Hi there,
I seem to be experiencing similar problems like this user: http://www.geekstogo...xs#entry2242969
I don't know how I got infected but somehow it happened to my Google Chrome browser nevertheless. Now every few seconds beginning right from the start, abnxs.com tries to load popups (which mostly are blocked by Chrome) and constantly loads and plays sound-ads (which are not blocked and get quite annoying over time). I have to admit that I am a little bit spooked about this infection and having absolutely no clue how to have come across it...
Security measures I have taken so far (and to no avail):
I have installed Avira Free Antivirus which warns me every so often that something tries to autostart and is blocked.
I tried Malwarebytes which usually is quite reliable but did not find anything wrong or bad on my computer.
I made a Kapersky Rescue Disc 10 with updated library. Booted from it but after a whole day of scanning, it also didn't find anything.
I looked for help and among a ton of sites, this one caught my attention as to having solved a similiar problem and looking trustworthy and helpful.
For the time beeing I have stopped using Chrome and use Firefox instead.
Thx a lot for your time by the way and any help greatly appreciated,
Cheers, Belnifore
Here my OTL.txt:
OTL logfile created on: 26.03.2014 21:34:50 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Desktop\Zeugs
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7,94 Gb Total Physical Memory | 5,31 Gb Available Physical Memory | 66,87% Memory free
15,88 Gb Paging File | 12,63 Gb Available in Paging File | 79,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 18,20 Gb Free Space | 7,81% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 63,04 Gb Free Space | 13,53% Space Free | Partition Type: NTFS
Drive F: | 378,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 931,51 Gb Total Space | 0,01 Gb Free Space | 0,00% Space Free | Partition Type: NTFS
Drive K: | 596,17 Gb Total Space | 2,08 Gb Free Space | 0,35% Space Free | Partition Type: NTFS
Computer Name: ANDEEMACHINE | User Name: andee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2014.03.26 21:34:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Desktop\Zeugs\OTL.exe
PRC - [2014.03.11 22:09:10 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
PRC - [2014.03.03 09:39:34 | 001,106,784 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2014.02.21 19:24:14 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.02.20 17:33:03 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014.02.20 17:32:32 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014.02.20 17:32:30 | 000,689,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014.02.12 20:57:54 | 000,043,848 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2014.02.10 22:29:26 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Users\andee\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe
PRC - [2014.02.07 11:41:21 | 012,641,632 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2014.02.07 11:41:21 | 005,093,216 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2014.02.07 11:25:16 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2014.01.30 15:05:24 | 021,822,128 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014.01.24 01:56:42 | 033,509,888 | ---- | M] (Dropbox, Inc.) -- C:\Users\andee\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.12.18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.11.13 20:44:52 | 000,194,224 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office 15\root\office15\ONENOTEM.EXE
PRC - [2013.08.29 01:23:38 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013.07.18 00:44:32 | 000,292,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2013.06.13 14:15:34 | 001,743,648 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
PRC - [2013.05.30 15:01:58 | 000,364,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013.05.30 15:01:24 | 000,129,848 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013.05.30 15:01:12 | 000,167,736 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013.05.22 19:50:40 | 000,400,704 | ---- | M] () -- C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
PRC - [2013.05.08 02:17:22 | 000,642,664 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2013.04.04 13:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012.11.27 20:12:44 | 000,479,840 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2012.11.27 20:08:28 | 000,739,936 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
PRC - [2012.01.18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011.07.19 12:37:16 | 000,978,840 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
PRC - [2011.03.07 14:33:08 | 000,089,456 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009.11.11 15:17:02 | 000,771,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\AirPort\APAgent.exe
PRC - [2009.07.20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2007.08.28 09:01:34 | 000,053,248 | ---- | M] (HP) -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
PRC - [2007.05.08 15:44:58 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
========== Modules (No Company Name) ==========
MOD - [2014.03.26 20:55:20 | 000,041,984 | ---- | M] () -- c:\users\andee\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphgfjyh.dll
MOD - [2014.03.26 20:55:13 | 001,175,040 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._core_.pyd
MOD - [2014.03.26 20:55:13 | 001,157,120 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\_ssl.pyd
MOD - [2014.03.26 20:55:13 | 001,062,400 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._controls_.pyd
MOD - [2014.03.26 20:55:13 | 000,811,008 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._windows_.pyd
MOD - [2014.03.26 20:55:13 | 000,805,888 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._gdi_.pyd
MOD - [2014.03.26 20:55:13 | 000,735,232 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._misc_.pyd
MOD - [2014.03.26 20:55:13 | 000,712,192 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\_hashlib.pyd
MOD - [2014.03.26 20:55:13 | 000,686,080 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\unicodedata.pyd
MOD - [2014.03.26 20:55:13 | 000,557,056 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\pysqlite2._sqlite.pyd
MOD - [2014.03.26 20:55:13 | 000,525,640 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\windows._lib_cacheinvalidation.pyd
MOD - [2014.03.26 20:55:13 | 000,364,544 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\pythoncom27.dll
MOD - [2014.03.26 20:55:13 | 000,320,512 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32com.shell.shell.pyd
MOD - [2014.03.26 20:55:13 | 000,128,512 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\_elementtree.pyd
MOD - [2014.03.26 20:55:13 | 000,127,488 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\pyexpat.pyd
MOD - [2014.03.26 20:55:13 | 000,122,368 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._wizard.pyd
MOD - [2014.03.26 20:55:13 | 000,119,808 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32file.pyd
MOD - [2014.03.26 20:55:13 | 000,110,080 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\pywintypes27.dll
MOD - [2014.03.26 20:55:13 | 000,108,544 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32security.pyd
MOD - [2014.03.26 20:55:13 | 000,098,816 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32api.pyd
MOD - [2014.03.26 20:55:13 | 000,087,040 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\_ctypes.pyd
MOD - [2014.03.26 20:55:13 | 000,070,656 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\wx._html2.pyd
MOD - [2014.03.26 20:55:13 | 000,044,032 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\_socket.pyd
MOD - [2014.03.26 20:55:13 | 000,038,912 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32inet.pyd
MOD - [2014.03.26 20:55:13 | 000,035,840 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32process.pyd
MOD - [2014.03.26 20:55:13 | 000,026,624 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\_multiprocessing.pyd
MOD - [2014.03.26 20:55:13 | 000,025,600 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32pdh.pyd
MOD - [2014.03.26 20:55:13 | 000,024,064 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32pipe.pyd
MOD - [2014.03.26 20:55:13 | 000,022,528 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32ts.pyd
MOD - [2014.03.26 20:55:13 | 000,018,432 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32event.pyd
MOD - [2014.03.26 20:55:13 | 000,017,408 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32profile.pyd
MOD - [2014.03.26 20:55:13 | 000,011,264 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\win32crypt.pyd
MOD - [2014.03.26 20:55:13 | 000,010,240 | ---- | M] () -- C:\Users\andee\AppData\Local\Temp\_MEI36163\select.pyd
MOD - [2014.03.19 03:51:03 | 000,390,472 | ---- | M] () -- C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\ppGoogleNaClPluginChrome.dll
MOD - [2014.03.19 03:51:01 | 004,081,480 | ---- | M] () -- C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\pdf.dll
