Inactive Virus causing casino popups and skypespam

[KristofferM]

Hello. For a few days I have had problems pointing towards some sort of virus. A few times per day I get these casinowebsite popups in google chrome. A friend messaged me saying I had a virus spamming him on skype, don't know what the virus wrote though. Also other wierd things have started happening like chrome trying to furiously refresh the website I'm currently on.

I've ran a couple of avast scans with little result. The first times avast couldn't acces 2 files located in my "Chromedownloads" folder. I proceded to delete that entire folder and now when I run avast it tells me no threats can be found. But, the casino popups have not stopped so the problems haven't dissapeared. Would appreciate any help you can give, thank you.

 

[Broni]

Welcome aboard

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================

Please observe forum rules.
All logs have to be pasted not attached.

 

[KristofferM]

Sorry about that!


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015
Ran by Stoffe (administrator) on STOFFE-PC (11-08-2015 16:55:20)
Running from D:\Chromefiler
Loaded Profiles: Stoffe (Available Profiles: Stoffe)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Spotify Ltd) C:\Users\Stoffe\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Stoffe\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(ChannelPartners) C:\Users\Stoffe\AppData\Local\DealDay\DealDay.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Curse) C:\Users\Stoffe\AppData\Local\Apps\2.0\0WXZ0AP1.EO1\ABB2XMX2.XR8\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Stoffe\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Stoffe\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Stoffe\AppData\Roaming\Spotify\Spotify.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-01] (Avast Software s.r.o.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\Run: [Spotify Web Helper] => C:\Users\Stoffe\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-06] (Spotify Ltd)
HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2895552 2015-07-24] (Valve Corporation)
HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\Run: [DAEMON Tools Lite] => "D:\Downloads\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [456576 2015-06-10] (Sony)
HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53661824 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\Run: [Spotify] => C:\Users\Stoffe\AppData\Roaming\Spotify\Spotify.exe [7675448 2015-08-06] (Spotify Ltd)
HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\Run: [GoogleChromeAutoLaunch_2F2A5E4AEF9F2013A66E2F17C34978AA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-31] (Google Inc.)
HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3761424 2014-11-10] (Disc Soft Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-27] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-12-11]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Stoffe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2013-08-13] ()
Startup: C:\Users\Stoffe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DealDay.lnk [2015-07-20]
ShortcutTarget: DealDay.lnk -> C:\Users\Stoffe\AppData\Local\DealDay\DealDay.exe (ChannelPartners)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-01] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...tp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...tp://go.microsoft.com/fwlink/p/?LinkId=255141
HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...17C9DE6A5&SearchSource=55&CUI=&UM=6&UP=&SSPV=
HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2045019015-4273341009-2133478701-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?g...Source=58&CUI=&UM=6&UP=&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2045019015-4273341009-2133478701-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?g...Source=58&CUI=&UM=6&UP=&q={searchTerms}&SSPV=
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-01] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-01] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3131677B-09DE-417A-9048-5A2CB21C28BE}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-05-12] (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-05-12] (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.0.1.5 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-05-12] (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Stoffe\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2013-03-30] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-13]

