Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Earlier i was hacked and my pc is acting strange.


  • This topic is locked This topic is locked
4 replies to this topic

#1 Snadder

Snadder

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 03 August 2015 - 12:37 PM

Hi, earlier i was hacked but i got rid of the hacker, but now my games i play lags wich didn't lag before and my headphones sometimes make crackling/sparking like noise each 10 minute especially when i play games. I tried both headphone plugs both behind and front of my pc and the noise still comes even on my speakers, but didn't on another pc, so it's clearly not something wrong with the audio devices. Anyone know what the problem might be?

And sometimes my graphics card driver stop working every now and then. This all hapened when i was hacked


Edited by hamluis, 04 August 2015 - 09:10 AM.
Moved from MRL to Am I Infected, moved back- Hamluis.


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 04 August 2015 - 02:05 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Snadder

Snadder
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:31 AM

Posted 04 August 2015 - 06:26 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by Sander Hansen (administrator) on DI-CUSTOM (04-08-2015 13:14:22)
Running from C:\Users\Sander Hansen\Downloads
Loaded Profiles: Sander Hansen (Available Profiles: Sander Hansen)
Platform: Windows 8.1 (X64) Language: Norsk, bokmål (Norge)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4150\Agent.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4150\Agent.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Sander Hansen\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Curse) C:\Users\Sander Hansen\AppData\Local\Apps\2.0\4M7Z43CZ.R01\KGWRK9Y1.X56\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-02] (Avast Software s.r.o.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-01-26] (Razer Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2584240 2015-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\Run: [Steam] => D:\Steam\steam.exe [2895552 2015-07-24] (Valve Corporation)
HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2428704 2015-01-20] (IObit)
HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\Run: [TSMApplication] => "C:\Users\Sander Hansen\Desktop\tsm\TSMApplication.exe"
HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2015-05-21] (CyberGhost S.R.L.)
HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\Run: [EADM] => D:\Origin\Origin.exe [3632112 2015-07-11] (Electronic Arts)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-02-03]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{3A435941-E398-438A-9CAF-31D8996CF7C8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Sander Hansen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-02] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/nb-no/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-08] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-02] (Avast Software s.r.o.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-08] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-02] (Avast Software s.r.o.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 193.213.112.4 130.67.15.198 192.168.1.1
Tcpip\..\Interfaces\{B42C6E09-04EF-4A18-AE61-8619A3B43C58}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B97D1233-4F22-4190-8096-EDF669ECDFBD}: [NameServer] 7.7.7.8,7.7.7.7
Tcpip\..\Interfaces\{B97D1233-4F22-4190-8096-EDF669ECDFBD}: [DhcpNameServer] 193.213.112.4 130.67.15.198 192.168.1.1
Tcpip\..\Interfaces\{F0E8D32F-A888-45E8-8763-0DE27549356C}: [NameServer] 8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Sander Hansen\AppData\Roaming\Mozilla\Firefox\Profiles\klfkxzig.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-08] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-05-08] (Adobe Systems)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-05-08] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2461661928-3302124015-1259995938-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sander Hansen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bok-NO.xml [2015-07-01]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\gulesider-NO.xml [2015-07-01]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qxl-NO.xml [2015-07-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-05]
 
