Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Using Chrome: keep getting popups from abnxs.com [Solved]


  • This topic is locked This topic is locked

#1
Belnifore

Belnifore

    Member

  • Member
  • PipPip
  • 12 posts

Hi there,

 

I seem to be experiencing similar problems like this user: http://www.geekstogo...xs#entry2242969

 

I don't know how I got infected but somehow it happened to my Google Chrome browser nevertheless. Now every few seconds beginning right from the start, abnxs.com tries to load popups (which mostly are blocked by Chrome) and constantly loads and plays sound-ads (which are not blocked and get quite annoying over time). I have to admit that I am a little bit spooked about this infection and having absolutely no clue how to have come across it...

 

Security measures I have taken so far (and to no avail):

I have installed Avira Free Antivirus which warns me every so often that something tries to autostart and is blocked.

I tried Malwarebytes which usually is quite reliable but did not find anything wrong or bad on my computer.

I made a Kapersky Rescue Disc 10 with updated library. Booted from it but after a whole day of scanning, it also didn't find anything.

I looked for help and among a ton of sites, this one caught my attention as to having solved a similiar problem and looking trustworthy and helpful.

 

For the time beeing I have stopped using Chrome and use Firefox instead.

 

Thx a lot for your time by the way and any help greatly appreciated,

 Cheers, Belnifore

 

Here my OTL.txt:

 

 

OTL logfile created on: 26.03.2014 21:34:50 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Desktop\Zeugs
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
7,94 Gb Total Physical Memory | 5,31 Gb Available Physical Memory | 66,87% Memory free
15,88 Gb Paging File | 12,63 Gb Available in Paging File | 79,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 18,20 Gb Free Space | 7,81% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 63,04 Gb Free Space | 13,53% Space Free | Partition Type: NTFS
Drive F: | 378,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 931,51 Gb Total Space | 0,01 Gb Free Space | 0,00% Space Free | Partition Type: NTFS
Drive K: | 596,17 Gb Total Space | 2,08 Gb Free Space | 0,35% Space Free | Partition Type: NTFS
 
Computer Name: ANDEEMACHINE | User Name: andee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found --
PRC - [2014.03.26 21:34:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Desktop\Zeugs\OTL.exe
PRC - [2014.03.11 22:09:10 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
PRC - [2014.03.03 09:39:34 | 001,106,784 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2014.02.21 19:24:14 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.02.20 17:33:03 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014.02.20 17:32:32 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014.02.20 17:32:30 | 000,689,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014.02.12 20:57:54 | 000,043,848 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2014.02.10 22:29:26 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Users\andee\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe
PRC - [2014.02.07 11:41:21 | 012,641,632 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2014.02.07 11:41:21 | 005,093,216 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2014.02.07 11:25:16 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2014.01.30 15:05:24 | 021,822,128 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014.01.24 01:56:42 | 033,509,888 | ---- | M] (Dropbox, Inc.) -- C:\Users\andee\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.12.18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.11.13 20:44:52 | 000,194,224 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office 15\root\office15\ONENOTEM.EXE
PRC - [2013.08.29 01:23:38 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013.07.18 00:44:32 | 000,292,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2013.06.13 14:15:34 | 001,743,648 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
PRC - [2013.05.30 15:01:58 | 000,364,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013.05.30 15:01:24 | 000,129,848 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013.05.30 15:01:12 | 000,167,736 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013.05.22 19:50:40 | 000,400,704 | ---- | M] () -- C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
PRC - [2013.05.08 02:17:22 | 000,642,664 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2013.04.04 13:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012.11.27 20:12:44 | 000,479,840 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2012.11.27 20:08:28 | 000,739,936 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
PRC - [2012.01.18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011.07.19 12:37:16 | 000,978,840 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
PRC - [2011.03.07 14:33:08 | 000,089,456 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009.11.11 15:17:02 | 000,771,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\AirPort\APAgent.exe
PRC - [2009.07.20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2007.08.28 09:01:34 | 000,053,248 | ---- | M] (HP) -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
PRC - [2007.05.08 15:44:58 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014.03.26 20:55:20 | 000,041,984 | ---- | M] () -- c:\users\andee\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphgfjyh.dll
MOD - [2014.03.26 20:55:13 | 001,175,040 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._core_.pyd
MOD - [2014.03.26 20:55:13 | 001,157,120 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\_ssl.pyd
MOD - [2014.03.26 20:55:13 | 001,062,400 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._controls_.pyd
MOD - [2014.03.26 20:55:13 | 000,811,008 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._windows_.pyd
MOD - [2014.03.26 20:55:13 | 000,805,888 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._gdi_.pyd
MOD - [2014.03.26 20:55:13 | 000,735,232 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._misc_.pyd
MOD - [2014.03.26 20:55:13 | 000,712,192 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\_hashlib.pyd
MOD - [2014.03.26 20:55:13 | 000,686,080 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\unicodedata.pyd
MOD - [2014.03.26 20:55:13 | 000,557,056 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\pysqlite2._sqlite.pyd
MOD - [2014.03.26 20:55:13 | 000,525,640 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\windows._lib_cacheinvalidation.pyd
MOD - [2014.03.26 20:55:13 | 000,364,544 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\pythoncom27.dll
MOD - [2014.03.26 20:55:13 | 000,320,512 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32com.shell.shell.pyd
MOD - [2014.03.26 20:55:13 | 000,128,512 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\_elementtree.pyd
MOD - [2014.03.26 20:55:13 | 000,127,488 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\pyexpat.pyd
MOD - [2014.03.26 20:55:13 | 000,122,368 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._wizard.pyd
MOD - [2014.03.26 20:55:13 | 000,119,808 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32file.pyd
MOD - [2014.03.26 20:55:13 | 000,110,080 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\pywintypes27.dll
MOD - [2014.03.26 20:55:13 | 000,108,544 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32security.pyd
MOD - [2014.03.26 20:55:13 | 000,098,816 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32api.pyd
MOD - [2014.03.26 20:55:13 | 000,087,040 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\_ctypes.pyd
MOD - [2014.03.26 20:55:13 | 000,070,656 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._html2.pyd
MOD - [2014.03.26 20:55:13 | 000,044,032 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\_socket.pyd
MOD - [2014.03.26 20:55:13 | 000,038,912 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32inet.pyd
MOD - [2014.03.26 20:55:13 | 000,035,840 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32process.pyd
MOD - [2014.03.26 20:55:13 | 000,026,624 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\_multiprocessing.pyd
MOD - [2014.03.26 20:55:13 | 000,025,600 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32pdh.pyd
MOD - [2014.03.26 20:55:13 | 000,024,064 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32pipe.pyd
MOD - [2014.03.26 20:55:13 | 000,022,528 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32ts.pyd
MOD - [2014.03.26 20:55:13 | 000,018,432 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32event.pyd
MOD - [2014.03.26 20:55:13 | 000,017,408 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32profile.pyd
MOD - [2014.03.26 20:55:13 | 000,011,264 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32crypt.pyd
MOD - [2014.03.26 20:55:13 | 000,010,240 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\select.pyd
MOD - [2014.03.19 03:51:03 | 000,390,472 | ---- | M] () -- C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\ppGoogleNaClPluginChrome.dll
MOD - [2014.03.19 03:51:01 | 004,081,480 | ---- | M] () -- C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\pdf.dll
MOD - [2014.03.19 03:50:57 | 000,674,632 | ---- | M] () -- C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\libglesv2.dll
MOD - [2014.03.19 03:50:56 | 001,647,432 | ---- | M] () -- C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\ffmpegsumo.dll
MOD - [2014.03.19 03:50:56 | 000,093,000 | ---- | M] () -- C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\libegl.dll
MOD - [2014.03.19 03:50:54 | 000,065,352 | ---- | M] () -- C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\chrome_elf.dll
MOD - [2014.03.11 22:09:10 | 016,276,872 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
MOD - [2014.02.24 16:56:32 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2014.02.24 16:56:06 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2014.02.21 19:24:14 | 003,578,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.02.12 19:57:14 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
MOD - [2014.02.12 19:56:59 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014.02.12 19:56:59 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2014.02.12 19:56:55 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014.02.12 19:56:54 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\7c233151b685c540524f87931632423a\System.Deployment.ni.dll
MOD - [2014.02.12 19:56:52 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.02.12 19:56:50 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.02.12 19:56:41 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.12 19:56:37 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014.01.20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014.01.20 13:16:40 | 000,237,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
MOD - [2014.01.20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014.01.18 10:59:13 | 000,359,592 | ---- | M] () -- C:\Programme\Microsoft Office 15\root\office15\c2r32.dll
MOD - [2014.01.03 02:09:26 | 003,610,624 | ---- | M] () -- C:\Users\andee\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013.11.13 20:43:57 | 000,316,584 | ---- | M] () -- C:\Programme\Microsoft Office 15\root\office15\appvisvstream32.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2013.08.29 01:25:02 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013.08.29 01:23:38 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2013.08.23 20:01:44 | 025,100,288 | ---- | M] () -- C:\Users\andee\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013.05.22 19:50:40 | 000,400,704 | ---- | M] () -- C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MOD - [2012.12.20 13:08:15 | 000,167,936 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.03.13 23:38:13 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll
MOD - [2009.07.14 18:58:17 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll
MOD - [2009.02.27 15:39:29 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
MOD - [2009.02.27 15:32:27 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
MOD - [2007.08.28 09:01:18 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPFaxUtilities.dll
MOD - [2007.08.28 09:01:16 | 000,573,440 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\Alerts.dll
MOD - [2007.08.28 09:00:48 | 000,434,176 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPAppTools.dll
MOD - [2007.08.28 09:00:42 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\AppConstants.dll
MOD - [2007.08.28 09:00:40 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\Enumeration.dll
MOD - [2007.08.28 09:00:40 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\NamedPipeChannel.dll
MOD - [2007.08.28 09:00:36 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPToolkit.dll
MOD - [2007.08.28 09:00:34 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPStreamsInterface.dll
MOD - [2007.08.28 09:00:32 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPTools.dll
MOD - [2007.08.28 08:59:54 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\nativeutils.dll
MOD - [2007.05.08 15:44:58 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPToolkit.dll
MOD - [2007.05.08 15:44:58 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPUsageTracking.dll
MOD - [2007.05.08 15:44:58 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
MOD - [2007.05.08 15:44:58 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\Enumeration.dll
MOD - [2007.05.08 15:44:44 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPTools.dll
MOD - [2007.05.08 15:44:40 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPStreamsInterface.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014.03.01 05:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.03.29 02:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.08.23 16:18:14 | 004,412,872 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.03.11 22:09:10 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.02.21 19:24:14 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.02.20 17:33:03 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014.02.20 17:32:32 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014.02.07 11:41:21 | 005,093,216 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2014.01.16 01:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV - [2013.12.18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.10.31 09:08:22 | 001,907,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.05.30 15:01:58 | 000,364,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013.05.30 15:01:24 | 000,129,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2013.05.30 15:01:12 | 000,167,736 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013.02.21 22:50:16 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2012.12.10 13:31:44 | 000,803,872 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV - [2012.12.10 13:31:28 | 000,732,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2012.11.27 20:12:44 | 000,479,840 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012.01.18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.03.01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010.03.14 17:28:34 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV - [2010.03.14 17:25:13 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.09.23 15:36:06 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2009.08.18 11:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.12.20 20:55:42 | 000,131,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.12.20 20:55:42 | 000,108,440 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.11.29 22:29:36 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.08.27 13:08:42 | 000,883,928 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013.07.18 00:43:40 | 000,795,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2013.07.18 00:43:40 | 000,358,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2013.07.18 00:43:40 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2013.05.13 14:15:06 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013.03.29 03:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.03.29 02:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.02.14 12:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.12.13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.10.12 11:18:30 | 000,083,072 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2012.10.06 16:55:24 | 000,323,584 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.08.07 11:51:18 | 000,141,256 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 05:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 05:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011.11.29 03:28:28 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.11.06 15:12:09 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.07.14 16:18:52 | 000,157,184 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2011.03.24 13:35:36 | 000,019,968 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rzjoystk.sys -- (rzjoystk)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.03.09 11:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.01.10 20:38:25 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.01.10 20:38:25 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.08.13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.10.04 01:17:30 | 000,184,320 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008.09.26 09:56:00 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2008.09.26 09:56:00 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008.04.16 13:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008.01.19 06:36:12 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irsir.sys -- (irsir)
DRV:64bit: - [2007.07.16 16:29:23 | 000,020,504 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hpfx64bulk.sys -- (HPFXBULK)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{276791E4-6E27-4EDC-AAD8-56A583921847}: "URL" = http://websearch.ask...45-71C8482E92DE
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://thepiratebay..../www.imdb.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.7.0190
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}:6.0.32
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\andee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\andee\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\andee\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\andee\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}: C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ [2013.11.14 20:38:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014.03.02 15:55:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.03.02 15:55:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}: C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ [2013.11.14 20:38:35 | 000,000,000 | ---D | M]
 
[2010.03.13 23:45:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andee\AppData\Roaming\mozilla\Extensions
[2014.03.23 12:02:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andee\AppData\Roaming\mozilla\Firefox\Profiles\0yuui377.default\extensions
[2010.05.08 09:22:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\andee\AppData\Roaming\mozilla\Firefox\Profiles\0yuui377.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2014.02.21 19:24:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2014.02.21 19:24:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014.02.21 19:24:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014.02.21 19:24:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2014.02.21 19:24:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.02.21 19:24:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.orf.at/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16248 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\andee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\andee\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\andee\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: McAfee Security Scan+ = C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh\3.8.141.12_0\
CHR - Extension: iCloud-Lesezeichen = C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.2.12_0\
CHR - Extension: uTorrent for Google Chrome = C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjhaafelbmbpohgmabippkndaaikgdih\3.11.2_0\
CHR - Extension: Google Wallet = C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Evernote Web Clipper = C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.1.1_0\
 
O1 HOSTS File: ([2011.04.03 20:36:35 | 000,001,239 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Wondershare Video Converter Ultimate) - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files (x86)\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BrowserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe ()
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HPPQVideo] "C:\Program Files (x86)\HP\ScheduledLaunch\HP Color LaserJet CP1510 Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CP1510_Series -f PQOptimizerVideo.xml -o remindLater File not found
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToolBoxFX] C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKCU..\Run: [AmazonMP3DownloaderHelper] C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe ()
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe File not found
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent File not found
O4 - Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk = C:\Programme\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\andee\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3197E8BC-DEDA-45F9-AEC2-3FC7FAE40BD7}: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D14D5B55-81A2-447B-8275-289C67003062}: DhcpNameServer = 10.0.0.138 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk K:\
O33 - MountPoints2\{3998ed03-56ef-11df-8f3c-00196684b831}\Shell - "" = AutoRun
O33 - MountPoints2\{3998ed03-56ef-11df-8f3c-00196684b831}\Shell\AutoRun\command - "" = H:\DTE_Privacy_launcher.exe
O33 - MountPoints2\{94718c85-90bb-11e3-b9bd-bc5ff4b16f04}\Shell - "" = AutoRun
O33 - MountPoints2\{94718c85-90bb-11e3-b9bd-bc5ff4b16f04}\Shell\AutoRun\command - "" = I:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{a22955d8-2f82-11df-ba9a-00196684b831}\Shell - "" = AutoRun
O33 - MountPoints2\{a22955d8-2f82-11df-ba9a-00196684b831}\Shell\AutoRun\command - "" = E:\steambackup.EXE
O33 - MountPoints2\{a22955da-2f82-11df-ba9a-00196684b831}\Shell - "" = AutoRun
O33 - MountPoints2\{a22955da-2f82-11df-ba9a-00196684b831}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{a22955ea-2f82-11df-ba9a-00196684b831}\Shell - "" = AutoRun
O33 - MountPoints2\{a22955ea-2f82-11df-ba9a-00196684b831}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{e181a940-0881-11e1-9e3d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e181a940-0881-11e1-9e3d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.03.26 01:03:53 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2014.03.24 00:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014.03.23 21:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014.03.13 00:29:17 | 000,000,000 | ---D | C] -- C:\Users\andee\Documents\Respawn
[2014.03.09 12:10:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2014.03.07 22:36:02 | 000,000,000 | ---D | C] -- C:\Users\andee\.gametool
[2014.03.07 22:35:35 | 000,000,000 | ---D | C] -- C:\Users\andee\.inittoolDbg
[2014.03.07 22:35:13 | 000,000,000 | ---D | C] -- C:\Users\andee\.chartool
[2014.03.04 22:43:07 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014.03.04 22:43:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014.03.04 22:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014.03.02 15:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014.03.02 15:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014.03.02 15:59:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014.03.02 15:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014.03.02 15:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014.03.02 15:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014.03.02 15:54:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2014.02.27 20:28:16 | 000,000,000 | ---D | C] -- C:\Users\andee\AppData\Roaming\Nidhogg
[2014.02.26 00:00:52 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013.04.18 22:56:35 | 001,178,624 | ---- | C] (CPUID) -- C:\Users\andee\AppData\Roaming\siw_sdk.dll
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014.03.26 21:35:55 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000UA.job
[2014.03.26 21:24:33 | 001,634,912 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.03.26 21:24:33 | 000,704,580 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.03.26 21:24:33 | 000,658,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.03.26 21:24:33 | 000,151,484 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.03.26 21:24:33 | 000,123,888 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.03.26 21:16:58 | 000,000,156 | ---- | M] () -- C:\Users\andee\Desktop\Using Firefox- keep getting annoying pop-ups and redirections [Solved] - Virus, Spyware, Malware Removal.url
[2014.03.26 21:09:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.03.26 21:00:24 | 000,019,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.03.26 21:00:24 | 000,019,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.03.26 20:55:15 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.03.26 20:55:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.03.26 20:55:04 | 2100,334,591 | -HS- | M] () -- C:\hiberfil.sys
[2014.03.25 23:50:40 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.03.25 23:47:00 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500UA.job
[2014.03.24 22:34:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000Core.job
[2014.03.24 21:39:00 | 003,130,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.03.23 23:02:28 | 000,000,255 | ---- | M] () -- C:\Users\andee\Desktop\google chrome lädt keine seiten - Trojaner-Board.URL
[2014.03.23 19:47:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500Core.job
[2014.03.23 16:50:00 | 000,000,202 | ---- | M] () -- C:\Users\andee\Desktop\Wargame AirLand Battle.url
[2014.03.12 06:38:06 | 000,000,702 | ---- | M] () -- C:\Users\Public\Desktop\Titanfall.lnk
[2014.03.07 22:34:54 | 000,001,307 | ---- | M] () -- C:\Users\andee\Desktop\MapToolLauncher.exe - Verknüpfung.lnk
[2014.03.02 15:59:15 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014.03.02 15:54:59 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014.02.28 03:01:26 | 001,608,256 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.02.27 20:19:35 | 000,000,201 | ---- | M] () -- C:\Users\andee\Desktop\Nidhogg.url
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014.03.26 21:16:58 | 000,000,156 | ---- | C] () -- C:\Users\andee\Desktop\Using Firefox- keep getting annoying pop-ups and redirections [Solved] - Virus, Spyware, Malware Removal.url
[2014.03.23 23:02:28 | 000,000,255 | ---- | C] () -- C:\Users\andee\Desktop\google chrome lädt keine seiten - Trojaner-Board.URL
[2014.03.23 16:50:00 | 000,000,202 | ---- | C] () -- C:\Users\andee\Desktop\Wargame AirLand Battle.url
[2014.03.12 06:38:06 | 000,000,702 | ---- | C] () -- C:\Users\Public\Desktop\Titanfall.lnk
[2014.03.07 22:34:54 | 000,001,307 | ---- | C] () -- C:\Users\andee\Desktop\MapToolLauncher.exe - Verknüpfung.lnk
[2014.03.02 15:59:15 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014.03.02 15:54:59 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014.02.27 20:19:35 | 000,000,201 | ---- | C] () -- C:\Users\andee\Desktop\Nidhogg.url
[2014.02.14 15:33:40 | 000,000,218 | ---- | C] () -- C:\Users\andee\.recently-used.xbel
[2014.02.12 21:35:10 | 000,000,215 | ---- | C] () -- C:\Users\andee\.gtk-bookmarks
[2014.02.12 21:29:21 | 000,318,831 | ---- | C] () -- C:\Users\andee\Neues Dokument 1.2014_02_12_21_29_21.0
[2013.11.14 20:38:35 | 000,721,263 | ---- | C] () -- C:\Windows\SysWow64\WSCM64.dll
[2013.11.14 20:38:35 | 000,214,528 | ---- | C] () -- C:\Windows\SysWow64\WSCM32.dll
[2013.03.29 03:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 03:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.01.11 23:12:14 | 000,036,363 | ---- | C] () -- C:\Windows\CSTBox.INI
[2013.01.10 00:03:16 | 000,007,599 | ---- | C] () -- C:\Users\andee\AppData\Local\Resmon.ResmonCfg
[2012.12.10 13:12:50 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012.11.27 00:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.07.01 23:53:17 | 000,000,000 | ---- | C] () -- C:\Users\andee\AppData\Local\{C454C906-90F8-4097-9B22-4E3BA3082BC0}
[2010.07.09 21:21:40 | 000,004,096 | -H-- | C] () -- C:\Users\andee\AppData\Local\keyfile3.drm
[2010.04.03 22:12:23 | 001,405,872 | ---- | C] () -- C:\Users\andee\setup_Mein_CeWe_Fotobuch.exe
[2010.03.13 00:10:50 | 000,000,760 | ---- | C] () -- C:\Users\andee\AppData\Roaming\setup_ldm.iss
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2008.12.22 14:26:25 | 000,000,000 | -HSD | M] -- C:\Users\andee\AppData\Roaming\.#
[2013.07.26 09:43:23 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Amazon
[2013.08.15 13:54:25 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\calibre
[2012.12.02 13:36:02 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Canneverbe Limited
[2010.03.13 23:45:05 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Canon
[2010.03.13 23:45:05 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2009.01.12 10:13:43 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\DAEMON Tools
[2010.03.14 17:08:10 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\DAEMON Tools Lite
[2010.03.13 23:45:05 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\DAEMON Tools Pro
[2010.04.13 00:09:08 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\doublecmd
[2014.03.26 20:55:28 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Dropbox
[2014.01.24 19:24:55 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\DropboxMaster
[2010.07.18 23:04:43 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\FreeOrion
[2010.03.13 23:45:06 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\GlobalSCAPE
[2014.02.14 14:55:57 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\gtk-2.0
[2010.09.01 19:52:54 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\HandBrake
[2011.01.01 02:04:25 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Hothead Games
[2010.03.13 23:45:07 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Inkscape
[2012.06.11 20:02:30 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\JAM Software
[2010.03.13 23:45:07 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Leadertech
[2012.09.18 20:32:48 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\NBOS
[2014.02.27 20:42:05 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Nidhogg
[2013.06.30 21:32:26 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Origin
[2011.10.24 19:59:23 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\runic games
[2010.05.09 16:57:45 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\SimpleScreenshot
[2011.02.26 08:31:21 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\The Creative Assembly
[2010.08.13 21:23:40 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\TS3Client
[2010.04.19 22:45:45 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Ubisoft
[2014.03.25 05:43:00 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\uTorrent
[2013.11.14 21:26:12 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Wondershare Video Converter Ultimate
[2013.11.14 20:46:49 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
 