Chrome:
=======
CHR Profile: C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-02-19]
CHR Extension: (Google Docs) - C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-13]
CHR Extension: (Google Drive) - C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-13]
CHR Extension: (YouTube) - C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-13]
CHR Extension: (Adblock Plus) - C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-26]
CHR Extension: (Google Search) - C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-13]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-11-01]
CHR Extension: (AdBlock) - C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-13]
CHR Extension: (Skype Click to Call) - C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-13]
CHR Extension: (ThemeBeta.com) - C:\Users\Stoffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdcohelbchhojnblohmbbmflllejjbo [2014-10-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-01] (Avast Software s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Pro\DiscSoftBusService.exe [2216208 2014-11-10] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-10-09] (Company) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-01] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-01] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-01] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-01] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-01] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-01] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29864 2015-07-20] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 cpuz136; \??\C:\Users\Stoffe\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-11 16:54 - 2015-08-11 16:55 - 00000000 ____D C:\FRST
2015-08-11 16:54 - 2015-08-11 16:53 - 02171392 _____ (Farbar) C:\Users\Stoffe\Desktop\FRST64.exe
2015-08-02 17:41 - 2015-08-02 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-08-02 17:41 - 2015-08-02 17:41 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-29 22:15 - 2015-07-29 22:15 - 00000996 _____ C:\Windows\srtpoq.xml
2015-07-23 20:52 - 2015-07-27 02:57 - 00000000 ____D C:\Users\Stoffe\AppData\Local\acquisition
2015-07-23 17:50 - 2015-07-23 17:50 - 00000000 ____D C:\Users\Stoffe\AppData\Local\CrashRpt
2015-07-23 17:50 - 2015-07-23 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acquisition
2015-07-22 15:22 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-22 15:22 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-22 15:22 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-22 15:22 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-22 15:22 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-22 15:22 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-22 15:22 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-22 15:22 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-22 15:22 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-22 15:22 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-22 15:14 - 2015-07-22 15:14 - 00000000 ____D C:\Users\Stoffe\AppData\Local\CEF
2015-07-20 00:39 - 2015-07-20 00:40 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro
2015-07-20 00:39 - 2015-07-20 00:39 - 00029864 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsibus.sys
2015-07-20 00:39 - 2015-07-20 00:39 - 00001936 _____ C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2015-07-20 00:39 - 2015-07-20 00:39 - 00000000 ____D C:\Users\Stoffe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealDay
2015-07-20 00:39 - 2015-07-20 00:39 - 00000000 ____D C:\Users\Stoffe\AppData\Local\DealDay
2015-07-20 00:39 - 2015-07-20 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
2015-07-18 18:21 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-18 18:21 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-18 17:54 - 2015-07-18 17:54 - 00000829 _____ C:\Users\Public\Desktop\The Witcher 3.lnk
2015-07-18 16:59 - 2015-07-18 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2015-07-18 16:51 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-18 16:51 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-18 16:51 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-18 16:51 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-18 16:51 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-18 16:51 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-18 16:51 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-18 16:51 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-18 16:51 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-18 16:51 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-18 16:51 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-18 16:51 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-18 16:51 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-18 16:51 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-18 16:51 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-18 16:51 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-18 16:51 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-18 16:51 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-18 16:51 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-18 16:51 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-18 16:51 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-18 16:51 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-18 16:51 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-18 16:51 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-18 16:51 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-18 16:51 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-18 16:51 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-18 16:51 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-18 16:51 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-18 16:51 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-18 16:51 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-18 16:51 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-18 16:51 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-18 16:51 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-18 16:51 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-18 16:51 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-18 16:51 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-18 16:51 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-18 16:51 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-18 16:51 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-18 16:51 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-18 16:51 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-18 16:51 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-18 16:51 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-18 16:50 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-18 16:50 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-18 16:50 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-18 16:50 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-18 16:50 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-18 16:50 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-18 16:50 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-18 16:50 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-18 16:50 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-18 16:50 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-18 16:50 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-18 16:50 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-18 16:49 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-18 16:49 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-18 16:49 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-18 16:49 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-18 16:49 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-18 16:49 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-18 16:49 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-18 16:49 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-18 16:49 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-18 16:49 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-18 16:49 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-18 16:49 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-18 16:49 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-18 16:49 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-18 16:49 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-18 16:49 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-18 16:49 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-18 16:49 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-18 16:49 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-18 16:49 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-18 16:49 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-18 16:49 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-18 16:49 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-18 16:49 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-18 16:49 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-18 16:49 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-18 16:49 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-18 16:49 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-18 16:49 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-18 16:49 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-18 16:49 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-18 16:49 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-18 16:49 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-18 16:49 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-18 16:49 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-18 16:49 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-18 16:49 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-18 16:49 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-18 16:49 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-18 16:49 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-18 16:49 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-18 16:49 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-18 16:49 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-18 16:49 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-18 16:49 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-18 16:49 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-18 16:49 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-18 16:49 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-18 16:49 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-18 16:49 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-18 16:49 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-18 16:49 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-18 16:49 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-18 16:49 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-18 16:49 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-18 16:49 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-18 16:49 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-18 16:49 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-18 16:49 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-18 16:49 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-18 16:49 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-18 16:49 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-18 16:49 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-18 16:49 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-11 16:53 - 2014-04-25 19:59 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-11 16:45 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-11 16:45 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-11 16:42 - 2013-08-13 05:50 - 00664318 _____ C:\Windows\system32\perfh01D.dat
2015-08-11 16:42 - 2013-08-13 05:50 - 00142434 _____ C:\Windows\system32\perfc01D.dat
2015-08-11 16:42 - 2013-08-13 04:45 - 00000000 ____D C:\Users\Stoffe\AppData\Roaming\Spotify
2015-08-11 16:42 - 2009-07-14 07:13 - 01581420 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-11 16:40 - 2013-08-13 03:34 - 01196972 _____ C:\Windows\WindowsUpdate.log
2015-08-11 16:37 - 2015-04-17 01:22 - 00083769 _____ C:\Windows\setupact.log
2015-08-11 16:37 - 2013-08-13 06:03 - 00000000 ____D C:\Users\Stoffe\AppData\Roaming\Skype
2015-08-11 16:37 - 2013-08-13 03:47 - 00000990 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-11 16:37 - 2013-08-13 03:47 - 00000000 ____D C:\Users\Stoffe\AppData\Local\Deployment
2015-08-11 16:36 - 2013-08-15 00:40 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-11 16:36 - 2013-08-13 04:46 - 00000000 ____D C:\Users\Stoffe\AppData\Local\Spotify
2015-08-11 16:36 - 2013-08-13 04:15 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-11 16:36 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-11 16:19 - 2013-08-13 03:47 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-10 18:58 - 2013-08-13 06:14 - 00000000 ____D C:\Users\Stoffe\AppData\Roaming\uTorrent
2015-08-10 12:42 - 2013-08-13 05:55 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-10 03:05 - 2013-09-26 12:49 - 00000000 ____D C:\Users\Stoffe\AppData\Local\Battle.net
2015-08-08 14:07 - 2013-08-13 06:03 - 00000000 ____D C:\ProgramData\Skype
2015-08-07 15:21 - 2013-08-13 03:47 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-06 18:16 - 2014-01-15 17:33 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-06 18:15 - 2013-09-26 12:49 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-04 16:27 - 2013-08-13 06:28 - 00000000 ____D C:\Users\Stoffe\AppData\Local\Mirillis
2015-08-02 17:41 - 2013-12-11 22:27 - 00001894 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-08-02 17:41 - 2013-12-11 22:27 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-29 22:17 - 2014-08-10 20:42 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-29 22:17 - 2013-08-13 04:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-29 22:15 - 2015-04-29 12:13 - 00043690 _____ C:\Windows\PFRO.log
2015-07-29 22:15 - 2014-01-06 09:23 - 00000000 ____D C:\Program Files (x86)\Wajam
2015-07-29 22:14 - 2013-08-13 03:47 - 00000000 ____D C:\Users\Stoffe\AppData\Local\Google
2015-07-24 21:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-24 06:21 - 2014-08-10 20:41 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-24 06:21 - 2014-08-10 20:41 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-24 06:21 - 2014-08-10 20:41 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-24 06:21 - 2014-08-10 20:41 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-22 18:51 - 2015-04-17 21:59 - 00129539 _____ C:\Windows\DirectX.log
2015-07-22 15:23 - 2009-07-14 06:45 - 00375432 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 00:23 - 2013-08-26 19:50 - 00000000 ____D C:\Program Files\Warcraft III
2015-07-18 16:56 - 2013-12-10 22:32 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-18 16:54 - 2013-10-27 08:55 - 00000000 ____D C:\Windows\system32\MRT
2015-07-17 20:50 - 2015-07-01 20:18 - 00001926 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-17 20:50 - 2014-07-07 22:45 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-17 18:02 - 2013-08-13 06:58 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-17 18:01 - 2014-12-26 22:04 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 16:14 - 2013-08-13 03:47 - 00003990 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 16:14 - 2013-08-13 03:47 - 00003738 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 17:53 - 2014-04-25 19:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 17:53 - 2014-04-25 19:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 17:53 - 2014-04-25 19:59 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

Some files in TEMP:
====================
C:\Users\Stoffe\AppData\Local\Temp\bitool.dll
C:\Users\Stoffe\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Stoffe\AppData\Local\Temp\nvStInst.exe
C:\Users\Stoffe\AppData\Local\Temp\setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-03 15:37

==================== End of log ============================

 

[KristofferM]

Had to divide addition.txt in 2 because of too many characters.