Chrome: 
=======
CHR Profile: C:\Users\Sander Hansen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Sander Hansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04]
CHR Extension: (YouTube) - C:\Users\Sander Hansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-04]
CHR Extension: (Google Search) - C:\Users\Sander Hansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-04]
CHR Extension: (AdBlock) - C:\Users\Sander Hansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sander Hansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-04]
CHR Extension: (Gmail) - C:\Users\Sander Hansen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-04]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-02]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-02] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-07-02] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-02] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-06-17] (EasyAntiCheat Ltd)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
S2 HiPatchService; D:\Smite\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-06-24] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2004488 2015-07-11] (Electronic Arts)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-07-11] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-07-11] ()
S2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
S2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-01-26] (Razer Inc.)
S2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2015-01-17] (Tunngle.net GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-02] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-02] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-02] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-07-02] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-02] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-02] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-02] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-02] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2015-02-05] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-02] ()
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [82608 2014-04-10] (Qualcomm Atheros, Inc.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-03-14] (Intel Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [130224 2014-03-12] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39240 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [40104 2015-03-10] (Razer Inc)
R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [36520 2015-03-10] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [986688 2015-02-12] (TENCENT)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-02] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-04 13:14 - 2015-08-04 13:14 - 00022990 _____ C:\Users\Sander Hansen\Downloads\FRST.txt
2015-08-04 13:14 - 2015-08-04 13:14 - 00000000 ____D C:\FRST
2015-08-04 13:13 - 2015-08-04 13:13 - 02169856 _____ (Farbar) C:\Users\Sander Hansen\Downloads\FRST64.exe
2015-08-04 13:11 - 2015-08-04 13:11 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\CEF
2015-08-01 23:53 - 2015-08-01 23:53 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2015-08-01 23:53 - 2015-08-01 23:53 - 00001205 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk
2015-08-01 23:43 - 2015-08-01 23:43 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\Apps\2.0
2015-08-01 23:43 - 2015-02-27 16:22 - 00000318 _____ C:\Users\Sander Hansen\Desktop\Curse Client.appref-ms
2015-08-01 23:42 - 2015-08-01 23:42 - 00402696 _____ () C:\Users\Sander Hansen\Downloads\setup.exe
2015-08-01 23:40 - 2015-08-01 23:40 - 02959376 _____ (Microsoft Corporation) C:\Users\Sander Hansen\Downloads\dotnetfx35setup.exe
2015-07-17 21:59 - 2015-07-17 22:07 - 00000000 ____D C:\Users\Sander Hansen\Documents\Diablo III
2015-07-17 20:51 - 2015-07-17 20:51 - 00001358 _____ C:\Users\Public\Desktop\Diablo III Public Test.lnk
2015-07-17 20:51 - 2015-07-17 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test
2015-07-17 20:39 - 2015-08-01 23:03 - 00000000 ____D C:\Program Files (x86)\Diablo III Public Test
2015-07-17 17:23 - 2015-07-17 17:23 - 01640768 _____ C:\Users\Sander Hansen\Downloads\battlelog-web-plugins_2.7.1_162.exe
2015-07-17 11:26 - 2015-07-17 11:26 - 00004720 _____ C:\Windows\windefendam.log
2015-07-17 11:26 - 2015-07-17 11:26 - 00000020 _____ C:\Windows\capsys184523.log
2015-07-16 04:21 - 2015-07-16 04:21 - 00242800 _____ C:\Users\Sander Hansen\Downloads\Firefox Setup Stub 39.0.exe
2015-07-16 04:21 - 2015-07-16 04:21 - 00001163 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-16 00:15 - 2015-08-04 13:11 - 00001016 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-16 00:15 - 2015-08-04 02:20 - 00001020 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-15 18:28 - 2015-07-15 18:28 - 00001399 _____ C:\Users\Sander Hansen\Desktop\JRT.txt
2015-07-15 15:49 - 2015-07-15 15:49 - 00000000 ____D C:\Users\Sander Hansen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-07-15 13:51 - 2015-07-15 13:51 - 00002841 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2015-07-15 13:51 - 2015-07-15 13:51 - 00000000 ____D C:\ProgramData\Sophos
2015-07-15 13:51 - 2015-07-15 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-07-15 13:51 - 2015-07-15 13:51 - 00000000 ____D C:\Program Files (x86)\Sophos
2015-07-15 13:47 - 2015-07-15 13:47 - 00000207 _____ C:\Windows\tweaking.com-regbackup-DI-CUSTOM-Windows-8.1-(64-bit).dat
2015-07-15 13:47 - 2015-07-15 13:47 - 00000000 ____D C:\RegBackup
2015-07-15 13:45 - 2015-07-15 13:45 - 00001379 _____ C:\Users\Sander Hansen\Desktop\AdwCleaner[S1].txt
2015-07-15 13:41 - 2015-07-15 13:42 - 126735632 _____ (Sophos Limited) C:\Users\Sander Hansen\Downloads\Sophos Virus Removal Tool.exe
2015-07-15 13:40 - 2015-07-15 13:41 - 03034989 _____ (Malwarebytes Corporation) C:\Users\Sander Hansen\Downloads\JRT.exe
2015-07-15 13:40 - 2015-07-15 13:40 - 02248704 _____ C:\Users\Sander Hansen\Downloads\adwcleaner_4.208.exe
2015-07-15 13:40 - 2015-07-15 13:40 - 00448512 _____ (OldTimer Tools) C:\Users\Sander Hansen\Downloads\TFC.exe
2015-07-14 20:49 - 2015-07-14 20:55 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-14 20:49 - 2015-07-14 20:49 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Sander Hansen\Downloads\iExplore.exe
2015-07-14 20:48 - 2015-07-14 20:48 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sander Hansen\Downloads\mbar-1.09.1.1004.exe
2015-07-14 20:46 - 2015-07-14 20:46 - 00892928 _____ (Farbar) C:\Users\Sander Hansen\Downloads\MiniToolBox.exe
2015-07-14 18:45 - 2015-07-14 18:45 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-14 18:45 - 2015-07-14 18:45 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-14 18:06 - 2015-07-14 21:11 - 00000000 ____D C:\Users\Sander Hansen\Downloads\Heroes WoW Client with Patch 2.0
2015-07-14 15:52 - 2015-07-14 15:52 - 00000000 _____ C:\Users\Sander Hansen\Desktop\Nytt tekstdokument.txt
2015-07-14 15:46 - 2015-07-15 13:46 - 00000000 ____D C:\Users\Sander Hansen\AppData\Roaming\BitTorrent
2015-07-14 15:46 - 2015-07-14 15:46 - 00002721 _____ C:\Users\Sander Hansen\Desktop\BitTorrent.lnk
2015-07-14 03:45 - 2015-07-14 03:45 - 00000000 ____D C:\Users\Sander Hansen\Desktop\Ny mappe (2)
2015-07-13 23:30 - 2015-07-13 23:30 - 00000777 _____ C:\Users\Public\Desktop\Warcraft III - The Frozen Throne.lnk
2015-07-11 17:31 - 2015-07-11 17:31 - 00076152 _____ C:\Windows\system32\PnkBstrA.exe
2015-07-11 17:12 - 2015-07-11 17:12 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\ESN
2015-07-11 14:38 - 2015-07-11 17:18 - 00000000 ____D C:\Users\Sander Hansen\AppData\Roaming\Origin
2015-07-11 14:38 - 2015-07-11 17:13 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\Origin
2015-07-11 14:37 - 2015-08-02 01:09 - 00000000 ____D C:\ProgramData\Origin
2015-07-11 14:37 - 2015-07-17 17:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-07-11 14:37 - 2015-07-11 14:37 - 00000538 _____ C:\Users\Public\Desktop\Origin.lnk
2015-07-11 14:37 - 2015-07-11 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-07-10 16:58 - 2015-07-10 16:58 - 00000000 ____D C:\Users\Sander Hansen\Documents\Battlefield 4
2015-07-10 15:37 - 2015-07-17 17:23 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-10 12:51 - 2015-07-10 12:51 - 00000000 ____D C:\Users\Sander Hansen\AppData\Roaming\Frontier Developments
2015-07-10 12:51 - 2015-07-10 12:51 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\Frontier Developments
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\Frontier_Developments
2015-07-09 21:53 - 2015-07-09 21:53 - 00002153 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-07-09 21:52 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-09 21:51 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-09 21:51 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-07-09 21:51 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00117392 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-07-09 21:51 - 2015-06-17 11:10 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-07-09 21:51 - 2015-06-17 11:10 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-07-09 13:33 - 2015-06-24 13:36 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-09 13:33 - 2015-06-24 13:36 - 01320120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-08 17:46 - 2015-07-13 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2015-07-08 17:46 - 2015-07-08 17:46 - 00000734 _____ C:\Users\Public\Desktop\Warcraft III.lnk
2015-07-08 15:52 - 2015-08-01 23:44 - 00000000 ____D C:\Users\Sander Hansen\AppData\Roaming\.minecraft
2015-07-08 15:52 - 2015-07-08 15:52 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-08 15:52 - 2015-07-08 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-08 15:48 - 2015-07-08 15:48 - 00000000 ____D C:\Program Files\Java
2015-07-08 15:46 - 2015-07-08 15:46 - 00000000 ____D C:\Users\Sander Hansen\Desktop\Ny mappe
2015-07-08 14:06 - 2015-07-08 14:06 - 00000000 ____D C:\Users\Sander Hansen\Documents\Hitman Blood Money
2015-07-06 20:25 - 2015-07-06 21:33 - 00000000 ____D C:\Users\Sander Hansen\Documents\Nexus Mod Manager
2015-07-06 20:25 - 2015-07-06 20:25 - 00000622 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2015-07-06 13:39 - 2015-07-06 13:39 - 00001139 _____ C:\Users\Sander Hansen\Desktop\Fallout New Vegas - Snarvei.lnk
2015-07-06 12:44 - 2015-07-06 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout Mod Manager
2015-07-06 12:44 - 2015-07-06 12:44 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\FOMM
2015-07-05 15:54 - 2015-07-15 22:29 - 00000000 ____D C:\Program Files (x86)\StarCraft II - Legacy of the Void Beta
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-04 13:14 - 2015-02-04 00:54 - 00003964 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5CC9250D-729A-4F88-BBA9-AFF99F5782FD}
2015-08-04 13:13 - 2015-02-04 01:16 - 00000000 ____D C:\Users\Sander Hansen\AppData\Roaming\ClassicShell
2015-08-04 13:13 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-04 13:12 - 2015-02-27 16:21 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\Deployment
2015-08-04 13:12 - 2015-02-04 02:34 - 00000000 ____D C:\Users\Sander Hansen\AppData\Roaming\Skype
2015-08-04 13:12 - 2015-02-03 21:14 - 02017624 _____ C:\Windows\WindowsUpdate.log
2015-08-04 13:11 - 2015-02-05 19:48 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\Adobe
2015-08-04 13:11 - 2015-02-03 21:27 - 00043254 _____ C:\Windows\SysWOW64\Gms.log
2015-08-04 02:25 - 2015-02-14 01:13 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\Battle.net
2015-08-04 01:45 - 2015-02-05 19:49 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-03 20:51 - 2015-03-14 18:11 - 00000000 ____D C:\Users\Sander Hansen\Documents\My Games
2015-08-03 20:50 - 2015-05-19 17:11 - 00000000 ____D C:\Users\Sander Hansen\Documents\The Witcher 3
2015-08-03 09:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-03 09:19 - 2015-02-04 00:49 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2461661928-3302124015-1259995938-1001
2015-08-01 23:53 - 2015-02-03 21:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-01 22:59 - 2015-04-06 21:41 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2015-08-01 22:59 - 2015-03-02 12:54 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-07-17 23:56 - 2015-03-05 18:37 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\Popcorn-Time
2015-07-17 19:36 - 2015-07-03 14:19 - 00257178 _____ C:\Windows\DirectX.log
2015-07-16 18:24 - 2015-03-28 20:04 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-07-16 04:21 - 2015-06-28 21:23 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-16 04:21 - 2015-06-28 21:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-16 04:21 - 2015-06-28 21:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-16 00:15 - 2015-02-04 00:58 - 00003992 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 00:15 - 2015-02-04 00:58 - 00003756 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 18:11 - 2015-02-19 18:31 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-15 16:30 - 2015-06-30 02:11 - 00007758 _____ C:\Windows\setupact.log
2015-07-15 16:29 - 2014-03-18 11:51 - 01381246 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-15 16:29 - 2014-03-18 11:23 - 00449706 _____ C:\Windows\system32\perfh014.dat
2015-07-15 16:29 - 2014-03-18 11:23 - 00077382 _____ C:\Windows\system32\perfc014.dat
2015-07-15 16:23 - 2015-02-03 21:33 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-15 16:23 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-15 15:49 - 2015-03-05 18:36 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\Popcorn Time
2015-07-15 15:45 - 2015-02-05 19:49 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 13:52 - 2015-07-02 17:02 - 00000000 ____D C:\AdwCleaner
2015-07-15 13:45 - 2015-06-30 13:16 - 00023490 _____ C:\Windows\PFRO.log
2015-07-15 13:45 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-15 13:41 - 2015-07-04 13:11 - 00000000 ____D C:\Users\Sander Hansen\Desktop\anitvirus
2015-07-14 20:48 - 2015-07-02 13:18 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-14 02:42 - 2015-04-06 21:42 - 00000000 ____D C:\Users\Sander Hansen\Documents\StarCraft II
2015-07-13 13:32 - 2015-02-04 02:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-13 13:32 - 2015-02-04 02:34 - 00000000 ____D C:\ProgramData\Skype
2015-07-11 15:31 - 2015-02-04 01:43 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-10 17:01 - 2015-02-04 02:44 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\PunkBuster
2015-07-09 21:53 - 2015-02-03 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-09 21:53 - 2015-02-03 21:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-09 13:59 - 2015-02-03 21:33 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\NVIDIA Corporation
2015-07-08 12:54 - 2015-02-27 00:01 - 00000000 ____D C:\Program Files\CyberGhost 5
2015-07-08 11:35 - 2015-04-12 21:53 - 00000000 ____D C:\Users\Sander Hansen\AppData\Roaming\TS3Client
2015-07-06 20:40 - 2015-07-03 17:01 - 00000000 ____D C:\Users\Sander Hansen\AppData\Local\FalloutNV
2015-07-06 20:25 - 2015-02-26 01:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
 