========== Purity Check ==========
 
 

< End of report >
 

And here's Extra.txt

 

OTL Extras logfile created on: 26.03.2014 21:34:50 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Desktop\Zeugs
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
7,94 Gb Total Physical Memory | 5,31 Gb Available Physical Memory | 66,87% Memory free
15,88 Gb Paging File | 12,63 Gb Available in Paging File | 79,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 18,20 Gb Free Space | 7,81% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 63,04 Gb Free Space | 13,53% Space Free | Partition Type: NTFS
Drive F: | 378,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 931,51 Gb Total Space | 0,01 Gb Free Space | 0,00% Space Free | Partition Type: NTFS
Drive K: | 596,17 Gb Total Space | 2,08 Gb Free Space | 0,35% Space Free | Partition Type: NTFS
 
Computer Name: ANDEEMACHINE | User Name: andee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [BIPA FotoShop] -- "C:\Program Files (x86)\BIPA\BIPA FotoShop\BIPA FotoShop.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mein CEWE FOTOBUCH] -- "C:\Program Files (x86)\CeWe\Mein CEWE FOTOBUCH\Mein CEWE FOTOBUCH.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [BIPA FotoShop] -- "C:\Program Files (x86)\BIPA\BIPA FotoShop\BIPA FotoShop.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mein CEWE FOTOBUCH] -- "C:\Program Files (x86)\CeWe\Mein CEWE FOTOBUCH\Mein CEWE FOTOBUCH.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{055CAC17-3F2A-4755-9007-ABAC8CF9D5B3}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{0F5BD79D-0642-419E-8078-DFE2A8095E16}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{14FE6BEE-5BAA-425F-8642-C43E78B552A9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{3237E011-7438-4A24-98E7-306D3E90A7E9}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{3635A693-1E2F-454A-AAB0-A103F480C2D3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4DEE267B-483A-475C-9E09-32CDDA1E7426}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{4F87BD75-24F3-43B8-BC9C-DC8210F7FC84}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{538E462B-C753-4896-9030-676F6BE3C590}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{5B09D949-9243-41C5-9A84-22939555A9BC}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5F2D772A-BF4C-4899-A3BD-25B880D3DE48}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6F5C34FD-56EE-4AEC-8811-B362CE2E42AB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8B6879C4-357E-41E4-8734-2188F1A6EDEF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{99782934-4716-4612-8339-9087E18624CC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9BD8375B-FA7A-4E68-ACDD-F6C35DA33657}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AFF01E0B-10B7-410D-862A-483D6F6BAFCB}" = lport=3389 | protocol=6 | dir=in | app=system |
"{B2083C5A-53C1-4BEA-B25F-C341CCF63690}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B77C1640-FD61-4E82-BDB8-986DD2E7A3DF}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{B89B625D-9FD0-4CB5-9CAA-6C740F3B6694}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D47AA881-9DB5-4561-AD9F-96B9FB75D8A1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D4F79B5B-B4CD-43B4-B9AD-6AAA2B1E2126}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{E26CAEEA-9DDB-4540-8340-7F2AE2DDDBFE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E8A63932-31EB-4759-BA06-3B138C95CB4A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F1B6B09C-7687-4EC6-B407-FF3D9816D9B0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F5C3EA5E-2360-4FBA-B1DA-1585897FE1D9}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{FC066110-42A2-4BD5-A0F5-0A961BAB9687}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE1BD14A-379E-4987-B2DE-01BFD6E88E3B}" = lport=5353 | protocol=17 | dir=in | name=bonjour |
"{FEEEEDC7-7923-43B6-A5F8-408457EB3FD4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0271D34B-1520-4519-8BF4-0757B1EE204C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\wargame airland battle\wargame2.exe |
"{0272A9AE-83B2-4D5A-80E4-E40DFF1CBE8A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{03E8C900-5FDB-4C59-AF0C-CF524A64CBC4}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{0514CDF4-726A-4910-958A-D9BB51B1F8DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{05C450D1-4CDE-4E82-A9A2-365FA147B968}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{0697AEB0-ACE5-4D80-BCA0-4D7D543CA84E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{0751510E-58BD-45A9-B251-DFA61A8D92FB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{0AE5FDB0-41DB-4E5F-82D9-C22425E23ED8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0B601D03-13B0-49CC-9A3D-B6D1C14C50D0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0C0C0791-4591-4AA4-BF78-370D52243C15}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0E418928-5613-491F-9C5A-4C6F11AB0F75}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
"{0E653F0B-3FC2-4A98-8282-5C5C28D28195}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\armatactics\armatactics.exe |
"{0FD98FB9-3E89-4A94-B7F3-0E6DAC1C6951}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1459C91F-2322-4990-89B3-DA0606A85F31}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{15519FA5-CC8A-4F06-A5C5-73C008C846A6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{1818CEE5-47C6-4C83-9C4A-F95DAD941C6B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1B2CEAD2-7524-4AB8-B632-3D75DB3095C5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{1BA3105F-3FDF-4DC9-B004-227FDE59EDC0}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{1CC63064-BCDB-44BB-8C80-28513474EF0F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\blacklist_launcher.exe |
"{2001A6DA-307F-43DA-991E-3A162D9FB45E}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{20DC0BEA-AE4F-4F8F-9789-0D9576046FE7}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{23BA0CAD-4FB4-4969-8CAD-BD264061AD5F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{24CEB9EB-A610-4E3C-93C2-884F83E46DCD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{25189F6A-6203-4933-B843-2A01AAC03B2E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe |
"{2EFC7160-6851-4596-9F0F-F813711C60CB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe |
"{30102098-4E64-4798-A558-B6524061DD91}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{33A4A06E-5814-43BB-ADE8-620AF57E9855}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
"{34999049-1A70-47EC-927F-6F4A12FC8359}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_game.exe |
"{366DAC47-B993-4B57-AF2A-ECB594793195}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{3A7F5CC6-0ED4-4C4F-B124-C7C4A0299F1E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{3A7FE78D-F4BE-440A-AE34-5E0AEB3C48D3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{3AB52FBB-E2C9-45EB-81D3-7B4B970CB87D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{3D7B0C1F-9FB2-42B3-9E22-39EA3D525B24}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{3EFF24B2-86F6-444B-8A17-FAA86000AA28}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"{40BCD28A-C663-4990-9ED7-ECBAC7AC2403}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{41D8DFA4-3EBF-4DD8-8BEF-847AD75CDA63}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{4268D490-E5CB-442B-8559-AE6DDA940535}" = protocol=6 | dir=in | app=c:\users\andee\appdata\roaming\utorrent\utorrent.exe |
"{447F9328-E4C9-4BB9-B7A6-1CEC106E90B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\guacamelee\guac.exe |
"{44C3F37A-48DC-4F37-B227-565CC0C73B9F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{452525A2-15FE-4E93-B83C-243F6CF4EACF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{455F58D0-3B00-49CC-97CB-4221ABECDFC4}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{45A6B762-14E8-4DB8-8612-2B3A4B07F601}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{467F184B-051F-4F48-A63D-ED804D0D6059}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{46D70E39-D920-40BF-9487-7F406C3536E0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46F6C193-5C3E-4DE3-95E3-4EADD97FDAB1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{47692E69-FA08-4B3E-AD4F-CB9A6DA7170D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4904394A-B82C-4929-92ED-7C5333DA1BBA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{49CB5149-0FA7-4C3D-857F-DEC42770F0C9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{4A1AC90A-4436-4EF5-B090-984835D0942B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{4CB26655-26D9-4E35-9C23-E1DC05B03404}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"{4CF6AAF1-DB78-40A8-A12C-160C2D1F0C94}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{501AA71F-9ABF-458C-A5D2-87ECE5FE2A22}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{5105EA1C-C5E3-4C0B-9BBC-84328BB8C7CA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_game.exe |
"{53FFB944-3F33-44CE-9CB2-7A88A777681A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{56EEFD84-0B44-48ED-A8FF-2F107DE56D25}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{5862F4C2-177C-4974-AB20-DB786BF22C9C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{5C239052-B307-4EBE-912B-2ADAF36B6504}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{5C376974-CA5A-441D-B710-7A1E81C3C5FE}" = protocol=17 | dir=in | app=c:\users\andee\appdata\roaming\utorrent\utorrent.exe |
"{613550BE-BFED-4A96-B791-FBB529D6B31E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\armatactics\armatactics.exe |
"{63670981-92C2-463C-A97D-264EA764E71B}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{67060A8A-F022-47F7-AE1B-4088B6850E76}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\guacamelee\guac.exe |
"{6768419E-A44A-400D-A0F4-906981E8AD69}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{6868CA7C-39D8-420D-B1A5-3FDE0BC45092}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{6F7256B3-70F1-4109-920F-321CCE971B67}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{7306DE49-C4FE-4757-8007-61868534200B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{74B4E183-9502-4979-A34A-1A938BA3912B}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\syndicate\system\win32_x86_release\syndicate.exe |
"{750C7CE0-F165-468F-812F-626B59196AED}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{77470D12-4F59-4E2F-81DB-331E6969E4F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{79953661-9EC5-409D-92F2-073F9DA14579}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\wargame airland battle\wargame2.exe |
"{79C80512-ECDE-4DE7-BF36-B74FDDE6BF32}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{8060586E-5971-4735-A8B6-4ABF9FDFBF90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{80E195BA-1013-4C0F-8820-22E36930CA6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\blacklist_launcher.exe |
"{8154F510-6FC3-4516-8BBF-A078D7C03B5E}" = protocol=17 | dir=in | app=c:\users\andee\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{8183322A-C0C8-4592-917C-1D240F6E0A84}" = protocol=6 | dir=in | app=c:\users\andee\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{8209ECF0-C6A2-4C7D-9D57-01E4A971E129}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{822ACFDC-F30D-4009-91AE-B7F560113BF5}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{8E7E08D5-7942-4076-BFE2-629C0FC4049F}" = dir=in | app=c:\program files (x86)\airport\apagent.exe |
"{8F180794-DD49-48C2-9943-3B7C5FD2168B}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{904F743F-5EF0-4177-9E2D-8F49F1B1BE41}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{90BCFF90-786A-4C3C-9242-42532A4A9A13}" = protocol=17 | dir=in | app=c:\users\andee\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{914DEAD5-3AE4-4264-A299-47FE9CA82275}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{926DD923-0A02-4B11-ACE3-B46F0FD7A894}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\nidhogg\nidhogg.exe |
"{93251311-B658-45BD-8A9B-9D9375B21005}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\armatactics\armatactics.exe |
"{96075870-3FF1-4AE4-9729-9C7A44089A03}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{96383DEF-71AB-4FA9-9B9F-D33BFC5DC317}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{973704CB-F55E-40E1-9734-B0C589E28D48}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{974EA988-2262-4349-A32F-B28C44ECFF2C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\armatactics\armatactics.exe |
"{9D82F3D8-03C8-436B-88A3-D4E1EF341595}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{9FFD867D-39CD-482B-9A37-EF20B61CA512}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{A01B7821-1DFB-49F3-9433-3E6558737438}" = protocol=6 | dir=in | app=c:\program files (x86)\army builder\armybuilder.exe |
"{A41E0674-30BD-4B0A-AFCC-BB83690C0529}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\syndicate\system\win32_x86_release\syndicate.exe |
"{A5CAD82D-CF1D-4A69-83E9-2EDFAFFB0852}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{A67F98AD-5225-448B-9D7E-090884C06DFA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A712D2C0-D50C-40F7-B7C5-6A66FCD11262}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AAA2846F-ED5B-4945-A004-0FA29C79D561}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{AB65A665-A538-439E-94E4-1AC64399C2FA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"{AF4149AA-B99C-4FBB-95EE-4C0E7FB26188}" = protocol=17 | dir=in | app=c:\program files (x86)\army builder\armybuilder.exe |
"{B05ED1D2-198F-466E-8F47-8D9374B858E9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{B0C23A97-159C-41AB-B94F-2E3906C91259}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman absolution\hma.exe |
"{B0D987AC-215C-4E7F-B56C-88B1B66C894E}" = dir=in | app=c:\windows\system32\hasplms.exe |
"{B2CA8CA2-480E-4F09-9670-3BC438DE2A84}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{B3008D56-5277-4625-8A42-806D8A41D01D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B5DFE6AF-C08F-4534-8ADE-E246D50198BD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{B69D3F79-C4DA-4BA4-AC7A-94EFC3E8CECC}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{B706D8D6-A409-495A-A04B-77D3214EEBB1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{B93C0031-5D75-4723-8CB6-1798DD287DFA}" = protocol=6 | dir=in | app=c:\users\andee\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{BAA8F4D9-3224-458B-96B1-14191FC8C040}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3bdupdatersteam.exe |
"{BB4633C5-BD90-4819-978D-304E6B13A772}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BF6E4045-A972-4EA1-8D58-7BCE528B03AB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C0C01DD9-E50F-4C07-9A91-D7208D4CA867}" = protocol=6 | dir=out | app=system |
"{C39A4F55-6F6C-4D60-94D9-203C1C30E0E2}" = protocol=17 | dir=in | app=d:\origin games\titanfall\titanfall.exe |
"{C3A65308-C40B-4226-9F78-E00050EF1C99}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{C3B78B0A-A81E-4141-91FF-FF76BA259D84}" = protocol=6 | dir=in | app=d:\origin games\titanfall\titanfall.exe |
"{C6360C9C-585E-4B47-9AC6-373C21A398FA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C6975E7A-D4A5-4D46-A9D0-77FEC290F697}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{C95384AA-0D64-46A4-A3A7-5CD335544CA2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman absolution\hma.exe |
"{CB30A3E8-36A8-40AB-8562-56D1A4EB476A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CBFE50D0-C243-4AA0-BD8C-A9B83FDE7AF5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3bdupdatersteam.exe |
"{CCB70E81-E189-4CB0-84CF-805020EDFE67}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{CE4CFBDC-D77C-43A3-8423-4BAE27C8A152}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{CE4D528B-2597-4ABE-8CB3-37F61F536A75}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CFE29588-4F84-4BEB-8436-D4AC2E3B270D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D3B0E424-CDBF-4FC4-991D-B0EDE50D01A4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{D60FAF94-47B8-46AB-B632-EEC4826F4BD7}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{D7822ED8-8EF2-4A11-A0AE-3664FBD96D9A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{DBD4C82B-2644-4AE4-BA0E-3AB0522491D8}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{DD841A9E-9E34-419D-946A-FDDD1ED0E3DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\gu.exe |
"{DDADD84B-E699-4B75-9E87-6B9DB7244CC5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{E0016340-6B1C-4F3A-942F-76B44E10139B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{E0470018-562C-46F2-B6EF-1663493A0877}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{E0A2E15E-6342-4F4C-B7E8-9008C0D52130}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E23CBCEC-3A13-4417-AA64-EE3398DD599F}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{E48CDD8D-C96B-4777-BFCC-D8A897B8C105}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\nidhogg\nidhogg.exe |
"{E61F3D0E-170A-48A2-A157-CCA30F2507FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{EA05B18F-36B2-4ADF-AB34-164A318E5907}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"{EB3F94F5-5963-4E4C-99AC-D0C697A5AA45}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{EBB426D2-C558-4A30-80F0-5CDD56371F9A}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{EBBCFA3C-D6C0-4BFF-AB23-1887B3E4A62B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\gu.exe |
"{EC6AD33E-94A2-4F88-9DC5-5CF096B1A5C9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{EE72BA10-7691-4F77-B7F7-869AFDED0033}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{EF29FE1B-CEB5-40FD-81BD-43B5F3E32EDC}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{EFF5B271-5EE8-45CF-8DEE-C3F1B7AD354B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{F0E3702A-9C6A-4C62-9924-C74894D60CDD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F26E989A-54AB-40C4-BA71-A506D0B02016}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{F3DEFBA4-4E7E-464E-A0CF-5E753F1260FA}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F86BEDED-8213-48D8-B27D-2DB7E6791CC0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{FC092824-3E54-4FAF-8FCA-C06389407EE7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FEE07B21-F12C-4B60-88A6-0F2653CB01D2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"TCP Query User{196DD6E6-E30E-4D74-9D12-316C4F964335}C:\gamez\counter-strike global offensive nosteam\csgo.exe" = protocol=6 | dir=in | app=c:\gamez\counter-strike global offensive nosteam\csgo.exe |
"TCP Query User{1BD601D9-0892-440A-A20B-B41204C47AD2}C:\program files (x86)\ubisoft\ghost recon advanced warfighter\graw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter\graw.exe |
"TCP Query User{2229622F-5A86-4257-91E0-42164B9065F1}C:\program files (x86)\steam\steamapps\belnifore\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\belnifore\team fortress 2\hl2.exe |
"TCP Query User{26FFCEE9-0D45-4360-921F-B9C0B3B5E442}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{28A40526-8586-4434-B5C5-B799D1C79FF5}C:\program files\java\jre7\bin\rmiregistry.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\rmiregistry.exe |
"TCP Query User{299D457E-FBBC-4DAC-A7AC-3103C7A7C631}C:\users\andee\appdata\local\temp\servertemp\server.exe" = protocol=6 | dir=in | app=c:\users\andee\appdata\local\temp\servertemp\server.exe |
"TCP Query User{3681BDAE-FF8E-44C2-A81C-CE9A33C09C40}C:\program files (x86)\microsoft office\office14\groove.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"TCP Query User{410B50F2-B2CE-4071-A1A7-7133A80EB197}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{44206224-5478-4744-BCAA-E7A14ABAAE62}C:\users\andee\desktop\applications\teamspeak\teamspeak3-server_win64\ts3server_win64.exe" = protocol=6 | dir=in | app=c:\users\andee\desktop\applications\teamspeak\teamspeak3-server_win64\ts3server_win64.exe |
"TCP Query User{44F68090-8DB6-4CFA-B636-6CB67CD97EF2}D:\steam\steam.exe" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"TCP Query User{457AE7F7-5D96-4E68-BD6B-64D33738CF14}C:\users\andee\desktop\isos\demigod z\bin\demigod.exe" = protocol=6 | dir=in | app=c:\users\andee\desktop\isos\demigod z\bin\demigod.exe |
"TCP Query User{487C4D93-4A28-49EB-8405-4031CAE15687}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{4BFE52AD-59B6-4676-BB86-1F4E2901E00B}C:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{5DD81A00-E54D-4825-814C-F6C21AB48B1B}D:\steam\steam.exe" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"TCP Query User{5E0F3460-EDAB-4B23-BEC1-A0BE3BCF6631}C:\gamez\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\gamez\left 4 dead 2\left4dead2.exe |