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015
Ran by Stoffe (2015-08-11 16:55:35)
Running from D:\Chromefiler
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2045019015-4273341009-2133478701-500 - Administrator - Disabled)
Guest (S-1-5-21-2045019015-4273341009-2133478701-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2045019015-4273341009-2133478701-1069 - Limited - Enabled)
Stoffe (S-1-5-21-2045019015-4273341009-2133478701-1000 - Administrator - Enabled) => C:\Users\Stoffe

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
Acquisition version 0.2f (HKLM-x32\...\{53E25C0C-0305-47BB-9884-F0F202297AF4}_is1) (Version: 0.2f - )
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Any Video Converter Professional 5.7.8 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
BankID säkerhetsprogram (HKLM-x32\...\{4B2557F9-8C03-4BE7-9984-4DE525076580}) (Version: 6.0.1.5 - Finansiell ID-Teknik BID AB)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Bloodline Champions (HKLM-x32\...\Steam App 6370) (Version: - Stunlock Studios)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Curse Client (HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 6.0.0.0444 - Disc Soft Ltd)
DealDay version 0.1 (HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\{8A268115-A4C3-4153-A586-21271D45521F}_is1) (Version: 0.1 - ChannelPartners)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version: - The Creative Assembly)
Fallout New Vegas Ultimate Edition version 1.4.0.525 (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version: 1.4.0.525 - Mr DJ)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GameRanger (HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{5018D8E6-8D8E-4F76-9AFD-CB2EF1100E84}) (Version: 13.0.089 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{791FF357-3DE8-485E-BD59-41844BB16415}) (Version: 13.0.089 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation)
K-Lite Codec Pack 10.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Maple 17 (HKLM\...\Maple 17) (Version: 17.0.0.0 - Maplesoft)
Maple 17 (HKLM-x32\...\Maple 17) (Version: - Maplesoft)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mumble 1.2.7 (HKLM-x32\...\{61CD3846-30E9-4DF1-93CF-468A76F7B937}) (Version: 1.2.7 - Thorvald Natvig)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 4.3 - Popcorn Time)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6954 - Realtek Semiconductor Corp.)
RidNacs 2.0.3 (HKLM-x32\...\RidNacs_is1) (Version: - Stephan Plath)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version: - Trion Worlds)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) <==== ATTENTION
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version: - The Creative Assembly)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
SopCast 3.9.2 (HKLM-x32\...\SopCast) (Version: 3.9.2 - www.sopcast.com)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Splash PRO EX (HKLM-x32\...\Mirillis Splash PRO EX) (Version: 1.13.2 - Mirillis)
Spotify (HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version: - Terry Cavanagh)
System Requirements Lab Detection (HKLM-x32\...\{BF05A452-0B55-4AD9-958C-2ED624E7D0D4}) (Version: 6.1.4.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Witcher 3 / RePack by Baracuda (HKLM-x32\...\The Witcher 3_is1) (Version: 1.06 - )
Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version: - Creative Assembly)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WhoCrashed 5.03 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2045019015-4273341009-2133478701-1000_Classes\CLSID\{09873eeb-4a60-496a-8439-5377e2e5ef93}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-08-02 17:41 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2A2E78BB-ABB3-4D69-8ECC-C4AC9FD81C61} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {46E7615F-58CC-4C19-99C5-8414F3DD971D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {4A0AA514-1C93-4D43-8ACB-401A865CA10B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-13] (Google Inc.)
Task: {71A5EBBA-5A08-4A1A-ACF7-7B5EA99B3D8E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {9BB9AA66-F679-423B-B95F-CD1789EED1FF} - System32\Tasks\ASUS\I-Setup035732 => C:\Windows\Intel-Chipset_Win7_8_VER9401017\AsusSetup.exe [2013-08-13] (ASUSTeK Computer Inc.)
Task: {9D1FE36C-0D42-490F-94CB-34B48AFBE80E} - System32\Tasks\{07D71A31-62DE-4F50-B469-D93EF2199564} => pcalua.exe -a D:\Chromefiler\GameRangerSetup.exe -d D:\Chromefiler
Task: {B7F48F80-4095-4D92-BB15-00A02DFD6A0D} - System32\Tasks\{7129DBCC-7EE8-46B7-B25A-E40BAFE135D3} => pcalua.exe -a "D:\Chromefiler\chromeinstall-8u25 (1).exe" -d D:\Chromefiler
Task: {BC2BC409-F374-4FF3-A8C8-64D817CB907A} - System32\Tasks\{AE9B376D-678E-48A6-AC24-932C91578F34} => pcalua.exe -a D:\Chromefiler\setup.exe -d D:\Chromefiler
Task: {D8D15AF5-39EB-43F3-AE85-47B45C252E24} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-01] (Avast Software s.r.o.)
Task: {EC2E01CE-DEA7-4972-85C2-5DD1D36AF901} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-13] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-08-13 04:14 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-06 00:01 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-06-16 22:35 - 2015-06-16 22:35 - 00016384 ____N () C:\Users\Stoffe\AppData\Local\Apps\2.0\0WXZ0AP1.EO1\ABB2XMX2.XR8\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.WowDb.dll
2013-08-13 12:38 - 2013-08-13 12:37 - 00035840 _____ () C:\Users\Stoffe\AppData\Local\Apps\2.0\0WXZ0AP1.EO1\ABB2XMX2.XR8\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.Advertising.dll
2015-06-16 22:35 - 2015-06-16 22:35 - 00099840 ____N () C:\Users\Stoffe\AppData\Local\Apps\2.0\0WXZ0AP1.EO1\ABB2XMX2.XR8\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.CMOD2.dll
2015-07-01 20:18 - 2015-07-01 20:18 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-01 20:18 - 2015-07-01 20:18 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-10 20:52 - 2015-08-10 20:52 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15081003\algo.dll
2015-06-26 16:58 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-20 00:40 - 2015-07-20 00:37 - 00002048 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2014-10-06 11:47 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 16:59 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 16:59 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 16:59 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-10-06 11:47 - 2015-07-24 01:24 - 02410176 _____ () C:\Program Files (x86)\Steam\video.dll
2014-10-06 11:47 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-10-06 11:47 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-10-06 11:47 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-10-06 11:47 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-10-06 11:47 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-10-06 11:47 - 2015-07-24 01:23 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 15:14 - 2015-07-07 22:41 - 00169984 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-03-06 00:01 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-03-06 00:01 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-07-09 22:29 - 2015-06-18 10:42 - 00911360 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\deviceupdate_dll.dll
2015-03-11 23:05 - 2015-08-06 17:14 - 45066808 _____ () C:\Users\Stoffe\AppData\Roaming\Spotify\libcef.dll
2015-07-01 20:18 - 2015-07-01 20:18 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-06 11:47 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-07 15:21 - 2015-07-31 08:19 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
2015-08-07 15:21 - 2015-07-31 08:19 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll
2015-03-11 23:05 - 2015-08-06 17:14 - 01649208 _____ () C:\Users\Stoffe\AppData\Roaming\Spotify\libglesv2.dll
2015-03-11 23:05 - 2015-08-06 17:14 - 00080952 _____ () C:\Users\Stoffe\AppData\Roaming\Spotify\libegl.dll
2015-08-07 15:21 - 2015-07-31 08:19 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2045019015-4273341009-2133478701-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Stoffe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

 

[KristofferM]