==================== Files in the root of some directories =======
 
2015-03-07 20:04 - 2015-03-07 20:04 - 0000032 _____ () C:\Users\Sander Hansen\AppData\Roaming\UserIdentity.dat
2015-02-03 21:21 - 2015-02-03 21:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Sander Hansen\AppData\Local\Temp\update.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-04 02:26
 
==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
Ran by Sander Hansen (2015-08-04 13:14:39)
Running from C:\Users\Sander Hansen\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2461661928-3302124015-1259995938-500 - Administrator - Disabled)
Gjest (S-1-5-21-2461661928-3302124015-1259995938-501 - Limited - Disabled)
Sander Hansen (S-1-5-21-2461661928-3302124015-1259995938-1001 - Administrator - Enabled) => C:\Users\Sander Hansen
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.25.3 - Mirillis)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.0.1.88 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ArmA3Sync 1.4.54 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.4.54 - The [S.o.E] team)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.15.0 - Asmedia Technology)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)
BitTorrent (HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\BitTorrent) (Version: 7.9.3.40634 - BitTorrent Inc.)
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version:  - Treyarch)
CCGLauncher version 0.0.0.7 (HKLM-x32\...\{78D51CE5-799C-4FCA-9635-6F61E19EA5E3}_is1) (Version: 0.0.0.7 - Custom Combat Gaming)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse Client (HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Elite: Dangerous (HKLM-x32\...\Steam App 359320) (Version:  - Frontier Developments)
Epic Games Launcher (HKLM\...\{863C2079-A129-485C-8E09-ED683D538C26}) (Version: 1.1.30.0 - Epic Games, Inc.)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version:  - Telltale Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Daybreak Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HIT (HKLM-x32\...\Steam App 336670) (Version:  - Shifty Chair Games)
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version:  - IO Interactive)
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - EKO Software)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1048 - Intel Corporation)
Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
Intel® Chipset Device-programvare (x32 Version: 10.0.20 - Intel® Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.1 - IObit)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version:  - Tripwire Interactive)
Kingdoms of Amalur: Reckoning™ (HKLM-x32\...\Steam App 102500) (Version:  - Big Huge Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version:  - Kojima Productions)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version:  - Virtual Heroes)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version:  - NetherRealm Studios)
Mount Your Friends (HKLM-x32\...\Steam App 296470) (Version:  - Stegersaurus Software Inc.)
Mozilla Firefox 39.0 (x86 nb-NO) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 nb-NO)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
NVIDIA 3D Vision-driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA Driver for HD-lyd 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Driver til 3D Vision-kontroller 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafikkdriver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA Miracast virtuell lyd 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX systemprogramvare 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
Popcorn Time (HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\Popcorn Time) (Version:  - Popcorn Official)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1291 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1291 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{00D4DA5D-EA32-4A7C-A855-A7FDC372049B}) (Version: 1.1.42.1291 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.42.1291 - Qualcomm Atheros) Hidden
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.3.25.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Reign Of Kings (HKLM-x32\...\Steam App 344760) (Version:  - Code}{atch)
Resident Evil 5 / Biohazard 5 (HKLM-x32\...\Steam App 21690) (Version:  - Capcom)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix) <==== ATTENTION
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.6.2742.1 - Hi-Rez Studios)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version:  - Aspyr Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD PROJEKT RED)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Unity Web Player (HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WinRAR 5.21 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.2 - win.rar GmbH)
Wolfenstein: The Old Blood  (HKLM-x32\...\Steam App 350080) (Version:  - MachineGames)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version:  - Blizzard Entertainment)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001_Classes\CLSID\{048ef84d-340b-4f19-b701-1b8e5bb5ccd8}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Restore Points =========================
 
17-07-2015 18:28:20 Installed DirectX
01-08-2015 23:53:46 Installert The Sims 3
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {097E741F-9637-4330-8694-52F984D8118B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {1B168737-3ED6-4D0E-8FB5-223AE8A40590} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-02] (Avast Software s.r.o.)
Task: {2571934A-2B91-4A53-BC7C-4E39254D7EA4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {3D5160ED-1221-4840-94DB-13FBCBD685B3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {4774E7D5-7A0A-47C2-B117-DE08D06B1AF3} - System32\Tasks\{A4BB0BEE-3936-42B4-BCBA-14C6962FC267} => pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang=enUS --uid=wow_ptr_enus --displayname="World of Warcraft Public Test"
Task: {52458CB1-2D8A-4133-91BA-8A09547F3920} - System32\Tasks\{EFB30DE6-0194-4019-AC74-F614F35DDC0C} => Chrome.exe http://ui.skype.com/ui/0/7.2.0.103/en/abandoninstall?page=tsMain
Task: {6069E2C1-B27E-48EA-9AA4-48AB0B1926B2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {7FC164BA-C2D7-41DD-984D-811074B851A0} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-23] (IObit)
Task: {ADC5AEF0-E107-47A0-9D5B-B70590E2E88E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {FC0E691C-F6BB-4326-9247-DD6401512D94} - System32\Tasks\ASC8_SkipUac_Sander Hansen => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ASC8_SkipUac_Sander Hansen.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-02-05 01:24 - 2015-02-05 01:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-02-03 21:32 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-16 17:42 - 2015-04-16 17:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-04-17 11:27 - 2014-04-17 11:27 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2015-08-01 23:43 - 2015-08-01 23:43 - 00016384 _____ () C:\Users\Sander Hansen\AppData\Local\Apps\2.0\4M7Z43CZ.R01\KGWRK9Y1.X56\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.WowDb.dll
2015-08-01 23:43 - 2015-08-01 23:43 - 00035840 _____ () C:\Users\Sander Hansen\AppData\Local\Apps\2.0\4M7Z43CZ.R01\KGWRK9Y1.X56\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.Advertising.dll
2015-08-01 23:43 - 2015-08-01 23:43 - 00099840 _____ () C:\Users\Sander Hansen\AppData\Local\Apps\2.0\4M7Z43CZ.R01\KGWRK9Y1.X56\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.CMOD2.dll
2015-04-16 17:41 - 2015-04-16 17:41 - 05842080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-07-02 13:28 - 2015-07-02 13:28 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-02 13:28 - 2015-07-02 13:28 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-15 13:43 - 2015-07-15 13:43 - 02956800 _____ () C:\Program Files\AVAST Software\Avast\defs\15071500\algo.dll
2015-08-03 15:59 - 2015-08-03 15:59 - 02959872 _____ () C:\Program Files\AVAST Software\Avast\defs\15080301\algo.dll
2014-06-24 17:08 - 2014-06-24 17:08 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-02-19 18:10 - 2013-01-15 19:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-02-19 18:10 - 2013-01-15 19:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-02-19 18:10 - 2013-01-15 19:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-04-14 17:48 - 2015-06-24 13:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-01 23:07 - 2015-07-25 10:46 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-08-01 23:07 - 2015-07-25 10:46 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libegl.dll
2015-08-04 13:11 - 2015-07-03 18:12 - 00778240 _____ () D:\Steam\SDL2.dll
2015-08-04 13:11 - 2015-07-03 18:12 - 04962816 _____ () D:\Steam\v8.dll
2015-08-04 13:11 - 2015-07-24 01:24 - 02410176 _____ () D:\Steam\video.dll
2015-08-04 13:11 - 2015-07-03 18:12 - 01556992 _____ () D:\Steam\icui18n.dll
2015-08-04 13:11 - 2015-07-03 18:12 - 01187840 _____ () D:\Steam\icuuc.dll
2015-02-25 22:40 - 2014-12-01 23:31 - 02396672 _____ () D:\Steam\libavcodec-56.dll
2015-02-25 22:40 - 2014-12-01 23:31 - 00479744 _____ () D:\Steam\libavformat-56.dll
2015-02-25 22:40 - 2014-12-01 23:31 - 00332800 _____ () D:\Steam\libavresample-2.dll
2015-02-25 22:40 - 2014-12-01 23:31 - 00442880 _____ () D:\Steam\libavutil-54.dll
2015-02-25 22:40 - 2014-12-01 23:31 - 00485888 _____ () D:\Steam\libswscale-3.dll
2015-08-04 13:11 - 2015-07-24 01:23 - 00703168 _____ () D:\Steam\bin\chromehtml.DLL
2015-08-04 13:11 - 2015-07-03 18:12 - 39553928 _____ () D:\Steam\bin\libcef.dll
2015-02-19 18:10 - 2013-01-15 19:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2015-05-20 04:29 - 2015-05-20 04:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-07-02 13:28 - 2015-07-02 13:28 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-20 07:16 - 2015-04-20 07:16 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\sony.com -> sony.com
 
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\...\100sexlinks.com -> 100sexlinks.com
 
There are 4788 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2461661928-3302124015-1259995938-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sander Hansen\AppData\Roaming\Microsoft\Windows Photo Viewer\Bakgrunn for Windows Fotovisning.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{25262201-C7C8-4F55-BC97-7E907AB9A399}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CACD8603-CF89-45CE-A112-CD8F61EA5FFB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C4884B2B-8B45-4749-A5A9-76053CBC127A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E4664793-A261-489E-9FB3-79DF9F5B3078}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DCE640B3-84DF-41B0-B238-3DDA1DCB2AD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{84D4B1C5-5AEA-431F-A850-F6BAEC11E871}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4E5B0F96-F122-428A-971F-F42E85068B69}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{28E0CBBB-F912-4A08-AEA6-91301297BBE5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7CB9C385-0E20-4672-8CD5-CE247E77B3BA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AB5E8C91-08C6-4635-AED0-8CBDAC00ADD0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{69C1A5C9-4F79-4371-9886-F54EBFB9F722}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D038D502-B8BD-490F-B627-BC19CDB97DFD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9A054DAB-20C7-4E56-848B-E085FFC50552}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{215CB72B-B976-4263-8B80-D7CCC2A06517}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{7E47C9FE-DE3B-4286-8DF1-29A30E301C2A}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{D92D105D-F5A9-478B-AABE-D8DAC62D7697}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{DD093C12-4A3B-4D28-A3B5-C39D5DB7BFFF}C:\games\dying light\dyinglightgame.exe] => (Allow) C:\games\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{CDB62390-F04A-4C2B-9F4A-009313931D04}C:\games\dying light\dyinglightgame.exe] => (Allow) C:\games\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{F04A7A63-0450-4D68-B50D-817E9363840A}C:\dying light\dyinglightgame.exe] => (Allow) C:\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{CC7ABBC9-9982-4C16-94CF-3697E817634A}C:\dying light\dyinglightgame.exe] => (Allow) C:\dying light\dyinglightgame.exe
FirewallRules: [{1AE23FD1-F5AF-4CB9-9736-11DCA5AA3AAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{75F112F4-85C0-4891-9355-5CA387C28AF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{39480792-83C1-451C-8FAC-37D7DEFAC7D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{F000DD1F-0DF3-477E-B0A6-B2CD68ACA63F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{0F934BD1-D12F-4696-8460-A85E119F7420}] => (Allow) C:\Users\Sander Hansen\AppData\Local\Temp\nskA08.tmp\QQPCDetector.exe
FirewallRules: [{36DAF02E-D6EA-4AC9-A613-81EEA7037F1C}] => (Allow) C:\Users\Sander Hansen\AppData\Local\Temp\nskA08.tmp\QQPCDetector.exe
FirewallRules: [{228B239B-C64F-40B2-BDBB-F84726DD2AED}] => (Allow) C:\Users\Sander Hansen\AppData\Local\Temp\QQVipDownloader\codol_1422016314\QQVipDownloader.exe
FirewallRules: [{464422BD-F486-411C-A7F9-85B21AF431B3}] => (Allow) C:\Users\Sander Hansen\AppData\Local\Temp\QQVipDownloader\codol_1422016314\QQVipDownloader.exe
FirewallRules: [{2C347BF2-E64C-4287-975C-323714AB016D}] => (Allow) C:\Users\Sander Hansen\AppData\Local\Temp\QQVipDownloader\codol_1422016314\bugreport.exe
FirewallRules: [{C081CDDD-9F0B-4220-A485-2998DE004DEF}] => (Allow) C:\Users\Sander Hansen\AppData\Local\Temp\QQVipDownloader\codol_1422016314\bugreport.exe
FirewallRules: [{FE715DE3-133C-43D6-9D24-BDB5101D7A6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{5F5E7151-17CE-41F0-B025-816BE6984560}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{FBF8BA20-38B0-4ACF-A2BF-0622AA8869D4}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{F39D13B9-0D7D-4FD2-80DE-A00B42CF1ECB}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{AB736D10-A52A-456D-9FC0-D59816F9A957}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{E8F99385-878D-44A4-B711-49709FC363B1}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CB4A0F4D-9061-4BAC-A4FA-E7BBA0ED8AA3}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{E3615553-9EBC-425C-8232-B6CF0F2917DA}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{E90098E0-77B4-444C-A3E0-204CA3882AD1}C:\users\sander hansen\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\sander hansen\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{C0C8B886-97F9-4543-9DEE-739587673A60}C:\users\sander hansen\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\sander hansen\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F69B3552-81F1-4996-8DEE-7A27715D5CFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{6CEBD101-1D2E-4E0D-BED6-2F17F15DF259}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{0630D89D-B206-4E2D-8D21-14998AD8D7AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{22F81677-647B-4DC2-B16A-27E2FA73C172}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{9EED3779-95F2-47AE-A631-363CBC24C394}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{2FC7940F-832A-4953-8C56-57F29651D668}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{A8297F78-0B92-4A78-A463-4289B23BED9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{9A59083A-D8E7-4370-A4AC-9F94D49E61F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{B70E658D-38FA-47A5-83AC-41B51FDF36C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{D8851710-0C20-429D-A149-77CC3F374A7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{130EDE6C-ECA7-4A60-9DDD-E9293FCD18AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{1A9DEF39-CB6B-41B6-8145-A76FC4D066BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{F5231F67-69BD-4634-A1F0-B7AF49AA1F0D}D:\diablo iii\diablo iii.exe] => (Allow) D:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{598D291F-5366-4BBB-AC44-C488545875CC}D:\diablo iii\diablo iii.exe] => (Allow) D:\diablo iii\diablo iii.exe
FirewallRules: [{9879BC0C-EA6D-4BDE-AEA7-2FD9587F028C}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{75BD3637-CCF6-4B6C-BEC6-69BE8AD58D2F}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [TCP Query User{62DC615A-8AA8-44F2-8001-2A79B0A3853E}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{AA210491-9F65-4B38-8C06-292106D122FA}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{BB09F285-86F1-4816-AA70-72EF2B7781A8}D:\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{2B8E5A3F-1FF0-47E3-9AFF-E3D8F93DF889}D:\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{FB4D7BB3-B549-40E2-8BA5-2AD5E1C34A28}] => (Allow) D:\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{EEA47C99-F5E3-44F4-93C1-21B85468A6BC}] => (Allow) D:\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{313D7067-6A9B-47DC-A217-FAF7B315EA9F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{EE718B48-3DFB-47FD-A3A8-7AB6CD617A78}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{DA840719-2983-4980-87B1-A38692F3C16C}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{E38BD1BE-0125-4EAB-BE24-3A9711F38BF9}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{05FAC1E5-C6AB-452E-BF8E-602F51898578}C:\users\sander hansen\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sander hansen\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{E9E1C3FB-D739-416B-BFBB-FA3B53953C98}C:\users\sander hansen\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\sander hansen\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{9F73818A-0E7F-49CC-AC42-F2967E7791C0}] => (Allow) D:\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{7209F209-B2FA-47CA-8446-85C3CA4B8A71}] => (Allow) D:\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{AD28422D-C509-4A44-A650-E5638A01DE6D}D:\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{14701D3F-6958-4905-B42A-64BBB51E0E45}D:\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [{37A4BEAA-40E2-4A1D-A071-B06539088B99}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{2FE51BF2-D4E8-48C1-92A2-33980F561434}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [TCP Query User{0F87BE7E-49B8-457B-9AFA-14BF0216B209}D:\steam\steamapps\common\sid meier's civilization v\civilizationv_tablet.exe] => (Allow) D:\steam\steamapps\common\sid meier's civilization v\civilizationv_tablet.exe
FirewallRules: [UDP Query User{86F688B6-1E6C-4122-BDDA-053A75B9B87D}D:\steam\steamapps\common\sid meier's civilization v\civilizationv_tablet.exe] => (Allow) D:\steam\steamapps\common\sid meier's civilization v\civilizationv_tablet.exe
FirewallRules: [{705AA5F2-771A-41E7-B8FD-EE6EDB82A512}] => (Allow) D:\Steam\steamapps\common\Reign Of Kings\ROK.exe
FirewallRules: [{659EE7F6-FB3B-473D-914D-E8B1BB59E613}] => (Allow) D:\Steam\steamapps\common\Reign Of Kings\ROK.exe
FirewallRules: [{6047963F-138D-4D92-9D4E-E146E3003B3C}] => (Allow) D:\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{23D01556-8BEF-4DD9-83A7-004DEF36C5F2}] => (Allow) D:\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [TCP Query User{B8BF6075-6CCB-49D5-A32A-34E77EE7B887}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4EA41671-7D15-4327-9BAD-C94E4354FBF1}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{9EC371DA-0D3E-4ED9-8C50-A13AFD4BDDE3}] => (Allow) D:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7C3F7091-EF7E-48AC-B31C-99B80C6AAD91}] => (Allow) D:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{70D95E01-6F56-4046-BCB2-F4C019CB0B9F}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{ED301A3B-56AC-4A8C-B662-8142562A8C63}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{B5CB3F7C-14E5-4D5F-8A3F-FBAB83B2FD71}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{7368DB5D-D7AD-4477-B44A-059EFEBB8456}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{7A2D7122-6D23-4605-816B-B5A1B93F8A00}] => (Allow) D:\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{37B0C7E6-ADED-468F-A533-2F07D86AB392}] => (Allow) D:\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{BB80A1C2-5416-4683-9C1D-EED5604D94A2}] => (Allow) D:\Steam\steamapps\common\Reign Of Kings\Reign of Kings.exe
FirewallRules: [{E0C68E06-C5CB-43E0-A73B-12FCA9DE9EC3}] => (Allow) D:\Steam\steamapps\common\Reign Of Kings\Reign of Kings.exe
FirewallRules: [{68655E5C-2B4E-4A34-B4DC-A085D9465550}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{AF33A811-59A4-4BFB-950D-48F25062248F}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{C74CECB2-56C8-4841-A922-FB1B49F6EAC2}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{F606B459-4323-43A4-90EF-C4EB321FD88B}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{74B788F7-AB95-4021-AD3E-74106F75CCED}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4D8ADC90-4A2C-4CCF-A321-44CD872198F3}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{87F42A53-6056-4D9A-ACCC-7EB1D0C07B14}] => (Allow) D:\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{2386EE11-4D92-4E92-A36F-29BD72FDC082}] => (Allow) D:\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{577D040C-FBF6-4818-8AD4-1FB06E740907}] => (Allow) D:\Steam\steamapps\common\HIT\Hit\Binaries\Win64\Hit.exe
FirewallRules: [{6E7CD367-B49B-48FD-9486-663D96A0B177}] => (Allow) D:\Steam\steamapps\common\HIT\Hit\Binaries\Win64\Hit.exe
FirewallRules: [{0D0FDBBF-F998-4CD9-A8CB-98DFEA2C9FD4}] => (Allow) D:\Steam\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{54E6C7DB-E7AE-4E56-A4B0-8BFD66995B85}] => (Allow) D:\Steam\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [TCP Query User{5FD5D790-F228-4A84-8767-4E0DB8FBBCF8}C:\users\sander hansen\desktop\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) C:\users\sander hansen\desktop\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{83F2C98D-E201-4364-91DD-98ADB5324780}C:\users\sander hansen\desktop\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) C:\users\sander hansen\desktop\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [TCP Query User{E9134311-D821-4E81-B47C-3F2F01EA6C9B}C:\users\sander hansen\desktop\teamspeak 3 server\ts3server_win64.exe] => (Allow) C:\users\sander hansen\desktop\teamspeak 3 server\ts3server_win64.exe
FirewallRules: [UDP Query User{61CEE1F3-828A-4C31-B92D-5D4329EB3784}C:\users\sander hansen\desktop\teamspeak 3 server\ts3server_win64.exe] => (Allow) C:\users\sander hansen\desktop\teamspeak 3 server\ts3server_win64.exe
FirewallRules: [TCP Query User{EFA5B903-E106-4E75-9546-774186D4CDF0}C:\users\sander hansen\appdata\local\temp\i1430925264\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\sander hansen\appdata\local\temp\i1430925264\windows\resource\jre\bin\javaw.exe
FirewallRules: [UDP Query User{EF127BDE-3AF2-419E-B8BA-2BDC3D68A233}C:\users\sander hansen\appdata\local\temp\i1430925264\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\sander hansen\appdata\local\temp\i1430925264\windows\resource\jre\bin\javaw.exe
FirewallRules: [{FB854AC5-B7F0-4502-A01E-450E338945BA}] => (Allow) D:\Steam\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [{9BDC0521-BE2F-4ABB-AFBF-D1EB56DDED60}] => (Allow) D:\Steam\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe
FirewallRules: [TCP Query User{A667DBCF-13FB-4079-AF87-59765B4EDC81}D:\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{36A7B5E8-2572-4AE5-8778-AC2B991BA1A6}D:\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) D:\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{C1AFD461-B8E6-4230-BAF2-F8A3E3E2DB89}] => (Allow) D:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{7EF0FE7E-0E3A-4679-83FD-E6033B9DB445}] => (Allow) D:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{0D71AEAA-34AB-4357-83C2-2F854C8D8E55}] => (Allow) D:\Steam\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{A2A95594-35D9-4F8C-BABA-AF7E8CE8DFED}] => (Allow) D:\Steam\steamapps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{4E548078-9113-404C-9A0F-3ADCF245BFCA}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{BAE4D58B-026B-4396-ABCE-C7BC0C6401A8}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{26442956-B46B-4850-817A-A484F5C0B88D}] => (Allow) D:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{1A6BE80F-2BD1-461F-82AA-16B8D24B9BE9}] => (Allow) D:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{839F3448-E6D1-46FF-A12D-BAFF4E6D706E}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{E11CB639-23D0-44DA-9C9A-BC41D34EE902}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{A458ADD6-9DBB-419A-95B2-6CF97F50BAB0}] => (Allow) D:\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{0007BB63-94D5-4FB1-AF93-F542C2978137}] => (Allow) D:\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{3AE417BE-5F4D-4AFB-A57B-6842BC839DD6}] => (Allow) D:\Steam\steamapps\common\Resident Evil 5\Launcher.exe
FirewallRules: [{27B5BD0F-48FC-4AD4-87D5-FE4C481AEFB6}] => (Allow) D:\Steam\steamapps\common\Resident Evil 5\Launcher.exe
FirewallRules: [TCP Query User{A2F0375B-526E-4509-9D44-FC0E31FBCA83}D:\steam\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) D:\steam\steamapps\common\resident evil 5\re5dx9.exe
FirewallRules: [UDP Query User{5FE0E182-4D54-4F6D-A8A8-7072394D6DBB}D:\steam\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) D:\steam\steamapps\common\resident evil 5\re5dx9.exe
FirewallRules: [TCP Query User{12ABB9F8-0C31-4750-9755-267A9A7210B1}C:\csgo-ds\srcds.exe] => (Allow) C:\csgo-ds\srcds.exe
FirewallRules: [UDP Query User{427AED19-2768-41BB-82FD-4A08B6BCC581}C:\csgo-ds\srcds.exe] => (Allow) C:\csgo-ds\srcds.exe
FirewallRules: [TCP Query User{6F85813B-D879-416E-BD2B-BDC8FF62BEC0}C:\users\sander hansen\desktop\cso server for modding\srcds.exe] => (Allow) C:\users\sander hansen\desktop\cso server for modding\srcds.exe
FirewallRules: [UDP Query User{68D5D9C0-EC8B-4401-B116-E18915C0D08E}C:\users\sander hansen\desktop\cso server for modding\srcds.exe] => (Allow) C:\users\sander hansen\desktop\cso server for modding\srcds.exe
FirewallRules: [{3D4C89F5-0670-4BBC-B4B4-19C757CAF8E6}] => (Allow) D:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{FE217FFF-5C5A-4A3B-B8B3-E933E45C115E}] => (Allow) D:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{ABD9566F-516A-41FC-9CA7-577ED35E8C50}D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{78E02676-6A6F-4B90-A94B-3768089722C6}D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{8EE42503-F301-46E9-BFD7-D8F324FF0789}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9391CACB-7EDA-41AC-9926-7BB421FDC671}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{54564D80-853B-461B-AEDA-78820153FAB2}] => (Allow) LPort=27014
FirewallRules: [{4D0F6959-7F17-4D14-92E6-7A956F7A55EE}] => (Allow) LPort=27014
FirewallRules: [{F2EFA082-0C6F-4931-AA8D-6271669CE4E8}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{0F765C54-6591-4D51-A48A-2DF2DAC4FBD7}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{BC541145-ACD6-4ED6-918B-30556798961B}] => (Allow) D:\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [{D325C4D7-43A1-41DF-B98A-E9D9FD4A41E5}] => (Allow) D:\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [TCP Query User{0D33A16C-432C-4F54-97B4-C8DE41CC375F}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{541248FE-A861-4690-BA90-A5DDBC41FB68}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{8BE2FCC8-0F54-41B9-A060-97B7764B9F44}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{E3EEC008-9E10-43E6-AC92-521175BB7CC1}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{08065FE5-C7D6-4C88-A678-1878FAD22644}] => (Allow) D:\Steam\steamapps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{0CF40376-58C5-4C9A-B69C-F222FB73FB50}] => (Allow) D:\Steam\steamapps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{A859D52B-A5C7-418A-A5C2-84EBFFE772C4}] => (Allow) D:\Steam\steamapps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{9A51D578-8D94-44E0-9242-5FA9C0579477}] => (Allow) D:\Steam\steamapps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [TCP Query User{B347CEB8-F4B7-478F-BB2F-B4E8ECB1E9A9}D:\steam\steamapps\common\rust\rustclient.exe] => (Allow) D:\steam\steamapps\common\rust\rustclient.exe
FirewallRules: [UDP Query User{AB52EE7F-556A-423D-BB4E-0A4A4AC82EDA}D:\steam\steamapps\common\rust\rustclient.exe] => (Allow) D:\steam\steamapps\common\rust\rustclient.exe
FirewallRules: [{25DB2B21-BBB4-4400-B31C-A77C85951F31}] => (Allow) D:\Steam\steamapps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{35B9C9A9-AA69-42A7-9CB2-AF0813F7FA2E}] => (Allow) D:\Steam\steamapps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{1CDCB3BE-5F89-481D-98EC-B4F1989E28E9}] => (Allow) D:\Steam\steamapps\common\How to Survive\Detect.exe
FirewallRules: [{E8B93934-DC07-41FB-809D-82BB7216E1B3}] => (Allow) D:\Steam\steamapps\common\How to Survive\Detect.exe
FirewallRules: [{E9F86251-5E3E-4314-84B3-2E4C153878B7}] => (Allow) D:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{1EA73C31-ECCB-4C75-ADF6-3180E2C40D05}] => (Allow) D:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{CF90D852-771A-41F2-B096-B83F9C62647C}] => (Allow) D:\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{BDD10B5A-D982-4B34-AD62-47C97E9FBBA2}] => (Allow) D:\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{FFB92C32-B92B-4729-B088-77F4BC80D7A5}] => (Allow) D:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{97CE9242-8280-41FF-9969-56ED446271B4}] => (Allow) D:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{B6C46D86-DE05-48A7-BDB1-22F8E29A35BF}] => (Allow) D:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{7C976B67-5DB6-42C6-B9BF-131DF97CF694}] => (Allow) D:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{CBBCFF48-B8C7-48E3-AD09-ED671D049EAF}] => (Allow) D:\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{880EE2A4-E231-4732-9298-DF5008F54208}] => (Allow) D:\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{12212479-3959-4CE8-ADB8-4870CC49C0FC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C5591F7-0401-4CAC-90B3-AE5ED6E2B68A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6F484D36-AF37-4895-8702-233CC1EF3A85}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{216628DB-50F4-43EF-89DD-939D07EA0580}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{004F944F-DF72-482B-A687-3946275D0060}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{40F675E1-05D2-4BDB-A35A-9BC4C5072779}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{A604FB12-9AFF-46C5-BAAB-2E3D666557A1}D:\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe] => (Allow) D:\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe
FirewallRules: [UDP Query User{BF93F325-6DA6-4136-B6AE-C8DA337EADAD}D:\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe] => (Allow) D:\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe
FirewallRules: [TCP Query User{B7DBD4A0-981E-44D4-96E7-B869A3A95B6A}D:\starcraft ii - legacy of the void beta\versions\base35543\sc2_x64.exe] => (Allow) D:\starcraft ii - legacy of the void beta\versions\base35543\sc2_x64.exe
FirewallRules: [UDP Query User{EBE17E02-5721-4702-9446-B4B02AE12ADB}D:\starcraft ii - legacy of the void beta\versions\base35543\sc2_x64.exe] => (Allow) D:\starcraft ii - legacy of the void beta\versions\base35543\sc2_x64.exe
FirewallRules: [TCP Query User{BA24EAAE-C48E-4B40-8917-FCCE7F83205D}D:\unrel\epic games\4.8\engine\binaries\win64\ue4editor.exe] => (Allow) D:\unrel\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{320F88FF-0B3B-4C82-AEFD-D0AF8185492E}D:\unrel\epic games\4.8\engine\binaries\win64\ue4editor.exe] => (Allow) D:\unrel\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [{05E7258E-14BA-4A8D-8833-CD4C12016092}] => (Allow) D:\Steam\steamapps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{28290082-64D2-4478-9CB6-54C9467727F4}] => (Allow) D:\Steam\steamapps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{0CAF5F8E-70DC-4701-9829-090AB6FAD6E5}] => (Allow) D:\Steam\steamapps\common\Spore\runme.exe
FirewallRules: [{4C582D51-8034-48D4-ABF7-8553635461A6}] => (Allow) D:\Steam\steamapps\common\Spore\runme.exe
FirewallRules: [{4E907D14-C5D9-457D-A036-243AF6A2505F}] => (Allow) D:\Steam\steamapps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{6127F574-BD95-4DEA-B9D3-AEE99F19B029}] => (Allow) D:\Steam\steamapps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [TCP Query User{8642D21C-5720-4358-87D0-035B98C08818}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E9E77F6D-D0B2-4E4C-9D82-99953A12C230}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{420E6518-65C5-4874-827A-FB5527AA631F}] => (Allow) D:\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{8C494523-5787-4698-BE4D-3E20351CDE4C}] => (Allow) D:\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{6E7CEEEE-E91B-49CA-905B-97E45FE77893}] => (Allow) D:\Steam\steamapps\common\KOAReckoning\Reckoning.exe
FirewallRules: [{000C81F1-1556-4C6E-9311-A63C69266620}] => (Allow) D:\Steam\steamapps\common\KOAReckoning\Reckoning.exe
FirewallRules: [{51AB92F6-A1EB-46FC-8DA8-F946D611474A}] => (Allow) D:\Steam\steamapps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{BB769F08-E48E-4FA4-B81C-072CF1C48461}] => (Allow) D:\Steam\steamapps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{0318E213-8806-4C42-B936-D91BEAF66613}] => (Allow) D:\Steam\steamapps\common\Hitman Blood Money\configure.exe
FirewallRules: [{02B71C55-6761-4581-97DE-74F93AE382FE}] => (Allow) D:\Steam\steamapps\common\Hitman Blood Money\configure.exe
FirewallRules: [TCP Query User{3BA169D5-E28A-4A0C-B859-963F4BB8AE4B}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{B01711D1-7BF7-4B64-8994-373948DD86E9}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{CAE112C8-143D-44DF-A16D-CEB7E99A38F6}C:\users\sander hansen\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\sander hansen\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
FirewallRules: [UDP Query User{5F823108-E7E7-4803-B2FA-CEA11FBB4AF3}C:\users\sander hansen\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\sander hansen\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
FirewallRules: [{715EF731-7CF6-49C8-AB50-84D3158620A4}] => (Allow) D:\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{77CC4123-F4DC-4B71-ADC7-01593215717A}] => (Allow) D:\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{4347B01D-0313-4DB1-AC0F-4B42163DDC41}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E04A4F1A-BFFB-4A46-895A-2B25F0982CE0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BC9B7BF6-D560-43C9-A21A-44E4B59CB02D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{743560EF-071A-4BA6-94FB-821860B8D301}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{C889295D-5E05-4502-BB90-AC9B02D18F3E}C:\users\sander hansen\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\sander hansen\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
FirewallRules: [UDP Query User{50ECEEBF-CABF-4074-BB73-0AE527F12533}C:\users\sander hansen\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\sander hansen\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
FirewallRules: [{504EE89D-159C-4837-A220-04F576E8C13E}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{FAA0AB54-9FE8-487E-8AA6-80572D60FEEF}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{DA4FC9FF-BA11-474F-B9E5-0CAD051CD706}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\127\bugreport_xf.exe
FirewallRules: [{925108F3-8ED3-446E-BCE8-737BA3492814}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\127\bugreport_xf.exe
FirewallRules: [{1D8EC859-5188-4BDE-9B85-475241569B91}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{C98B3ED9-B31F-4EE0-8B4D-712DCA7E60AC}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{4C9F4CDC-DE78-4D57-A053-59D57C7B258D}] => (Allow) D:\Warcraft3\Warcraft III\Frozen Throne.exe
FirewallRules: [{99F3ADB2-9877-431A-A8E7-FD2BC05CE4B6}] => (Allow) D:\Warcraft3\Warcraft III\Frozen Throne.exe
FirewallRules: [{ED2A700E-6270-453C-B459-D957042AF4C1}] => (Allow) D:\Warcraft3\Warcraft III\Frozen Throne.exe
FirewallRules: [{55ADBFFE-B17A-4D65-91BB-8E6024036DA2}] => (Allow) D:\Warcraft3\Warcraft III\Frozen Throne.exe
FirewallRules: [{85F73FA6-99AB-48A0-889F-976681388E70}] => (Allow) D:\Warcraft3\Warcraft III\Warcraft III.exe
FirewallRules: [{6A6D1072-9821-438E-8E9C-C0DFDD3AEFE3}] => (Allow) D:\Warcraft3\Warcraft III\Warcraft III.exe
FirewallRules: [{20721186-8606-4DEF-868C-88FD3C63142B}] => (Allow) D:\Warcraft3\Warcraft III\Warcraft III.exe
FirewallRules: [{3A3F2C18-61DC-44F3-8963-B68CEFAC950C}] => (Allow) D:\Warcraft3\Warcraft III\Warcraft III.exe
FirewallRules: [{2BAB6FC8-70F6-4F37-8402-EA4B4F3C5BF7}] => (Allow) LPort=6112
FirewallRules: [{1364FD72-A589-4B62-9975-04196F7921B0}] => (Allow) LPort=6112
FirewallRules: [{6C1C5574-551F-4609-BFDD-BDF90249E966}] => (Allow) C:\Users\Sander Hansen\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E02E791C-8890-4170-9B1B-313DFA54FB64}] => (Allow) C:\Users\Sander Hansen\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{AC4B2B19-09C7-4688-BA33-424C27B3D103}] => (Allow) C:\Users\Sander Hansen\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B76E0A5F-E996-40FD-A897-B59FC64C64AC}] => (Allow) C:\Users\Sander Hansen\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B3312B05-2E08-42C3-AF21-E6CC6FE3FB20}] => (Allow) C:\Users\Sander Hansen\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{9024477A-C9B0-4FDC-8134-84A8E3E673CC}] => (Allow) C:\Users\Sander Hansen\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{447385C3-622C-4028-97CB-4CB900534CBD}C:\users\sander hansen\appdata\local\popcorn time\nw.exe] => (Block) C:\users\sander hansen\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{BE213622-EEAB-4E33-BD76-3A6DD46060D6}C:\users\sander hansen\appdata\local\popcorn time\nw.exe] => (Block) C:\users\sander hansen\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{DC41D74D-1A3C-4B9C-A95F-FC7F8CCCD883}C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base36442\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base36442\sc2_x64.exe
FirewallRules: [UDP Query User{A269F9B5-451C-43FD-8D19-8FB0FC5B9172}C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base36442\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base36442\sc2_x64.exe
FirewallRules: [TCP Query User{D811CFFD-13CF-470A-8092-3BD36C033C63}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe
FirewallRules: [UDP Query User{2EB934E3-1E9D-4E3E-AD72-53E2661B231F}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe
FirewallRules: [{94A73EE3-A3D2-4F3C-BEA1-EA2CF8D132B2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7F83A4C9-6C60-4834-8914-E082A6CC4F8B}] => (Allow) D:\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{29C5265A-4CB3-4ECA-AA73-A89CFD15E5CF}] => (Allow) D:\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{BD1F5DCB-FF4A-4B6C-897F-8B9BD947D2CF}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F0C3BC6E-4D16-4CC7-913F-EBF140B44624}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{655F886A-53A2-41DF-8972-092EE9DD864D}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{7C662B71-B715-4FBE-A846-3572C7B4315D}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
 
==================== Faulty Device Manager Devices =============
 
Name: TAP-Win32 Adapter V9 (Tunngle)
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: TAP-Win32 Adapter V9 (Tunngle) #2
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/03/2015 06:48:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Programnavn med feil: witcher3.exe, versjon: 3.0.5.2576, tidsangivelse: 0x559faf6d
Modulnavn med feil: debug-console-enabler.dll, versjon: 0.0.0.0, tidsangivelse: 0x5572f8b6
Unntakskode: 0xc0000005
Feilforskyvning: 0x0000000000004cdf
Feil prosess-ID: 0xd078
Feil starttid for program: 0xwitcher3.exe0
Feil programbane: witcher3.exe1
Feil modulbane: witcher3.exe2
Rapport-ID: witcher3.exe3
Fullstendig navn på feilpakke: witcher3.exe4
Relativ program-ID for feilpakke: witcher3.exe5
 
Error: (08/03/2015 04:31:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programmet Wow-64.exe versjon 6.2.0.20338 sluttet å samhandle med Windows og ble lukket. Hvis du vil se om det finnes mer informasjon tilgjengelig om problemet, åpner du problemloggen i kontrollpanelet for Handlingssenter.
 
Prosess-ID: 11ebc
 
Starttidspunkt: 01d0cdf8d8dfcb38
 
Avslutningstidspunkt: 118
 
Programbane: D:\World of Warcraft\Wow-64.exe
 
Rapport-ID: 6068c8ea-39ec-11e5-8282-d0509947205f
 
Fullstendig navn på feilpakke: 
 
Relativ program-ID for feilpakke:
 
Error: (08/03/2015 10:07:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8
 
Error: (08/03/2015 10:07:07 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (08/03/2015 10:07:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL8
 
Error: (08/03/2015 10:07:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8
 
Error: (08/03/2015 10:07:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll8
 
Error: (08/03/2015 10:07:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (08/03/2015 09:21:40 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generering av aktiveringskontekst mislyktes for C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest1. Feil i manifest- eller policyfilen C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest2 i linje C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest3.
En komponentversjon som kreves av programmet, er i konflikt med en annen komponentversjon som allerede er aktiv.
Komponentene i konflikt er:.
Komponent 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Komponent 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
 
Error: (08/03/2015 09:19:19 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generering av aktiveringskontekst mislyktes for C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest1. Feil i manifest- eller policyfilen C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest2 i linje C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest3.
En komponentversjon som kreves av programmet, er i konflikt med en annen komponentversjon som allerede er aktiv.
Komponentene i konflikt er:.
Komponent 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Komponent 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
 
 
System errors:
=============
Error: (08/04/2015 01:11:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten Steam Client Service kan ikke starte på grunn av følgende feil: 
%%1053
 
Error: (08/04/2015 01:11:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Steam Client Service skal koble til.
 
Error: (08/03/2015 09:20:31 AM) (Source: DCOM) (EventID: 10010) (User: DI-Custom)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (08/03/2015 09:20:01 AM) (Source: DCOM) (EventID: 10010) (User: DI-Custom)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (08/03/2015 09:16:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070057: Microsoft.Office.OneNote.
 
Error: (08/03/2015 09:16:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070057: Microsoft.Reader.
 
Error: (08/02/2015 12:45:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070057: Microsoft.Office.OneNote.
 
Error: (08/02/2015 12:45:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070057: Microsoft.Reader.
 
Error: (07/17/2015 06:06:32 PM) (Source: DCOM) (EventID: 10010) (User: DI-Custom)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (07/17/2015 06:06:02 PM) (Source: DCOM) (EventID: 10010) (User: DI-Custom)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
 
Microsoft Office:
=========================
Error: (08/03/2015 06:48:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: witcher3.exe3.0.5.2576559faf6ddebug-console-enabler.dll0.0.0.05572f8b6c00000050000000000004cdfd07801d0ce0c3f70f21cD:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exeD:\Steam\steamapps\common\The Witcher 3\bin\x64\plugins\debug-console-enabler.dll8053aa6b-39ff-11e5-8282-d0509947205f
 
Error: (08/03/2015 04:31:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Wow-64.exe6.2.0.2033811ebc01d0cdf8d8dfcb38118D:\World of Warcraft\Wow-64.exe6068c8ea-39ec-11e5-8282-d0509947205f
 
Error: (08/03/2015 10:07:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8
 
Error: (08/03/2015 10:07:07 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (08/03/2015 10:07:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL8
 
Error: (08/03/2015 10:07:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8
 
Error: (08/03/2015 10:07:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll8
 
Error: (08/03/2015 10:07:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (08/03/2015 09:21:40 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe
 
Error: (08/03/2015 09:19:19 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 23%
Total physical RAM: 16274.94 MB
Available physical RAM: 12397.33 MB
Total Virtual: 18706.94 MB
Available Virtual: 14384.53 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.54 GB) (Free:67.71 GB) NTFS
Drive d: (sander) (Fixed) (Total:1863.01 GB) (Free:1103.97 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: AE6CDC9F)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 0B4A9CA0)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)
 
==================== End of log ============================
 
aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2015-08-04 13:17:49
-----------------------------
13:17:49.558    OS Version: Windows x64 6.2.9200 
13:17:49.558    Number of processors: 12 586 0x3F02
13:17:49.558    ComputerName: DI-CUSTOM  UserName: 
13:17:49.728    Initialize success
13:17:49.729    VM: initialized successfully
13:17:49.730    VM: Intel CPU supported virtualized 
13:17:50.617    VM: supported disk I/O dxgkrnl.sys
13:17:53.456    AVAST engine defs: 15080301
13:18:05.454    Disk 0  \Device\Harddisk0\DR0 -> \Device\00000037
13:18:05.456    Disk 0 Vendor: WDC_WD2003FZEX-00Z4SA0 01.01A01 Size: 1907729MB BusType: 11
13:18:05.458    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000038
13:18:05.459    Disk 1 Vendor: Samsung_SSD_850_EVO_250GB EMT01B6Q Size: 238475MB BusType: 11
13:18:05.468    Disk 1 MBR read successfully
13:18:05.470    Disk 1 MBR scan
13:18:05.473    Disk 1 Windows 7 default MBR code
13:18:05.476    Disk 1 Partition 1 80 (A) 07      HPFS/NTFS NTFS          350 MB offset 2048
13:18:05.479    Disk 1 Partition 2 00     07      HPFS/NTFS NTFS       238123 MB offset 718848
13:18:05.486    Disk 1 scanning C:\Windows\system32\drivers
13:18:07.421    Service scanning
13:18:11.881    Modules scanning
13:18:11.886    Disk 1 trace - called modules:
13:18:11.891    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys 
13:18:11.895    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xffffe001122c7770]
13:18:11.898    3 CLASSPNP.SYS[fffff8009e696170] -> nt!IofCallDriver -> \Device\00000038[0xffffe0010da877f0]
13:18:12.077    AVAST engine scan C:\Windows
13:18:12.346    AVAST engine scan C:\Windows\system32
13:18:49.655    AVAST engine scan C:\Windows\system32\drivers
13:18:53.961    AVAST engine scan C:\Users\Sander Hansen
13:21:18.426    AVAST engine scan C:\ProgramData
13:22:45.184    Disk 1 statistics 4439818/0/0 @ 9,58 MB/s
13:22:45.189    Scan finished successfully
13:24:53.142    Disk 1 MBR has been saved successfully to "C:\Users\Sander Hansen\Downloads\MBR.dat"
13:24:53.145    The log file has been saved successfully to "C:\Users\Sander Hansen\Downloads\aswMBR.txt"
 
 

 



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 07 August 2015 - 01:29 AM

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 26 August 2015 - 12:38 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users