"TCP Query User{5E1EE5E6-EE5A-4038-9D87-2EFDB613FF17}C:\users\andee\desktop\isos\demigod z\bin\demigod.exe" = protocol=6 | dir=in | app=c:\users\andee\desktop\isos\demigod z\bin\demigod.exe |
"TCP Query User{5EC8D811-78F1-4597-9286-6C5C6B09FF04}C:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{5FE5C152-CB4E-43B2-839B-8CBAE56524F3}C:\users\andee\downloads\diablo-iii-setup-engb.exe" = protocol=6 | dir=in | app=c:\users\andee\downloads\diablo-iii-setup-engb.exe |
"TCP Query User{6109DFB5-42F9-4D1F-8014-BC3FB4DEC0BD}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{66529E41-846E-47F7-9F7B-0F19E5510C2E}D:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe |
"TCP Query User{6CE37085-E61F-4430-8B00-0DC9E51C8734}C:\program files (x86)\globalscape\cuteftp 8 lite\ftpte.exe" = protocol=6 | dir=in | app=c:\program files (x86)\globalscape\cuteftp 8 lite\ftpte.exe |
"TCP Query User{6F362B37-7341-4158-9932-970C55787BD8}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{881798E1-5245-4DEB-95C5-B54CB799758E}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe |
"TCP Query User{8A511EDE-D189-4F1A-B31A-F895461F81FC}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{8BE60B51-D666-4690-A744-08E2D003A4BB}D:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe |
"TCP Query User{93BAD6DA-891B-42A1-8D39-AB1FD45A9ADC}C:\program files (x86)\steamless left4dead2 pack\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steamless left4dead2 pack\left4dead2.exe |
"TCP Query User{95870C6D-1BEF-4AE8-A137-25544717702A}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{964AB098-8553-416B-A785-B5DA61DAC0BB}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"TCP Query User{9F20D927-924F-400C-ADD0-5495E84F8EA4}C:\users\andee\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\andee\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{A6072BB0-792D-4911-96BE-AA2323C5E64E}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield play4free\bfp4f.exe |
"TCP Query User{A94EC549-E12A-489B-A0CE-533887DF8C48}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"TCP Query User{ACC785C3-1097-4809-91F8-B9AC00523A8C}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{B8EF319B-3954-4B01-9D5F-3F1701F118BD}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"TCP Query User{C24EF84E-BB0B-4FDB-9107-0E0D34834539}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{C538F60D-0E8D-4C3A-9E44-C42634E045DB}C:\gamez\call of duty- modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=c:\gamez\call of duty- modern warfare 3\iw5mp.exe |
"TCP Query User{C84D29B8-2D2D-4348-A111-ED075CE089CB}C:\program files (x86)\freeorion\freeoriond.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeorion\freeoriond.exe |
"TCP Query User{C9385502-8009-463E-91BF-B1879B589BDB}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-online\system\scda_online.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-online\system\scda_online.exe |
"TCP Query User{D275E2D6-3083-40F2-B6C9-24451BEA0333}C:\program files (x86)\electronic arts\bioware\star wars - the old republic\betatest\retailclient\swtor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\betatest\retailclient\swtor.exe |
"TCP Query User{D292FC5A-E1E9-481C-8E2A-832CAE6F43DD}C:\users\andee\appdata\local\temp\servertemp\server.exe" = protocol=6 | dir=in | app=c:\users\andee\appdata\local\temp\servertemp\server.exe |
"TCP Query User{EAB78EA6-4910-4DED-A2FF-63C8DAD88F00}C:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe" = protocol=6 | dir=in | app=c:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe |
"UDP Query User{0F8B6ABA-A72A-4A8B-90A4-D889BF3E38B1}D:\steam\steam.exe" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"UDP Query User{149F8444-1CE1-4EB5-BB1D-55DF2F2E2D22}C:\users\andee\desktop\isos\demigod z\bin\demigod.exe" = protocol=17 | dir=in | app=c:\users\andee\desktop\isos\demigod z\bin\demigod.exe |
"UDP Query User{1993D184-9B48-450C-98A2-46AD0A8A4174}C:\gamez\call of duty- modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=c:\gamez\call of duty- modern warfare 3\iw5mp.exe |
"UDP Query User{1CEFA5FA-F389-4B6B-A58B-AF4F2B0CEA12}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"UDP Query User{1F8CABB8-4A6E-4610-BB40-EBD6D3DA968E}C:\program files (x86)\ubisoft\ghost recon advanced warfighter\graw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter\graw.exe |
"UDP Query User{2D1205B0-4A3C-4C57-BC0B-DC8C68BBEAB2}C:\program files (x86)\steamless left4dead2 pack\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steamless left4dead2 pack\left4dead2.exe |
"UDP Query User{2E409238-A94F-4CF9-8D35-383376095409}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{389A3B9E-8B05-46C8-9385-6066D10921F2}C:\users\andee\desktop\applications\teamspeak\teamspeak3-server_win64\ts3server_win64.exe" = protocol=17 | dir=in | app=c:\users\andee\desktop\applications\teamspeak\teamspeak3-server_win64\ts3server_win64.exe |
"UDP Query User{3E86A4A8-C613-474A-8187-957A10E38986}D:\steam\steam.exe" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"UDP Query User{4141BCC9-A081-4C04-9878-6B4F57DFC035}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{47D96C7E-252A-4765-9F9E-38827A89641B}C:\program files\java\jre7\bin\rmiregistry.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\rmiregistry.exe |
"UDP Query User{4AE69DF6-E39F-4404-A2DC-CAC3609B80CF}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{529AA4C3-02F5-499B-B9CA-011E6A619B66}C:\program files (x86)\electronic arts\bioware\star wars - the old republic\betatest\retailclient\swtor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\betatest\retailclient\swtor.exe |
"UDP Query User{5745A7A0-A6AB-469D-AFB2-9972534B752B}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"UDP Query User{5887DA8F-833A-442C-BA26-ED7897DB792B}C:\program files (x86)\steam\steamapps\belnifore\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\belnifore\team fortress 2\hl2.exe |
"UDP Query User{60C724C9-6E99-4AA0-A5D0-19D5975E3247}C:\gamez\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\gamez\left 4 dead 2\left4dead2.exe |
"UDP Query User{6299A384-F2B1-4732-9D8C-B9B03FF18ED6}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{6C79723A-4099-426A-86AF-A8AAF7D29EB8}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-online\system\scda_online.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-online\system\scda_online.exe |
"UDP Query User{78FBBD98-0816-40B2-82E2-8C4CCFF1D6F0}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe |
"UDP Query User{7CFB9810-114A-49B4-B9F3-F7A1906D901C}C:\program files (x86)\globalscape\cuteftp 8 lite\ftpte.exe" = protocol=17 | dir=in | app=c:\program files (x86)\globalscape\cuteftp 8 lite\ftpte.exe |
"UDP Query User{849C5F41-BC90-4587-A9AE-D5E98895E7A8}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{A32463BD-3A76-4409-B136-30D13FDCC7FB}C:\users\andee\appdata\local\temp\servertemp\server.exe" = protocol=17 | dir=in | app=c:\users\andee\appdata\local\temp\servertemp\server.exe |
"UDP Query User{A371F620-E662-4AC3-AD5F-E55C6032F303}C:\gamez\counter-strike global offensive nosteam\csgo.exe" = protocol=17 | dir=in | app=c:\gamez\counter-strike global offensive nosteam\csgo.exe |
"UDP Query User{B1D16AF6-3FA7-4097-A4D5-54E04365CB0A}C:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{B8F95FA9-DF06-4205-9470-CCC9A445BE9F}C:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe" = protocol=17 | dir=in | app=c:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe |
"UDP Query User{B904FF11-9876-497D-86BF-D91A3A4B9F97}C:\users\andee\desktop\isos\demigod z\bin\demigod.exe" = protocol=17 | dir=in | app=c:\users\andee\desktop\isos\demigod z\bin\demigod.exe |
"UDP Query User{C4B8EA9C-F092-4E59-A4DE-A61571ED085A}D:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe |
"UDP Query User{C557576E-C422-4422-BD18-DC179D5F25FE}C:\program files (x86)\microsoft office\office14\groove.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"UDP Query User{CB1F09FF-A6E9-4B23-AD82-1BE755289017}D:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe |
"UDP Query User{CF658625-8BEC-46E7-96CE-C4EBB0FA9341}C:\users\andee\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\andee\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{D104B290-8582-4AAC-8EC6-C38FF75B2B9B}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{D4B8C54A-B254-4E81-BC7F-CF6C9EB47BD4}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{D702644B-51FF-4664-8778-A6C498984667}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield play4free\bfp4f.exe |
"UDP Query User{DA42A213-9234-4CBF-BEB2-21726021C41B}C:\users\andee\downloads\diablo-iii-setup-engb.exe" = protocol=17 | dir=in | app=c:\users\andee\downloads\diablo-iii-setup-engb.exe |
"UDP Query User{DE9F60BC-EAFD-4888-AEDB-B4331836EF4F}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{E0C6A7D9-DFC6-4976-B52F-EE76F4135EEA}C:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{E3854E4E-8845-404C-99F5-60672BD8BDB6}C:\program files (x86)\freeorion\freeoriond.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeorion\freeoriond.exe |
"UDP Query User{E5D509B6-783E-4567-A36C-DC4102E4DBB2}C:\users\andee\appdata\local\temp\servertemp\server.exe" = protocol=17 | dir=in | app=c:\users\andee\appdata\local\temp\servertemp\server.exe |
"UDP Query User{E62FC851-FAD4-4988-ADD6-3F0AF2C9379F}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"UDP Query User{EDF2A019-E881-465A-9E6E-BF79795C56C2}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003B37AE-21F5-5BC5-F5EB-CD60A8928696}" = AMD Accelerated Video Transcoding
"{05408942-55F9-4D32-AE07-A9ECDC013961}" = G9x User's Guide
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11A955CD-4398-405A-886D-E464C3618FBF}" = Adobe Photoshop Lightroom 4.4 64-bit
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{223C0721-A6B0-4853-88C0-331029841734}" = HP Color LaserJet CP1510 Series 2.0
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java™ 7 Update 5 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2B5D6B29-7348-4404-B992-B557B4D1F055}" = calibre 64bit
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{35D00343-3BFA-46A1-C6DD-FFD770501E0B}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{653B9326-BD45-53BE-681A-A49CAAEE8A3C}" = ccc-utility64
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{903029FE-FA82-427B-916C-AD08185DA3C2}" = Microsoft Xbox 360 Accessories 1.1
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}" = AMD Catalyst Install Manager
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0}" = AMD Media Foundation Decoders
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID-Anmelde-Assistent
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.10
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{FA00A3CC-7440-4938-A271-F186F50DD40D}" = Intel® Trusted Connect Service Client
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"McAfee Security Scan" = McAfee Security Scan Plus
"ProPlusRetail - de-de" = Microsoft Office Professional Plus 2013 - de-de
"R for Windows 2.15.1_is1" = R for Windows 2.15.1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0214578F-4888-43FB-9E34-C14FCFDEDDEB}" = Razer Nostromo
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{090931D6-A2F4-11E3-AD9C-00163E98E7D0}" = Evernote v. 5.2
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}" = CCC Help Dutch
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1C5D5D15-CABD-4C5A-A80E-B5C4CA6FE90A}" = hppTLBXFXCP1510
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1DF2F366-AFA6-4D95-BF0C-3C14E8B84B1A}" = Fractal Terrains 3
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1E5C7043-09C5-4974-A69F-A5271FD82BBC}" = PlayMemories Home
"{1F73D672-6175-4A1D-B3C1-420439D03D0F}" = Product_SF_Full_QFolder
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{338CD56F-1CDC-CF32-33F6-DED2DF92284E}" = CCC Help French
"{347EE0C3-0690-48F6-A231-53853C2A80D6}" = Titanfall™
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3dbea378-89b6-41db-a3c2-0f035afe3a40}" = Nero 9 Essentials
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{414C803A-6115-4DB6-BD4E-FD81EA6BC71C}" = Product_SF_Min_QFolder
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43867B63-C464-4570-823D-D92DC08E3400}_is1" = Army Builder 3.4b
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{46458556-5C46-79A9-A6FF-81DF1F8B2729}" = CCC Help Hungarian
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{519D68B8-A768-4CDC-E4C9-B115D49CED93}" = CCC Help Norwegian
"{51D383BC-D988-8C1E-FAA1-BC5260A32A87}" = CCC Help Polish
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A883D2B-D279-0D01-6E62-B810AFD8CC62}" = Catalyst Control Center InstallProxy
"{5E894531-91FB-4B76-AA0F-49E0E1F357D6}" = hppPQVideoCP1510
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64FD4D83-085A-49D0-905A-F06057B73DA3}" = hppCLJCP1510
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67A4760F-9804-CCF6-C319-27840ED77924}" = CCC Help Korean
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69C2B39D-F060-49AD-8877-01C4144A8424}" = Microsoft Surface 2.0 Runtime
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BE5E4A9-D88B-532D-26E6-883C32BF098A}" = CCC Help Thai
"{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}" = Catalyst Control Center
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7ADCEEA0-AC82-4360-AD6B-CCF01B66F9DB}" = hppusgCP1510
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}" = Google SketchUp 7
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7DD62206-7B6C-E32E-BD11-B49B3B089D16}" = CCC Help Danish
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0407-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9739158D-EDED-D628-9865-1460B5A7FAE3}" = CCC Help Portuguese
"{9809124C-0C4C-2367-7889-1E16D8EF1AAF}" = CCC Help Chinese Standard
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent
"{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}" = CCC Help Greek
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA68AAAE-41F0-40B5-8896-5947F5FD6889}" = AirPort
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AB13F192-49FC-A065-F15C-746B10CC43C8}" = CCC Help Japanese
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.10.29
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_955" = Adobe Acrobat 9.5.5 - CPSID_83708
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Deutsch
"{AE548812-D611-608D-61C6-7E40F28573A2}" = CCC Help Russian
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B932A416-28A7-4D08-89A6-7A0464DAD37D}" = hpzTLBXFX
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC63AEF9-1367-9F7C-5926-52E56450EDCD}" = CCC Help Spanish
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C1E2D27F-B363-588E-8859-9EF7F4EBF418}" = CCC Help Chinese Traditional
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}" = CCC Help Swedish
"{D8AC1EB5-E8B0-44A0-B113-899407188A2F}" = hppFonts
"{D92E093D-C577-4D55-AB3D-5E10AAA24D13}" = gDocBinder
"{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}" = CCC Help German
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}" = CCC Help English
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E121A4FE-009B-385B-BB0D-B934E2A88288}" = Google Talk Plugin
"{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}" = Catalyst Control Center Localization All
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}" = CCC Help Czech
"{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}" = Catalyst Control Center Graphics Previews Common
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}" = Google Drive
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{E9463114-898C-7C2A-2C47-E9ABC63F5D43}" = CCC Help Finnish
"{ED5BDA06-0D68-4B4C-93FE-50BE94ADA6E9}" = hppManualsCP1510
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FA602928-EB59-449c-B9F7-1FBE1291B63D}" = Syndicate™
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF10AC4D-3349-99DA-3E58-5197CEA1D833}" = CCC Help Italian
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}" = CCC Help Turkish
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Avira AntiVir Desktop" = Avira Free Antivirus
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"BIPA FotoShop" = BIPA FotoShop
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Diablo III" = Diablo III
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"FastCAD" = FastCAD
"ffdshow_is1" = ffdshow [rev 2280] [2008-11-02]
"Fractal Mapper_is1" = Fractal Mapper v8.01a
"Fractal Terrains 3" = Fractal Terrains 3
"Free ISO Grabber_is1" = Free ISO Grabber 4.1.5
"Inkscape" = Inkscape 0.46
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty® 4 - Modern Warfare™ 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty® 4 - Modern Warfare™ 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare™ 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare™ 1.7 Patch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Manhunt 2" = Manhunt 2
"Mein CEWE FOTOBUCH" = Mein CEWE FOTOBUCH
"Mozilla Firefox 27.0.1 (x86 de)" = Mozilla Firefox 27.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Origin" = Origin
"PDFCanvas V1.5" = PDFCanvas V1.5
"Rockstar Games Social Club" = Rockstar Games Social Club
"Sam and Max - Season One" = Sam and Max - Season One 1.0
"Scribus 1.3.3.12" = Scribus 1.3.3.12
"Scrivener 1030" = Scrivener Update
"SimpleScreenshot" = SimpleScreenshot 1.40
"StarCraft II" = StarCraft II
"Steam App 200510" = XCOM: Enemy Unknown
"Steam App 211420" = Dark Souls: Prepare to Die Edition
"Steam App 222750" = Wargame: AirLand Battle
"Steam App 224860" = Arma Tactics
"Steam App 235600" = Tom Clancy's Splinter Cell Blacklist
"Steam App 238960" = Path of Exile
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8930" = Sid Meier's Civilization V
"Steam App 94400" = Nidhogg
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"TreeSize Free_is1" = TreeSize Free V2.7
"Uplay" = Uplay
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.1.3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wondershare Video Converter Ultimate_is1" = Wondershare Video Converter Ultimate(Build 6.6.0.5)
"XMind" = XMind
"Xvid_is1" = Xvid 1.1.3 final uninstall
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.18
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 14
 
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 15
 
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 16
 
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 18
 
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 19
 
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 20
 
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 21
 
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 22
 
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 23
 
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 24
 
[ System Events ]
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7038
Description = Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit
 dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%50    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1069
 
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7038
Description = Der Dienst "netprofm" konnte sich nicht als "NT AUTHORITY\LocalService"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%50    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Netzwerklistendienst" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1069
 
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7000
Description = Der Dienst "hpqcxs08" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1115
 
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7038
Description = Der Dienst "WdiServiceHost" konnte sich nicht als "NT AUTHORITY\LocalService"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%50    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Diagnosediensthost" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1069
 
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007042d
 
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = Fehler beim Starten des Assistenten für das Sprachpaket-Setup. Führen
 Sie einen Neustart des Systems aus, und führen Sie den Assistenten erneut aus.
 