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{00DC2688-5AD1-4816-99EF-13F33EE1E770}C:\users\stoffe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\stoffe\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5EE2623C-AEF1-492E-956A-C4C61C2C3FC0}C:\users\stoffe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\stoffe\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2833644E-3580-439E-BFB3-0E77E9FF5EE2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4E9E8FE5-17F7-43AE-B46A-9C664039F772}] => (Allow) C:\Users\Stoffe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1A505CF9-7B31-49DB-A876-E6B91FD8D4D9}] => (Allow) C:\Users\Stoffe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{595FD680-716B-41AE-B293-BCD206C25B51}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{CF112FA4-7F74-46AD-864D-A7469257E052}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{E2C80CC2-FBA8-4588-962E-D76828DDD6C2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{3EE544F0-C371-4D78-BC1F-A19180E9663B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{37AAA05C-BA29-4EEB-B3D9-659D83663464}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3762C6E7-DA4D-4689-9AF6-4642FF639ACE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{1BB2E820-9A28-4C37-8BE2-688F4BBB0BD6}C:\program files\warcraft iii\war3.exe] => (Allow) C:\program files\warcraft iii\war3.exe
FirewallRules: [UDP Query User{F59B3ABE-3C5D-4CFA-89C7-A1802E533EA9}C:\program files\warcraft iii\war3.exe] => (Allow) C:\program files\warcraft iii\war3.exe
FirewallRules: [{0F9CA8CF-EED7-4474-AE51-0F44DA83F005}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2163\Agent.exe
FirewallRules: [{EA394811-CA84-4E91-B18E-4681787A8A4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2163\Agent.exe
FirewallRules: [{F3A4AAEF-086C-49C3-9AA5-80D6E7A16C47}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{16BD94FC-9CA8-4F12-918B-0F34779CD3F6}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{164F5BB8-1C7B-411B-82A9-0BA7B2484298}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{00356990-EB36-423E-B012-70F2D45AF6D5}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{FA072E14-8F69-41AC-A065-C2BDFC31AF56}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{D6E8AED6-D7D9-4DF7-9CBD-F8D034113AFE}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{46B3F9C8-71FB-4284-AF52-06AF6830062D}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{D8421562-BEF2-48DB-80B6-F6C4FE6BA512}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{B81D15C6-F4A5-4118-8C2C-DFD802FE4378}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{09F50A56-A274-4EE0-8835-3C64C4057DC5}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [{5FC152EB-5ED3-4396-AF14-986585D174DE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2293\Agent.exe
FirewallRules: [{375689C5-FE75-4266-A511-557E82D90941}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2293\Agent.exe
FirewallRules: [{9A9F221B-0B44-46C6-878C-3C71828AF2E7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{BA5A08E5-D00A-4A22-A53A-304A88CA7552}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{3FC79F43-433B-45F8-91AF-BA7BCE342CDD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2391\Agent.exe
FirewallRules: [{CFA00FE0-01F0-41C7-8857-2F5A752D3405}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2391\Agent.exe
FirewallRules: [{EE705847-9329-4085-9B6D-754AFB1526CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{F9AA2320-1F88-4746-A061-EE6A29739B4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{9627C41C-901F-4768-B598-CF26A2543D45}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2417\Agent.exe
FirewallRules: [{87E2E2F7-22D2-469F-85F6-D20DE164E438}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2417\Agent.exe
FirewallRules: [{A54D7599-9194-401A-BBFB-59E29997FC76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{F82BF23F-86B9-47D2-99A2-FD8185E617DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{0A8226BA-935C-4FEF-97B0-E3BD23354D3C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{7A429F5B-9973-46B4-BAFF-DAEE2817F5AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{CC2C24A2-1E14-49E4-ADC6-C0D948116F1C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{ADEED858-7EA6-4C14-A92D-9E23B7EEBE97}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [TCP Query User{7380B75D-3251-4B27-80A4-3E9C9A125525}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{D4D6F8A5-1873-4598-A99E-0FFC99562D91}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{8D002290-CA73-4D28-AFD2-425111714423}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{597498A0-28BE-46DE-9101-EABE6D5EA215}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{15356601-D006-4B93-9360-3677A240098B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{1FF6E67E-8945-4D13-9292-C18B1273CAC5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [TCP Query User{3DE40FA5-D7F3-4519-A709-20CF698AF4D4}C:\program files\warcraft iii\war3.exe] => (Allow) C:\program files\warcraft iii\war3.exe
FirewallRules: [UDP Query User{B8EC325E-0484-4ACB-90ED-DB35C8B43423}C:\program files\warcraft iii\war3.exe] => (Allow) C:\program files\warcraft iii\war3.exe
FirewallRules: [{420FEFB6-E400-4754-A2E0-94A3B778EC2F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{783FC093-8D4A-4D3A-A029-859645C6BDB6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4B579EDD-4E6A-4797-9DE6-0AC984CF7DEE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{F0BF4A4B-8EA7-417B-B1CD-0043F9DCAD5F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{58F12261-000C-46C9-B5EA-D741C644B4B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E4FE0575-803F-43CC-A28E-CCFFB099C9FB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{68E833AC-8C25-4EBD-9E59-9AABE7D1FACA}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{9870BC2F-A127-41F0-8F6D-36BFBE1B0554}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{02A0E54E-AF9D-40A5-B981-535BF1C47D15}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{36353EA9-D9BE-4513-A326-9AD4500347B7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{05607C77-EF04-480B-95E0-03397138E51F}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{CB46B2DB-5FDC-413E-96D0-57237D704BA7}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{B901AB6A-0DF1-4AD8-94FB-A9516F4E0C4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{A0DB870A-E9E2-4AA0-9851-FD917A5111A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{33769074-4A34-4924-99DF-FD604275FF65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{93C48083-6EF1-4727-AB59-5641B6FCE6DD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{001A4B99-7155-4F55-8521-48EA53F80E75}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{BD8A492D-987B-40EB-BEF8-2DB535ADC639}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{CBE150D8-D433-4E62-80CB-0C6B838D4966}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{E0B15C37-5A2B-45B5-B626-D15B48D7C5B2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{A236A39E-FB17-47E5-BE7E-45749D7C5104}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{3A030E01-5379-4109-8E9C-04F1807C2A13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{CA9C5B7E-1124-4EB3-A875-F0EFE02145DA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{C07DA541-B493-4855-954D-8E7E6F4B2F03}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{09EAE095-F6EB-4FF5-A574-A97321DD62BD}C:\users\stoffe\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\stoffe\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{479770B1-36EF-4552-80E9-7FD0770C93F2}C:\users\stoffe\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\stoffe\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{36EE69EE-B1E3-4906-827A-644D1CDC36B4}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [UDP Query User{00FF04B8-FE27-45DB-A735-B53DD41B122B}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [TCP Query User{A6222449-DB06-4402-B040-C764D07A3896}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{EF56EA08-4688-493C-864C-6960FDF20C0A}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [{B1799569-5CF6-474C-A73E-18AC99A7F4ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{EFA0E4A6-293F-4651-9B4E-CFD328787E76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{1F966883-44AD-4D80-BE08-8353E419A465}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{AAB58A0D-B18B-43AD-9F29-D2C0AF0F3E0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{81A04EFF-D340-40CA-9E0D-D198BD428C0F}] => (Allow) C:\Users\Stoffe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CAF9EDAF-E983-4A33-BC63-08C3212D60E2}] => (Allow) C:\Users\Stoffe\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EC0EBB17-BC7C-480F-9B2F-3796286757A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{62277F36-0D14-4DF2-88B5-0D2CF4C9BD11}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{6ACA0B0E-345D-4C08-AF21-CF4C844701E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{B3FB739F-2716-4BD0-B28B-AFB8B94E6FBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{4A806EBE-C623-4482-A6F8-3CEC87FF869D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{83E1F5CC-8CCE-4BC7-BEB0-1738FEAA11C7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [TCP Query User{426AFFEE-0D6F-4E0D-B5B2-E73735041764}C:\program files (x86)\stunlock studios\bloodline champions\binary\bloodlinechampions.exe] => (Allow) C:\program files (x86)\stunlock studios\bloodline champions\binary\bloodlinechampions.exe