MOD - [2014.03.19 03:50:57 | 000,674,632 | ---- | M] () -- C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\libglesv2.dll
MOD - [2014.03.19 03:50:56 | 001,647,432 | ---- | M] () -- C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\ffmpegsumo.dll
MOD - [2014.03.19 03:50:56 | 000,093,000 | ---- | M] () -- C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\libegl.dll
MOD - [2014.03.19 03:50:54 | 000,065,352 | ---- | M] () -- C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\chrome_elf.dll
MOD - [2014.03.11 22:09:10 | 016,276,872 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
MOD - [2014.02.24 16:56:32 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2014.02.24 16:56:06 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2014.02.21 19:24:14 | 003,578,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.02.12 19:57:14 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll
MOD - [2014.02.12 19:56:59 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014.02.12 19:56:59 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2014.02.12 19:56:55 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014.02.12 19:56:54 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\7c233151b685c540524f87931632423a\System.Deployment.ni.dll
MOD - [2014.02.12 19:56:52 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.02.12 19:56:50 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.02.12 19:56:41 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.12 19:56:37 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014.01.20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014.01.20 13:16:40 | 000,237,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
MOD - [2014.01.20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014.01.18 10:59:13 | 000,359,592 | ---- | M] () -- C:\Programme\Microsoft Office 15\root\office15\c2r32.dll
MOD - [2014.01.03 02:09:26 | 003,610,624 | ---- | M] () -- C:\Users\andee\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013.11.13 20:43:57 | 000,316,584 | ---- | M] () -- C:\Programme\Microsoft Office 15\root\office15\appvisvstream32.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2013.08.29 01:25:02 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013.08.29 01:23:38 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2013.08.23 20:01:44 | 025,100,288 | ---- | M] () -- C:\Users\andee\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013.05.22 19:50:40 | 000,400,704 | ---- | M] () -- C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MOD - [2012.12.20 13:08:15 | 000,167,936 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.03.13 23:38:13 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll
MOD - [2009.07.14 18:58:17 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll
MOD - [2009.02.27 15:39:29 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
MOD - [2009.02.27 15:32:27 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
MOD - [2007.08.28 09:01:18 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPFaxUtilities.dll
MOD - [2007.08.28 09:01:16 | 000,573,440 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\Alerts.dll
MOD - [2007.08.28 09:00:48 | 000,434,176 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPAppTools.dll
MOD - [2007.08.28 09:00:42 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\AppConstants.dll
MOD - [2007.08.28 09:00:40 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\Enumeration.dll
MOD - [2007.08.28 09:00:40 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\NamedPipeChannel.dll
MOD - [2007.08.28 09:00:36 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPToolkit.dll
MOD - [2007.08.28 09:00:34 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPStreamsInterface.dll
MOD - [2007.08.28 09:00:32 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPTools.dll
MOD - [2007.08.28 08:59:54 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\nativeutils.dll
MOD - [2007.05.08 15:44:58 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPToolkit.dll
MOD - [2007.05.08 15:44:58 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPUsageTracking.dll
MOD - [2007.05.08 15:44:58 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
MOD - [2007.05.08 15:44:58 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\Enumeration.dll
MOD - [2007.05.08 15:44:44 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPTools.dll
MOD - [2007.05.08 15:44:40 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPStreamsInterface.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014.03.01 05:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.03.29 02:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.08.23 16:18:14 | 004,412,872 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.03.11 22:09:10 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.02.21 19:24:14 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.02.20 17:33:03 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014.02.20 17:32:32 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014.02.07 11:41:21 | 005,093,216 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2014.01.16 01:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV - [2013.12.18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.10.31 09:08:22 | 001,907,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.05.30 15:01:58 | 000,364,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013.05.30 15:01:24 | 000,129,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2013.05.30 15:01:12 | 000,167,736 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013.02.21 22:50:16 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2012.12.10 13:31:44 | 000,803,872 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV - [2012.12.10 13:31:28 | 000,732,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2012.11.27 20:12:44 | 000,479,840 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012.01.18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.03.01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010.03.14 17:28:34 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV - [2010.03.14 17:25:13 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.09.23 15:36:06 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2009.08.18 11:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.12.20 20:55:42 | 000,131,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.12.20 20:55:42 | 000,108,440 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.11.29 22:29:36 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.08.27 13:08:42 | 000,883,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013.07.18 00:43:40 | 000,795,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2013.07.18 00:43:40 | 000,358,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2013.07.18 00:43:40 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2013.05.13 14:15:06 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013.03.29 03:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.03.29 02:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.02.14 12:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.12.13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.10.12 11:18:30 | 000,083,072 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2012.10.06 16:55:24 | 000,323,584 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.08.07 11:51:18 | 000,141,256 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 05:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 05:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011.11.29 03:28:28 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.11.06 15:12:09 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.07.14 16:18:52 | 000,157,184 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2011.03.24 13:35:36 | 000,019,968 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rzjoystk.sys -- (rzjoystk)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.03.09 11:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.01.10 20:38:25 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.01.10 20:38:25 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.08.13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.10.04 01:17:30 | 000,184,320 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008.09.26 09:56:00 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2008.09.26 09:56:00 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008.04.16 13:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008.01.19 06:36:12 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irsir.sys -- (irsir)
DRV:64bit: - [2007.07.16 16:29:23 | 000,020,504 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hpfx64bulk.sys -- (HPFXBULK)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{276791E4-6E27-4EDC-AAD8-56A583921847}: "URL" = http://websearch.ask...45-71C8482E92DE
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://thepiratebay..../www.imdb.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.7.0190
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}:6.0.32