Error - 26.03.2014 15:56:59 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.
 
 
< End of report >
 


Edited by Belnifore, 26 March 2014 - 03:04 PM.

  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello Belnifore,

 

Welcome to Geekstogo.

 

Please download zoek.exe and save it to your desktop (Firefox users right click and Save Link As...).

  • Close any open browsers.
  • Temporarily disable your AntiVirus program. (If necessary)
  •     Double click on zoek.exe to run.
  •     Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up
  • Click Options button below the large panel and check the box:

            Auto Clean
           
  •     Click on Run script button
  •     Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
  •     Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

Note: It will also create a log in the C:\ directory named "zoek-results.log"


  • 0

#3
Belnifore

Belnifore

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Here we go... zoek.exe results:

 

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by andee on 27.03.2014 at 20:17:05,99.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\andee\Downloads\zoek.exe [Scan all users]  [Checkboxes used]

==== System Restore Info ======================

27.03.2014 20:18:45 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3263022290-3832323690-497936285-1000\Software\Microsoft\Internet Explorer\SearchScopes\{276791E4-6E27-4EDC-AAD8-56A583921847} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Wondershare deleted
C:\PROGRA~3\APN deleted
C:\Users\andee\AppData\Local\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Users\andee\Downloads\DownloadManagerSetup.exe deleted
C:\END deleted
C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\spvjvdki.default\.autoreg deleted
C:\Users\andee\setup_Mein_CeWe_Fotobuch.exe deleted
"C:\Users\andee\AppData\Local\{C454C906-90F8-4097-9B22-4E3BA3082BC0}" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted
"C:\PROGRA~2\COMMON~1\Wondershare" deleted
"C:\PROGRA~3\Package Cache" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}"="C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}"="C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\spvjvdki.default
- Undetermined - C:\Program Files (x86)\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
- Undetermined - %ProfilePath%\extensions\staged-xpis
- Undetermined - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

ProfilePath: C:\Users\andee\AppData\Roaming\Mozilla\Firefox\Profiles\0yuui377.default
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\andee\AppData\Roaming\Mozilla\Firefox\Profiles\0yuui377.default
7EFF79934842F1C28992638AF19BF9CD    - C:\Users\andee\AppData\Roaming\Mozilla\plugins\npo1d.dll -    Google Talk Plugin Video Renderer
F87D7EB5573C0A84D8D460C54CBC5585    - C:\Users\andee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -    Google Talk Plugin
95812430959AE88CDD0301AB3A71913B    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll -    Shockwave Flash
A9C86900D2A61728C8326FE7147617C5    - C:\Users\andee\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll -    Google Update
63EE2015B877A2E472CC59E05291AA39    - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll -    McAfee Security Scanner +
D6ED6EB98E759460AD8C66DE23070132    - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll -    Microsoft Office 2013
18CF51689186AEB9D1D149AEB0E92D03    - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -    Microsoft Office 2013
E09A55AB513C4D5145F1C318ED024747    - C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll -    AmazonMP3DownloaderPlugin
AB87EEFFD18F2BAAFC274E7075EA6C67    - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -    Windows Presentation Foundation / Windows Presentation Foundation


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bopakagnckmlgajfccecajhnimjiiedh - No path found[]
chgdeabpmphfhkoemjjglmilajldekbp - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx[]
pmcmflmkceipgecmhoddphflfndnfbbe - C:\Users\andee\AppData\Local\Temp\tbch.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\andee\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[07.05.2013 20:09]

AT_MarliesDekkers - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlehphlfahjiajcnjkcbdbehjcchkibb
MSS+ Extension - andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
uTorrent for Google Chrome - andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjhaafelbmbpohgmabippkndaaikgdih

==== Chrome Fix ======================

C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_rsspub.conduitapps.com_0.localstorage deleted successfully
C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shop.conduitapps.com_0.localstorage deleted successfully
C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.at/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.at/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.co...ge={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3263022290-3832323690-497936285-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} deleted successfully
HKEY_USERS\S-1-5-21-3263022290-3832323690-497936285-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3263022290-3832323690-497936285-1000\Software\Mozilla\Firefox\Extensions\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\chgdeabpmphfhkoemjjglmilajldekbp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pmcmflmkceipgecmhoddphflfndnfbbe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\andee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\andee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\andee\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Administrator\AppData\Local\Mozilla\Firefox\Profiles\spvjvdki.default\Cache emptied successfully
C:\Users\andee\AppData\Local\Mozilla\Firefox\Profiles\0yuui377.default\Cache will be emptied at reboot

==== Empty Chrome Cache ======================

C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=816 folders=87 184311165 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\andee\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\andee\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 27.03.2014 at 20:40:11,00 ======================
 


  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello Belnifore,

 

Please download Farbar Recovery Scan Tool from here and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.


  • 0

#5
Belnifore

Belnifore

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by andee (administrator) on ANDEEMACHINE on 27-03-2014 22:05:47
Running from C:\Users\andee\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Google Inc.) C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Google Inc.) C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Google Inc.) C:\Users\andee\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\andee\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(HP) C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Dropbox, Inc.) C:\Users\andee\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
() C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Google Inc.) C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe
(Elaborate Bytes AG) C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe
(Google Inc.) C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\AirPort\APAgent.exe
(Google Inc.) C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Google Inc.) C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [236544 2008-10-10] (Logitech, Inc.)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [855608 2007-09-27] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPPQVideo] - C:\Program Files (x86)\HP\ScheduledLaunch\HP Color LaserJet CP1510 Series\bin\hppschlnch.exe [106496 2007-05-07] (Hewlett-Packard)
HKLM-x32\...\Run: [ToolBoxFX] - C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe [53248 2007-08-28] (HP)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
HKLM-x32\...\Run: [HPUsageTracking] - C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [36864 2007-05-08] ()
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AirPort Base Station Agent] - C:\Program Files (x86)\AirPort\APAgent.exe [771360 2009-11-11] (Apple Inc.)
HKLM-x32\...\Run: [Razer Nostromo Driver] - C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe [978840 2011-07-19] (Razer USA Ltd)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [739936 2012-11-27] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [BrowserPlugInHelper] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [163328 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [Google Update] - C:\Users\andee\AppData\Local\Google\Update\GoogleUpdate.exe [133104 2008-11-14] (Google Inc.)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [Steam] - "C:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [4735BA8321D1A27DF82FEEA48AB454EEB921043E._service_run] - C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe [841032 2014-03-26] (Google Inc.)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [GoogleChromeAutoLaunch_4F2EB314B9D0C6DAC7FCBCF0A7EC7646] - C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe [841032 2014-03-26] (Google Inc.)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\MountPoints2: {3998ed03-56ef-11df-8f3c-00196684b831} - H:\DTE_Privacy_launcher.exe
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\MountPoints2: {94718c85-90bb-11e3-b9bd-bc5ff4b16f04} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\MountPoints2: {a22955d8-2f82-11df-ba9a-00196684b831} - E:\steambackup.EXE
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\MountPoints2: {a22955da-2f82-11df-ba9a-00196684b831} - F:\SETUP.EXE
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\MountPoints2: {a22955ea-2f82-11df-ba9a-00196684b831} - G:\setup.exe
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\MountPoints2: {e181a940-0881-11e1-9e3d-806e6f6e6963} - E:\autorun.exe
Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\andee\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.c...ferrer:source?}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.c...ferrer:source?}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...age={startPage}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\andee\AppData\Roaming\Mozilla\Firefox\Profiles\0yuui377.default
FF DefaultSearchEngine: Google
FF Homepage: hxxp://thepiratebay.org/|hxxp://www.imdb.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\andee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\andee\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\andee\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\andee\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\andee\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\andee\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\andee\AppData\Roaming\Mozilla\Firefox\Profiles\0yuui377.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR HomePage: hxxp://www.orf.at/
CHR Plugin: (Shockwave Flash) - C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.92\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.92\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.92\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (getPlusPlus for Adobe 16248) - C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Google Talk Plugin) - C:\Users\andee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\andee\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\andee\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (iCloud-Lesezeichen) - C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2013-09-23]
CHR Extension: (uTorrent for Google Chrome) - C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjhaafelbmbpohgmabippkndaaikgdih [2013-04-27]
CHR Extension: (Google Wallet) - C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-07-18]
CHR Extension: (Evernote Web Clipper) - C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-05-31]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\andee\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-07]
CHR StartMenuInternet: Google Chrome - C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [51168 2009-09-23] (NOS Microsystems Ltd.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-05-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-01-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [323584 2012-10-06] (SafeNet Inc.)
S3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-01-10] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
S3 rzjoystk; C:\Windows\System32\DRIVERS\rzjoystk.sys [19968 2011-03-24] (Razer USA Ltd)
S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [157184 2011-07-14] (Razer USA Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-11-06] ()
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-27 22:05 - 2014-03-27 22:06 - 00035089 _____ () C:\Users\andee\Downloads\FRST.txt
2014-03-27 22:05 - 2014-03-27 22:05 - 00000000 ____D () C:\FRST
2014-03-27 22:04 - 2014-03-27 22:04 - 02157056 _____ (Farbar) C:\Users\andee\Downloads\FRST64.exe
2014-03-27 20:28 - 2014-03-27 20:28 - 00000082 _____ () C:\folders.txt
2014-03-27 20:28 - 2014-03-27 20:16 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-27 20:18 - 2014-03-27 20:40 - 00011204 _____ () C:\zoek-results.log
2014-03-27 20:16 - 2014-03-27 20:27 - 00000000 ____D () C:\zoek_backup
2014-03-27 20:12 - 2014-03-27 20:12 - 01285120 _____ () C:\Users\andee\Downloads\zoek.exe
2014-03-26 22:06 - 2014-03-26 22:06 - 00000273 _____ () C:\Users\andee\Desktop\Using Chrome keep getting popups from abnxs.com - Virus, Spyware, Malware Removal.URL
2014-03-26 21:16 - 2014-03-26 21:16 - 00000156 _____ () C:\Users\andee\Desktop\Using Firefox- keep getting annoying pop-ups and redirections [Solved] - Virus, Spyware, Malware Removal.url
2014-03-26 01:03 - 2014-03-26 21:54 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-03-24 00:32 - 2014-03-24 00:32 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-23 23:02 - 2014-03-23 23:02 - 00000255 _____ () C:\Users\andee\Desktop\google chrome lädt keine seiten - Trojaner-Board.URL
2014-03-23 16:50 - 2014-03-23 16:50 - 00000202 _____ () C:\Users\andee\Desktop\Wargame AirLand Battle.url
2014-03-19 22:55 - 2014-03-19 22:56 - 12589848 _____ (Malwarebytes Corp.) C:\Users\andee\Downloads\mbar-1.07.0.1009.exe
2014-03-13 00:29 - 2014-03-13 00:29 - 00000000 ____D () C:\Users\andee\Documents\Respawn
2014-03-12 08:04 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 08:04 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 08:04 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 08:04 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 08:04 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 08:04 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 08:04 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 08:04 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 08:04 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 08:04 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 08:04 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 08:04 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 08:04 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 08:04 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 08:04 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 08:04 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 08:04 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 08:04 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 08:04 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 08:04 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 08:04 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 08:04 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 08:04 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 08:04 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 08:04 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 08:04 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 08:04 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 08:04 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 08:04 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 08:04 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 08:04 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 08:04 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 08:04 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 08:04 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 08:04 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 08:04 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 08:04 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 08:04 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 08:04 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 08:04 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 08:04 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 08:04 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 08:04 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 08:04 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 08:03 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 08:03 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 08:03 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 08:03 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 06:38 - 2014-03-12 06:38 - 00000702 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-08 19:49 - 2014-03-08 19:50 - 19255196 _____ () C:\Users\andee\Downloads\maptool-1.3.b90-beta.zip
2014-03-08 19:49 - 2014-03-08 19:49 - 00113181 _____ () C:\Users\andee\Downloads\maptool-launcher-130829.01.zip
2014-03-08 15:25 - 2014-03-08 15:25 - 00921000 _____ (Oracle Corporation) C:\Users\andee\Downloads\chromeinstall-7u51.exe
2014-03-08 15:24 - 2014-03-08 15:24 - 00005402 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-07 22:36 - 2014-03-07 22:36 - 00000000 ____D () C:\Users\andee\.gametool
2014-03-07 22:35 - 2014-03-07 22:35 - 00000000 ____D () C:\Users\andee\.inittoolDbg
2014-03-07 22:35 - 2014-03-07 22:35 - 00000000 ____D () C:\Users\andee\.chartool
2014-03-07 22:34 - 2014-03-07 22:34 - 00001307 _____ () C:\Users\andee\Desktop\MapToolLauncher.exe - Verknüpfung.lnk
2014-03-07 22:33 - 2014-03-07 22:33 - 08518799 _____ () C:\Users\andee\Downloads\initiativetool-1.1.b9.zip
2014-03-07 22:33 - 2014-03-07 22:33 - 03455475 _____ () C:\Users\andee\Downloads\tokentool-1.0.b28.zip
2014-03-07 22:33 - 2014-03-07 22:33 - 01436268 _____ () C:\Users\andee\Downloads\dicetool-1.0.b34.zip
2014-03-07 22:32 - 2014-03-07 22:32 - 08081013 _____ () C:\Users\andee\Downloads\chartool-1.0.b15.zip
2014-03-07 22:10 - 2014-03-07 22:12 - 19130374 _____ () C:\Users\andee\Downloads\maptool-1.3.b89.zip
2014-03-04 22:43 - 2014-03-04 22:43 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-02 23:10 - 2014-03-22 23:37 - 00007604 _____ () C:\Users\andee\Documents\TombRaider.log
2014-03-02 15:59 - 2014-03-02 15:59 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\Program Files\iTunes
2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\Program Files\iPod
2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-02 15:54 - 2014-03-02 15:55 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-02 15:54 - 2014-03-02 15:54 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-02-27 20:28 - 2014-02-27 20:42 - 00000000 ____D () C:\Users\andee\AppData\Roaming\Nidhogg
2014-02-27 20:19 - 2014-02-27 20:19 - 00000201 _____ () C:\Users\andee\Desktop\Nidhogg.url