FirewallRules: [UDP Query User{D227426F-12BF-4BA2-9358-1BC18D0F9C44}C:\program files (x86)\stunlock studios\bloodline champions\binary\bloodlinechampions.exe] => (Allow) C:\program files (x86)\stunlock studios\bloodline champions\binary\bloodlinechampions.exe
FirewallRules: [{75CE5C24-C456-4266-A501-2F44A51A273F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DAE80002-FB7C-42BF-94D3-507B16A06373}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{25426DE9-6037-4366-982D-A7FC2E99B969}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{3BA1AE43-10BE-49F2-818E-7CC80818A676}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{2A7C1F38-E2D3-4925-AF7E-73696AEAECFF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B7263192-DB5B-44A0-AE00-97C299E6AD87}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9D2F762D-5F0E-4098-9475-2BE704BFA7EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{F99645D4-42EC-4127-B08E-288FB2AE580E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{06CA9DC9-8696-4500-A0F6-DAF8BCD4D388}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
FirewallRules: [{6407519F-730A-404F-A403-7C7E81B3CB0D}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
FirewallRules: [{97A788E8-81EC-4145-8BA2-17FAA72EA8F4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{5C1A77AC-6BA4-4347-9EBA-94C78863366D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{C6C62F87-ADDB-48CE-A0D9-10A71FD9E72D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{7A7AEF83-2D35-4925-B965-BF99C5E7E84B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{E1ED119D-1D68-41B2-B461-B984789FFC26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{6E2DD602-E2F1-4A22-B260-3E8DCB0320D5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [TCP Query User{CF42D8B7-6E2F-455F-AFF7-EADC4E932DA8}C:\programdata\battle.net\agent\agent.3346\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3346\agent.exe
FirewallRules: [UDP Query User{21A67DA1-165A-4A59-9A81-D4A907521A91}C:\programdata\battle.net\agent\agent.3346\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3346\agent.exe
FirewallRules: [TCP Query User{2B22EEE8-34E8-4342-8D07-50DC59ABDEED}D:\downloads\sopcast\sopcast.exe] => (Allow) D:\downloads\sopcast\sopcast.exe
FirewallRules: [UDP Query User{5C9C2BA6-6654-4706-BEAD-49F81CD00FC0}D:\downloads\sopcast\sopcast.exe] => (Allow) D:\downloads\sopcast\sopcast.exe
FirewallRules: [{402C3F5E-54B7-4F6E-BB7D-6BC91DF999E8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{BE500301-BF73-4570-B480-5ED54C1E6D50}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{9C3FF25B-4D37-4EAA-80ED-5D7B25C4C56C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{42D41FE5-BA8F-4298-91ED-9808291A290F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{714965F5-29C8-4A58-93B4-674E63651F04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Hexagon\superhexagon.exe
FirewallRules: [{FBFC21B0-26B7-49FE-8CB0-73328A6BF3DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Hexagon\superhexagon.exe
FirewallRules: [{03C41822-B380-40CE-99E4-0AACB0D59322}] => (Allow) D:\Games\Diablo III\Diablo III.exe
FirewallRules: [{1EC63B65-44B5-41EA-8BD7-4CD866E10FC1}] => (Allow) D:\Games\Diablo III\Diablo III.exe
FirewallRules: [{1804F049-429C-4816-80B3-A2BEB5F1D6B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{F9D01365-62CA-4D4D-9EB8-F21C51A71499}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{C22FA03A-C586-43C4-AFF5-ACCF6CB0F81E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{B02F8D4C-DAB2-481C-966E-1FBDD5C99830}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{1F9AFD48-8C9E-4621-B882-A958837B9E0B}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{174E0E92-BF22-4B94-8C0C-28AD4EE5BDB1}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{6C8EE1F6-547E-46DF-8721-4D7B57579BEE}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{39961657-0E4A-454A-AA20-9104D8E29995}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{7D8D0D52-31F4-4B30-949C-E5779D7278F2}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{CB3DC02F-649D-4919-951D-126DC6801767}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{B54057B8-FB32-4033-92CA-995A8703A3C5}D:\games\steamlibrary\steamapps\common\war thunder\aces.exe] => (Allow) D:\games\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{16A1A97C-C16E-4F23-9A0F-6763901EF09E}D:\games\steamlibrary\steamapps\common\war thunder\aces.exe] => (Allow) D:\games\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [{0B8E030B-BED6-42DB-9048-744428722B30}] => (Allow) D:\Games\Heroes of the Storm\Versions\Base32524\HeroesOfTheStorm.exe
FirewallRules: [{C0E810A7-8351-4ECB-AC41-AE0DF71FAA7E}] => (Allow) D:\Games\Heroes of the Storm\Versions\Base32524\HeroesOfTheStorm.exe
FirewallRules: [TCP Query User{CC6D6A7B-1292-470E-ABDA-4CD025218420}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [UDP Query User{6FC509EE-7823-47EC-B42E-EFF141660E3D}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [{412A8CA9-6AB2-4F25-92EF-DC609D949116}] => (Allow) C:\Users\Stoffe\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{426A6E4E-BF06-4D80-83EB-8058ED926894}] => (Allow) C:\Users\Stoffe\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{7944733B-394C-4386-936C-89A61BB7918C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{25E7C5BB-2DCF-42A7-8544-FB7639B5AAC2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{33CC1DBD-17A2-4EDF-AE02-9FF3E3B23263}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BF941629-15AF-4D25-ABEE-2D661B9A7BCB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{B0A4156F-3D74-4756-BE09-FF4414CA2AAA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{5D21C1FC-32F3-45BC-AAB4-EA677B129C5B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{D7DC09F2-85CE-4AB4-92A3-0C43BE1FD044}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{4B5D9FDC-6C89-4624-826F-34DF8D70B994}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{A80B3C05-3EDC-4E23-9A5C-631789706467}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{D2C7A598-8C15-4A26-99EB-EED1AB1FC967}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{CDECF388-3B84-4151-9A94-72D94B2D045D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{C62B3B96-DC46-4D26-A194-343DE58C1E5B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{7FB27566-E490-4942-ACD8-BCFE4C0C830E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{628F893D-88D7-4EBC-9423-1DEAF15EC45A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{7FF00E84-EF81-4C54-A549-7346CD5B3226}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{51E003AE-3D2E-44D6-B9D4-104643E1D329}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{384E50A6-B390-4D50-96A3-6005AF41199D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{1E127D0D-EB99-43AB-95E1-9D4C5AC8299E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{E628513F-F51B-42E2-829D-80F6065C8E63}D:\games\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D086E761-FF3B-41E1-92D6-1EE7E6AB932B}D:\games\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [{2F503C80-E850-4CE0-ADC0-836BD5E55F0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{56001F76-77E4-41A6-9BEA-D8C0CCC6CDFC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [TCP Query User{E20FB06D-EA0B-470B-9A48-DBA27E7E88D3}D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Block) D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0AEABDCA-16AA-4FA8-9CEE-A082F17569DB}D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Block) D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{679EDD24-AD5A-41F7-A858-F79D1FEB40A8}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{380C5BAC-4E78-43E7-9A1F-31C3867ACD63}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0460C4D0-A97D-4247-A719-CB53E569F923}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{B04E7300-B8AB-4993-93A7-13300919CD0D}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{89BB9755-3ABB-49D6-88D5-1328AFE6EF50}D:\games\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Block) D:\games\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F9069D0F-0B38-49DB-ADE4-8F23882EB93A}D:\games\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Block) D:\games\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{4C85D4B0-D892-4D56-8355-326221C69A9E}D:\downloads\jre\bin\maple.exe] => (Allow) D:\downloads\jre\bin\maple.exe
