BBE6-3E15DD8B2124}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{B5F6D15B-E4E7-4A63-A246-26BDF3B7B7CE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{3D8BBA2D-74F5-4182-BBE7-B89121D96828}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{7E6F57D2-7EAA-412A-AE59-1C613232A485}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{AFA9AE46-276B-4712-880C-2ABB9A4CAA34}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{68B215BF-5634-4757-B745-C25BB8B0813C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{B67806CA-16E9-41AF-A3D3-7A1D7A5F8C6B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{49724FA5-3CC4-4723-ABB4-B0E4F139D0C7}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{CA865D17-D0D1-421C-B68B-3485FFC54281}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Users\Giommi\AppData\Roaming\AudioTreiber_x64.exe] => Enabled:

==================== Faulty Device Manager Devices =============

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: TAP-Win32 Adapter V9 (Tunngle)
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TAP-Win32 Adapter V9 (Tunngle) - VirtualBox Bridged Networking Driver Miniport
Description: VirtualBox Bridged Networking Driver Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: VBoxNetFlt
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ZeroTier One Virtual Network Port - VirtualBox Bridged Networking Driver Miniport
Description: VirtualBox Bridged Networking Driver Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: VBoxNetFlt
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: TAP-Windows Adapter V9 #2
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: SAMSUNG Mobile USB Remote NDIS Network Device - VirtualBox Bridged Networking Driver Miniport
Description: VirtualBox Bridged Networking Driver Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: VBoxNetFlt
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: ZeroTier One Virtual Network Port
Description: ZeroTier One Virtual Network Port
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ZeroTier Networks LLC
Service: zttap200
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Virtual WiFi Miniport Adapter - VirtualBox Bridged Networking Driver Miniport
Description: VirtualBox Bridged Networking Driver Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: VBoxNetFlt
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: avkmgr
Description: avkmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: avkmgr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: System Interrupt Controller
Description: System Interrupt Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: nltdi
Description: nltdi
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nltdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft LifeCam Studio
Description: Microsoft LifeCam Studio
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/27/2015 06:53:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2015 00:25:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2015 09:21:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2015 02:10:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2015 01:26:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2015 06:43:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-3551031480-2449454405-1511854611-1003.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, The security ID structure is invalid.
.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {f7c538ee-c47e-498d-9ac7-f7cd235332d5}

Error: (04/25/2015 06:43:15 PM) (Source: MsiInstaller) (EventID: 11314) (User: Giommi-PC)
Description: Product: Windows Resource Kit Tools - SubInAcl.exe -- Error 1314. The specified path '%windir%\system32' is unavailable.

Error: (04/25/2015 06:28:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2015 04:11:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2015 00:26:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/27/2015 06:51:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
avipbb
avkmgr
nltdi
VBoxDrv
VBoxUSBMon

Error: (04/27/2015 06:51:44 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Mail Protection" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.

Error: (04/27/2015 06:51:45 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.0.15192.168.137.0255.255.255.0

Error: (04/27/2015 06:51:45 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (04/27/2015 06:51:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (04/27/2015 06:51:31 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (04/27/2015 06:51:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Metasploit Worker" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/27/2015 06:51:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Metasploit Thin Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/27/2015 06:51:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Metasploit Pro Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/27/2015 06:51:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "metasploitPostgreSQL" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (04/27/2015 06:53:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2015 00:25:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2015 09:21:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2015 02:10:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2015 01:26:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2015 06:43:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-3551031480-2449454405-1511854611-1003.bak)0x80070539, The security ID structure is invalid.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {f7c538ee-c47e-498d-9ac7-f7cd235332d5}

Error: (04/25/2015 06:43:15 PM) (Source: MsiInstaller) (EventID: 11314) (User: Giommi-PC)
Description: Product: Windows Resource Kit Tools - SubInAcl.exe -- Error 1314. The specified path '%windir%\system32' is unavailable.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/25/2015 06:28:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2015 04:11:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2015 00:26:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-11-27 19:03:12.050
  Description: N/A

  Date: 2014-11-27 19:03:12.007
  Description: N/A

  Date: 2013-03-03 12:37:46.275
  Description: N/A

  Date: 2013-03-03 12:37:46.259
  Description: N/A

  Date: 2013-03-02 11:55:31.166
  Description: N/A

  Date: 2013-03-02 11:55:31.166
  Description: N/A

  Date: 2013-03-01 17:53:24.322
  Description: N/A

  Date: 2013-03-01 17:53:24.306
  Description: N/A

  Date: 2013-02-28 19:33:25.400
  Description: N/A

  Date: 2013-02-28 19:33:25.384
  Description: N/A


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3820 CPU @ 3.60GHz
Percentage of memory in use: 11%
Total physical RAM: 32692.18 MB
Available physical RAM: 28950.68 MB
Total Pagefile: 34568.55 MB
Available Pagefile: 30402.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:8.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 58CED179)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 58CED179)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2E9A6991)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================
[/Code]
[/Spoiler]