==================== One Month Modified Files and Folders =======

2014-03-27 22:06 - 2014-03-27 22:05 - 00035089 _____ () C:\Users\andee\Downloads\FRST.txt
2014-03-27 22:05 - 2014-03-27 22:05 - 00000000 ____D () C:\FRST
2014-03-27 22:04 - 2014-03-27 22:04 - 02157056 _____ (Farbar) C:\Users\andee\Downloads\FRST64.exe
2014-03-27 22:04 - 2010-03-14 00:25 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{41F81915-9EB9-4574-A4C8-039E4396298D}
2014-03-27 22:03 - 2011-01-06 17:12 - 00000000 ____D () C:\Users\andee\AppData\Roaming\vlc
2014-03-27 21:50 - 2010-05-31 23:59 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-27 21:47 - 2009-10-20 21:13 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500UA.job
2014-03-27 21:34 - 2009-07-01 02:41 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000UA.job
2014-03-27 21:09 - 2012-08-03 18:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-27 21:01 - 2013-12-28 22:27 - 00005150 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for andeemachine-andee andeemachine
2014-03-27 20:45 - 2012-03-02 22:11 - 00000000 ____D () C:\ProgramData\Origin
2014-03-27 20:45 - 2012-03-02 22:09 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-27 20:45 - 2010-03-13 23:22 - 00019600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-27 20:45 - 2010-03-13 23:22 - 00019600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-27 20:44 - 2010-03-14 00:12 - 01335008 _____ () C:\Windows\WindowsUpdate.log
2014-03-27 20:44 - 2009-07-14 18:58 - 00704580 _____ () C:\Windows\system32\perfh007.dat
2014-03-27 20:44 - 2009-07-14 18:58 - 00151484 _____ () C:\Windows\system32\perfc007.dat
2014-03-27 20:44 - 2009-07-14 06:13 - 01634912 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-27 20:40 - 2014-03-27 20:18 - 00011204 _____ () C:\zoek-results.log
2014-03-27 20:40 - 2012-05-02 21:48 - 00000000 ___RD () C:\Users\andee\Google Drive
2014-03-27 20:40 - 2010-05-31 23:59 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-27 20:40 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-27 20:40 - 2008-11-16 15:47 - 00000000 ___RD () C:\Users\andee\My Dropbox
2014-03-27 20:40 - 2008-11-16 15:45 - 00000000 ____D () C:\Users\andee\AppData\Roaming\Dropbox
2014-03-27 20:39 - 2010-06-27 00:00 - 17170111 _____ () C:\Windows\setupact.log
2014-03-27 20:39 - 2010-03-13 23:50 - 00380106 _____ () C:\Windows\PFRO.log
2014-03-27 20:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-27 20:28 - 2014-03-27 20:28 - 00000082 _____ () C:\folders.txt
2014-03-27 20:27 - 2014-03-27 20:16 - 00000000 ____D () C:\zoek_backup
2014-03-27 20:25 - 2010-03-13 23:25 - 00000000 ____D () C:\Users\andee
2014-03-27 20:16 - 2014-03-27 20:28 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-27 20:12 - 2014-03-27 20:12 - 01285120 _____ () C:\Users\andee\Downloads\zoek.exe
2014-03-26 22:34 - 2009-07-01 02:41 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000Core.job
2014-03-26 22:06 - 2014-03-26 22:06 - 00000273 _____ () C:\Users\andee\Desktop\Using Chrome keep getting popups from abnxs.com - Virus, Spyware, Malware Removal.URL
2014-03-26 21:54 - 2014-03-26 01:03 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-03-26 21:16 - 2014-03-26 21:16 - 00000156 _____ () C:\Users\andee\Desktop\Using Firefox- keep getting annoying pop-ups and redirections [Solved] - Virus, Spyware, Malware Removal.url
2014-03-25 05:43 - 2008-12-27 10:29 - 00000000 ____D () C:\Users\andee\AppData\Roaming\uTorrent
2014-03-24 21:39 - 2009-07-14 05:45 - 03130136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-24 00:32 - 2014-03-24 00:32 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-23 23:02 - 2014-03-23 23:02 - 00000255 _____ () C:\Users\andee\Desktop\google chrome lädt keine seiten - Trojaner-Board.URL
2014-03-23 19:47 - 2009-10-20 21:13 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500Core.job
2014-03-23 16:50 - 2014-03-23 16:50 - 00000202 _____ () C:\Users\andee\Desktop\Wargame AirLand Battle.url
2014-03-22 23:37 - 2014-03-02 23:10 - 00007604 _____ () C:\Users\andee\Documents\TombRaider.log
2014-03-22 18:44 - 2008-11-09 00:03 - 00000000 ____D () C:\Users\andee\AppData\Roaming\Mozilla
2014-03-19 22:56 - 2014-03-19 22:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\andee\Downloads\mbar-1.07.0.1009.exe
2014-03-19 03:01 - 2013-08-15 22:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:00 - 2010-04-19 21:57 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 23:18 - 2012-04-10 20:13 - 00000000 ____D () C:\ProgramData\Army Builder
2014-03-13 20:36 - 2013-03-12 23:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 20:36 - 2013-03-12 23:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 01:07 - 2008-11-06 23:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 00:29 - 2014-03-13 00:29 - 00000000 ____D () C:\Users\andee\Documents\Respawn
2014-03-12 06:38 - 2014-03-12 06:38 - 00000702 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-12 06:13 - 2008-11-07 00:05 - 01088555 _____ () C:\Windows\DirectX.log
2014-03-12 00:11 - 2012-03-02 22:12 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-12 00:04 - 2012-03-02 22:11 - 00000000 ____D () C:\Users\andee\AppData\Local\Origin
2014-03-11 22:09 - 2012-08-03 18:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 22:09 - 2012-04-03 19:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 22:09 - 2011-10-11 21:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-08 20:02 - 2009-01-07 12:28 - 00000000 ____D () C:\Users\andee\Desktop\Zeugs
2014-03-08 19:50 - 2014-03-08 19:49 - 19255196 _____ () C:\Users\andee\Downloads\maptool-1.3.b90-beta.zip
2014-03-08 19:49 - 2014-03-08 19:49 - 00113181 _____ () C:\Users\andee\Downloads\maptool-launcher-130829.01.zip
2014-03-08 15:25 - 2014-03-08 15:25 - 00921000 _____ (Oracle Corporation) C:\Users\andee\Downloads\chromeinstall-7u51.exe
2014-03-08 15:25 - 2013-10-22 22:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-08 15:24 - 2014-03-08 15:24 - 00005402 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-08 15:24 - 2009-11-01 23:27 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-07 22:36 - 2014-03-07 22:36 - 00000000 ____D () C:\Users\andee\.gametool
2014-03-07 22:35 - 2014-03-07 22:35 - 00000000 ____D () C:\Users\andee\.inittoolDbg
2014-03-07 22:35 - 2014-03-07 22:35 - 00000000 ____D () C:\Users\andee\.chartool
2014-03-07 22:34 - 2014-03-07 22:34 - 00001307 _____ () C:\Users\andee\Desktop\MapToolLauncher.exe - Verknüpfung.lnk
2014-03-07 22:33 - 2014-03-07 22:33 - 08518799 _____ () C:\Users\andee\Downloads\initiativetool-1.1.b9.zip
2014-03-07 22:33 - 2014-03-07 22:33 - 03455475 _____ () C:\Users\andee\Downloads\tokentool-1.0.b28.zip
2014-03-07 22:33 - 2014-03-07 22:33 - 01436268 _____ () C:\Users\andee\Downloads\dicetool-1.0.b34.zip
2014-03-07 22:32 - 2014-03-07 22:32 - 08081013 _____ () C:\Users\andee\Downloads\chartool-1.0.b15.zip
2014-03-07 22:12 - 2014-03-07 22:10 - 19130374 _____ () C:\Users\andee\Downloads\maptool-1.3.b89.zip
2014-03-04 22:43 - 2014-03-04 22:43 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-04 22:43 - 2009-04-05 20:46 - 00000000 ____D () C:\ProgramData\Skype
2014-03-04 20:19 - 2009-03-22 23:17 - 00000000 ____D () C:\Users\andee\Desktop\Kathi
2014-03-02 15:59 - 2014-03-02 15:59 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\Program Files\iTunes
2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\Program Files\iPod
2014-03-02 15:59 - 2014-03-02 15:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-02 15:55 - 2014-03-02 15:54 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-02 15:54 - 2014-03-02 15:54 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-01 07:05 - 2014-03-12 08:04 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-12 08:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-12 08:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-12 08:04 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-12 08:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-12 08:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-12 08:04 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-12 08:04 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-12 08:04 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-12 08:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-12 08:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-12 08:04 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-12 08:04 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-12 08:04 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-12 08:04 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-12 08:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-12 08:04 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-12 08:04 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-12 08:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-12 08:04 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 08:04 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-12 08:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 08:04 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-12 08:04 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-12 08:04 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-12 08:04 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-12 08:04 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-12 08:04 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-12 08:04 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-12 08:04 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-12 08:04 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-12 08:04 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-12 08:04 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 08:04 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 08:04 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-12 08:04 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-12 08:04 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-12 08:04 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-12 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-12 08:04 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 03:01 - 2011-10-12 21:29 - 01608256 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 20:42 - 2014-02-27 20:28 - 00000000 ____D () C:\Users\andee\AppData\Roaming\Nidhogg
2014-02-27 20:19 - 2014-02-27 20:19 - 00000201 _____ () C:\Users\andee\Desktop\Nidhogg.url

Some content of TEMP:
====================
C:\Users\andee\AppData\Local\Temp\avgnt.exe
C:\Users\andee\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp5zytn.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-23 13:54

==================== End Of Log ============================

 

ADDITION...

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by andee at 2014-03-27 22:06:12
Running from C:\Users\andee\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30488 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.5.5 - Adobe Systems) Hidden
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Contribute CS4 (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Master Collection (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CS4 American English Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Download Manager (HKLM-x32\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.48 - NOS Microsystems Ltd.)
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 Codecs (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Extension - Flash Lite STI others (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 STI-other (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{3A6829EF-0791-4FDD-9382-C690DD0821B9}) (Version: 10.0.2.54 - Adobe Systems, Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS4 (x32 Version: 14.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Application Feature Set Files (Roman) (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Common Base Files (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Dolby (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe OnLocation CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Adobe Premiere Pro CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Functional Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe SGM CS4 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe SING CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS4 Codecs (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS4 Server (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma Tactics (HKLM-x32\...\Steam App 224860) (Version:  - Bohemia Interactive)
Army Builder 3.4b (HKLM-x32\...\{43867B63-C464-4570-823D-D92DC08E3400}_is1) (Version: 3.4b - Lone Wolf Development, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BIPA FotoShop (HKLM-x32\...\BIPA FotoShop) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
calibre 64bit (HKLM\...\{2B5D6B29-7348-4404-B992-B557B4D1F055}) (Version: 0.9.40 - Kovid Goyal)
Call of Duty® 4 - Modern Warfare™ 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.5 Multiplayer Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version:  - ) Hidden
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.2.3442 - CDBurnerXP)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
DeviceDiscovery (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.8.16603 - Blizzard Entertainment)
DivX Converter (HKLM-x32\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.5 - Dropbox, Inc.)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
eSupportQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Evernote v. 5.2 (HKLM-x32\...\{090931D6-A2F4-11E3-AD9C-00163E98E7D0}) (Version: 5.2.0.2946 - Evernote Corp.)
FastCAD (HKLM-x32\...\FastCAD) (Version:  - )
ffdshow [rev 2280] [2008-11-02] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Fractal Mapper v8.01a (HKLM-x32\...\Fractal Mapper_is1) (Version: 8.01a - NBOS Software)
Fractal Terrains 3 (HKLM-x32\...\Fractal Terrains 3) (Version: 3.0.4 - ProFantasy Software)
Fractal Terrains 3 (x32 Version: 3.0.4 - ProFantasy Software) Hidden
Free ISO Grabber 4.1.5 (HKLM-x32\...\Free ISO Grabber_is1) (Version:  - FreeAudioVideoSoftTech, Inc.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.0.0.0 - Futuremark Corporation)
G9x User's Guide (HKLM\...\{05408942-55F9-4D32-AE07-A9ECDC013961}) (Version: 1.10.0000 - Logitech)
gDocBinder (HKLM-x32\...\{D92E093D-C577-4D55-AB3D-5E10AAA24D13}) (Version: 1.0.0.0 - Global Graphics Software Ltd)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.92 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 6 (HKLM-x32\...\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}) (Version: 6.0.01337 - Google)
Google SketchUp 6 (x32 Version: 6.4.112 - Google) Hidden
Google SketchUp 7 (HKLM-x32\...\{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}) (Version: 2.1.6863 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{E121A4FE-009B-385B-BB0D-B934E2A88288}) (Version: 5.2.4.18058 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HP Color LaserJet CP1510 Series 2.0 (HKLM\...\{223C0721-A6B0-4853-88C0-331029841734}) (Version: 2.0 - HP)
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP Product Assistant (x32 Version: 100.000.001.000 - Hewlett-Packard) Hidden
HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
hppCLJCP1510 (x32 Version: 003.000.00186 - Hewlett-Packard) Hidden
hppFonts (x32 Version: 001.001.00056 - Hewlett-Packard) Hidden
hppManualsCP1510 (x32 Version: 003.000.00190 - Ihr Firmenname) Hidden
hppPQVideoCP1510 (x32 Version: 003.000.00157 - Ihr Firmenname) Hidden
HPProductAssistant (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
hppTLBXFXCP1510 (x32 Version: 001.003.00081 - Hewlett-Packard) Hidden
hppusgCP1510 (x32 Version: 000.000.00012 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Ihr Firmenname)
hpzTLBXFX (x32 Version: 003.013.00279 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Inkscape 0.46 (HKLM-x32\...\Inkscape) (Version: 0.46 - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
iPhone-Konfigurationsprogramm (HKLM-x32\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Logitech SetPoint 5.10 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.10 - Logitech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Manhunt 2 (HKLM-x32\...\Manhunt 2) (Version: 1.00.0000 - Rockstar Games)
MarketResearch (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version:  - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Surface 2.0 Runtime (HKLM-x32\...\{69C2B39D-F060-49AD-8877-01C4144A8424}) (Version: 2.0.21114.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.1 (HKLM\...\{903029FE-FA82-427B-916C-AD08185DA3C2}) (Version: 1.10.123.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{3dbea378-89b6-41db-a3c2-0f035afe3a40}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.12.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFCanvas V1.5 (HKLM-x32\...\PDFCanvas V1.5) (Version:  - )
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
Product_SF_Full_QFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Product_SF_Min_QFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
R for Windows 2.15.1 (HKLM\...\R for Windows 2.15.1_is1) (Version: 2.15.1 - R Core Team)
Razer Nostromo (HKLM-x32\...\{0214578F-4888-43FB-9E34-C14FCFDEDDEB}) (Version: 2.02.08 - Razer USA Ltd.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games)
Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Sam and Max - Season One 1.0 (HKLM-x32\...\Sam and Max - Season One) (Version: 1.0 - JoWooD Productions)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scribus 1.3.3.12 (HKLM-x32\...\Scribus 1.3.3.12) (Version: 1.3.3.12 - The Scribus Team)
Scrivener Update (HKLM-x32\...\Scrivener 1030) (Version: 1610 - Literature and Latte)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimpleScreenshot 1.40 (HKLM-x32\...\SimpleScreenshot) (Version:  - )
SIW version 2011.10.29 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 2.0.7.25293 - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Syndicate™ (HKLM-x32\...\{FA602928-EB59-449c-B9F7-1FBE1291B63D}) (Version: 1.0.0.1 - Electronic Arts)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version:  - Ubisoft Toronto)
TrayApp (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wargame: AirLand Battle (HKLM-x32\...\Steam App 222750) (Version:  - Eugen Systems)
WebReg (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live ID-Anmelde-Assistent (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{B0EFB716-085B-4564-8060-212E41F5CE50}) (Version: 6.500.3146.0 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Wondershare Video Converter Ultimate(Build 6.6.0.5) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 6.6.0.5 - Wondershare Software)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
XMind (HKLM-x32\...\XMind) (Version: 3.2.1 - XMind Ltd.)
Xvid 1.1.3 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))

==================== Restore Points  =========================

22-03-2014 17:22:42 Windows Update
23-03-2014 18:00:14 Windows-Sicherung
23-03-2014 20:13:37 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
23-03-2014 20:13:52 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
25-03-2014 22:45:44 Windows Update
27-03-2014 19:18:40 zoek.exe restore point

==================== Hosts content: ==========================

2006-11-02 13:34 - 2011-04-03 20:36 - 00001239 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {015D1F22-1CBE-495C-8D48-6DC760ABA89E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for andeemachine-andee andeemachine => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-01-18] (Microsoft Corporation)
Task: {11D08E89-D6F7-4803-BBAE-E0FDD1150173} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {27A4A28D-F85F-4C2F-BD57-5DBE12BB9C6D} - System32\Tasks\{DCC053F9-35FD-4FB2-AA0F-85AB1219EC8D} => Chrome.exe http://ui.skype.com/...all?page=tsMain
Task: {296A5035-0AAB-47F4-8665-F7A72C95D1F4} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {2BC34BB7-FEE1-4839-A1A5-4225C1F84031} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-11-13] (Microsoft Corporation)
Task: {3A1DC352-C799-415D-81EC-BE30068B236A} - System32\Tasks\{E7043BF5-4893-4036-AEAD-5A093FCCA8A4} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {42B92EFC-B0C9-4F37-9A2E-99D156D8D69E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {52EC2058-B2A2-4437-B618-16A53D09A27F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500UA => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-20] (Google Inc.)
Task: {57C5FB60-D252-41C2-9771-8E01D6C9136D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {68B6F4A0-571A-4320-8E29-7AFD86E4FD71} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-11-13] (Microsoft Corporation)
Task: {826053E7-C6AF-4EBD-925C-F3316982369D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {9475DD97-BB54-4FD8-A31A-032B4833F6AA} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {B09E6C36-1F97-4798-AF2D-0CC953C4491A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000Core => C:\Users\andee\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-14] (Google Inc.)
Task: {B657C6BA-1DF9-4FA9-BDF5-74D3954B9767} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2009-07-14] (Microsoft Corporation)
Task: {C15F8E8F-C064-4FEB-AF1A-4C3ACC1A2649} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {CB0F790F-FDE2-457D-8E3E-4CDA638F1CEE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500Core => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-20] (Google Inc.)
Task: {D8AD8600-713A-4217-A25D-A28C9B4AE476} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000UA => C:\Users\andee\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-14] (Google Inc.)
Task: {E3BD9B20-B374-4190-8C48-6A122F4B6909} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {E49DF604-4657-42F3-8619-EF5B41C0F82D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-21] (Google Inc.)
Task: {F3547E96-3572-461F-BDEB-95FF9FA1CFD1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000Core.job => C:\Users\andee\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000UA.job => C:\Users\andee\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500Core.job => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500UA.job => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-09 12:49 - 2013-08-23 14:45 - 00386216 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-03-09 12:49 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-03-09 12:49 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-11-14 20:38 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2008-11-06 23:44 - 2006-12-11 02:14 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2007-05-08 15:44 - 2007-05-08 15:44 - 00036864 _____ () C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-04-27 19:29 - 2013-01-25 08:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-26 21:35 - 2014-03-26 03:59 - 00065352 _____ () C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.92\chrome_elf.dll
2014-03-27 20:40 - 2014-03-27 20:40 - 00098816 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\win32api.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00110080 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\pywintypes27.dll
2014-03-27 20:40 - 2014-03-27 20:40 - 00364544 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\pythoncom27.dll
2014-03-27 20:40 - 2014-03-27 20:40 - 00044032 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\_socket.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 01157120 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\_ssl.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00320512 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\win32com.shell.shell.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00712192 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\_hashlib.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 01175040 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\wx._core_.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00805888 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\wx._gdi_.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00811008 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\wx._windows_.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 01062400 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\wx._controls_.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00735232 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\wx._misc_.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00128512 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\_elementtree.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00127488 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\pyexpat.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00557056 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\pysqlite2._sqlite.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00087040 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\_ctypes.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00119808 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\win32file.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00108544 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\win32security.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00018432 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\win32event.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00038912 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\win32inet.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00122368 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\wx._wizard.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00070656 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\wx._html2.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00026624 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\_multiprocessing.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00010240 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\select.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00024064 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\win32pipe.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00686080 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\unicodedata.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00025600 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\win32pdh.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00525640 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\windows._lib_cacheinvalidation.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00011264 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\win32crypt.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00035840 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\win32process.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00017408 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\win32profile.pyd
2014-03-27 20:40 - 2014-03-27 20:40 - 00022528 _____ () C:\Users\andee\AppData\Local\Temp\_MEI31482\win32ts.pyd
2013-11-13 20:43 - 2013-11-13 20:43 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-01-16 19:23 - 2014-01-18 10:59 - 00359592 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll
2007-08-28 09:00 - 2007-08-28 09:00 - 00069632 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPTools.dll
2007-08-28 09:00 - 2007-08-28 09:00 - 00069632 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\AppConstants.dll
2007-08-28 09:00 - 2007-08-28 09:00 - 00434176 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPAppTools.dll
2007-08-28 09:00 - 2007-08-28 09:00 - 00122880 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPToolkit.dll
2007-08-28 09:00 - 2007-08-28 09:00 - 00040960 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\Enumeration.dll
2007-08-28 09:01 - 2007-08-28 09:01 - 00573440 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\Alerts.dll
2007-08-28 09:00 - 2007-08-28 09:00 - 00016384 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPStreamsInterface.dll
2007-08-28 09:01 - 2007-08-28 09:01 - 00102400 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPFaxUtilities.dll
2007-08-28 09:00 - 2007-08-28 09:00 - 00032768 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\NamedPipeChannel.dll
2007-08-28 08:59 - 2007-08-28 08:59 - 00069632 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\nativeutils.dll
2014-03-27 20:40 - 2014-03-27 20:40 - 00041984 _____ () c:\users\andee\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp5zytn.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\andee\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-26 21:35 - 2014-03-26 03:59 - 00674632 _____ () C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.92\libglesv2.dll
2014-03-26 21:35 - 2014-03-26 03:59 - 00093000 _____ () C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.92\libegl.dll
2013-05-20 12:50 - 2009-02-27 15:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2013-05-20 12:50 - 2009-02-27 15:32 - 00020480 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
2014-02-24 16:56 - 2014-02-24 16:56 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-02-24 16:56 - 2014-02-24 16:56 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2007-05-08 15:44 - 2007-05-08 15:44 - 00057344 _____ () C:\Program Files (x86)\HP\HP UT\bin\HPUsageTracking.dll
2007-05-08 15:44 - 2007-05-08 15:44 - 00065536 _____ () C:\Program Files (x86)\HP\HP UT\bin\HPTools.dll
2007-05-08 15:44 - 2007-05-08 15:44 - 00114688 _____ () C:\Program Files (x86)\HP\HP UT\bin\HPToolkit.dll
2007-05-08 15:44 - 2007-05-08 15:44 - 00036864 _____ () C:\Program Files (x86)\HP\HP UT\bin\Enumeration.dll
2007-05-08 15:44 - 2007-05-08 15:44 - 00016384 _____ () C:\Program Files (x86)\HP\HP UT\bin\HPStreamsInterface.dll
2014-03-26 21:35 - 2014-03-26 03:59 - 04081480 _____ () C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.92\pdf.dll
2014-03-26 21:35 - 2014-03-26 03:59 - 00390472 _____ () C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.92\ppGoogleNaClPluginChrome.dll
2014-03-26 21:35 - 2014-03-26 03:59 - 01647432 _____ () C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.92\ffmpegsumo.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-10-21 05:23 - 2013-05-13 14:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-03-12 00:00 - 2014-03-12 00:00 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-03-12 00:00 - 2014-03-12 00:00 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-03-12 00:00 - 2014-03-12 00:00 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-03-12 00:00 - 2014-03-12 00:00 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-03-12 00:00 - 2014-03-12 00:00 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-03-12 00:00 - 2014-03-12 00:00 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-03-12 00:00 - 2014-03-12 00:00 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-03-12 00:00 - 2014-03-12 00:00 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-02-21 19:24 - 2014-02-21 19:24 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Razer Nostromo
Description: Razer Nostromo
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Razer
Service: rzjoystk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/27/2014 08:41:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2014 08:09:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16