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\andee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\andee\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\andee\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\andee\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}: C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ [2013.11.14 20:38:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014.03.02 15:55:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.03.02 15:55:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}: C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ [2013.11.14 20:38:35 | 000,000,000 | ---D | M]
[2010.03.13 23:45:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andee\AppData\Roaming\mozilla\Extensions
[2014.03.23 12:02:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andee\AppData\Roaming\mozilla\Firefox\Profiles\0yuui377.default\extensions
[2010.05.08 09:22:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\andee\AppData\Roaming\mozilla\Firefox\Profiles\0yuui377.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2014.02.21 19:24:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2014.02.21 19:24:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014.02.21 19:24:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014.02.21 19:24:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2014.02.21 19:24:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.02.21 19:24:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.orf.at/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\andee\AppData\Local\Google\Chrome\Application\34.0.1847.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16248 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\andee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\andee\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\andee\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: McAfee Security Scan+ = C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh\3.8.141.12_0\
CHR - Extension: iCloud-Lesezeichen = C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.2.12_0\
CHR - Extension: uTorrent for Google Chrome = C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjhaafelbmbpohgmabippkndaaikgdih\3.11.2_0\
CHR - Extension: Google Wallet = C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Evernote Web Clipper = C:\Users\andee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.1.1_0\
O1 HOSTS File: ([2011.04.03 20:36:35 | 000,001,239 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Wondershare Video Converter Ultimate) - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files (x86)\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BrowserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe ()
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HPPQVideo] "C:\Program Files (x86)\HP\ScheduledLaunch\HP Color LaserJet CP1510 Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CP1510_Series -f PQOptimizerVideo.xml -o remindLater File not found
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToolBoxFX] C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKCU..\Run: [AmazonMP3DownloaderHelper] C:\Users\andee\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe ()
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe File not found
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent File not found
O4 - Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk = C:\Programme\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\andee\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\andee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3197E8BC-DEDA-45F9-AEC2-3FC7FAE40BD7}: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D14D5B55-81A2-447B-8275-289C67003062}: DhcpNameServer = 10.0.0.138 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk K:\
O33 - MountPoints2\{3998ed03-56ef-11df-8f3c-00196684b831}\Shell - "" = AutoRun
O33 - MountPoints2\{3998ed03-56ef-11df-8f3c-00196684b831}\Shell\AutoRun\command - "" = H:\DTE_Privacy_launcher.exe
O33 - MountPoints2\{94718c85-90bb-11e3-b9bd-bc5ff4b16f04}\Shell - "" = AutoRun
O33 - MountPoints2\{94718c85-90bb-11e3-b9bd-bc5ff4b16f04}\Shell\AutoRun\command - "" = I:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{a22955d8-2f82-11df-ba9a-00196684b831}\Shell - "" = AutoRun
O33 - MountPoints2\{a22955d8-2f82-11df-ba9a-00196684b831}\Shell\AutoRun\command - "" = E:\steambackup.EXE
O33 - MountPoints2\{a22955da-2f82-11df-ba9a-00196684b831}\Shell - "" = AutoRun
O33 - MountPoints2\{a22955da-2f82-11df-ba9a-00196684b831}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{a22955ea-2f82-11df-ba9a-00196684b831}\Shell - "" = AutoRun
O33 - MountPoints2\{a22955ea-2f82-11df-ba9a-00196684b831}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{e181a940-0881-11e1-9e3d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e181a940-0881-11e1-9e3d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014.03.26 01:03:53 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2014.03.24 00:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014.03.23 21:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014.03.13 00:29:17 | 000,000,000 | ---D | C] -- C:\Users\andee\Documents\Respawn
[2014.03.09 12:10:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2014.03.07 22:36:02 | 000,000,000 | ---D | C] -- C:\Users\andee\.gametool
[2014.03.07 22:35:35 | 000,000,000 | ---D | C] -- C:\Users\andee\.inittoolDbg
[2014.03.07 22:35:13 | 000,000,000 | ---D | C] -- C:\Users\andee\.chartool
[2014.03.04 22:43:07 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014.03.04 22:43:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014.03.04 22:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014.03.02 15:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014.03.02 15:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014.03.02 15:59:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014.03.02 15:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014.03.02 15:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014.03.02 15:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014.03.02 15:54:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2014.02.27 20:28:16 | 000,000,000 | ---D | C] -- C:\Users\andee\AppData\Roaming\Nidhogg
[2014.02.26 00:00:52 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013.04.18 22:56:35 | 001,178,624 | ---- | C] (CPUID) -- C:\Users\andee\AppData\Roaming\siw_sdk.dll
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.03.26 21:35:55 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000UA.job
[2014.03.26 21:24:33 | 001,634,912 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.03.26 21:24:33 | 000,704,580 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.03.26 21:24:33 | 000,658,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.03.26 21:24:33 | 000,151,484 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.03.26 21:24:33 | 000,123,888 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.03.26 21:16:58 | 000,000,156 | ---- | M] () -- C:\Users\andee\Desktop\Using Firefox- keep getting annoying pop-ups and redirections [Solved] - Virus, Spyware, Malware Removal.url
[2014.03.26 21:09:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.03.26 21:00:24 | 000,019,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.03.26 21:00:24 | 000,019,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.03.26 20:55:15 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.03.26 20:55:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.03.26 20:55:04 | 2100,334,591 | -HS- | M] () -- C:\hiberfil.sys
[2014.03.25 23:50:40 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.03.25 23:47:00 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500UA.job
[2014.03.24 22:34:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-1000Core.job
[2014.03.24 21:39:00 | 003,130,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.03.23 23:02:28 | 000,000,255 | ---- | M] () -- C:\Users\andee\Desktop\google chrome lädt keine seiten - Trojaner-Board.URL
[2014.03.23 19:47:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3263022290-3832323690-497936285-500Core.job
[2014.03.23 16:50:00 | 000,000,202 | ---- | M] () -- C:\Users\andee\Desktop\Wargame AirLand Battle.url
[2014.03.12 06:38:06 | 000,000,702 | ---- | M] () -- C:\Users\Public\Desktop\Titanfall.lnk
[2014.03.07 22:34:54 | 000,001,307 | ---- | M] () -- C:\Users\andee\Desktop\MapToolLauncher.exe - Verknüpfung.lnk
[2014.03.02 15:59:15 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014.03.02 15:54:59 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014.02.28 03:01:26 | 001,608,256 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.02.27 20:19:35 | 000,000,201 | ---- | M] () -- C:\Users\andee\Desktop\Nidhogg.url
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.03.26 21:16:58 | 000,000,156 | ---- | C] () -- C:\Users\andee\Desktop\Using Firefox- keep getting annoying pop-ups and redirections [Solved] - Virus, Spyware, Malware Removal.url
[2014.03.23 23:02:28 | 000,000,255 | ---- | C] () -- C:\Users\andee\Desktop\google chrome lädt keine seiten - Trojaner-Board.URL