FirewallRules: [UDP Query User{9A708FAC-5801-48F9-A1DB-14CF46F29B2F}D:\downloads\jre\bin\maple.exe] => (Allow) D:\downloads\jre\bin\maple.exe
FirewallRules: [TCP Query User{59FACD15-463F-41A6-BF4E-E8C23BA47831}D:\games\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Block) D:\games\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A835C744-5975-454E-9531-4D0CDDE31795}D:\games\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Block) D:\games\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{C4E6BB5C-708E-4814-A5CD-BE59FD152E12}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{3C3A968C-9AAB-4EDB-95D1-CC376510270B}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{D759931F-7DAF-4A18-8620-E47A95546CF7}D:\games\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\games\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{1830EDAE-9243-4170-8292-9657728FCFC9}D:\games\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\games\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{1776F16C-FB8D-4363-A97F-D5731FBE80F1}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{6F59AC39-5BC6-4006-AD36-9708A5C0884E}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{2912F66A-96E9-491A-9876-113B0F33E331}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{8AA424FA-9373-4F23-BB5C-09F745BF0E5B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{D7B2367C-F3AA-4EA6-AA65-38E6E9554982}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{93991269-56DD-4D79-AB3C-97B9BC667D1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{FBDF4AC1-C5FE-4A00-B26A-C1D3C8E1B2C5}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{8FD11F73-AAEB-481D-9A66-015871E2F753}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [TCP Query User{7EEB94B2-253E-4C7A-8FF9-4C8244D2CFF1}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{E9C3E5A1-F437-46F3-AC74-CB824D35B966}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{411D7FA1-01A2-4EDB-8091-099748E5C754}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\RIFT\riftpatchlive.exe
FirewallRules: [{82A54491-7890-4D09-B4C8-A3A01D701B6A}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\RIFT\riftpatchlive.exe
FirewallRules: [{8AE8C38E-9ED6-42AE-B55F-EEE244C40BF1}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{72E0A877-A3F6-467D-B8F7-2C4951E0EE8E}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [TCP Query User{A4E76AA7-F54F-420F-B28D-D0193F04D181}D:\games\steamlibrary\steamapps\common\total war attila\attila.exe] => (Allow) D:\games\steamlibrary\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{88D2D3B2-4F6A-41CD-BF81-3F245A46D58D}D:\games\steamlibrary\steamapps\common\total war attila\attila.exe] => (Allow) D:\games\steamlibrary\steamapps\common\total war attila\attila.exe
FirewallRules: [{A318B38A-DC54-4A3B-BA34-03FE29D40B10}] => (Allow) D:\Spel\Mr DJ\Fallout New Vegas Ultimate Edition\FalloutNVLauncher.exe
FirewallRules: [{F010E24D-5744-4C17-86C1-DEC7E2F09055}] => (Allow) D:\Spel\Mr DJ\Fallout New Vegas Ultimate Edition\FalloutNVLauncher.exe
FirewallRules: [{458A9F2F-0F4E-40B9-BFB8-DF741DBCDE4C}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{A31E0DE7-BCAE-40C3-9B3A-A6C85BBA62AE}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{610E6556-EDC3-4369-91D8-CABBFB091B1A}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{3C3F7509-F328-4D3B-B25F-109AA5E302A5}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{C6519E42-40F6-4925-AA91-CB0B36FE1845}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Bloodline Champions\Binary\BloodlineChampionsLoader.exe
FirewallRules: [{E568C010-7DBF-4DAC-AFBC-2A52044D2F40}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Bloodline Champions\Binary\BloodlineChampionsLoader.exe
FirewallRules: [TCP Query User{EA86E888-8C14-4391-8BC7-8AA775190CAD}D:\games\steamlibrary\steamapps\common\bloodline champions\binary\bloodlinechampions.exe] => (Allow) D:\games\steamlibrary\steamapps\common\bloodline champions\binary\bloodlinechampions.exe
FirewallRules: [UDP Query User{8909367F-B6E1-4C16-9135-CDB40B7B53FC}D:\games\steamlibrary\steamapps\common\bloodline champions\binary\bloodlinechampions.exe] => (Allow) D:\games\steamlibrary\steamapps\common\bloodline champions\binary\bloodlinechampions.exe
FirewallRules: [{D1362DBE-97E0-4AF7-A46F-13EB8947C154}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AC2AA43B-BAAA-4931-833C-FCE83AA89D56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F7D68661-A9EF-43EA-807F-B9649445833D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{41BF9ED8-F2A3-4C25-9F06-39C475D43073}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{67E04816-89EA-4857-883E-78513A11A669}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{B60F6DCC-A6A1-4E87-9650-A03B5B0059C8}D:\games\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\games\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{FCAB2372-17E1-4FAE-87ED-92310DAD373E}D:\games\rocketleague\binaries\win32\rocketleague.exe] => (Allow) D:\games\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [{66B4A4ED-B80A-42C0-8AB5-632B87224215}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{EE628841-35E3-4CCE-8F16-E40DFFB7B6C0}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{978D9B4A-C45E-4926-9AC8-E6A366C4B019}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{5687D055-D765-4BAF-857C-2332F8A74988}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [TCP Query User{E5975163-30BD-4E2C-96D3-9B27925B6F21}D:\games\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Block) D:\games\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{08021902-D9BD-4A96-9FBA-AB49D0D3053C}D:\games\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Block) D:\games\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{17A4084A-22C0-40C2-B1F7-D3C81CF79936}] => (Allow) C:\Users\Stoffe\AppData\Local\Apps\2.0\0WXZ0AP1.EO1\ABB2XMX2.XR8\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
FirewallRules: [{B672E58F-BBFE-4859-8721-E580BCCB6291}] => (Allow) C:\Users\Stoffe\AppData\Local\Apps\2.0\0WXZ0AP1.EO1\ABB2XMX2.XR8\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
FirewallRules: [{D2EB4CD3-FBA1-4663-9CBD-DAEF244249E3}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{72E5A876-7143-4922-9ECD-8558C0BD26C2}] => (Allow) D:\Games\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{14FF5692-3699-4E72-BA2E-ACC857A9D07D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FFD60E76-20FC-4CEA-BCAC-9926C97A461F}] => (Allow) C:\Users\Stoffe\AppData\Local\Apps\2.0\0WXZ0AP1.EO1\ABB2XMX2.XR8\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
FirewallRules: [{180853D9-CD3C-4F58-BCF9-66B65076E090}] => (Allow) C:\Users\Stoffe\AppData\Local\Apps\2.0\0WXZ0AP1.EO1\ABB2XMX2.XR8\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2015 02:42:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AsusSetup.exe, version: 2.0.17.3, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00000000
Faulting process id: 0x874
Faulting application start time: 0xAsusSetup.exe0
Faulting application path: AsusSetup.exe1
Faulting module path: AsusSetup.exe2
Report Id: AsusSetup.exe3

Error: (08/04/2015 03:48:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RomeTW.exe, version: 1.0.0.0, time stamp: 0x53eb5517
Faulting module name: nvd3dum.dll, version: 10.18.13.5330, time stamp: 0x55810502
Exception code: 0xc0000005
Fault offset: 0x006d90ab
Faulting process id: 0x1b20
Faulting application start time: 0xRomeTW.exe0
Faulting application path: RomeTW.exe1
Faulting module path: RomeTW.exe2
Report Id: RomeTW.exe3

Error: (07/30/2015 11:22:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RocketLeague.exe, version: 1.0.10897.0, time stamp: 0x559cc35b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0xc64
Faulting application start time: 0xRocketLeague.exe0
Faulting application path: RocketLeague.exe1
Faulting module path: RocketLeague.exe2
Report Id: RocketLeague.exe3

Error: (07/30/2015 12:08:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RomeTW.exe, version: 1.0.0.0, time stamp: 0x53eb5517
Faulting module name: nvd3dum.dll, version: 10.18.13.5330, time stamp: 0x55810502
Exception code: 0xc0000005
Fault offset: 0x006d90ab
Faulting process id: 0x1160
Faulting application start time: 0xRomeTW.exe0
Faulting application path: RomeTW.exe1
Faulting module path: RomeTW.exe2
Report Id: RomeTW.exe3

Error: (07/29/2015 12:08:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RomeTW.exe, version: 1.0.0.0, time stamp: 0x53eb5517
Faulting module name: nvd3dum.dll, version: 10.18.13.5330, time stamp: 0x55810502
Exception code: 0xc0000005
Fault offset: 0x006d90ab
Faulting process id: 0x181c
Faulting application start time: 0xRomeTW.exe0
Faulting application path: RomeTW.exe1
Faulting module path: RomeTW.exe2
Report Id: RomeTW.exe3

Error: (07/28/2015 01:07:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RomeTW.exe, version: 1.0.0.0, time stamp: 0x53eb5517
Faulting module name: nvd3dum.dll, version: 10.18.13.5330, time stamp: 0x55810502
Exception code: 0xc0000005
Fault offset: 0x006d90ab
Faulting process id: 0x1900
Faulting application start time: 0xRomeTW.exe0
Faulting application path: RomeTW.exe1
Faulting module path: RomeTW.exe2
Report Id: RomeTW.exe3

Error: (07/26/2015 08:26:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RocketLeague.exe, version: 1.0.10897.0, time stamp: 0x559cc35b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1bdc
Faulting application start time: 0xRocketLeague.exe0
Faulting application path: RocketLeague.exe1
Faulting module path: RocketLeague.exe2
Report Id: RocketLeague.exe3

Error: (07/22/2015 08:04:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Empire.exe, version: 1.5.0.0, time stamp: 0x4b74239d
Faulting module name: Empire.exe, version: 1.5.0.0, time stamp: 0x4b74239d
Exception code: 0xc0000005
Fault offset: 0x003aea49
Faulting process id: 0xaf4
Faulting application start time: 0xEmpire.exe0
Faulting application path: Empire.exe1
Faulting module path: Empire.exe2
Report Id: Empire.exe3

Error: (07/08/2015 10:48:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program csgo.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 738

Start Time: 01d0b9bdc02237ea

Termination Time: 345

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

Report Id:

Error: (07/06/2015 12:54:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RomeTW.exe, version: 1.0.0.0, time stamp: 0x53eb5517
Faulting module name: RomeTW.exe, version: 1.0.0.0, time stamp: 0x53eb5517
Exception code: 0xc0000005
Fault offset: 0x00b505f3
Faulting process id: 0x139c
Faulting application start time: 0xRomeTW.exe0
Faulting application path: RomeTW.exe1
Faulting module path: RomeTW.exe2
Report Id: RomeTW.exe3


System errors:
=============
Error: (08/11/2015 04:45:13 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (08/10/2015 09:12:57 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MACMINI-DE6FE2
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3131677B-09DE-417A-9048-5A2CB21C28BE}.
The master browser is stopping or an election is being forced.

Error: (08/10/2015 09:00:56 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MACMINI-DE6FE2
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3131677B-09DE-417A-9048-5A2CB21C28BE}.
The master browser is stopping or an election is being forced.

Error: (08/10/2015 08:48:56 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MACMINI-DE6FE2
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3131677B-09DE-417A-9048-5A2CB21C28BE}.
The master browser is stopping or an election is being forced.

Error: (08/10/2015 08:36:54 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MACMINI-DE6FE2
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3131677B-09DE-417A-9048-5A2CB21C28BE}.
The master browser is stopping or an election is being forced.

Error: (08/10/2015 08:24:48 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MACMINI-DE6FE2
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3131677B-09DE-417A-9048-5A2CB21C28BE}.
The master browser is stopping or an election is being forced.

Error: (08/10/2015 08:12:55 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MACMINI-DE6FE2
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3131677B-09DE-417A-9048-5A2CB21C28BE}.
The master browser is stopping or an election is being forced.

Error: (08/10/2015 08:00:57 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MACMINI-DE6FE2
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3131677B-09DE-417A-9048-5A2CB21C28BE}.
The master browser is stopping or an election is being forced.

Error: (08/10/2015 07:48:57 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MACMINI-DE6FE2
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3131677B-09DE-417A-9048-5A2CB21C28BE}.
The master browser is stopping or an election is being forced.

Error: (08/10/2015 07:36:53 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MACMINI-DE6FE2
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3131677B-09DE-417A-9048-5A2CB21C28BE}.
The master browser is stopping or an election is being forced.


Microsoft Office:
=========================
Error: (08/11/2015 02:42:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AsusSetup.exe2.0.17.300000000unknown0.0.0.000000000000000000000000087401d0d4332d3fba03C:\Windows\Intel-Chipset_Win7_8_VER9401017\AsusSetup.exeunknown75f8648c-4026-11e5-a1b2-74d02b917ff0

Error: (08/04/2015 03:48:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RomeTW.exe1.0.0.053eb5517nvd3dum.dll10.18.13.533055810502c0000005006d90ab1b2001d0ceb4eaebe05cD:\Games\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW.exeC:\Windows\system32\nvd3dum.dll7839bde4-3aaf-11e5-af2d-74d02b917ff0

Error: (07/30/2015 11:22:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RocketLeague.exe1.0.10897.0559cc35bunknown0.0.0.000000000c000000500000000c6401d0cb07f4d916d7D:\Games\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exeunknown0e143e52-3701-11e5-84bc-74d02b917ff0

Error: (07/30/2015 12:08:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RomeTW.exe1.0.0.053eb5517nvd3dum.dll10.18.13.533055810502c0000005006d90ab116001d0caa7e79128c3D:\Games\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW.exeC:\Windows\system32\nvd3dum.dllf14964ed-36a2-11e5-8e6f-74d02b917ff0

Error: (07/29/2015 12:08:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RomeTW.exe1.0.0.053eb5517nvd3dum.dll10.18.13.533055810502c0000005006d90ab181c01d0c9de3773b6b9D:\Games\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW.exeC:\Windows\system32\nvd3dum.dllc9a16f55-35d9-11e5-bceb-74d02b917ff0

Error: (07/28/2015 01:07:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: RomeTW.exe1.0.0.053eb5517nvd3dum.dll10.18.13.533055810502c0000005006d90ab190001d0c8b34ce04638D:\Games\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW.exeC:\Windows\system32\nvd3dum.dll50f7b1d6-34b4-11e5-91c6-74d02b917ff0

Error: (07/26/2015 08:26:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RocketLeague.exe1.0.10897.0559cc35bunknown0.0.0.000000000c0000005000000001bdc01d0c7cf505d9b5fD:\Games\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exeunknownc46ac2cd-33c3-11e5-9cd4-74d02b917ff0

Error: (07/22/2015 08:04:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Empire.exe1.5.0.04b74239dEmpire.exe1.5.0.04b74239dc0000005003aea49af401d0c4a59c7f2caaD:\Games\SteamLibrary\steamapps\common\Empire Total War\Empire.exeD:\Games\SteamLibrary\steamapps\common\Empire Total War\Empire.exe121f083c-309c-11e5-bc22-74d02b917ff0

Error: (07/08/2015 10:48:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: csgo.exe0.0.0.073801d0b9bdc02237ea345C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

Error: (07/06/2015 12:54:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: RomeTW.exe1.0.0.053eb5517RomeTW.exe1.0.0.053eb5517c000000500b505f3139c01d0b76ce4124e80D:\Games\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW.exeD:\Games\SteamLibrary\steamapps\common\Rome Total War Gold\RomeTW.exeda5acc79-2368-11e5-aa87-74d02b917ff0


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 54%
Total physical RAM: 8131.5 MB
Available physical RAM: 3736.48 MB
Total Virtual: 16129.2 MB
Available Virtual: 11007.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:9.57 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:194.03 GB) NTFS
Drive e: (DVD_VR) (CDROM) (Total:1.81 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 71B0D428)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 9BCD6F21)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of log ============================

 

[Broni]

Uninstall following unwanted program:

Rocket League

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

• Close all the running programs
• Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

• Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  
• At the end, be sure a checkmark is placed next to the following:
  
• Launch Malwarebytes Anti-Malware
• A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  
• Click Finish.
• On the Dashboard, click the 'Update Now >>' link
• After the update completes, click the 'Scan Now >>' button.
  
• Or, on the Dashboard, click the Scan Now >> button.
• If an update is available, click the Update Now button.
  
• A Threat Scan will begin.
• When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
• In most cases, a restart will be required.
• Wait for the prompt to restart the computer to appear, then click on Yes.

If you already have MBAM 2.0 installed:

• On the Dashboard, click the 'Update Now >>' link
• After the update completes, click the 'Scan Now >>' button.
  
• Or, on the Dashboard, click the Scan Now >> button.
• If an update is available, click the Update Now button.
  
• A Threat Scan will begin.
• When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
• In most cases, a restart will be required.
• Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

• After the restart once you are back at your desktop, open MBAM once more.
• Click on the History tab > Application Logs.
• Double click on the Scan Log which shows the Date and time of the scan just performed.
• Click 'Export'.
• Click 'Text file (*.txt)'
• In the Save File dialog box which appears, click on Desktop.
• In the File name: box type a name for your scan log.
• A message box named 'File Saved' should appear stating "Your file has been successfully exported".
• Click Ok
• Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)

• After the restart once you are back at your desktop, open MBAM once more.
• Click on the History tab > Application Logs.
• Double click on the Scan Log which shows the Date and time of the scan just performed.
• Click 'Copy to Clipboard'
• Paste the contents of the clipboard into your reply.

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Scan button.
• When the scan has finished click on Clean button.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

 

[KristofferM]

It seemed that my issue was the program "Dealalert" or something like that. I noticed it was running so I went through some steps to get rid of it. Don't know where I got it from but I think it's gone now as I haven't had any problems in a while.
Thanks for the help anyway!

 

[Broni]

I strongly suggest you follow my previous reply.
When there is one it can be more.