System errors:
=============
Error: (03/27/2014 08:41:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (03/27/2014 08:25:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/27/2014 08:25:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/27/2014 08:25:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/27/2014 08:25:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/27/2014 08:25:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/27/2014 08:09:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (03/26/2014 08:56:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (03/26/2014 00:02:05 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Fehler beim Starten des Assistenten für das Sprachpaket-Setup. Führen Sie einen Neustart des Systems aus, und führen Sie den Assistenten erneut aus.

Error: (03/26/2014 00:02:05 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007042d


Microsoft Office Sessions:
=========================
Error: (03/27/2014 08:41:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2014 08:09:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (03/26/2014 09:20:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16


CodeIntegrity Errors:
===================================
  Date: 2010-02-05 10:22:22.737
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\atiumd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-02-05 10:22:22.694
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\atiumd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-02-03 20:12:27.550
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\atiumd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-02-03 20:12:27.506
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\atiumd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2009-11-05 17:25:13.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\atiumd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2009-11-05 17:25:13.777
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\atiumd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2009-10-20 20:31:34.416
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2009-10-20 20:31:34.380
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2009-10-20 20:31:34.344
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2009-10-20 20:31:34.308
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 30%
Total physical RAM: 8132.05 MB
Available physical RAM: 5644.49 MB
Total Pagefile: 16262.27 MB
Available Pagefile: 13285.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:24.91 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Andee Lokal 500GB) (Fixed) (Total:465.76 GB) (Free:63.04 GB) NTFS
Drive f: (KRD10) (CDROM) (Total:0.37 GB) (Free:0 GB) CDFS
Drive h: (Andee Lokal 1TB) (Fixed) (Total:931.51 GB) (Free:0.01 GB) NTFS
Drive k: (SAMSUNG) (Fixed) (Total:596.17 GB) (Free:2.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 0B523184)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 671D9220)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7AABCC1A)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 596 GB) (Disk ID: 063FD150)
Partition 1: (Active) - (Size=596 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello agin Belnifore,

Download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that
 

  • Close any open browsers.
  • Temporarily disable your AntiVirus program. (If necessary)
  •     Double click on zoek.exe to run.
  •     Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up
  •     Copy the text below and paste it into the large window in the zoek tool:

    CHRDefaults;
    
    
           
  •     Click on Run script button
  •     Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
  •     Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

Note: It will also create a log in the C:\ directory named "zoek-results.log"

Finally in this post

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

 If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

 

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
     then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • If you are given an option to quarantine files ensure the scan is set to do so.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic and tell me how your machine is now.

So when you return please post

  • Fixlog.txt
  • zoek-results.log
  • ESET scan results
  • and tell how your machine is

 


  • 0

#7
Belnifore

Belnifore

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by andee at 2014-03-29 08:31:14 Run:1
Running from C:\Users\andee\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
FF Homepage: hxxp://thepiratebay.org/|hxxp://www.imdb.com/
*****************

Firefox homepage deleted successfully.

==== End of Fixlog ====


  • 0

#8
Belnifore

Belnifore

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by andee on 29.03.2014 at 10:10:15,82.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\andee\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-03-27-194011.log    11204 bytes

==== Reset Google Chrome ======================

C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=816 folders=87 184311165 bytes)

==== EOF on 29.03.2014 at 10:11:51,68 ======================
 


  • 0

#9
Belnifore

Belnifore

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=80e1257b23b4bf4aa314f657e461e738
# engine=17672
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-03-29 03:18:57
# local_time=2014-03-29 04:18:57 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 31620 261533227 24394 0
# compatibility_mode=5893 16776573 100 94 27989 147736187 0 0
# scanned=667015
# found=19
# cleaned=19
# scan_time=21609
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll"
sh=1A3F14C0A66F9AF050D1F34FBACBAADC31751A07 ft=1 fh=2704a03a0f47b728 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe"
sh=E535ECD0508367568242C2308C2BFC192E668D30 ft=1 fh=1683bc139d84c090 vn="Win32/Toolbar.AskSBar potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\andee\Documents\Downloads\Nero-9.4.12.3d_free.exe"
sh=ACA4D28DFE13E7B4BF53B9CACBA273CE854B90A3 ft=1 fh=808dc84b00ed18cf vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\andee\Downloads\siw-setup_2011_1029p.exe"
sh=5B91D9509C8CDF66F85C3AFF38A8ADF1818A5BE0 ft=1 fh=77d176559ab9e72c vn="a variant of Win32/InstallCore.BB potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_andee_Downloads_DownloadManagerSetup.exe.vir"
sh=74900EB4654C840DB07E63D9663F0843B297197B ft=0 fh=0000000000000000 vn="Win32/Toolbar.AskSBar potentially unwanted application (deleted - quarantined)" ac=C fn="H:\ANDEEMACHINE\Backup Set 2011-05-10 212839\Backup Files 2011-05-10 212839\Backup files 59.zip"
sh=1D314397991CCD2C0CF05BA99B78E3E80729B9E4 ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="H:\ANDEEMACHINE\Backup Set 2011-05-10 212839\Backup Files 2011-09-18 190007\Backup files 1.zip"
sh=25A3E9ADC3B0615E3359D4EEA69499AE82B06B1A ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Conduit.P potentially unwanted application (deleted - quarantined)" ac=C fn="H:\ANDEEMACHINE\Backup Set 2011-05-10 212839\Backup Files 2011-09-18 190007\Backup files 2.zip"
sh=0BCCFFBA4883853C33A7769AF0A824A539B65615 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.Q potentially unwanted application (deleted - quarantined)" ac=C fn="H:\ANDEEMACHINE\Backup Set 2011-10-23 203659\Backup Files 2011-11-01 211000\Backup files 21.zip"
sh=BEF4310D0C2C096D6C40260EB5505CAA0F00E022 ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Conduit.P potentially unwanted application (deleted - quarantined)" ac=C fn="H:\ANDEEMACHINE\Backup Set 2011-10-23 203659\Backup Files 2011-11-01 211000\Backup files 29.zip"
sh=0F07611002E6493177DB0CBA7B430C472B1FA056 ft=0 fh=0000000000000000 vn="Win32/Toolbar.AskSBar potentially unwanted application (deleted - quarantined)" ac=C fn="H:\ANDEEMACHINE\Backup Set 2011-10-23 203659\Backup Files 2011-11-01 211000\Backup files 51.zip"
sh=2C894DA796FE1CC0AAAA24DCBECC5DDF8CCF4E6E ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Widgi potentially unwanted application (deleted - quarantined)" ac=C fn="H:\ANDEEMACHINE\Backup Set 2011-10-23 203659\Backup Files 2011-11-06 190008\Backup files 3.zip"
sh=94536AA228568906BCE3AE021B7EDC6C5B1D5793 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="H:\ANDEEMACHINE\Backup Set 2011-10-23 203659\Backup Files 2012-06-03 190007\Backup files 45.zip"
sh=540D8F4936F41FB5BF905BB20CA78BF99F035737 ft=0 fh=0000000000000000 vn="Win32/Toolbar.AskSBar potentially unwanted application (deleted - quarantined)" ac=C fn="H:\ANDEEMACHINE\Backup Set 2011-10-23 203659\Backup Files 2012-06-03 190007\Backup files 46.zip"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/Keygen.DK potentially unsafe application (deleted - quarantined)" ac=C fn="H:\ISOs\Call of Duty 4\COD4MW.ISO"
sh=846401CAB721D8934968C67207801DD90A3BA299 ft=0 fh=0000000000000000 vn="a variant of Win32/GameHack.F potentially unsafe application (deleted - quarantined)" ac=C fn="H:\ISOs\Fallout 3 - RELOADED\MODZ\fa315promo-ch.zip"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAA trojan (deleted - quarantined)" ac=C fn="H:\ISOs\Tom.Clancys.Splinter.Cell.Conviction-SKIDROW\sr-tcscc.iso"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/Keygen.GU potentially unsafe application (deleted - quarantined)" ac=C fn="H:\ISOs\x_Mass Effect 2\rzr-me2a.iso"
 


  • 0

#10
Belnifore

Belnifore

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Hi again,

 

Chrome seems to be clean at the moment. I will watch performance and behaviour but your treatment seems do have done the trick. Also ESET found quite some surprises on my computer (and I shall watch my kids down-loading habits better in the future...).

 

Thx a lot, you have been a great help!!

 Andy


  • 0

Advertisements


#11
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello again Belnifore,
 

Chrome seems to be clean at the moment.


Good news.

I think you are good to go now.

We have a couple of last steps to perform and then you're all set. :)

To clear away the tools we have been using download Delfix from here.

Put a check (tick) in the following boxes:

  • Activate UAC
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset System Settings
  • Then click Run

Any remaining tools may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder:  Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java, see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:

  •  
  •  
  • If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

        * Click Start > Control Panel > System and Security > Windows Update
        * Under Windows Update click on Turn automatic updating on or off
        * Check items shown to ensure you receive updates automatically. Click OK.
  •  
  •  

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!


  • 0

#12
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

#13
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Topic reopened at users request.

 

After re-installation of a program the problem has returned.

 

 

After installation of Webclipper a second extension installed itself (!)


  • 0

#14
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Hello again Belnifore,

 

Let's have another look at things. :)

 

Please download Farbar Recovery Scan Tool from here and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

 

 


  • 0

#15
Belnifore

Belnifore

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Hi again emeraldnzl,

 

Nice to hear from you again :-)

 