[2014.03.23 16:50:00 | 000,000,202 | ---- | C] () -- C:\Users\andee\Desktop\Wargame AirLand Battle.url
[2014.03.12 06:38:06 | 000,000,702 | ---- | C] () -- C:\Users\Public\Desktop\Titanfall.lnk
[2014.03.07 22:34:54 | 000,001,307 | ---- | C] () -- C:\Users\andee\Desktop\MapToolLauncher.exe - Verknüpfung.lnk
[2014.03.02 15:59:15 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014.03.02 15:54:59 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014.02.27 20:19:35 | 000,000,201 | ---- | C] () -- C:\Users\andee\Desktop\Nidhogg.url
[2014.02.14 15:33:40 | 000,000,218 | ---- | C] () -- C:\Users\andee\.recently-used.xbel
[2014.02.12 21:35:10 | 000,000,215 | ---- | C] () -- C:\Users\andee\.gtk-bookmarks
[2014.02.12 21:29:21 | 000,318,831 | ---- | C] () -- C:\Users\andee\Neues Dokument 1.2014_02_12_21_29_21.0
[2013.11.14 20:38:35 | 000,721,263 | ---- | C] () -- C:\Windows\SysWow64\WSCM64.dll
[2013.11.14 20:38:35 | 000,214,528 | ---- | C] () -- C:\Windows\SysWow64\WSCM32.dll
[2013.03.29 03:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 03:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.01.11 23:12:14 | 000,036,363 | ---- | C] () -- C:\Windows\CSTBox.INI
[2013.01.10 00:03:16 | 000,007,599 | ---- | C] () -- C:\Users\andee\AppData\Local\Resmon.ResmonCfg
[2012.12.10 13:12:50 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012.11.27 00:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.07.01 23:53:17 | 000,000,000 | ---- | C] () -- C:\Users\andee\AppData\Local\{C454C906-90F8-4097-9B22-4E3BA3082BC0}
[2010.07.09 21:21:40 | 000,004,096 | -H-- | C] () -- C:\Users\andee\AppData\Local\keyfile3.drm
[2010.04.03 22:12:23 | 001,405,872 | ---- | C] () -- C:\Users\andee\setup_Mein_CeWe_Fotobuch.exe
[2010.03.13 00:10:50 | 000,000,760 | ---- | C] () -- C:\Users\andee\AppData\Roaming\setup_ldm.iss
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2008.12.22 14:26:25 | 000,000,000 | -HSD | M] -- C:\Users\andee\AppData\Roaming\.#
[2013.07.26 09:43:23 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Amazon
[2013.08.15 13:54:25 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\calibre
[2012.12.02 13:36:02 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Canneverbe Limited
[2010.03.13 23:45:05 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Canon
[2010.03.13 23:45:05 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2009.01.12 10:13:43 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\DAEMON Tools
[2010.03.14 17:08:10 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\DAEMON Tools Lite
[2010.03.13 23:45:05 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\DAEMON Tools Pro
[2010.04.13 00:09:08 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\doublecmd
[2014.03.26 20:55:28 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Dropbox
[2014.01.24 19:24:55 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\DropboxMaster
[2010.07.18 23:04:43 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\FreeOrion
[2010.03.13 23:45:06 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\GlobalSCAPE
[2014.02.14 14:55:57 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\gtk-2.0
[2010.09.01 19:52:54 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\HandBrake
[2011.01.01 02:04:25 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Hothead Games
[2010.03.13 23:45:07 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Inkscape
[2012.06.11 20:02:30 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\JAM Software
[2010.03.13 23:45:07 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Leadertech
[2012.09.18 20:32:48 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\NBOS
[2014.02.27 20:42:05 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Nidhogg
[2013.06.30 21:32:26 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Origin
[2011.10.24 19:59:23 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\runic games
[2010.05.09 16:57:45 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\SimpleScreenshot
[2011.02.26 08:31:21 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\The Creative Assembly
[2010.08.13 21:23:40 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\TS3Client
[2010.04.19 22:45:45 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Ubisoft
[2014.03.25 05:43:00 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\uTorrent
[2013.11.14 21:26:12 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\Wondershare Video Converter Ultimate
[2013.11.14 20:46:49 | 000,000,000 | ---D | M] -- C:\Users\andee\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
========== Purity Check ==========
< End of report >
And here's Extra.txt
OTL Extras logfile created on: 26.03.2014 21:34:50 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Desktop\Zeugs
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7,94 Gb Total Physical Memory | 5,31 Gb Available Physical Memory | 66,87% Memory free
15,88 Gb Paging File | 12,63 Gb Available in Paging File | 79,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 18,20 Gb Free Space | 7,81% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 63,04 Gb Free Space | 13,53% Space Free | Partition Type: NTFS
Drive F: | 378,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 931,51 Gb Total Space | 0,01 Gb Free Space | 0,00% Space Free | Partition Type: NTFS
Drive K: | 596,17 Gb Total Space | 2,08 Gb Free Space | 0,35% Space Free | Partition Type: NTFS
Computer Name: ANDEEMACHINE | User Name: andee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [BIPA FotoShop] -- "C:\Program Files (x86)\BIPA\BIPA FotoShop\BIPA FotoShop.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mein CEWE FOTOBUCH] -- "C:\Program Files (x86)\CeWe\Mein CEWE FOTOBUCH\Mein CEWE FOTOBUCH.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [BIPA FotoShop] -- "C:\Program Files (x86)\BIPA\BIPA FotoShop\BIPA FotoShop.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mein CEWE FOTOBUCH] -- "C:\Program Files (x86)\CeWe\Mein CEWE FOTOBUCH\Mein CEWE FOTOBUCH.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{055CAC17-3F2A-4755-9007-ABAC8CF9D5B3}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{0F5BD79D-0642-419E-8078-DFE2A8095E16}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{14FE6BEE-5BAA-425F-8642-C43E78B552A9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{3237E011-7438-4A24-98E7-306D3E90A7E9}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{3635A693-1E2F-454A-AAB0-A103F480C2D3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4DEE267B-483A-475C-9E09-32CDDA1E7426}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{4F87BD75-24F3-43B8-BC9C-DC8210F7FC84}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{538E462B-C753-4896-9030-676F6BE3C590}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{5B09D949-9243-41C5-9A84-22939555A9BC}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5F2D772A-BF4C-4899-A3BD-25B880D3DE48}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6F5C34FD-56EE-4AEC-8811-B362CE2E42AB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8B6879C4-357E-41E4-8734-2188F1A6EDEF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{99782934-4716-4612-8339-9087E18624CC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9BD8375B-FA7A-4E68-ACDD-F6C35DA33657}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AFF01E0B-10B7-410D-862A-483D6F6BAFCB}" = lport=3389 | protocol=6 | dir=in | app=system |
"{B2083C5A-53C1-4BEA-B25F-C341CCF63690}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B77C1640-FD61-4E82-BDB8-986DD2E7A3DF}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{B89B625D-9FD0-4CB5-9CAA-6C740F3B6694}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D47AA881-9DB5-4561-AD9F-96B9FB75D8A1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D4F79B5B-B4CD-43B4-B9AD-6AAA2B1E2126}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{E26CAEEA-9DDB-4540-8340-7F2AE2DDDBFE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E8A63932-31EB-4759-BA06-3B138C95CB4A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F1B6B09C-7687-4EC6-B407-FF3D9816D9B0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F5C3EA5E-2360-4FBA-B1DA-1585897FE1D9}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{FC066110-42A2-4BD5-A0F5-0A961BAB9687}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE1BD14A-379E-4987-B2DE-01BFD6E88E3B}" = lport=5353 | protocol=17 | dir=in | name=bonjour |
"{FEEEEDC7-7923-43B6-A5F8-408457EB3FD4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0271D34B-1520-4519-8BF4-0757B1EE204C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\wargame airland battle\wargame2.exe |
"{0272A9AE-83B2-4D5A-80E4-E40DFF1CBE8A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{03E8C900-5FDB-4C59-AF0C-CF524A64CBC4}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{0514CDF4-726A-4910-958A-D9BB51B1F8DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{05C450D1-4CDE-4E82-A9A2-365FA147B968}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{0697AEB0-ACE5-4D80-BCA0-4D7D543CA84E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{0751510E-58BD-45A9-B251-DFA61A8D92FB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{0AE5FDB0-41DB-4E5F-82D9-C22425E23ED8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0B601D03-13B0-49CC-9A3D-B6D1C14C50D0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0C0C0791-4591-4AA4-BF78-370D52243C15}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0E418928-5613-491F-9C5A-4C6F11AB0F75}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
"{0E653F0B-3FC2-4A98-8282-5C5C28D28195}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\armatactics\armatactics.exe |
"{0FD98FB9-3E89-4A94-B7F3-0E6DAC1C6951}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1459C91F-2322-4990-89B3-DA0606A85F31}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{15519FA5-CC8A-4F06-A5C5-73C008C846A6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{1818CEE5-47C6-4C83-9C4A-F95DAD941C6B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1B2CEAD2-7524-4AB8-B632-3D75DB3095C5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{1BA3105F-3FDF-4DC9-B004-227FDE59EDC0}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{1CC63064-BCDB-44BB-8C80-28513474EF0F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\blacklist_launcher.exe |
"{2001A6DA-307F-43DA-991E-3A162D9FB45E}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{20DC0BEA-AE4F-4F8F-9789-0D9576046FE7}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{23BA0CAD-4FB4-4969-8CAD-BD264061AD5F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{24CEB9EB-A610-4E3C-93C2-884F83E46DCD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{25189F6A-6203-4933-B843-2A01AAC03B2E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe |
"{2EFC7160-6851-4596-9F0F-F813711C60CB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe |
"{30102098-4E64-4798-A558-B6524061DD91}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{33A4A06E-5814-43BB-ADE8-620AF57E9855}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
"{34999049-1A70-47EC-927F-6F4A12FC8359}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_game.exe |
"{366DAC47-B993-4B57-AF2A-ECB594793195}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{3A7F5CC6-0ED4-4C4F-B124-C7C4A0299F1E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{3A7FE78D-F4BE-440A-AE34-5E0AEB3C48D3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{3AB52FBB-E2C9-45EB-81D3-7B4B970CB87D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{3D7B0C1F-9FB2-42B3-9E22-39EA3D525B24}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{3EFF24B2-86F6-444B-8A17-FAA86000AA28}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"{40BCD28A-C663-4990-9ED7-ECBAC7AC2403}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{41D8DFA4-3EBF-4DD8-8BEF-847AD75CDA63}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{4268D490-E5CB-442B-8559-AE6DDA940535}" = protocol=6 | dir=in | app=c:\users\andee\appdata\roaming\utorrent\utorrent.exe |
"{447F9328-E4C9-4BB9-B7A6-1CEC106E90B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\guacamelee\guac.exe |
"{44C3F37A-48DC-4F37-B227-565CC0C73B9F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{452525A2-15FE-4E93-B83C-243F6CF4EACF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{455F58D0-3B00-49CC-97CB-4221ABECDFC4}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{45A6B762-14E8-4DB8-8612-2B3A4B07F601}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{467F184B-051F-4F48-A63D-ED804D0D6059}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{46D70E39-D920-40BF-9487-7F406C3536E0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46F6C193-5C3E-4DE3-95E3-4EADD97FDAB1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{47692E69-FA08-4B3E-AD4F-CB9A6DA7170D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4904394A-B82C-4929-92ED-7C5333DA1BBA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{49CB5149-0FA7-4C3D-857F-DEC42770F0C9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{4A1AC90A-4436-4EF5-B090-984835D0942B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{4CB26655-26D9-4E35-9C23-E1DC05B03404}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"{4CF6AAF1-DB78-40A8-A12C-160C2D1F0C94}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{501AA71F-9ABF-458C-A5D2-87ECE5FE2A22}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{5105EA1C-C5E3-4C0B-9BBC-84328BB8C7CA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_game.exe |
"{53FFB944-3F33-44CE-9CB2-7A88A777681A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{56EEFD84-0B44-48ED-A8FF-2F107DE56D25}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{5862F4C2-177C-4974-AB20-DB786BF22C9C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{5C239052-B307-4EBE-912B-2ADAF36B6504}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{5C376974-CA5A-441D-B710-7A1E81C3C5FE}" = protocol=17 | dir=in | app=c:\users\andee\appdata\roaming\utorrent\utorrent.exe |
"{613550BE-BFED-4A96-B791-FBB529D6B31E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\armatactics\armatactics.exe |
"{63670981-92C2-463C-A97D-264EA764E71B}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{67060A8A-F022-47F7-AE1B-4088B6850E76}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\guacamelee\guac.exe |
"{6768419E-A44A-400D-A0F4-906981E8AD69}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{6868CA7C-39D8-420D-B1A5-3FDE0BC45092}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{6F7256B3-70F1-4109-920F-321CCE971B67}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{7306DE49-C4FE-4757-8007-61868534200B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{74B4E183-9502-4979-A34A-1A938BA3912B}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\syndicate\system\win32_x86_release\syndicate.exe |
"{750C7CE0-F165-468F-812F-626B59196AED}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{77470D12-4F59-4E2F-81DB-331E6969E4F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{79953661-9EC5-409D-92F2-073F9DA14579}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\wargame airland battle\wargame2.exe |
"{79C80512-ECDE-4DE7-BF36-B74FDDE6BF32}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{8060586E-5971-4735-A8B6-4ABF9FDFBF90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{80E195BA-1013-4C0F-8820-22E36930CA6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\blacklist_launcher.exe |
"{8154F510-6FC3-4516-8BBF-A078D7C03B5E}" = protocol=17 | dir=in | app=c:\users\andee\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{8183322A-C0C8-4592-917C-1D240F6E0A84}" = protocol=6 | dir=in | app=c:\users\andee\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{8209ECF0-C6A2-4C7D-9D57-01E4A971E129}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{822ACFDC-F30D-4009-91AE-B7F560113BF5}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{8E7E08D5-7942-4076-BFE2-629C0FC4049F}" = dir=in | app=c:\program files (x86)\airport\apagent.exe |
"{8F180794-DD49-48C2-9943-3B7C5FD2168B}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{904F743F-5EF0-4177-9E2D-8F49F1B1BE41}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{90BCFF90-786A-4C3C-9242-42532A4A9A13}" = protocol=17 | dir=in | app=c:\users\andee\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{914DEAD5-3AE4-4264-A299-47FE9CA82275}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{926DD923-0A02-4B11-ACE3-B46F0FD7A894}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\nidhogg\nidhogg.exe |
"{93251311-B658-45BD-8A9B-9D9375B21005}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\armatactics\armatactics.exe |
"{96075870-3FF1-4AE4-9729-9C7A44089A03}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{96383DEF-71AB-4FA9-9B9F-D33BFC5DC317}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{973704CB-F55E-40E1-9734-B0C589E28D48}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{974EA988-2262-4349-A32F-B28C44ECFF2C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\armatactics\armatactics.exe |
"{9D82F3D8-03C8-436B-88A3-D4E1EF341595}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{9FFD867D-39CD-482B-9A37-EF20B61CA512}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{A01B7821-1DFB-49F3-9433-3E6558737438}" = protocol=6 | dir=in | app=c:\program files (x86)\army builder\armybuilder.exe |
"{A41E0674-30BD-4B0A-AFCC-BB83690C0529}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\syndicate\system\win32_x86_release\syndicate.exe |
"{A5CAD82D-CF1D-4A69-83E9-2EDFAFFB0852}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{A67F98AD-5225-448B-9D7E-090884C06DFA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A712D2C0-D50C-40F7-B7C5-6A66FCD11262}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AAA2846F-ED5B-4945-A004-0FA29C79D561}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{AB65A665-A538-439E-94E4-1AC64399C2FA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"{AF4149AA-B99C-4FBB-95EE-4C0E7FB26188}" = protocol=17 | dir=in | app=c:\program files (x86)\army builder\armybuilder.exe |
"{B05ED1D2-198F-466E-8F47-8D9374B858E9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{B0C23A97-159C-41AB-B94F-2E3906C91259}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman absolution\hma.exe |