Here we go, FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by andee (administrator) on ANDEEMACHINE on 15-04-2014 23:48:01
Running from C:\Users\andee\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Users\andee\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Google Inc.) C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
(Google Inc.) C:\Users\andee\AppData\Local\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Users\andee\AppData\Local\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(HP) C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Elaborate Bytes AG) C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe
(Apple Inc.) C:\Program Files (x86)\AirPort\APAgent.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dropbox, Inc.) C:\Users\andee\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [236544 2008-10-10] (Logitech, Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [855608 2007-09-27] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPPQVideo] => C:\Program Files (x86)\HP\ScheduledLaunch\HP Color LaserJet CP1510 Series\bin\hppschlnch.exe [106496 2007-05-07] (Hewlett-Packard)
HKLM-x32\...\Run: [ToolBoxFX] => C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe [53248 2007-08-28] (HP)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [36864 2007-05-08] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AirPort Base Station Agent] => C:\Program Files (x86)\AirPort\APAgent.exe [771360 2009-11-11] (Apple Inc.)
HKLM-x32\...\Run: [Razer Nostromo Driver] => C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe [978840 2011-07-19] (Razer USA Ltd)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [739936 2012-11-27] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *‮* <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\utorrent\utorrent.exe <====== ATTENTION
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [118104 2014-04-01] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [163328 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [Google Update] => C:\Users\andee\AppData\Local\Google\Update\GoogleUpdate.exe [133104 2008-11-14] (Google Inc.)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [Steam] => "C:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [4735BA8321D1A27DF82FEEA48AB454EEB921043E._service_run] => C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe [861000 2014-04-08] (Google Inc.)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [118104 2014-04-01] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\MountPoints2: {3998ed03-56ef-11df-8f3c-00196684b831} - H:\DTE_Privacy_launcher.exe
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\MountPoints2: {94718c85-90bb-11e3-b9bd-bc5ff4b16f04} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\MountPoints2: {a22955d8-2f82-11df-ba9a-00196684b831} - E:\steambackup.EXE
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\MountPoints2: {a22955da-2f82-11df-ba9a-00196684b831} - F:\SETUP.EXE
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\MountPoints2: {a22955ea-2f82-11df-ba9a-00196684b831} - G:\setup.exe
HKU\S-1-5-21-3263022290-3832323690-497936285-1000\...\MountPoints2: {e181a940-0881-11e1-9e3d-806e6f6e6963} - E:\autorun.exe
Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\andee\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.c...ferrer:source?}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.c...ferrer:source?}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...age={startPage}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\andee\AppData\Roaming\Mozilla\Firefox\Profiles\0yuui377.default
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\andee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\andee\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\andee\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\andee\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\andee\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\andee\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\andee\AppData\Roaming\Mozilla\Firefox\Profiles\0yuui377.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-03-29]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-29]
CHR Extension: (Google Drive) - C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-29]
CHR Extension: (YouTube) - C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-29]
CHR Extension: (Google-Suche) - C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-29]
CHR Extension: (Google Kalender) - C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-04-14]
CHR Extension: (Google Wallet) - C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-07-18]
CHR Extension: (Evernote Web Clipper) - C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-04-14]
CHR Extension: (Google Mail) - C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-29]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\andee\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-07]
CHR StartMenuInternet: Google Chrome - C:\Users\andee\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [431960 2014-04-01] (Garmin Ltd or its subsidiaries)
S3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [51168 2009-09-23] (NOS Microsystems Ltd.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-05-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-01-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [323584 2012-10-06] (SafeNet Inc.)
S3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-01-10] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
S3 rzjoystk; C:\Windows\System32\DRIVERS\rzjoystk.sys [19968 2011-03-24] (Razer USA Ltd)
S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [157184 2011-07-14] (Razer USA Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-11-06] ()
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-15 23:48 - 2014-04-15 23:48 - 00044858 _____ () C:\Users\andee\Downloads\FRST.txt
2014-04-15 23:47 - 2014-04-15 23:48 - 00000000 ____D () C:\FRST
2014-04-15 23:47 - 2014-04-15 23:47 - 02054144 _____ (Farbar) C:\Users\andee\Downloads\FRST64.exe
2014-04-14 23:30 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-14 23:30 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-14 23:30 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-14 23:30 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-14 23:30 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-14 23:30 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-14 23:30 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-14 23:30 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-14 23:30 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-14 23:30 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-14 23:30 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-14 23:30 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-14 23:30 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-14 23:30 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-14 23:30 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-14 23:30 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-14 23:30 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-14 23:30 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-14 23:30 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-14 23:30 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-14 23:30 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-14 23:30 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-14 23:30 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-14 23:30 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-14 23:30 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-14 23:30 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-14 23:30 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-14 23:30 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-14 23:30 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-14 23:30 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-14 23:30 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-14 23:30 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-14 23:30 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-14 23:30 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-14 23:30 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-14 23:30 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-14 23:30 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-14 23:30 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-14 23:30 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-14 23:30 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-14 23:30 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-14 23:30 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-14 23:30 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-14 23:30 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-14 23:30 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-14 23:30 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-14 23:30 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-14 23:30 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-14 22:08 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-14 22:08 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-14 22:08 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-14 22:08 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-14 22:08 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-14 22:07 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-14 22:07 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-14 22:07 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-14 22:07 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-14 22:07 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-14 22:07 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-14 22:07 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-14 22:07 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-14 22:07 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-14 22:07 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-14 22:07 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-14 22:07 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 20:29 - 2014-04-07 20:29 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2014-04-07 20:29 - 2014-04-07 20:29 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin
2014-04-01 21:19 - 2014-04-01 21:19 - 00329185 _____ () C:\Users\andee\Downloads\ME83-31122013.xlsx
2014-04-01 20:53 - 2014-04-01 20:53 - 00001079 _____ () C:\Users\andee\Downloads\progressReport (1).csv
2014-04-01 20:52 - 2014-04-01 20:52 - 00000284 _____ () C:\Users\andee\Downloads\progressReport.csv
2014-03-31 20:40 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-31 20:40 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-30 01:21 - 2014-03-30 01:22 - 83571552 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\andee\Downloads\Evernote_5.2.1.3108.exe
2014-03-30 00:31 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-03-30 00:31 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-30 00:31 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-30 00:31 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-03-30 00:31 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-03-30 00:31 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-30 00:31 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-03-30 00:31 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-30 00:31 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-03-30 00:31 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-03-30 00:31 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-03-30 00:31 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-03-30 00:31 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-30 00:31 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-03-30 00:31 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-30 00:31 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-03-30 00:01 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-03-30 00:01 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-29 23:26 - 2014-03-29 23:26 - 00809976 _____ (Foolish IT LLC ) C:\Users\andee\Downloads\CryptoPreventSetup.exe
2014-03-29 23:26 - 2014-03-29 23:26 - 00000000 ____D () C:\Program Files (x86)\Foolish IT
2014-03-29 23:21 - 2014-03-29 23:21 - 00001242 _____ () C:\DelFix.txt
2014-03-29 23:21 - 2014-03-29 23:21 - 00000000 ____D () C:\Windows\ERUNT
2014-03-29 20:45 - 2014-03-29 20:46 - 46781480 _____ () C:\Users\andee\Downloads\TrainingCenter_365.exe
2014-03-29 17:44 - 2014-04-07 20:29 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-03-29 17:44 - 2014-04-07 20:29 - 00001888 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-03-29 17:44 - 2014-04-07 20:29 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-29 17:44 - 2014-04-07 20:29 - 00000000 ____D () C:\ProgramData\Garmin
2014-03-29 17:44 - 2014-04-07 20:29 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-03-29 17:44 - 2014-03-29 17:44 - 00000000 ____D () C:\Users\andee\AppData\Roaming\Garmin
2014-03-29 17:44 - 2014-03-29 17:44 - 00000000 ____D () C:\Users\andee\AppData\Local\Garmin
2014-03-29 17:44 - 2014-03-29 17:44 - 00000000 ____D () C:\Program Files\DIFX
2014-03-29 17:43 - 2014-03-29 17:43 - 30751976 _____ (Garmin Ltd or its subsidiaries) C:\Users\andee\Downloads\GarminExpressInstaller.exe
2014-03-29 17:24 - 2014-03-29 17:24 - 00002954 _____ () C:\Users\andee\Desktop\ESET-Scan-29032014.txt
2014-03-29 11:54 - 2014-03-29 11:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 11:08 - 2014-03-29 11:08 - 00000000 ____D () C:\Users\andee\Downloads\webapp
2014-03-29 11:08 - 2014-03-29 11:08 - 00000000 ____D () C:\Users\andee\Downloads\TcpView-3.05
2014-03-29 11:08 - 2014-03-29 11:08 - 00000000 ____D () C:\Users\andee\Downloads\server
2014-03-29 11:08 - 2014-03-29 11:08 - 00000000 ____D () C:\Users\andee\Downloads\licenses
2014-03-29 11:08 - 2012-12-02 14:33 - 00000000 ____D () C:\Users\andee\Downloads\LINDA
2014-03-29 11:08 - 2009-08-10 20:54 - 00000000 ____D () C:\Users\andee\Downloads\Incoming
2014-03-29 11:06 - 2014-03-29 11:08 - 00000000 ____D () C:\Users\andee\Downloads\Fast Five (2011) [1080p] {5.1}
2014-03-29 11:06 - 2014-03-29 11:06 - 00000000 ____D () C:\Users\andee\Downloads\Camera_Raw_5_1
2014-03-29 11:06 - 2014-03-19 23:56 - 12589848 _____ (Malwarebytes Corp.) C:\Users\andee\Downloads\mbar-1.07.0.1009.exe
2014-03-29 11:06 - 2014-03-08 20:50 - 19255196 _____ () C:\Users\andee\Downloads\maptool-1.3.b90-beta.zip
2014-03-29 11:06 - 2014-03-08 20:49 - 00113181 _____ () C:\Users\andee\Downloads\maptool-launcher-130829.01.zip
2014-03-29 11:06 - 2014-03-08 16:25 - 00921000 _____ (Oracle Corporation) C:\Users\andee\Downloads\chromeinstall-7u51.exe
2014-03-29 11:06 - 2014-03-07 23:33 - 08518799 _____ () C:\Users\andee\Downloads\initiativetool-1.1.b9.zip
2014-03-29 11:06 - 2014-03-07 23:33 - 03455475 _____ () C:\Users\andee\Downloads\tokentool-1.0.b28.zip
2014-03-29 11:06 - 2014-03-07 23:33 - 01436268 _____ () C:\Users\andee\Downloads\dicetool-1.0.b34.zip
2014-03-29 11:06 - 2014-03-07 23:32 - 08081013 _____ () C:\Users\andee\Downloads\chartool-1.0.b15.zip
2014-03-29 11:06 - 2014-03-07 23:12 - 19130374 _____ () C:\Users\andee\Downloads\maptool-1.3.b89.zip
2014-03-29 11:06 - 2013-12-29 14:03 - 05874897 _____ () C:\Users\andee\Downloads\BattlefleetGothicPaperShips.rar
2014-03-29 11:06 - 2013-12-29 14:03 - 03868559 _____ () C:\Users\andee\Downloads\RTPCMiniPSD.rar
2014-03-29 11:06 - 2013-12-29 14:03 - 03583830 _____ () C:\Users\andee\Downloads\RTOrkShipsPNG.rar
2014-03-29 11:06 - 2013-12-29 14:03 - 02950818 _____ () C:\Users\andee\Downloads\RTEldarShipsPNG.rar
2014-03-29 11:06 - 2013-12-29 13:46 - 06622617 _____ () C:\Users\andee\Downloads\RTImperialShipsPNG.rar
2014-03-29 11:06 - 2013-12-13 00:31 - 74094015 _____ () C:\Users\andee\Downloads\doseone - the SamuraiGUNN EP.zip
2014-03-29 11:06 - 2013-11-24 18:04 - 05831344 _____ (TeamViewer GmbH) C:\Users\andee\Downloads\TeamViewer_Setup_de.exe
2014-03-29 11:06 - 2013-11-17 00:52 - 20655157 _____ () C:\Users\andee\Downloads\StealthBastard-1.10.exe
2014-03-29 11:06 - 2013-11-14 21:37 - 00745248 _____ (Wondershare) C:\Users\andee\Downloads\video-converter-ultimate_setup_full975.exe
2014-03-29 11:06 - 2013-11-14 21:36 - 08465920 _____ (FreeAudioVideoSoftTech, Inc. ) C:\Users\andee\Downloads\FreeiPadVideo3721Converter.exe
2014-03-29 11:06 - 2013-10-21 06:19 - 00286305 _____ () C:\Users\andee\Downloads\AS_SSD17_Benchmark.zip
2014-03-29 11:06 - 2013-08-15 14:49 - 57974784 _____ () C:\Users\andee\Downloads\calibre-64bit-0.9.43.msi
2014-03-29 11:06 - 2013-08-11 12:04 - 00291606 _____ () C:\Users\andee\Downloads\TcpView-3.05.zip
2014-03-29 11:06 - 2013-08-11 12:04 - 00000147 _____ () C:\Users\andee\Downloads\IPCONFIG-readout.txt
2014-03-29 11:06 - 2013-07-26 10:42 - 02328864 _____ () C:\Users\andee\Downloads\AmazonMP3DownloaderInstall._V383688031_.exe
2014-03-29 11:06 - 2013-07-10 20:40 - 00642712 _____ (Microsoft Corporation) C:\Users\andee\Downloads\gfwlivesetup.exe
2014-03-29 11:06 - 2013-07-09 23:32 - 00171176 _____ (http://x360ce.googlecode.com) C:\Users\andee\Downloads\xinput1_3.dll
2014-03-29 11:06 - 2013-07-09 23:32 - 00002934 _____ () C:\Users\andee\Downloads\x360ce.ini
2014-03-29 11:06 - 2013-07-09 23:26 - 00850383 _____ () C:\Users\andee\Downloads\x360ce.App-2.0.2.158.zip
2014-03-29 11:06 - 2013-07-09 22:53 - 00140561 _____ () C:\Users\andee\Downloads\microsoftaccounts (1).diagcab
2014-03-29 11:06 - 2013-05-03 09:42 - 34767909 _____ (XMind Ltd. ) C:\Users\andee\Downloads\xmind-windows-3.3.1.201212250029.exe
2014-03-29 11:06 - 2013-04-27 19:09 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\andee\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-29 11:06 - 2013-04-22 23:00 - 00290882 _____ () C:\Users\andee\Downloads\output.zip
2014-03-29 11:06 - 2013-04-20 16:40 - 826229968 _____ (Adobe Systems Incorporated) C:\Users\andee\Downloads\Lightroom_4_LS11_win_4_4.exe
2014-03-29 11:06 - 2013-04-20 16:08 - 07905375 _____ () C:\Users\andee\Downloads\Camera_Raw_5_1.zip
2014-03-29 11:06 - 2013-04-20 00:24 - 00747721 _____ () C:\Users\andee\Downloads\windirstat1_1_2-exe-unicode.zip
2014-03-29 11:06 - 2013-03-09 13:48 - 00561832 _____ (Microsoft Corporation) C:\Users\andee\Downloads\Setup.x86.de-DE_ProPlusRetail_Q6MGK-4QNJC-VXJCC-BF4FR-W8C9Q_act_1_.exe
2014-03-29 11:06 - 2012-09-24 20:54 - 00052043 _____ () C:\Users\andee\Downloads\MAPS-EarthShallNot.pptx
2014-03-29 11:06 - 2012-05-09 20:19 - 00932704 _____ (DivX, LLC) C:\Users\andee\Downloads\DivXInstaller.exe
2014-03-29 11:06 - 2012-05-02 22:46 - 00740104 _____ (Google Inc.) C:\Users\andee\Downloads\googledrivesync.exe
2014-03-29 11:06 - 2012-03-31 23:22 - 00044544 _____ () C:\Users\andee\Downloads\KB 2010.xls
2014-03-29 11:06 - 2012-03-31 23:19 - 00013824 _____ () C:\Users\andee\Downloads\RP Kassenbericht & Einnahmen Ausgaben 2011.xls
2014-03-29 11:06 - 2012-03-28 20:51 - 00000052 _____ () C:\Users\andee\Downloads\text_0.txt
2014-03-29 11:06 - 2012-02-15 10:27 - 00021430 _____ () C:\Users\andee\Downloads\BrüKö JF ToDo Liste 10022012.xlsx
2014-03-29 11:06 - 2011-12-16 23:45 - 01342120 _____ (TocaEdit) C:\Users\andee\Downloads\x360ce.exe
2014-03-29 11:06 - 2011-12-11 15:08 - 00082432 _____ (Google, Inc.) C:\Users\andee\Downloads\google-refine.exe
2014-03-29 11:06 - 2011-12-11 15:08 - 00004634 _____ () C:\Users\andee\Downloads\refine.bat
2014-03-29 11:06 - 2011-12-11 15:08 - 00003177 _____ () C:\Users\andee\Downloads\LICENSE.txt
2014-03-29 11:06 - 2011-12-11 15:08 - 00001969 _____ () C:\Users\andee\Downloads\README.txt
2014-03-29 11:06 - 2011-12-11 15:08 - 00000310 _____ () C:\Users\andee\Downloads\refine.ini
2014-03-29 11:06 - 2011-12-11 15:08 - 00000229 _____ () C:\Users\andee\Downloads\google-refine.l4j.ini
2014-03-29 11:06 - 2011-11-06 05:46 - 633364899 _____ () C:\Users\andee\Downloads\Terraformer_v050.zip
2014-03-29 11:06 - 2010-12-19 17:47 - 00000327 _____ () C:\Users\andee\Downloads\1st read this!.txt
2014-03-29 11:06 - 2005-07-16 12:00 - 00651264 _____ (Seifert) C:\Users\andee\Downloads\windirstat.exe
2014-03-29 11:06 - 2005-07-16 12:00 - 00286720 _____ (Seifert) C:\Users\andee\Downloads\setup.exe
2014-03-29 11:06 - 2005-07-16 12:00 - 00065536 _____ () C:\Users\andee\Downloads\wdsr040c.dll
2014-03-29 11:06 - 2005-07-16 12:00 - 00061440 _____ () C:\Users\andee\Downloads\wdsr0419.dll
2014-03-29 11:06 - 2005-07-16 12:00 - 00061440 _____ () C:\Users\andee\Downloads\wdsr0415.dll
2014-03-29 11:06 - 2005-07-16 12:00 - 00061440 _____ () C:\Users\andee\Downloads\wdsr0410.dll
2014-03-29 11:06 - 2005-07-16 12:00 - 00061440 _____ () C:\Users\andee\Downloads\wdsr040e.dll
2014-03-29 11:06 - 2005-07-16 12:00 - 00061440 _____ () C:\Users\andee\Downloads\wdsr040a.dll
2014-03-29 11:06 - 2005-07-16 12:00 - 00061440 _____ () C:\Users\andee\Downloads\wdsr0407.dll
2014-03-29 11:06 - 2005-07-16 12:00 - 00061440 _____ () C:\Users\andee\Downloads\wdsr0405.dll
2014-03-29 11:06 - 2005-07-16 12:00 - 00058546 _____ () C:\Users\andee\Downloads\wdsh040e.chm
2014-03-29 11:06 - 2005-07-16 12:00 - 00056806 _____ () C:\Users\andee\Downloads\wdsh0415.chm
2014-03-29 11:06 - 2005-07-16 12:00 - 00055920 _____ () C:\Users\andee\Downloads\wdsh0407.chm
2014-03-29 11:06 - 2005-07-16 12:00 - 00051514 _____ () C:\Users\andee\Downloads\windirstat.chm
2014-03-29 11:06 - 2005-07-16 12:00 - 00022528 _____ (Microsoft Corporation) C:\Users\andee\Downloads\shfolder.dll
2014-03-27 21:28 - 2014-03-27 21:28 - 00000082 _____ () C:\folders.txt
2014-03-27 21:16 - 2014-03-29 16:37 - 00000000 ____D () C:\zoek_backup
2014-03-26 23:06 - 2014-03-26 23:06 - 00000273 _____ () C:\Users\andee\Desktop\Using Chrome keep getting popups from abnxs.com - Virus, Spyware, Malware Removal.URL
2014-03-26 02:03 - 2014-03-26 22:54 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-03-24 01:32 - 2014-03-24 01:32 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-23 17:50 - 2014-03-23 17:50 - 00000202 _____ () C:\Users\andee\Desktop\Wargame AirLand Battle.url

==================== One Month Modified Files and Folders =======

2014-04-15 23:48 - 2014-04-15 23:48 - 00044858 _____ () C:\Users\andee\Downloads\FRST.txt
2014-04-15 23:48 - 2014-04-15 23:47 - 00000000 ____D () C:\FRST
2014-04-15 23:47 - 2014-04-15 23:47 - 02054144 _____ (Farbar) C:\Users\andee\Downloads\FRST64.exe
2014-04-15 23:47 - 2009-10-20 22:13 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500UA.job
2014-04-15 23:40 - 2009-07-01 03:41 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000UA.job
2014-04-15 23:35 - 2010-03-14 01:25 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{41F81915-9EB9-4574-A4C8-039E4396298D}
2014-04-15 23:31 - 2008-11-16 16:45 - 00000000 ____D () C:\Users\andee\AppData\Roaming\Dropbox
2014-04-15 23:18 - 2012-08-03 19:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-15 23:18 - 2012-08-03 19:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-15 23:18 - 2012-04-03 20:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-15 23:18 - 2011-10-11 22:59 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-15 23:18 - 2008-11-11 23:24 - 00000000 ____D () C:\Users\andee\AppData\Local\Adobe
2014-04-15 23:17 - 2008-11-16 16:47 - 00000000 ___RD () C:\Users\andee\My Dropbox
2014-04-15 23:17 - 2008-11-16 16:45 - 00000000 ____D () C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-15 23:17 - 2008-11-06 23:15 - 00000000 ___RD () C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-15 23:16 - 2012-05-02 22:48 - 00000000 ___RD () C:\Users\andee\Google Drive
2014-04-15 23:16 - 2010-06-01 00:59 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-15 23:10 - 2010-03-14 01:12 - 01261386 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 22:56 - 2010-06-01 00:59 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-15 22:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-15 21:47 - 2010-03-14 00:22 - 00019600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 21:47 - 2010-03-14 00:22 - 00019600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 21:45 - 2009-07-14 19:58 - 00704580 _____ () C:\Windows\system32\perfh007.dat
2014-04-15 21:45 - 2009-07-14 19:58 - 00151484 _____ () C:\Windows\system32\perfc007.dat
2014-04-15 21:45 - 2009-07-14 07:13 - 01634912 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-15 21:41 - 2010-06-27 01:00 - 17422550 _____ () C:\Windows\setupact.log
2014-04-15 21:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-15 21:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-15 21:38 - 2010-03-14 00:50 - 00386754 _____ () C:\Windows\PFRO.log
2014-04-14 23:31 - 2008-11-07 00:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-14 23:30 - 2013-08-15 23:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-14 23:29 - 2010-04-19 22:57 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-14 22:28 - 2013-03-09 13:49 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-14 22:03 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-09 21:46 - 2011-01-06 18:12 - 00000000 ____D () C:\Users\andee\AppData\Roaming\vlc
2014-04-09 20:40 - 2009-07-01 03:41 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000Core.job
2014-04-09 19:47 - 2009-10-20 22:13 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500Core.job
2014-04-07 20:29 - 2014-04-07 20:29 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2014-04-07 20:29 - 2014-04-07 20:29 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin
2014-04-07 20:29 - 2014-03-29 17:44 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-04-07 20:29 - 2014-03-29 17:44 - 00001888 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-04-07 20:29 - 2014-03-29 17:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-07 20:29 - 2014-03-29 17:44 - 00000000 ____D () C:\ProgramData\Garmin
2014-04-07 20:29 - 2014-03-29 17:44 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-04-03 22:01 - 2012-03-02 23:11 - 00000000 ____D () C:\ProgramData\Origin
2014-04-03 22:01 - 2012-03-02 23:09 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-03 20:51 - 2010-06-01 00:59 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-03 20:51 - 2010-06-01 00:59 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-03 20:35 - 2009-07-01 03:41 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000UA
2014-04-03 20:35 - 2009-07-01 03:41 - 00003698 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000Core
2014-04-01 21:19 - 2014-04-01 21:19 - 00329185 _____ () C:\Users\andee\Downloads\ME83-31122013.xlsx
2014-04-01 20:53 - 2014-04-01 20:53 - 00001079 _____ () C:\Users\andee\Downloads\progressReport (1).csv
2014-04-01 20:52 - 2014-04-01 20:52 - 00000284 _____ () C:\Users\andee\Downloads\progressReport.csv
2014-03-30 01:22 - 2014-03-30 01:21 - 83571552 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\andee\Downloads\Evernote_5.2.1.3108.exe
2014-03-30 01:16 - 2012-11-10 18:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 23:26 - 2014-03-29 23:26 - 00809976 _____ (Foolish IT LLC ) C:\Users\andee\Downloads\CryptoPreventSetup.exe
2014-03-29 23:26 - 2014-03-29 23:26 - 00000000 ____D () C:\Program Files (x86)\Foolish IT
2014-03-29 23:21 - 2014-03-29 23:21 - 00001242 _____ () C:\DelFix.txt
2014-03-29 23:21 - 2014-03-29 23:21 - 00000000 ____D () C:\Windows\ERUNT
2014-03-29 20:46 - 2014-03-29 20:45 - 46781480 _____ () C:\Users\andee\Downloads\TrainingCenter_365.exe
2014-03-29 17:44 - 2014-03-29 17:44 - 00000000 ____D () C:\Users\andee\AppData\Roaming\Garmin
2014-03-29 17:44 - 2014-03-29 17:44 - 00000000 ____D () C:\Users\andee\AppData\Local\Garmin
2014-03-29 17:44 - 2014-03-29 17:44 - 00000000 ____D () C:\Program Files\DIFX
2014-03-29 17:43 - 2014-03-29 17:43 - 30751976 _____ (Garmin Ltd or its subsidiaries) C:\Users\andee\Downloads\GarminExpressInstaller.exe
2014-03-29 17:24 - 2014-03-29 17:24 - 00002954 _____ () C:\Users\andee\Desktop\ESET-Scan-29032014.txt
2014-03-29 16:37 - 2014-03-27 21:16 - 00000000 ____D () C:\zoek_backup
2014-03-29 11:54 - 2014-03-29 11:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 11:08 - 2014-03-29 11:08 - 00000000 ____D () C:\Users\andee\Downloads\webapp
2014-03-29 11:08 - 2014-03-29 11:08 - 00000000 ____D () C:\Users\andee\Downloads\TcpView-3.05
2014-03-29 11:08 - 2014-03-29 11:08 - 00000000 ____D () C:\Users\andee\Downloads\server
2014-03-29 11:08 - 2014-03-29 11:08 - 00000000 ____D () C:\Users\andee\Downloads\licenses
2014-03-29 11:08 - 2014-03-29 11:06 - 00000000 ____D () C:\Users\andee\Downloads\Fast Five (2011) [1080p] {5.1}
2014-03-29 11:06 - 2014-03-29 11:06 - 00000000 ____D () C:\Users\andee\Downloads\Camera_Raw_5_1
2014-03-29 11:06 - 2010-03-14 00:25 - 00000000 ____D () C:\Users\andee
2014-03-29 09:48 - 2013-12-28 23:27 - 00005152 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for andeemachine-andee andeemachine
2014-03-27 21:28 - 2014-03-27 21:28 - 00000082 _____ () C:\folders.txt
2014-03-26 23:06 - 2014-03-26 23:06 - 00000273 _____ () C:\Users\andee\Desktop\Using Chrome keep getting popups from abnxs.com - Virus, Spyware, Malware Removal.URL
2014-03-26 22:54 - 2014-03-26 02:03 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-03-25 06:43 - 2008-12-27 11:29 - 00000000 ____D () C:\Users\andee\AppData\Roaming\uTorrent
2014-03-24 22:39 - 2009-07-14 06:45 - 03130136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-24 01:32 - 2014-03-24 01:32 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-23 17:50 - 2014-03-23 17:50 - 00000202 _____ () C:\Users\andee\Desktop\Wargame AirLand Battle.url
2014-03-23 00:37 - 2014-03-03 00:10 - 00007604 _____ () C:\Users\andee\Documents\TombRaider.log
2014-03-22 19:44 - 2008-11-09 01:03 - 00000000 ____D () C:\Users\andee\AppData\Roaming\Mozilla
2014-03-19 23:56 - 2014-03-29 11:06 - 12589848 _____ (Malwarebytes Corp.) C:\Users\andee\Downloads\mbar-1.07.0.1009.exe
2014-03-19 00:18 - 2012-04-10 21:13 - 00000000 ____D () C:\ProgramData\Army Builder