"{B0D987AC-215C-4E7F-B56C-88B1B66C894E}" = dir=in | app=c:\windows\system32\hasplms.exe |
"{B2CA8CA2-480E-4F09-9670-3BC438DE2A84}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{B3008D56-5277-4625-8A42-806D8A41D01D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B5DFE6AF-C08F-4534-8ADE-E246D50198BD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{B69D3F79-C4DA-4BA4-AC7A-94EFC3E8CECC}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{B706D8D6-A409-495A-A04B-77D3214EEBB1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{B93C0031-5D75-4723-8CB6-1798DD287DFA}" = protocol=6 | dir=in | app=c:\users\andee\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{BAA8F4D9-3224-458B-96B1-14191FC8C040}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3bdupdatersteam.exe |
"{BB4633C5-BD90-4819-978D-304E6B13A772}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BF6E4045-A972-4EA1-8D58-7BCE528B03AB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C0C01DD9-E50F-4C07-9A91-D7208D4CA867}" = protocol=6 | dir=out | app=system |
"{C39A4F55-6F6C-4D60-94D9-203C1C30E0E2}" = protocol=17 | dir=in | app=d:\origin games\titanfall\titanfall.exe |
"{C3A65308-C40B-4226-9F78-E00050EF1C99}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{C3B78B0A-A81E-4141-91FF-FF76BA259D84}" = protocol=6 | dir=in | app=d:\origin games\titanfall\titanfall.exe |
"{C6360C9C-585E-4B47-9AC6-373C21A398FA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C6975E7A-D4A5-4D46-A9D0-77FEC290F697}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{C95384AA-0D64-46A4-A3A7-5CD335544CA2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman absolution\hma.exe |
"{CB30A3E8-36A8-40AB-8562-56D1A4EB476A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CBFE50D0-C243-4AA0-BD8C-A9B83FDE7AF5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3 blood dragon\bin\fc3bdupdatersteam.exe |
"{CCB70E81-E189-4CB0-84CF-805020EDFE67}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{CE4CFBDC-D77C-43A3-8423-4BAE27C8A152}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{CE4D528B-2597-4ABE-8CB3-37F61F536A75}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CFE29588-4F84-4BEB-8436-D4AC2E3B270D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D3B0E424-CDBF-4FC4-991D-B0EDE50D01A4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{D60FAF94-47B8-46AB-B632-EEC4826F4BD7}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{D7822ED8-8EF2-4A11-A0AE-3664FBD96D9A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{DBD4C82B-2644-4AE4-BA0E-3AB0522491D8}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{DD841A9E-9E34-419D-946A-FDDD1ED0E3DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\gu.exe |
"{DDADD84B-E699-4B75-9E87-6B9DB7244CC5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{E0016340-6B1C-4F3A-942F-76B44E10139B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{E0470018-562C-46F2-B6EF-1663493A0877}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{E0A2E15E-6342-4F4C-B7E8-9008C0D52130}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E23CBCEC-3A13-4417-AA64-EE3398DD599F}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{E48CDD8D-C96B-4777-BFCC-D8A897B8C105}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\nidhogg\nidhogg.exe |
"{E61F3D0E-170A-48A2-A157-CCA30F2507FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{EA05B18F-36B2-4ADF-AB34-164A318E5907}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"{EB3F94F5-5963-4E4C-99AC-D0C697A5AA45}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{EBB426D2-C558-4A30-80F0-5CDD56371F9A}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{EBBCFA3C-D6C0-4BFF-AB23-1887B3E4A62B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\gu.exe |
"{EC6AD33E-94A2-4F88-9DC5-5CF096B1A5C9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{EE72BA10-7691-4F77-B7F7-869AFDED0033}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{EF29FE1B-CEB5-40FD-81BD-43B5F3E32EDC}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{EFF5B271-5EE8-45CF-8DEE-C3F1B7AD354B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{F0E3702A-9C6A-4C62-9924-C74894D60CDD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F26E989A-54AB-40C4-BA71-A506D0B02016}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{F3DEFBA4-4E7E-464E-A0CF-5E753F1260FA}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F86BEDED-8213-48D8-B27D-2DB7E6791CC0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{FC092824-3E54-4FAF-8FCA-C06389407EE7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FEE07B21-F12C-4B60-88A6-0F2653CB01D2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"TCP Query User{196DD6E6-E30E-4D74-9D12-316C4F964335}C:\gamez\counter-strike global offensive nosteam\csgo.exe" = protocol=6 | dir=in | app=c:\gamez\counter-strike global offensive nosteam\csgo.exe |
"TCP Query User{1BD601D9-0892-440A-A20B-B41204C47AD2}C:\program files (x86)\ubisoft\ghost recon advanced warfighter\graw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter\graw.exe |
"TCP Query User{2229622F-5A86-4257-91E0-42164B9065F1}C:\program files (x86)\steam\steamapps\belnifore\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\belnifore\team fortress 2\hl2.exe |
"TCP Query User{26FFCEE9-0D45-4360-921F-B9C0B3B5E442}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{28A40526-8586-4434-B5C5-B799D1C79FF5}C:\program files\java\jre7\bin\rmiregistry.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\rmiregistry.exe |
"TCP Query User{299D457E-FBBC-4DAC-A7AC-3103C7A7C631}C:\users\andee\appdata\local\temp\servertemp\server.exe" = protocol=6 | dir=in | app=c:\users\andee\appdata\local\temp\servertemp\server.exe |
"TCP Query User{3681BDAE-FF8E-44C2-A81C-CE9A33C09C40}C:\program files (x86)\microsoft office\office14\groove.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"TCP Query User{410B50F2-B2CE-4071-A1A7-7133A80EB197}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{44206224-5478-4744-BCAA-E7A14ABAAE62}C:\users\andee\desktop\applications\teamspeak\teamspeak3-server_win64\ts3server_win64.exe" = protocol=6 | dir=in | app=c:\users\andee\desktop\applications\teamspeak\teamspeak3-server_win64\ts3server_win64.exe |
"TCP Query User{44F68090-8DB6-4CFA-B636-6CB67CD97EF2}D:\steam\steam.exe" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"TCP Query User{457AE7F7-5D96-4E68-BD6B-64D33738CF14}C:\users\andee\desktop\isos\demigod z\bin\demigod.exe" = protocol=6 | dir=in | app=c:\users\andee\desktop\isos\demigod z\bin\demigod.exe |
"TCP Query User{487C4D93-4A28-49EB-8405-4031CAE15687}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{4BFE52AD-59B6-4676-BB86-1F4E2901E00B}C:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{5DD81A00-E54D-4825-814C-F6C21AB48B1B}D:\steam\steam.exe" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"TCP Query User{5E0F3460-EDAB-4B23-BEC1-A0BE3BCF6631}C:\gamez\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\gamez\left 4 dead 2\left4dead2.exe |
"TCP Query User{5E1EE5E6-EE5A-4038-9D87-2EFDB613FF17}C:\users\andee\desktop\isos\demigod z\bin\demigod.exe" = protocol=6 | dir=in | app=c:\users\andee\desktop\isos\demigod z\bin\demigod.exe |
"TCP Query User{5EC8D811-78F1-4597-9286-6C5C6B09FF04}C:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{5FE5C152-CB4E-43B2-839B-8CBAE56524F3}C:\users\andee\downloads\diablo-iii-setup-engb.exe" = protocol=6 | dir=in | app=c:\users\andee\downloads\diablo-iii-setup-engb.exe |
"TCP Query User{6109DFB5-42F9-4D1F-8014-BC3FB4DEC0BD}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{66529E41-846E-47F7-9F7B-0F19E5510C2E}D:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe |
"TCP Query User{6CE37085-E61F-4430-8B00-0DC9E51C8734}C:\program files (x86)\globalscape\cuteftp 8 lite\ftpte.exe" = protocol=6 | dir=in | app=c:\program files (x86)\globalscape\cuteftp 8 lite\ftpte.exe |
"TCP Query User{6F362B37-7341-4158-9932-970C55787BD8}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{881798E1-5245-4DEB-95C5-B54CB799758E}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe |
"TCP Query User{8A511EDE-D189-4F1A-B31A-F895461F81FC}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{8BE60B51-D666-4690-A744-08E2D003A4BB}D:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe |
"TCP Query User{93BAD6DA-891B-42A1-8D39-AB1FD45A9ADC}C:\program files (x86)\steamless left4dead2 pack\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steamless left4dead2 pack\left4dead2.exe |
"TCP Query User{95870C6D-1BEF-4AE8-A137-25544717702A}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{964AB098-8553-416B-A785-B5DA61DAC0BB}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"TCP Query User{9F20D927-924F-400C-ADD0-5495E84F8EA4}C:\users\andee\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\andee\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{A6072BB0-792D-4911-96BE-AA2323C5E64E}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield play4free\bfp4f.exe |
"TCP Query User{A94EC549-E12A-489B-A0CE-533887DF8C48}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"TCP Query User{ACC785C3-1097-4809-91F8-B9AC00523A8C}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{B8EF319B-3954-4B01-9D5F-3F1701F118BD}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"TCP Query User{C24EF84E-BB0B-4FDB-9107-0E0D34834539}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{C538F60D-0E8D-4C3A-9E44-C42634E045DB}C:\gamez\call of duty- modern warfare 3\iw5mp.exe" = protocol=6 | dir=in | app=c:\gamez\call of duty- modern warfare 3\iw5mp.exe |
"TCP Query User{C84D29B8-2D2D-4348-A111-ED075CE089CB}C:\program files (x86)\freeorion\freeoriond.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeorion\freeoriond.exe |
"TCP Query User{C9385502-8009-463E-91BF-B1879B589BDB}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-online\system\scda_online.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-online\system\scda_online.exe |
"TCP Query User{D275E2D6-3083-40F2-B6C9-24451BEA0333}C:\program files (x86)\electronic arts\bioware\star wars - the old republic\betatest\retailclient\swtor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\betatest\retailclient\swtor.exe |
"TCP Query User{D292FC5A-E1E9-481C-8E2A-832CAE6F43DD}C:\users\andee\appdata\local\temp\servertemp\server.exe" = protocol=6 | dir=in | app=c:\users\andee\appdata\local\temp\servertemp\server.exe |
"TCP Query User{EAB78EA6-4910-4DED-A2FF-63C8DAD88F00}C:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe" = protocol=6 | dir=in | app=c:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe |
"UDP Query User{0F8B6ABA-A72A-4A8B-90A4-D889BF3E38B1}D:\steam\steam.exe" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"UDP Query User{149F8444-1CE1-4EB5-BB1D-55DF2F2E2D22}C:\users\andee\desktop\isos\demigod z\bin\demigod.exe" = protocol=17 | dir=in | app=c:\users\andee\desktop\isos\demigod z\bin\demigod.exe |
"UDP Query User{1993D184-9B48-450C-98A2-46AD0A8A4174}C:\gamez\call of duty- modern warfare 3\iw5mp.exe" = protocol=17 | dir=in | app=c:\gamez\call of duty- modern warfare 3\iw5mp.exe |
"UDP Query User{1CEFA5FA-F389-4B6B-A58B-AF4F2B0CEA12}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"UDP Query User{1F8CABB8-4A6E-4610-BB40-EBD6D3DA968E}C:\program files (x86)\ubisoft\ghost recon advanced warfighter\graw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter\graw.exe |
"UDP Query User{2D1205B0-4A3C-4C57-BC0B-DC8C68BBEAB2}C:\program files (x86)\steamless left4dead2 pack\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steamless left4dead2 pack\left4dead2.exe |
"UDP Query User{2E409238-A94F-4CF9-8D35-383376095409}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{389A3B9E-8B05-46C8-9385-6066D10921F2}C:\users\andee\desktop\applications\teamspeak\teamspeak3-server_win64\ts3server_win64.exe" = protocol=17 | dir=in | app=c:\users\andee\desktop\applications\teamspeak\teamspeak3-server_win64\ts3server_win64.exe |
"UDP Query User{3E86A4A8-C613-474A-8187-957A10E38986}D:\steam\steam.exe" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"UDP Query User{4141BCC9-A081-4C04-9878-6B4F57DFC035}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{47D96C7E-252A-4765-9F9E-38827A89641B}C:\program files\java\jre7\bin\rmiregistry.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\rmiregistry.exe |
"UDP Query User{4AE69DF6-E39F-4404-A2DC-CAC3609B80CF}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{529AA4C3-02F5-499B-B9CA-011E6A619B66}C:\program files (x86)\electronic arts\bioware\star wars - the old republic\betatest\retailclient\swtor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\betatest\retailclient\swtor.exe |
"UDP Query User{5745A7A0-A6AB-469D-AFB2-9972534B752B}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"UDP Query User{5887DA8F-833A-442C-BA26-ED7897DB792B}C:\program files (x86)\steam\steamapps\belnifore\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\belnifore\team fortress 2\hl2.exe |
"UDP Query User{60C724C9-6E99-4AA0-A5D0-19D5975E3247}C:\gamez\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\gamez\left 4 dead 2\left4dead2.exe |
"UDP Query User{6299A384-F2B1-4732-9D8C-B9B03FF18ED6}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{6C79723A-4099-426A-86AF-A8AAF7D29EB8}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-online\system\scda_online.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-online\system\scda_online.exe |
"UDP Query User{78FBBD98-0816-40B2-82E2-8C4CCFF1D6F0}C:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe |
"UDP Query User{7CFB9810-114A-49B4-B9F3-F7A1906D901C}C:\program files (x86)\globalscape\cuteftp 8 lite\ftpte.exe" = protocol=17 | dir=in | app=c:\program files (x86)\globalscape\cuteftp 8 lite\ftpte.exe |
"UDP Query User{849C5F41-BC90-4587-A9AE-D5E98895E7A8}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{A32463BD-3A76-4409-B136-30D13FDCC7FB}C:\users\andee\appdata\local\temp\servertemp\server.exe" = protocol=17 | dir=in | app=c:\users\andee\appdata\local\temp\servertemp\server.exe |
"UDP Query User{A371F620-E662-4AC3-AD5F-E55C6032F303}C:\gamez\counter-strike global offensive nosteam\csgo.exe" = protocol=17 | dir=in | app=c:\gamez\counter-strike global offensive nosteam\csgo.exe |
"UDP Query User{B1D16AF6-3FA7-4097-A4D5-54E04365CB0A}C:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{B8F95FA9-DF06-4205-9470-CCC9A445BE9F}C:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe" = protocol=17 | dir=in | app=c:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe |
"UDP Query User{B904FF11-9876-497D-86BF-D91A3A4B9F97}C:\users\andee\desktop\isos\demigod z\bin\demigod.exe" = protocol=17 | dir=in | app=c:\users\andee\desktop\isos\demigod z\bin\demigod.exe |
"UDP Query User{C4B8EA9C-F092-4E59-A4DE-A61571ED085A}D:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe |
"UDP Query User{C557576E-C422-4422-BD18-DC179D5F25FE}C:\program files (x86)\microsoft office\office14\groove.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"UDP Query User{CB1F09FF-A6E9-4B23-AD82-1BE755289017}D:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe |
"UDP Query User{CF658625-8BEC-46E7-96CE-C4EBB0FA9341}C:\users\andee\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\andee\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{D104B290-8582-4AAC-8EC6-C38FF75B2B9B}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{D4B8C54A-B254-4E81-BC7F-CF6C9EB47BD4}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{D702644B-51FF-4664-8778-A6C498984667}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield play4free\bfp4f.exe |
"UDP Query User{DA42A213-9234-4CBF-BEB2-21726021C41B}C:\users\andee\downloads\diablo-iii-setup-engb.exe" = protocol=17 | dir=in | app=c:\users\andee\downloads\diablo-iii-setup-engb.exe |
"UDP Query User{DE9F60BC-EAFD-4888-AEDB-B4331836EF4F}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{E0C6A7D9-DFC6-4976-B52F-EE76F4135EEA}C:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\andee\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{E3854E4E-8845-404C-99F5-60672BD8BDB6}C:\program files (x86)\freeorion\freeoriond.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeorion\freeoriond.exe |
"UDP Query User{E5D509B6-783E-4567-A36C-DC4102E4DBB2}C:\users\andee\appdata\local\temp\servertemp\server.exe" = protocol=17 | dir=in | app=c:\users\andee\appdata\local\temp\servertemp\server.exe |
"UDP Query User{E62FC851-FAD4-4988-ADD6-3F0AF2C9379F}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"UDP Query User{EDF2A019-E881-465A-9E6E-BF79795C56C2}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003B37AE-21F5-5BC5-F5EB-CD60A8928696}" = AMD Accelerated Video Transcoding
"{05408942-55F9-4D32-AE07-A9ECDC013961}" = G9x User's Guide
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11A955CD-4398-405A-886D-E464C3618FBF}" = Adobe Photoshop Lightroom 4.4 64-bit
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{223C0721-A6B0-4853-88C0-331029841734}" = HP Color LaserJet CP1510 Series 2.0
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java 7 Update 5 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2B5D6B29-7348-4404-B992-B557B4D1F055}" = calibre 64bit
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{35D00343-3BFA-46A1-C6DD-FFD770501E0B}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{653B9326-BD45-53BE-681A-A49CAAEE8A3C}" = ccc-utility64
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{903029FE-FA82-427B-916C-AD08185DA3C2}" = Microsoft Xbox 360 Accessories 1.1
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}" = AMD Catalyst Install Manager
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0}" = AMD Media Foundation Decoders
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID-Anmelde-Assistent
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.10
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{FA00A3CC-7440-4938-A271-F186F50DD40D}" = Intel® Trusted Connect Service Client
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"McAfee Security Scan" = McAfee Security Scan Plus
"ProPlusRetail - de-de" = Microsoft Office Professional Plus 2013 - de-de
"R for Windows 2.15.1_is1" = R for Windows 2.15.1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0214578F-4888-43FB-9E34-C14FCFDEDDEB}" = Razer Nostromo
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{090931D6-A2F4-11E3-AD9C-00163E98E7D0}" = Evernote v. 5.2
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}" = CCC Help Dutch
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1C5D5D15-CABD-4C5A-A80E-B5C4CA6FE90A}" = hppTLBXFXCP1510
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1DF2F366-AFA6-4D95-BF0C-3C14E8B84B1A}" = Fractal Terrains 3
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1E5C7043-09C5-4974-A69F-A5271FD82BBC}" = PlayMemories Home
"{1F73D672-6175-4A1D-B3C1-420439D03D0F}" = Product_SF_Full_QFolder
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{338CD56F-1CDC-CF32-33F6-DED2DF92284E}" = CCC Help French
"{347EE0C3-0690-48F6-A231-53853C2A80D6}" = Titanfall™
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3dbea378-89b6-41db-a3c2-0f035afe3a40}" = Nero 9 Essentials
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{414C803A-6115-4DB6-BD4E-FD81EA6BC71C}" = Product_SF_Min_QFolder
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43867B63-C464-4570-823D-D92DC08E3400}_is1" = Army Builder 3.4b
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{46458556-5C46-79A9-A6FF-81DF1F8B2729}" = CCC Help Hungarian
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{519D68B8-A768-4CDC-E4C9-B115D49CED93}" = CCC Help Norwegian
"{51D383BC-D988-8C1E-FAA1-BC5260A32A87}" = CCC Help Polish
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A883D2B-D279-0D01-6E62-B810AFD8CC62}" = Catalyst Control Center InstallProxy
"{5E894531-91FB-4B76-AA0F-49E0E1F357D6}" = hppPQVideoCP1510
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64FD4D83-085A-49D0-905A-F06057B73DA3}" = hppCLJCP1510
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67A4760F-9804-CCF6-C319-27840ED77924}" = CCC Help Korean
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69C2B39D-F060-49AD-8877-01C4144A8424}" = Microsoft Surface 2.0 Runtime
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BE5E4A9-D88B-532D-26E6-883C32BF098A}" = CCC Help Thai
"{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}" = Catalyst Control Center
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7ADCEEA0-AC82-4360-AD6B-CCF01B66F9DB}" = hppusgCP1510
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}" = Google SketchUp 7
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7DD62206-7B6C-E32E-BD11-B49B3B089D16}" = CCC Help Danish
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0407-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9739158D-EDED-D628-9865-1460B5A7FAE3}" = CCC Help Portuguese
"{9809124C-0C4C-2367-7889-1E16D8EF1AAF}" = CCC Help Chinese Standard
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent
"{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}" = CCC Help Greek
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA68AAAE-41F0-40B5-8896-5947F5FD6889}" = AirPort
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AB13F192-49FC-A065-F15C-746B10CC43C8}" = CCC Help Japanese
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.10.29
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_955" = Adobe Acrobat 9.5.5 - CPSID_83708
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Deutsch
"{AE548812-D611-608D-61C6-7E40F28573A2}" = CCC Help Russian
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B932A416-28A7-4D08-89A6-7A0464DAD37D}" = hpzTLBXFX
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC63AEF9-1367-9F7C-5926-52E56450EDCD}" = CCC Help Spanish
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C1E2D27F-B363-588E-8859-9EF7F4EBF418}" = CCC Help Chinese Traditional
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}" = CCC Help Swedish
"{D8AC1EB5-E8B0-44A0-B113-899407188A2F}" = hppFonts
"{D92E093D-C577-4D55-AB3D-5E10AAA24D13}" = gDocBinder
"{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}" = CCC Help German
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}" = CCC Help English
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E121A4FE-009B-385B-BB0D-B934E2A88288}" = Google Talk Plugin
"{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}" = Catalyst Control Center Localization All
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}" = CCC Help Czech
"{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}" = Catalyst Control Center Graphics Previews Common
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}" = Google Drive
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{E9463114-898C-7C2A-2C47-E9ABC63F5D43}" = CCC Help Finnish
"{ED5BDA06-0D68-4B4C-93FE-50BE94ADA6E9}" = hppManualsCP1510
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FA602928-EB59-449c-B9F7-1FBE1291B63D}" = Syndicate™
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF10AC4D-3349-99DA-3E58-5197CEA1D833}" = CCC Help Italian
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}" = CCC Help Turkish
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Avira AntiVir Desktop" = Avira Free Antivirus
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"BIPA FotoShop" = BIPA FotoShop
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Diablo III" = Diablo III
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"FastCAD" = FastCAD
"ffdshow_is1" = ffdshow [rev 2280] [2008-11-02]
"Fractal Mapper_is1" = Fractal Mapper v8.01a
"Fractal Terrains 3" = Fractal Terrains 3
"Free ISO Grabber_is1" = Free ISO Grabber 4.1.5
"Inkscape" = Inkscape 0.46
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty® 4 - Modern Warfare 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Manhunt 2" = Manhunt 2
"Mein CEWE FOTOBUCH" = Mein CEWE FOTOBUCH
"Mozilla Firefox 27.0.1 (x86 de)" = Mozilla Firefox 27.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Origin" = Origin
"PDFCanvas V1.5" = PDFCanvas V1.5
"Rockstar Games Social Club" = Rockstar Games Social Club
"Sam and Max - Season One" = Sam and Max - Season One 1.0
"Scribus 1.3.3.12" = Scribus 1.3.3.12
"Scrivener 1030" = Scrivener Update
"SimpleScreenshot" = SimpleScreenshot 1.40
"StarCraft II" = StarCraft II
"Steam App 200510" = XCOM: Enemy Unknown
"Steam App 211420" = Dark Souls: Prepare to Die Edition
"Steam App 222750" = Wargame: AirLand Battle
"Steam App 224860" = Arma Tactics
"Steam App 235600" = Tom Clancy's Splinter Cell Blacklist
"Steam App 238960" = Path of Exile
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8930" = Sid Meier's Civilization V
"Steam App 94400" = Nidhogg
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"TreeSize Free_is1" = TreeSize Free V2.7
"Uplay" = Uplay
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.1.3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wondershare Video Converter Ultimate_is1" = Wondershare Video Converter Ultimate(Build 6.6.0.5)
"XMind" = XMind
"Xvid_is1" = Xvid 1.1.3 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.18
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 14
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 15
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 16
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 18
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 19
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 20
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 21
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 22
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 23
Error - 26.03.2014 16:20:01 | Computer Name = andeemachine | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 24
[ System Events ]
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7038
Description = Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit
dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%50 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1069
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7038
Description = Der Dienst "netprofm" konnte sich nicht als "NT AUTHORITY\LocalService"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%50 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Netzwerklistendienst" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1069
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7000
Description = Der Dienst "hpqcxs08" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1115
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7038
Description = Der Dienst "WdiServiceHost" konnte sich nicht als "NT AUTHORITY\LocalService"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%50 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Diagnosediensthost" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1069
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007042d
Error - 25.03.2014 19:02:05 | Computer Name = andeemachine | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = Fehler beim Starten des Assistenten für das Sprachpaket-Setup. Führen
Sie einen Neustart des Systems aus, und führen Sie den Assistenten erneut aus.
Error - 26.03.2014 15:56:59 | Computer Name = andeemachine | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.
< End of report >
Edited by Belnifore, 26 March 2014 - 03:04 PM.