Some content of TEMP:
====================
C:\Users\andee\AppData\Local\Temp\avgnt.exe
C:\Users\andee\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3r8zex.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-09 19:45

==================== End Of Log ============================

 

and then also ADDITION.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2014
Ran by andee at 2014-04-15 23:48:18
Running from C:\Users\andee\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30488 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.5.5 - Adobe Systems) Hidden
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Contribute CS4 (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Master Collection (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CS4 American English Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Download Manager (HKLM-x32\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.48 - NOS Microsystems Ltd.)
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 Codecs (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Extension - Flash Lite STI others (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 STI-other (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{3A6829EF-0791-4FDD-9382-C690DD0821B9}) (Version: 10.0.2.54 - Adobe Systems, Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS4 (x32 Version: 14.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Application Feature Set Files (Roman) (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Common Base Files (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Dolby (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe OnLocation CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Adobe Premiere Pro CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Functional Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe SGM CS4 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe SING CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS4 Codecs (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS4 Server (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma Tactics (HKLM-x32\...\Steam App 224860) (Version:  - Bohemia Interactive)
Army Builder 3.4b (HKLM-x32\...\{43867B63-C464-4570-823D-D92DC08E3400}_is1) (Version: 3.4b - Lone Wolf Development, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BIPA FotoShop (HKLM-x32\...\BIPA FotoShop) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
calibre 64bit (HKLM\...\{2B5D6B29-7348-4404-B992-B557B4D1F055}) (Version: 0.9.40 - Kovid Goyal)
Call of Duty® 4 - Modern Warfare™ 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.5 Multiplayer Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version:  - ) Hidden
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.2.3442 - CDBurnerXP)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CryptoPrevent v4.3.0 (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
DeviceDiscovery (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.8.16603 - Blizzard Entertainment)
DivX Converter (HKLM-x32\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.29 - Dropbox, Inc.)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Elevated Installer (x32 Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
eSupportQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Evernote v. 5.2.1 (HKLM-x32\...\{5E6D0ABA-ABDE-11E3-9AED-00163E98E7D6}) (Version: 5.2.1.3108 - Evernote Corp.)
FastCAD (HKLM-x32\...\FastCAD) (Version:  - )
ffdshow [rev 2280] [2008-11-02] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Fractal Mapper v8.01a (HKLM-x32\...\Fractal Mapper_is1) (Version: 8.01a - NBOS Software)
Fractal Terrains 3 (HKLM-x32\...\Fractal Terrains 3) (Version: 3.0.4 - ProFantasy Software)
Fractal Terrains 3 (x32 Version: 3.0.4 - ProFantasy Software) Hidden
Free ISO Grabber 4.1.5 (HKLM-x32\...\Free ISO Grabber_is1) (Version:  - FreeAudioVideoSoftTech, Inc.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.0.0.0 - Futuremark Corporation)
G9x User's Guide (HKLM\...\{05408942-55F9-4D32-AE07-A9ECDC013961}) (Version: 1.10.0000 - Logitech)
Garmin Express (HKLM-x32\...\{50b02c70-f203-47ba-a926-5e4d816688db}) (Version: 3.1.7.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Hidden
gDocBinder (HKLM-x32\...\{D92E093D-C577-4D55-AB3D-5E10AAA24D13}) (Version: 1.0.0.0 - Global Graphics Software Ltd)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.27 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 6 (HKLM-x32\...\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}) (Version: 6.0.01337 - Google)
Google SketchUp 6 (x32 Version: 6.4.112 - Google) Hidden
Google SketchUp 7 (HKLM-x32\...\{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}) (Version: 2.1.6863 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{E121A4FE-009B-385B-BB0D-B934E2A88288}) (Version: 5.2.4.18058 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HP Color LaserJet CP1510 Series 2.0 (HKLM\...\{223C0721-A6B0-4853-88C0-331029841734}) (Version: 2.0 - HP)
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP Product Assistant (x32 Version: 100.000.001.000 - Hewlett-Packard) Hidden
HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
hppCLJCP1510 (x32 Version: 003.000.00186 - Hewlett-Packard) Hidden
hppFonts (x32 Version: 001.001.00056 - Hewlett-Packard) Hidden
hppManualsCP1510 (x32 Version: 003.000.00190 - Ihr Firmenname) Hidden
hppPQVideoCP1510 (x32 Version: 003.000.00157 - Ihr Firmenname) Hidden
HPProductAssistant (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
hppTLBXFXCP1510 (x32 Version: 001.003.00081 - Hewlett-Packard) Hidden
hppusgCP1510 (x32 Version: 000.000.00012 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Ihr Firmenname)
hpzTLBXFX (x32 Version: 003.013.00279 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Inkscape 0.46 (HKLM-x32\...\Inkscape) (Version: 0.46 - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
iPhone-Konfigurationsprogramm (HKLM-x32\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Logitech SetPoint 5.10 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.10 - Logitech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Manhunt 2 (HKLM-x32\...\Manhunt 2) (Version: 1.00.0000 - Rockstar Games)
MarketResearch (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version:  - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4605.1003 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Surface 2.0 Runtime (HKLM-x32\...\{69C2B39D-F060-49AD-8877-01C4144A8424}) (Version: 2.0.21114.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.1 (HKLM\...\{903029FE-FA82-427B-916C-AD08185DA3C2}) (Version: 1.10.123.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{3dbea378-89b6-41db-a3c2-0f035afe3a40}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.12.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFCanvas V1.5 (HKLM-x32\...\PDFCanvas V1.5) (Version:  - )
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
Product_SF_Full_QFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Product_SF_Min_QFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
R for Windows 2.15.1 (HKLM\...\R for Windows 2.15.1_is1) (Version: 2.15.1 - R Core Team)
Razer Nostromo (HKLM-x32\...\{0214578F-4888-43FB-9E34-C14FCFDEDDEB}) (Version: 2.02.08 - Razer USA Ltd.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games)
Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Sam and Max - Season One 1.0 (HKLM-x32\...\Sam and Max - Season One) (Version: 1.0 - JoWooD Productions)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scribus 1.3.3.12 (HKLM-x32\...\Scribus 1.3.3.12) (Version: 1.3.3.12 - The Scribus Team)
Scrivener Update (HKLM-x32\...\Scrivener 1030) (Version: 1610 - Literature and Latte)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimpleScreenshot 1.40 (HKLM-x32\...\SimpleScreenshot) (Version:  - )
SIW version 2011.10.29 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 2.0.7.25293 - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Syndicate™ (HKLM-x32\...\{FA602928-EB59-449c-B9F7-1FBE1291B63D}) (Version: 1.0.0.1 - Electronic Arts)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version:  - Ubisoft Toronto)
TrayApp (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wargame: AirLand Battle (HKLM-x32\...\Steam App 222750) (Version:  - Eugen Systems)
WebReg (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live ID-Anmelde-Assistent (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{B0EFB716-085B-4564-8060-212E41F5CE50}) (Version: 6.500.3146.0 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Wondershare Video Converter Ultimate(Build 6.6.0.5) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 6.6.0.5 - Wondershare Software)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
XMind (HKLM-x32\...\XMind) (Version: 3.2.1 - XMind Ltd.)
Xvid 1.1.3 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))

==================== Restore Points  =========================


==================== Hosts content: ==========================

2006-11-02 14:34 - 2011-04-03 21:36 - 00001239 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {015D1F22-1CBE-495C-8D48-6DC760ABA89E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for andeemachine-andee andeemachine => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-04-14] (Microsoft Corporation)
Task: {11D08E89-D6F7-4803-BBAE-E0FDD1150173} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {27A4A28D-F85F-4C2F-BD57-5DBE12BB9C6D} - System32\Tasks\{DCC053F9-35FD-4FB2-AA0F-85AB1219EC8D} => Chrome.exe http://ui.skype.com/...all?page=tsMain
Task: {296A5035-0AAB-47F4-8665-F7A72C95D1F4} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {3A1DC352-C799-415D-81EC-BE30068B236A} - System32\Tasks\{E7043BF5-4893-4036-AEAD-5A093FCCA8A4} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {42B92EFC-B0C9-4F37-9A2E-99D156D8D69E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {52EC2058-B2A2-4437-B618-16A53D09A27F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500UA => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-20] (Google Inc.)
Task: {57C5FB60-D252-41C2-9771-8E01D6C9136D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {5AE9BB4A-228D-4B09-BF18-234048502588} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-04-14] (Microsoft Corporation)
Task: {5FE92A93-F13A-43EC-8B3B-1F1356A0593B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-04-01] ()
Task: {826053E7-C6AF-4EBD-925C-F3316982369D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-15] (Adobe Systems Incorporated)
Task: {87CC359D-6D33-4653-8BA9-D26C23DD9347} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation)
Task: {9475DD97-BB54-4FD8-A31A-032B4833F6AA} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {A71A5F0F-7AE9-4FF0-8F75-DFB174C4AC5E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-04-14] (Microsoft Corporation)
Task: {B09E6C36-1F97-4798-AF2D-0CC953C4491A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000Core => C:\Users\andee\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-14] (Google Inc.)
Task: {B657C6BA-1DF9-4FA9-BDF5-74D3954B9767} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2009-07-14] (Microsoft Corporation)
Task: {C15F8E8F-C064-4FEB-AF1A-4C3ACC1A2649} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {CB0F790F-FDE2-457D-8E3E-4CDA638F1CEE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500Core => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-20] (Google Inc.)
Task: {D8AD8600-713A-4217-A25D-A28C9B4AE476} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000UA => C:\Users\andee\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-14] (Google Inc.)
Task: {E49DF604-4657-42F3-8619-EF5B41C0F82D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-21] (Google Inc.)
Task: {F3547E96-3572-461F-BDEB-95FF9FA1CFD1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000Core.job => C:\Users\andee\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000UA.job => C:\Users\andee\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500Core.job => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500UA.job => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-14 22:28 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-03-09 13:49 - 2014-03-25 13:21 - 00629928 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-11-14 21:38 - 2013-08-23 14:36 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2008-11-07 00:44 - 2006-12-11 03:14 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2007-05-08 16:44 - 2007-05-08 16:44 - 00036864 _____ () C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
2013-08-29 02:23 - 2013-08-29 02:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-04-27 20:29 - 2013-01-25 09:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-21 06:23 - 2013-05-13 15:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-04-14 22:43 - 2014-04-08 04:44 - 00077128 _____ () C:\Users\andee\AppData\Local\Google\Chrome\Application\35.0.1916.27\mojo_system.dll
2014-04-14 22:16 - 2014-04-14 22:16 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-03-14 17:50 - 2014-03-14 17:50 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-03-14 17:50 - 2014-03-14 17:50 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-04-15 23:16 - 2014-04-15 23:16 - 00098816 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\win32api.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00110080 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\pywintypes27.dll
2014-04-15 23:16 - 2014-04-15 23:16 - 00364544 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\pythoncom27.dll
2014-04-15 23:16 - 2014-04-15 23:16 - 00044032 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\_socket.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 01157120 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\_ssl.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00320512 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\win32com.shell.shell.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00712192 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\_hashlib.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 01175040 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\wx._core_.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00805888 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\wx._gdi_.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00811008 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\wx._windows_.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 01062400 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\wx._controls_.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00735232 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\wx._misc_.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00128512 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\_elementtree.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00127488 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\pyexpat.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00557056 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\pysqlite2._sqlite.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00087040 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\_ctypes.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00119808 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\win32file.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00108544 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\win32security.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00018432 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\win32event.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00038912 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\win32inet.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00122368 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\wx._wizard.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00070656 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\wx._html2.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00026624 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\_multiprocessing.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00010240 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\select.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00024064 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\win32pipe.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00686080 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\unicodedata.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00025600 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\win32pdh.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00525640 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\windows._lib_cacheinvalidation.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00011264 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\win32crypt.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00035840 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\win32process.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00017408 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\win32profile.pyd
2014-04-15 23:16 - 2014-04-15 23:16 - 00022528 _____ () C:\Users\andee\AppData\Local\Temp\_MEI25882\win32ts.pyd
2007-08-28 10:00 - 2007-08-28 10:00 - 00069632 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPTools.dll
2007-08-28 10:00 - 2007-08-28 10:00 - 00069632 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\AppConstants.dll
2007-08-28 10:00 - 2007-08-28 10:00 - 00434176 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPAppTools.dll
2007-08-28 10:00 - 2007-08-28 10:00 - 00122880 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPToolkit.dll
2007-08-28 10:00 - 2007-08-28 10:00 - 00040960 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\Enumeration.dll
2007-08-28 10:01 - 2007-08-28 10:01 - 00573440 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\Alerts.dll
2007-08-28 10:00 - 2007-08-28 10:00 - 00016384 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPStreamsInterface.dll
2007-08-28 10:01 - 2007-08-28 10:01 - 00102400 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\HPFaxUtilities.dll
2007-08-28 10:00 - 2007-08-28 10:00 - 00032768 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\NamedPipeChannel.dll
2007-08-28 09:59 - 2007-08-28 09:59 - 00069632 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\nativeutils.dll
2013-05-20 13:50 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2007-05-08 16:44 - 2007-05-08 16:44 - 00057344 _____ () C:\Program Files (x86)\HP\HP UT\bin\HPUsageTracking.dll
2007-05-08 16:44 - 2007-05-08 16:44 - 00065536 _____ () C:\Program Files (x86)\HP\HP UT\bin\HPTools.dll
2007-05-08 16:44 - 2007-05-08 16:44 - 00114688 _____ () C:\Program Files (x86)\HP\HP UT\bin\HPToolkit.dll
2007-05-08 16:44 - 2007-05-08 16:44 - 00036864 _____ () C:\Program Files (x86)\HP\HP UT\bin\Enumeration.dll
2007-05-08 16:44 - 2007-05-08 16:44 - 00016384 _____ () C:\Program Files (x86)\HP\HP UT\bin\HPStreamsInterface.dll
2013-08-29 02:25 - 2013-08-29 02:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-04-15 23:17 - 2014-04-15 23:17 - 00041984 _____ () c:\users\andee\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3r8zex.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\andee\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-29 11:54 - 2014-03-29 11:54 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Windows is removing this device. (Code 21)
Resolution: Wait several seconds, and then press the F5 key to update the Device Manager view.
If that does not resolve the problem, restart your computer.

Name: Razer Nostromo
Description: Razer Nostromo
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Razer
Service: rzjoystk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 15

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 14


System errors:
=============
Error: (04/15/2014 11:17:19 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.

Error: (04/15/2014 09:42:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (04/15/2014 09:40:34 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b

Error: (04/15/2014 09:40:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (04/14/2014 10:02:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (04/14/2014 09:39:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (04/14/2014 09:32:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.

Error: (04/11/2014 06:48:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (04/11/2014 06:48:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (04/11/2014 06:48:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Anwendungsinformationen" ist vom Dienst "Benutzerprofildienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1062


Microsoft Office Sessions:
=========================
Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 15

Error: (04/15/2014 11:16:46 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 14


CodeIntegrity Errors:
===================================
  Date: 2010-02-05 10:22:22.737
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\atiumd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-02-05 10:22:22.694
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\atiumd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-02-03 20:12:27.550
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\atiumd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-02-03 20:12:27.506
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\atiumd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2009-11-05 17:25:13.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\atiumd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2009-11-05 17:25:13.777
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\atiumd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2009-10-20 20:31:34.416
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2009-10-20 20:31:34.380
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2009-10-20 20:31:34.344
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2009-10-20 20:31:34.308
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 8132.05 MB
Available physical RAM: 5755.22 MB
Total Pagefile: 16262.27 MB
Available Pagefile: 13468.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:30.77 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Andee Lokal 500GB) (Fixed) (Total:465.76 GB) (Free:36.31 GB) NTFS
Drive h: (Andee Lokal 1TB) (Fixed) (Total:931.51 GB) (Free:0 GB) NTFS
Drive k: (SAMSUNG) (Fixed) (Total:596.17 GB) (Free:2.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 0B523184)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 671D9220)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7AABCC1A)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 5 MB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 5 (Size: 596 GB) (Disk ID: 063FD150)
Partition 1: (Active) - (Size=596 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP