Trojaner-Board - Win7: werde regelmäßig auf Desktop geschmissen, Programm öffnet und schließt sich kurz in Programmleiste

Code:

OTL logfile created on: 12.02.2015 10:59:08 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\XXX YYY\Desktop

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17501)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,68 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 23,00% Memory free

7,35 Gb Paging File | 3,89 Gb Available in Paging File | 52,85% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 111,17 Gb Total Space | 12,80 Gb Free Space | 11,51% Space Free | Partition Type: NTFS

 

Computer Name: XXXYYY-VAIO | User Name: XXX YYY | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\XXX YYY\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation)

PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

PRC - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)

PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ()

PRC - C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)

PRC - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe (Microsoft Corporation)

PRC - C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()

PRC - C:\Programme\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (DEVGURU Co., LTD.)

PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

PRC - C:\Programme\Sony\VAIO Care\listener.exe ()

PRC - C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)

PRC - C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe ()

PRC - C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe ()

PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)

PRC - C:\Windows\SysWOW64\prevhost.exe (Microsoft Corporation)

PRC - c:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe (QUALCOMM, Inc.)

PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)

PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)

PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\FastStone Capture\FSCapture.exe ()

 

 
 ========== Modules (No Company Name) ==========

 

MOD - c:\users\XXXrau~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_a6zrt.dll ()

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()

MOD - C:\Program Files (x86)\Steam\video.dll ()

MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()

MOD - C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll ()

MOD - C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll ()

MOD - C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll ()

MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\92a3b88ac6300af062edd6503bc5903c\System.IdentityModel.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\316b149dbb031d0e35c9d57bb2fc4b6e\System.ServiceModel.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\7ab3e68c2e523f60bfc4f222cbd1c1d0\System.Xml.Linq.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\38d6578b4fe29bede85ffff08e3697b6\PresentationFramework-SystemXml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\9370714a38ae2805434296b26a9f5b14\PresentationFramework-SystemXmlLinq.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\4df6733efc348c009a4a6e0adccc42a6\PresentationFramework-SystemData.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Shor#\6d11b1280a9a392d44aa6521e2556554\Vodafone.Model.Shortcut.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Conn#\1f7c7abe1f996fc1c0b3f7b84756935a\Vodafone.Model.Connection.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Secon#\fdbb2979fdc6741ea5831d2f3c33c817\Vodafone.View.SecondaryWindows.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Vpn\c6e757994ee024eb51b8315d50b830d4\Vodafone.Vpn.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.FortinetCo#\acc9994c2360c02708f2df8545964a05\Vodafone.FortinetConnector.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.BusinessLo#\d215f84e68a80fd6764101688d8d6afc\Vodafone.BusinessLogic.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceMana#\172dd8b2ffe4d266341ed18fc2b0ad42\Vodafone.DeviceManagement.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LanWlanMan#\00276057b3eab06ccf44e69342fee7cd\Vodafone.LanWlanManager.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Common.Logging\130217a40884b8223387289476e0b369\Common.Logging.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Spring.Core\9abaae8e1e3d1f7e2f1b29dc7cbebafb\Spring.Core.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\2606b67de3a2bfa7330c30f3a1afb5ff\Vodafone.Contracts.Presenter.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.InstancePr#\6b3bbbd2d8df19986ca6d81d71c4a620\Vodafone.InstanceProvider.Impl.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.CommonDial#\7ddbfd7d906aba4a4ceafb46695bcb1e\Vodafone.CommonDialogs.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\02f6143d2c1c4a56f4859fddc52b1b1b\Vodafone.Contracts.View.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\38c6e4589d8305015e679397491ac790\Vodafone.Contracts.Model.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.UpdateMana#\d91aa460c6ef2e24c8d894926324ca00\Vodafone.UpdateManager.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.ReportingM#\6b7f22226fa804f268049d7a1cc8e069\Vodafone.ReportingManager.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsContact#\d9a5f52353cfb0bdae1008b37a9a661b\Vodafone.SmsContactManager.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.OutlookCon#\5d57d33088f8b61a2e67724c5c9d448e\Vodafone.OutlookConnector.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.TrafficOpt#\80a661491008870892b3df895c7c9494\Vodafone.TrafficOptimiser.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.WwanWrapper\141c9d8ee374af48e387086029847736\Vodafone.WwanWrapper.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\6d16b105f4110fe112de7033fde6080f\Vodafone.MobileBroadband.CallbackHandler.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\fb0231c220234f61cb937ce8b59eac38\Vodafone.ConnectionServices.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\c6aed7007b040c395bd822602b38663e\Vodafone.Contracts.Common.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\598964772a2907ab8164c095f316336a\Vodafone.Contracts.Adapter.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Applicatio#\6e21f0516168665f220378804c93e5f5\Vodafone.ApplicationHost.Impl.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\40bdbb0dc4396b08b4e252f0a98b1e49\Vodafone.SettingsManager.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\f808ee3535387fb7135d906fd06f99ab\Vodafone.DataAccessor.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\ac46c145e1e72641f2f324c7f78a395c\MobileBroadbandResources.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Win32\1f3d0d19fe930a5d2b38723a9514b887\Vodafone.Win32.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\5850044a65af63ab08b3c3f6f8250412\Vodafone.Common.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\5d2d2ef2c4da9cc3bd59449347125aa7\Vodafone.Data.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\c52f2b752f831abf01960e77ab4de8e6\Vodafone.Platform.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\9d036ebb6ab008752843fabd507f4d0f\Vodafone.LogEngine.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadband\0ef374b6e55a6d75448955c6f338f187\MobileBroadband.ni.exe ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\99cdfef98595ed91f14936cf52a49c54\System.Management.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\1f861b2b88c8a5a5b3b6c6144dc261d2\IAStorUtil.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a229c5bed4a12b5db6ca55d223ada6df\System.ServiceProcess.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\03a626bdcfdec1158034377d1edc5f4d\System.Design.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\875c35969785fa170d186e7ca546ac9e\System.Runtime.Remoting.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f45bc0251cceb599622f55cc1c7f4aba\System.Transactions.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\4b335bfaa07fc54f2d72213d33f53e97\System.Data.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\fc21baf1fd69ebbc21be4a9189951fc0\System.Security.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\5d2c01ae1ca8c40ed74cdfd7b7b7dcb1\System.Data.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\cc7bb025e7cca401787cec5893c2cb67\System.ComponentModel.Composition.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\5e84979fadb7eb63caedea9f4acefcc9\System.Data.Linq.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\c90a4b709b46b64c89fce02585d55370\System.Management.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\902843918d037f5f3511d679bf1e2216\System.ServiceProcess.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll ()

MOD - C:\Program Files (x86)\Steam\v8.dll ()

MOD - C:\Program Files (x86)\Steam\icui18n.dll ()

MOD - C:\Program Files (x86)\Steam\icuuc.dll ()

MOD - C:\Program Files (x86)\Steam\libavcodec-56.dll ()

MOD - C:\Program Files (x86)\Steam\libswscale-3.dll ()

MOD - C:\Program Files (x86)\Steam\libavformat-56.dll ()

MOD - C:\Program Files (x86)\Steam\libavutil-54.dll ()

MOD - C:\Program Files (x86)\Steam\libavresample-2.dll ()

MOD - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll ()

MOD - C:\Program Files (x86)\Steam\SDL2.dll ()

MOD - C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\libGLESv2.dll ()

MOD - C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\libEGL.dll ()

MOD - C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll ()

MOD - C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.FNCClient11#\3a55f96f50938ec904bc6c62066529c3\Interop.FNCClient11Lib.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\f28f529f01ffbdb55a4099ad9c9394c3\Interop.Shell32.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\6d59d9742c26700fc254ea66189c9b70\Vodafone.ConnectionManagement.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\ca50dccc60c3d966e536b6b9842f98de\Vodafone.SmsProfileManager.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Conflictin#\8e25c8199d77606fda99470ea99726ad\Vodafone.ConflictingApplications.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.NtServiceM#\37a397c89b8d3479378d1eab94c95579\Vodafone.NtServiceMessaging.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\0483c93466914f3fbd5b44454b0c8a98\Accessibility.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll ()

MOD - C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qmng.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtga.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\plugins\platforms\qwindows.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qico.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qgif.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QHttpServer.dll ()

MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()

MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll ()

MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAuXXXationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAuXXXationTypes.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4c8a153aa66fcd62db6fff269a2ef2b4\System.Numerics.ni.dll ()

MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()

MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

MOD - C:\Programme\Sony\VAIO Care\listener.exe ()

MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()

MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()

MOD - C:\Program Files (x86)\Sony\Marketing Tools\Win32Interop.dll ()

MOD - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll ()

MOD - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()

MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()

MOD - C:\Program Files (x86)\FastStone Capture\FSCapture.exe ()

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - (mcbootdelaystartsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)

SRV:64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)

SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Intel Corporation)

SRV:64bit: - (nvservice) -- C:\Windows\SysNative\nvservice.exe (NVIDIA Corporation)

SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (Avira.OE.ServiceHost) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (Razer Game Scanner Service) -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ()

SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)

SRV - (ss_conn_service) -- C:\Programme\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (DEVGURU Co., LTD.)

SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (RzOvlMon) -- C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe (Razer, Inc.)

SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation)

SRV - (USER_ESRV_SVC) -- C:\Programme\Sony\VAIO Care\ESRV\esrv_svc.exe (Intel Corporation)

SRV - (ESRV_SVC) -- C:\Programme\Sony\VAIO Care\ESRV\esrv_svc.exe (Intel Corporation)

SRV - (McComponentHostServiceSony) -- C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe (McAfee, Inc.)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

SRV - (Internet Manager. RunOuc) -- C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe ()

SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()

SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)

SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)

SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)

SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)

SRV - (QDLService2kSony) -- c:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe (QUALCOMM, Inc.)

SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)

SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)

SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)

SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)

SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (semav6thermal64ro) -- C:\Windows\SysNative\drivers\semav6thermal64ro.sys ()

DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer Inc)

DRV:64bit: - (rzpnk) -- C:\Windows\SysNative\drivers\rzpnk.sys (Razer, Inc.)

DRV:64bit: - (rzpmgrk) -- C:\Windows\SysNative\drivers\rzpmgrk.sys (Razer, Inc.)

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)

DRV:64bit: - (rzmpos) -- C:\Windows\SysNative\drivers\rzmpos.sys (Razer Inc)

DRV:64bit: - (rzendpt) -- C:\Windows\SysNative\drivers\rzendpt.sys (Razer Inc)

DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV:64bit: - (RzDxgk) -- C:\Windows\SysNative\drivers\RzDxgk.sys (Razer, Inc.)

DRV:64bit: - (RzFilter) -- C:\Windows\SysNative\drivers\RzFilter.sys (Razer, Inc.)

DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)

DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)

DRV:64bit: - (RRNetCapMP) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)

DRV:64bit: - (RRNetCap) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)

DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)

DRV:64bit: - (huawei_wwanecm) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (huawei_cdcacm) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (huawei_ext_ctrl) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)

DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)

DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)

DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)

DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)

DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)

DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)

DRV:64bit: - (qcusbnetsny2k) -- C:\Windows\SysNative\drivers\qcusbnetsny2k.sys (QUALCOMM Incorporated)

DRV:64bit: - (qcusbsersny2k) -- C:\Windows\SysNative\drivers\qcusbserSny2k.sys (QUALCOMM Incorporated)

DRV:64bit: - (qcombussny) -- C:\Windows\SysNative\drivers\qcombussny.sys (MCCI)

DRV:64bit: - (qcfiltersny2k) -- C:\Windows\SysNative\drivers\qcfiltersny2k.sys (QUALCOMM Incorporated)

DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)

DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)

DRV:64bit: - (ew_usbenumfilter) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (e1kexpress) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{3617BCD7-E991-4BB5-8542-09A0B20EE913}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\..\SearchScopes\{794C16B2-C354-42CB-8212-172F5BD771B6}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}

IE - HKCU\..\SearchScopes\{A70EC677-F517-45E6-831A-E87104D7AC0B}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Google"

FF - prefs.js..browser.search.isUS: false

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "www.google.de"

FF - prefs.js..extensions.enabledAddons: tineye%40ideeinc.com:1.1

FF - prefs.js..extensions.enabledAddons: toolbar%40alexa.com:1.8.0

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1

FF - prefs.js..extensions.enabledItems: toolbar@alexa.com:2.11

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: passwordbank@upek.com:5.9.3.6319.3.6

FF - prefs.js..network.proxy.autoconfig_url: "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*'))%20%7B%20return%20'PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"

FF - prefs.js..network.proxy.type: 2

FF - prefs.js..services.sync.prefs.sync.browser.search.selectedEngine: true

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll File not found

FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL File not found

FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\XXX YYY\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\XXX YYY\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF - HKCU\Software\MozillaPlugins\LWAPlugin15.8: C:\Users\XXX YYY\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll (Microsoft Corporation)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 31.4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 31.4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

 

[2013.03.20 12:29:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\Extensions

[2013.03.19 02:15:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2015.02.10 17:26:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\Firefox\Profiles\gwlew6n9.default\extensions

[2015.02.03 10:47:08 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\Firefox\Profiles\gwlew6n9.default\extensions\abs@avira.com

[2013.03.20 12:33:34 | 000,000,000 | ---D | M] (Password Bank) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\Firefox\Profiles\gwlew6n9.default\extensions\passwordbank@upek.com

[2013.03.20 11:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\Firefox\Profiles\rsv63erq.default\extensions

[2014.10.28 17:08:14 | 001,443,602 | ---- | M] () (No name found) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\firefox\profiles\gwlew6n9.default\extensions\firefox@ghostery.com.xpi

[2014.07.06 13:36:20 | 000,394,918 | ---- | M] () (No name found) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\firefox\profiles\gwlew6n9.default\extensions\firegestures@xuldev.org.xpi

[2015.02.10 17:26:58 | 000,174,448 | ---- | M] () (No name found) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\firefox\profiles\gwlew6n9.default\extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi

[2015.02.10 17:26:59 | 002,178,746 | ---- | M] () (No name found) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\firefox\profiles\gwlew6n9.default\extensions\jid1-T5mdAATMX3urKA@jetpack.xpi

[2013.06.20 17:13:34 | 000,178,105 | ---- | M] () (No name found) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\firefox\profiles\gwlew6n9.default\extensions\rapportive@rapportive.com.xpi

[2013.03.19 02:16:06 | 000,008,001 | ---- | M] () (No name found) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\firefox\profiles\gwlew6n9.default\extensions\tineye@ideeinc.com.xpi

[2015.02.09 12:15:39 | 000,086,749 | ---- | M] () (No name found) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\firefox\profiles\gwlew6n9.default\extensions\toolbar@alexa.com.xpi

[2013.03.19 02:16:06 | 000,077,793 | ---- | M] () (No name found) -- C:\Users\XXX YYY\AppData\Roaming\mozilla\firefox\profiles\gwlew6n9.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}.xpi

[2013.03.19 02:16:10 | 000,002,103 | ---- | M] () -- C:\Users\XXX YYY\AppData\Roaming\mozilla\firefox\profiles\gwlew6n9.default\searchplugins\translate-korean-to-english.xml

[2015.02.05 17:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2015.01.29 14:05:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[2015.01.29 14:05:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2015.01.29 14:05:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions

[2015.01.29 14:05:19 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

 
 ========== Chrome  ==========

 

CHR - default_search_provider:  (Enabled)

CHR - default_search_provider: search_url = 

CHR - default_search_provider: suggest_url = 

CHR - plugin: Error reading preferences file

CHR - Extension: No name found = C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped\6.6_0\

CHR - Extension: No name found = C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\

CHR - Extension: No name found = C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.4_0\

CHR - Extension: No name found = C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl\1.0.0.9_0\

CHR - Extension: No name found = C:\Users\XXX YYY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

 

O1 HOSTS File: ([2015.02.09 21:10:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.

O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)

O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll (Microsoft Corporation)

O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite\launcher.exe (UPEK Inc.)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)

O4 - HKLM..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)

O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)

O4 - HKCU..\Run: [GoogleChromeAutoLaunch_550EDA027B4B11347618D98EDCBB3ADF] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

O4 - HKCU..\Run: [SkyDrive] C:\Users\XXX YYY\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)

O4 - Startup: C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\XXX YYY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk = C:\Program Files (x86)\FastStone Capture\FSCapture.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)

O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)

O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)

O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)

O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)

O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O13 - gopher Prefix: missing

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.10

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{151AB8A6-ED2A-4662-A219-5E83E7F62040}: DhcpNameServer = 192.168.0.10

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{876E33B5-EE1E-4322-8F79-79EB6087A1E2}: NameServer =  

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA2DF348-6AB3-482F-A8BC-41E89158A468}: DhcpNameServer = 10.74.210.210 10.74.210.211

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA2DF348-6AB3-482F-A8BC-41E89158A468}: NameServer = 10.74.210.210 10.74.210.211

O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\osf - No CLSID value found

O18:64bit: - Protocol\Handler\sacore - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\dssrequest - No CLSID value found

O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)

O18 - Protocol\Handler\sacore - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18:64bit: - Protocol\Filter\application/x-mfe-ipt - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-mfe-ipt - No CLSID value found

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\Protector Suite\psqlpwd.dll) - C:\Programme\Protector Suite\psqlpwd.dll (UPEK Inc.)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2015.02.12 10:56:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\XXX YYY\Desktop\OTL.exe

[2015.02.11 15:25:14 | 000,000,000 | ---D | C] -- C:\Users\XXX YYY\Desktop\FRST-OlderVersion

[2015.02.11 15:24:20 | 002,134,016 | ---- | C] (Farbar) -- C:\Users\XXX YYY\Desktop\FRST64.exe

[2015.02.09 21:12:24 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN

[2015.02.09 20:56:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2015.02.09 20:56:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2015.02.09 20:56:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2015.02.09 20:56:10 | 000,000,000 | ---D | C] -- C:\Qoobox

[2015.02.09 20:56:00 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

[2015.02.09 20:54:56 | 005,611,930 | R--- | C] (Swearware) -- C:\Users\XXX YYY\Desktop\ComboFix.exe

[2015.02.09 18:04:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)

[2015.02.09 18:03:25 | 000,000,000 | ---D | C] -- C:\Users\XXX YYY\Desktop\mbar

[2015.02.09 17:59:00 | 000,000,000 | ---D | C] -- C:\ProgramData\OnlineUpdate

[2015.02.09 17:59:00 | 000,000,000 | ---D | C] -- C:\ProgramData\log

[2015.02.09 12:00:25 | 000,000,000 | ---D | C] -- C:\FRST

[2015.02.09 09:37:50 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2015.02.05 17:20:32 | 000,000,000 | ---D | C] -- C:\Users\XXX YYY\Documents\Dungeon of the Endless

[2015.02.05 16:56:36 | 000,136,408 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys

[2015.02.05 16:56:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

[2015.02.05 16:56:00 | 000,097,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys

[2015.02.05 16:56:00 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys

[2015.02.05 16:56:00 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2015.02.05 16:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware

[2015.02.05 16:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2015.02.04 15:20:33 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe

[2015.02.04 15:20:29 | 005,553,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2015.02.04 15:20:29 | 003,971,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2015.02.04 15:20:28 | 003,916,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2015.02.04 15:20:28 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll

[2015.02.04 15:20:28 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe

[2015.02.04 15:20:28 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll

[2015.02.04 15:20:25 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll

[2015.02.04 15:20:14 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2015.02.04 15:20:14 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2015.01.29 14:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2015.01.24 16:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam

[2015.01.23 16:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VTech

[2015.01.23 16:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\VTech

[2015.01.23 16:45:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VTech

[2015.01.21 15:56:50 | 000,000,000 | ---D | C] -- C:\Users\XXX YYY\AppData\Roaming\webex

[2015.01.21 15:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\WebEx

[2015.01.21 15:56:20 | 000,000,000 | ---D | C] -- C:\Users\XXX YYY\AppData\Local\WebEx

[2015.01.19 15:12:51 | 000,000,000 | ---D | C] -- C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps

[2015.01.19 15:12:47 | 000,000,000 | ---D | C] -- C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2015.01.19 14:58:04 | 000,000,000 | ---D | C] -- C:\Users\XXX YYY\Documents\Google USB driver

[2015.01.19 13:39:09 | 000,110,336 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys

[2015.01.19 13:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG

[2015.01.19 13:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung

[2015.01.19 13:21:07 | 000,000,000 | ---D | C] -- C:\Users\XXX YYY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod

[2015.01.19 13:21:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ClockworkMod

[2015.01.17 18:47:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird

[2015.01.15 15:37:41 | 000,000,000 | ---D | C] -- C:\Windows\de

[2015.01.15 15:37:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

[2015.01.15 15:36:09 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll

[2007.08.13 16:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\XXX YYY\AppData\Local\CDRip.dll

[2007.01.18 20:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\XXX YYY\AppData\Local\No23 Recorder.exe

[2006.12.11 18:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\XXX YYY\AppData\Local\basscd.dll

[2006.12.11 18:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\XXX YYY\AppData\Local\bass.dll

[2 C:\*.tmp files -> C:\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2015.02.12 10:57:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\XXX YYY\Desktop\OTL.exe

[2015.02.12 10:53:43 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2015.02.12 10:52:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2015.02.12 10:52:38 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2015.02.11 16:13:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2015.02.11 16:04:49 | 002,134,016 | ---- | M] (Farbar) -- C:\Users\XXX YYY\Desktop\FRST64.exe

[2015.02.11 15:35:00 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2015.02.11 15:35:00 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2015.02.11 15:33:36 | 001,629,436 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2015.02.11 15:33:36 | 000,703,214 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2015.02.11 15:33:36 | 000,657,406 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2015.02.11 15:33:36 | 000,150,822 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2015.02.11 15:33:36 | 000,123,218 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2015.02.11 15:27:14 | 2961,563,648 | -HS- | M] () -- C:\hiberfil.sys

[2015.02.11 15:18:05 | 000,852,594 | ---- | M] () -- C:\Users\XXX YYY\Desktop\SecurityCheck.exe

[2015.02.09 21:10:00 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2015.02.09 20:55:00 | 005,611,930 | R--- | M] (Swearware) -- C:\Users\XXX YYY\Desktop\ComboFix.exe

[2015.02.09 18:04:32 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys

[2015.02.09 18:03:28 | 000,097,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys

[2015.02.09 11:58:11 | 000,000,000 | ---- | M] () -- C:\Users\XXX YYY\defogger_reenable

[2015.02.05 16:28:09 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2015.02.05 16:28:09 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2015.02.04 15:41:38 | 000,446,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2015.01.23 16:45:52 | 000,001,169 | ---- | M] () -- C:\Users\Public\Desktop\VTech Download Manager.lnk

[2015.01.21 15:32:54 | 000,103,435 | ---- | M] () -- C:\Users\XXX YYY\Documents\zustimmung_uste2012-signed.pdf

[2015.01.21 15:32:16 | 000,102,722 | ---- | M] () -- C:\Users\XXX YYY\Documents\zustimmung_este2012-signed.pdf

[2015.01.20 14:18:41 | 000,368,519 | ---- | M] () -- C:\Users\XXX YYY\Documents\379827381 Geschäftskonto von 2012.pdf

[2015.01.20 14:18:12 | 001,687,247 | ---- | M] () -- C:\Users\XXX YYY\Documents\7150717 von 2012.pdf

[2015.01.19 15:12:47 | 000,002,263 | ---- | M] () -- C:\Users\XXX YYY\Desktop\Chrome App Launcher.lnk

[2 C:\*.tmp files -> C:\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2015.02.11 15:18:02 | 000,852,594 | ---- | C] () -- C:\Users\XXX YYY\Desktop\SecurityCheck.exe

[2015.02.09 20:56:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2015.02.09 20:56:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2015.02.09 20:56:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2015.02.09 20:56:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2015.02.09 20:56:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2015.02.09 11:58:11 | 000,000,000 | ---- | C] () -- C:\Users\XXX YYY\defogger_reenable

[2015.01.23 16:45:52 | 000,001,169 | ---- | C] () -- C:\Users\Public\Desktop\VTech Download Manager.lnk

[2015.01.21 15:32:54 | 000,103,435 | ---- | C] () -- C:\Users\XXX YYY\Documents\zustimmung_uste2012-signed.pdf

[2015.01.21 15:32:16 | 000,102,722 | ---- | C] () -- C:\Users\XXX YYY\Documents\zustimmung_este2012-signed.pdf

[2015.01.20 14:18:41 | 000,368,519 | ---- | C] () -- C:\Users\XXX YYY\Documents\379827381 Geschäftskonto von 2012.pdf

[2015.01.20 14:18:12 | 001,687,247 | ---- | C] () -- C:\Users\XXX YYY\Documents\7150717 von 2012.pdf

[2015.01.19 15:12:47 | 000,002,263 | ---- | C] () -- C:\Users\XXX YYY\Desktop\Chrome App Launcher.lnk

[2015.01.15 15:37:25 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk

[2014.04.05 12:13:59 | 000,000,017 | ---- | C] () -- C:\Users\XXX YYY\AppData\Local\resmon.resmoncfg

[2014.01.07 17:28:04 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini

[2013.09.13 13:59:12 | 000,001,509 | ---- | C] () -- C:\Users\XXX YYY\AppData\Local\RecConfig.xml

[2013.06.18 09:01:33 | 000,000,870 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2013.06.06 12:42:26 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI

[2013.04.23 09:18:09 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll

[2013.03.25 14:28:50 | 000,000,032 | ---- | C] () -- C:\Users\XXX YYY\.simfy

[2013.03.25 12:25:49 | 001,603,716 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2013.03.20 12:05:56 | 000,000,000 | ---- | C] () -- C:\Users\XXX YYY\AppData\Local\{E0B5EB61-5E6A-4483-A017-B5D5359A35B3}

[2013.03.20 12:05:56 | 000,000,000 | ---- | C] () -- C:\Users\XXX YYY\AppData\Local\{8163A258-9D27-40E7-8400-AAC988DB596D}

[2010.05.17 14:20:06 | 000,157,382 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

 
 ========== ZeroAccess Check ==========

 

[2013.03.19 02:13:42 | 000,000,000 | ---D | M] -- C:\Users\XXX YYY\AppData\Local\{4fa287a5-a9e8-a902-8c66-f7e1d24caa8e}\L

[2013.03.19 02:13:42 | 000,000,000 | ---D | M] -- C:\Users\XXX YYY\AppData\Local\{4fa287a5-a9e8-a902-8c66-f7e1d24caa8e}\U

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 
 ========== Files - Unicode (All) ==========

[2013.10.22 07:50:35 | 102,303,549 | ---- | M] ()(C:\Windows\SysWow64\???D) -- C:\Windows\SysWow64\ႢअD

[2013.10.21 21:57:42 | 102,303,549 | ---- | C] ()(C:\Windows\SysWow64\???D) -- C:\Windows\SysWow64\ႢअD

[2013.09.26 08:48:15 | 097,892,804 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ꅤꋼˆ

[2013.09.26 08:48:15 | 097,892,804 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ꅤꋼˆ

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:7C784982
 

< End of report >

Code:

OTL Extras logfile created on: 12.02.2015 10:59:08 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\XXX YYY\Desktop

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17501)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,68 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 23,00% Memory free

7,35 Gb Paging File | 3,89 Gb Available in Paging File | 52,85% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 111,17 Gb Total Space | 12,80 Gb Free Space | 11,51% Space Free | Partition Type: NTFS

 

Computer Name: XXXYYY-VAIO | User Name: XXX YYY | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 
 ========== Firewall Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{063A3779-2A95-4225-A532-70711CA6746D}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{0BCBA248-8D90-4A04-81F7-2811E2E8D271}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{16E195E0-1B6C-413F-8E52-3D46E19F4FDD}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 

"{203CE65A-898F-4C46-97CA-44EF06ED06E7}" = lport=12972 | protocol=6 | dir=in | name=audials localhttpserver 12972 | 

"{21AC4557-8664-43E6-A09E-39A3D485195C}" = lport=138 | protocol=17 | dir=in | app=system | 

"{2A337B81-23B2-401F-972B-D79EFEA3463C}" = lport=9997 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vaioshell.exe | 

"{39B20583-D18B-4C05-8793-FA1EAA38B6ED}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{41E0D1EB-68B5-4E6A-B8E2-E6839D649B4B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{45D0967E-49DE-4524-AEBB-DC1BB1489683}" = lport=137 | protocol=17 | dir=in | app=system | 

"{4B7ABFDA-1D2C-4EFE-A32C-13440ACF603F}" = lport=9996 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcsystemtray.exe | 

"{4EF779D1-A8EC-48BD-9CD0-5383C3852C39}" = lport=139 | protocol=6 | dir=in | app=system | 

"{50FE81F8-7C9A-40A1-BD9D-6CA92A0EA745}" = lport=31931 | protocol=6 | dir=in | name=audials localhttpserver 31931 | 

"{511982EB-13C1-47A7-AFE6-3FBDAEFAB5DB}" = rport=138 | protocol=17 | dir=out | app=system | 

"{580B05D9-F478-4154-9AB1-17600EE2363B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

"{6DC34417-CEA5-4F34-84A3-13C7124D5071}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{7376E49C-E0C2-411E-8477-15984B449014}" = rport=445 | protocol=6 | dir=out | app=system | 

"{73E7AC66-3A06-4CF3-A8C2-086759F725A9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{771FECFD-B8EF-4BAB-A6F7-F68B60AAD487}" = rport=139 | protocol=6 | dir=out | app=system | 

"{77C251A7-DD4A-4008-9678-8616708F6D50}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{90F9E177-8F48-4641-9764-06D5F93D8031}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{92A2267C-6DB4-4303-B8A8-0DF5352A93B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{974FBFBA-6423-49AD-A4E5-7BFB2D8F7EF6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{A1F5A213-4EF1-4F37-B802-1A012AEC4F7C}" = lport=445 | protocol=6 | dir=in | app=system | 

"{AE210627-49D0-40B3-B6BA-260946820D5D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{AEDF4E97-C394-4A4B-B830-931698D2A3FA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{B4F6D652-D738-4EA9-A2BF-439F4FC0B406}" = lport=9998 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcadmin.exe | 

"{B8A5C112-7A58-4350-B1FB-1F8012CC7D20}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 

"{C1D64EE0-1624-48E8-8FEC-E89E3832B729}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{C8D8AAC2-D961-40FB-85FD-533CC94E7523}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{D329CFD5-35BA-47E0-983A-416E08CB603F}" = lport=14714 | protocol=6 | dir=in | name=audials localhttpserver 14714 | 

"{D52601B5-E066-4E3B-BCE6-3D0B66E0B5F5}" = rport=137 | protocol=17 | dir=out | app=system | 

"{D87391AF-22B0-40CD-B723-F469A3C2AD36}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{E0FDA7CC-FA10-407F-97CC-9CA1E101C181}" = lport=9999 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcagent.exe | 

"{E4425786-8787-4022-B443-368FE10E40B1}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{E6A92D03-B137-4C8E-82AE-A19BD821A481}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{FA44A6B5-FC17-4E5A-BCAC-D8E06C3C0750}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{FBC2CAB8-7B65-40A3-8762-9AA1FADE8BE1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02008C47-649D-4151-BE15-29FF78DBD1FC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\giana sisters twisted dreams\launcher\gslauncher.exe | 

"{0224A574-4717-48D4-B5FD-BF2FCD9C5EF2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chainsawwarrior\cwsteampc.exe | 

"{04F8793C-AF62-4B8C-8452-D13AB273535B}" = dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe | 

"{07083557-CEF9-4515-AA61-217578126BA0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cinders\cinders.exe | 

"{0A6D06E8-4909-438D-BC45-503BC49178EF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2753\agent.exe | 

"{0BF70633-85F9-4C96-A9F6-E4AC583740B7}" = protocol=6 | dir=out | app=system | 

"{0C16132A-2B4E-4ADA-A973-6947893ACF18}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sokobond\sokobond.exe | 

"{0CE3D085-4BD3-4612-90E4-1AC31243942F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chainsawwarrior\cwsteampc.exe | 

"{0E9B3FC2-7B98-4FBF-8CC9-258547E0D2E1}" = protocol=17 | dir=in | app=c:\program files (x86)\nuance\pdf professional 8\bin\gpdfdirect.exe | 

"{0ED87E37-53C6-41EA-9DF1-383BDCD81C15}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gunpoint\gunpoint.exe | 

"{10325DB3-E8DE-414A-9F11-510CCD3C3002}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe | 

"{114010BC-697E-453B-A3C0-4CC0BFF92A04}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\frozen synapse\frozensynapse.exe | 

"{11AAFFFB-76A8-43BC-BB7C-A2FC97DD2928}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 

"{1310E7E9-AC9A-4355-A0AF-9D6278BACBBC}" = protocol=6 | dir=in | app=c:\users\XXX YYY\appdata\roaming\processmaker-2_5_0\mysql\bin\mysqld.exe | 

"{160EFD61-51F8-47A5-9911-6ABB7EF0A444}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mars war logs\marswarlogs.exe | 

"{19BF4201-7638-41BF-BBF7-0ED1039FA25D}" = protocol=17 | dir=in | app=c:\users\XXX YYY\appdata\roaming\processmaker-2_5_0\apache\bin\httpd.exe | 

"{1A2B8A77-C5BC-4ED7-9E30-D73E7E79986D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe | 

"{1A7ADA1F-3EE6-4889-949F-D5A7DC934B3F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{1C7F41E3-E8A3-42C0-85F0-1C1086F474AD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\giana sisters twisted dreams\launcher\gslauncher.exe | 

"{20028CC3-77EA-4E80-8D42-21468DB951BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bejeweled 2 deluxe\winbej2.exe | 

"{2147848A-E363-4D2A-87FC-0A44B68C638C}" = protocol=17 | dir=in | app=c:\users\XXX YYY\appdata\roaming\processmaker-2_5_0\mysql\bin\mysqld.exe | 

"{224F2E49-9050-4D82-B08D-3CC48B847300}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | 

"{229B80CC-B97D-4F71-912E-9D019F140E0B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | 

"{2455EE32-CF35-44D1-8593-B72FD53D51B7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe | 

"{269D2C47-496C-48D2-9C2B-18461296BE7E}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 

"{26CDA42C-A90C-4B9C-B047-49981B910D87}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\insaniquarium deluxe\insaniquarium.exe | 

"{289A7D37-4A91-4445-B0B3-CF0C391C15CD}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe | 

"{291094B8-7CF8-4FBC-A4B5-8940A9C611DB}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe | 

"{295490EF-2FF1-4074-B6B7-D516CE36BF86}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 

"{2A0C8770-DD61-4CAD-B537-305DF3B1D1C5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe | 

"{2ACA3EE9-31A3-4FFF-9714-FFD1226967BF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe | 

"{2B2A4120-7DFA-4BAF-AB6C-297167C4530D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\uplink\uplink.exe | 

"{2CC6D04D-3935-4D65-90B5-AE63BFF4BB52}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe | 

"{2CDCCD0D-04C4-4ADE-827B-B4FCBA09B2D7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe | 

"{320388BF-A223-46F1-9514-78BBC2B95233}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2753\agent.exe | 

"{32096324-DB3C-47DD-8499-BBBEFFDAABBA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chainsawwarrior\cwsteam.exe | 

"{32950067-100A-4FCF-84F5-8D628F41B822}" = protocol=6 | dir=in | app=c:\program files (x86)\nuance\pdf professional 8\bin\gaaihodoc.exe | 

"{338B56DE-6DF1-4B34-830C-AEFEC1EADC39}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2293\agent.exe | 

"{37534F4C-33EC-4B82-9CBC-6C9C573FFCF8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deathskidmarks\deathskidmarks.exe | 

"{39F615DE-1A28-4A1F-AD4A-E6A00F392B6C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | 

"{3A315B74-B76B-480B-92A6-B4A43F67B5B9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | 

"{3BB2BF63-CD42-41F2-8867-C40FA0E7E5A9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2293\agent.exe | 

"{3CD0D160-B8FF-40F0-9F87-CF048FAEF1D7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe | 

"{3ED2E9D0-3D9A-4074-9A89-B13B18ED10FA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\monster loves you!\monsterlovesyou.exe | 

"{401486E7-905F-4E32-BEE4-1E18BDAE6565}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 

"{411D4B47-9890-4F70-A5EB-5B39C429CDD1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead mans draw\deadmansdraw.exe | 

"{4445547F-BA73-4C9B-8DCA-2ED4E72B1A35}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\psyhigh\psyhigh.exe | 

"{478FA93C-EDAD-49C4-8A7F-3852287C8D00}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | 

"{48FA7DF2-7871-42C7-A03F-D05D5A811C26}" = dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicatorcom.exe | 

"{497538E6-1305-4EE5-AB2D-50AA4DB8C4D6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2787\agent.exe | 

"{49D1877B-905F-47CB-BB5A-B4F45427AA73}" = protocol=6 | dir=in | app=c:\users\XXX YYY\appdata\roaming\processmaker-2_5_0\apache\bin\httpd.exe | 

"{49EFD2C9-C4AA-4C20-B9AF-C75A17A9C162}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{4A3CCADF-3F07-4885-BCB1-16FD19D3A42B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{4A8A2AA4-10E7-4CCD-9141-87A54462DE92}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | 

"{4A9B0620-A229-4E8B-AB10-F2E5478F6F98}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darkestdungeon\_windows\darkest.exe | 

"{4D2EAE32-63CA-4489-AA93-65478A7FB1C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{4D8DF0A5-FDF4-4ECC-BBF1-5D19FBA7DF89}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe | 

"{4F465210-4E0D-44FD-A944-F24E84B7F06B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe | 

"{5175858A-6BC5-45ED-9C8A-79643F24E959}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe | 

"{533C2862-1013-474F-B493-98D85B0C49A6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe | 

"{57BDA756-2DB9-4E9D-87F0-596C9D0DD9AB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\solforge\solforge.exe | 

"{58839502-EBCA-4B3D-A691-2206D4BB4F05}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darkestdungeon\_windows\darkest.exe | 

"{58FA5AB6-48A4-49E3-878B-9C5985330E80}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\solforge\solforge.exe | 

"{5928E315-08E5-43F2-B55D-00365490E7FF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\papersplease\papersplease.exe | 

"{59309D35-D85F-447D-B0DA-E3493F81ED8B}" = protocol=17 | dir=in | app=c:\program files (x86)\nuance\pdf professional 8\pdfrouter.exe | 

"{5A0DD736-797B-4B5E-B322-91F4F89004FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\7 grand steps 01\7 grand steps.exe | 

"{5A1FEC78-AA3A-4283-907C-F3BC7B0CDF6F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe | 

"{5AB883A1-96DE-4C71-B0B0-49D7D3CB18ED}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{5B236954-6935-41A6-84CC-4F5CB6621064}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | 

"{5B27FCE7-ECBC-4CE5-9DA2-047E5D6F01E9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe | 

"{5B558A15-953C-493B-BBEA-7DDBFE424F5A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe | 

"{5EE5D99C-3D59-409B-9509-6FF497D86267}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2753\agent.exe | 

"{630248D2-E4E0-4421-A202-26B1A7699489}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | 

"{64C5A639-5D4F-4D26-81F3-0A4EB19F3D89}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe | 

"{65A08817-4103-4D3C-8311-71DAE0CF213B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ftl faster than light\ftlgame.exe | 

"{67D23936-1A77-4C36-9DBB-B46F6B7D7C05}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bejeweled 2 deluxe\winbej2.exe | 

"{688A2778-AFB4-4A6A-BCB9-5AAE76DEF090}" = protocol=6 | dir=in | app=c:\users\XXX YYY\appdata\roaming\dropbox\bin\dropbox.exe | 

"{696456D4-0D9F-487B-A0E8-3A23836C3178}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{69F0C99F-D208-4400-93E6-D5C6871A8E7A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe | 

"{6A5DD0A5-EB80-4C60-AB5B-0A347BD05F3D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe | 

"{6A6107D1-364A-4DF9-BFF9-27838231BEA5}" = protocol=6 | dir=in | app=c:\program files (x86)\nuance\pdf professional 8\bin\gpdfdirect.exe | 

"{6C82EC69-9BB7-45FE-823C-D0A693389C5A}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe | 

"{6D7836A3-CA5E-4C34-B7C6-3E3E2DF084D5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 

"{6D864A8F-0CAF-4B16-8A67-34DB655B658A}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 

"{6DCEB033-F3C0-4E46-867F-CC5DCA36D0F9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\choiceofthedeathless\choiceofthedeathless.exe | 

"{6DE989A7-7ADD-4776-84EB-FA933DC78F15}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{7151DC97-90B9-4F85-8CA2-EB1EA01BD444}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\papersplease\papersplease.exe | 

"{7265972C-A4C8-4C6E-8CF2-E0D11D3FBC79}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gunpoint\gunpoint.exe | 

"{7295C924-92C2-4A8B-9AA6-B2DE8D4A3AF7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{72B7A49E-3AFE-4608-958F-D2488DC899CE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\insaniquarium deluxe\insaniquarium.exe | 

"{736DA503-3391-4C5E-A7D6-86E1FADA14C9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\kentuckyroutezero\kentuckyroutezero.exe | 

"{776A0C4E-2607-47E3-AF18-0B0DCEB470C5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\world of goo\worldofgoo.exe | 

"{777A6642-8DB9-49C0-949D-1546CC03DFF0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ftl faster than light\ftlgame.exe | 

"{77A8D97B-8193-4648-9D2E-ABCC60564B02}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe | 

"{788DCA7D-C401-4E0D-B17A-B0B7222D4503}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | 

"{7A6D00BA-872C-4D1D-BB63-DD29252F2086}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | 

"{7C651631-F54E-4DDF-BB36-AAFD5CACC604}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe | 

"{7D778E56-1FDA-4712-9C91-0923E016A783}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hotline_miami\hotlinemiami.exe | 

"{7DE4CDA4-6558-4ADC-81DB-44419076A2C2}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe | 

"{7F93FF39-CC7A-4744-9740-60A53B3397D4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thebridge\the bridge.exe | 

"{806D5682-328F-4189-B5B4-CF2A8087944C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 

"{82ACF05B-F714-4A44-A601-1827240DB4C5}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{85493BBA-85F2-4076-84F3-71D2A0267304}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 

"{89C8AB0E-54D4-4C73-AE63-EEB2C5B847AA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe | 

"{89D1AA9A-2973-4B7C-BA55-B307469244CD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\puzzle quest\puzzle quest.exe | 

"{8B4B5CCA-3251-49F4-9C48-6D9227C0BEA1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thievesgambitcurseoftheblackcat\thievesgambitcurseoftheblackcat.exe | 

"{8C3C68C8-22D2-467A-A3FB-8D4F055328C8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe | 

"{8CC1C7F7-16B0-4752-B7FA-3C653B5E6195}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe | 

"{8D665BB6-FC39-4290-80FD-AFC24A3F3C09}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe | 

"{8DA63AC2-E9D3-44DF-A0AB-FBE6FD35A79B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe | 

"{8E17DCE8-4394-4FF8-A3A0-22A0F1B463C2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe | 

"{9072C1F6-F110-4523-867B-7F0299B4D0C2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{913506BF-061F-496E-863A-F00F64B474FD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pixel piracy\pixelpiracy.exe | 

"{968F7C19-4F50-46C2-8AA8-257A5F1F13AC}" = protocol=6 | dir=in | app=c:\program files (x86)\nuance\pdf professional 8\pdfrouter.exe | 

"{9757B46A-F09C-43BD-A90C-DCC91AADD60B}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe | 

"{977FA20B-58AF-4357-819D-1181F02CD1F3}" = protocol=17 | dir=in | app=c:\program files (x86)\nuance\pdf professional 8\pdfpro8hook.exe | 

"{985F9F31-5913-4E91-A778-9D314D1F3188}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\valiant hearts\valiant hearts.exe | 

"{994BEFE9-0A80-42FD-B7C1-6484172F7D38}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe | 

"{994E93E3-39A3-4004-A1D2-74C41AB85F67}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | 

"{9C69083C-0501-4873-A5F0-BD5F8CDBE73F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mars war logs\marswarlogs.exe | 

"{9CCD6EB9-0019-468F-9D48-3F66EFC4669C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bad hotel\badhotel.exe | 

"{9D877398-DB23-40FC-8A18-C3709CC919EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chainsawwarrior\cwsteam.exe | 

"{9EEC4112-1187-4651-8112-D9DAC637EC67}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\puzzle quest\puzzle quest.exe | 

"{9F93060D-385E-48F3-A430-301B3B1DD80A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\papersplease\papersplease.exe | 

"{A06AA6FB-6BD9-4A90-9884-68F5C1241D98}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{A18E1C9C-C369-4D33-962F-8149DC929237}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe | 

"{A37D8CD3-0F82-4DAF-9B65-3118722B402E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{A5BAB6BE-C710-4E59-9C3A-E2FA8B030EC0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chainsawwarrior\cwsteampc.exe | 

"{A927A942-8B95-4204-B471-CC22F99E261B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | 

"{A95A81E8-1B16-42CA-98D8-D4A30069E7F3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe | 

"{AA98799D-0FE1-48B5-BA8B-F095D6B8F932}" = dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe | 

"{AB61A989-B108-4172-BDE6-1A53FBF0A0C3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thirty_flights_of_loving\tfol.exe | 

"{ABE43271-C567-4B3B-AD91-05CA157FB254}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead mans draw\deadmansdraw.exe | 

"{AC4810FD-A4CB-435F-AE7F-C70CE3A3FDEA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe | 

"{ADCD9574-A3BB-41F4-A5C3-F15A39E37B13}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gods will be watching\gwbw.exe | 

"{ADFE0088-E7A9-485F-BF0E-0A4E49D77EAC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe | 

"{AE2E2113-FC68-4121-B266-4B8C1BD7DFD8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 

"{AFB873B0-98C9-4B50-ACEA-818C3915BBE8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe | 

"{AFB9F416-C22D-4AC1-9792-CC08E5A50C6B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe | 

"{B1E9DC40-2AE6-410C-A7E4-472DA712CEA2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\kentuckyroutezero\kentuckyroutezero.exe | 

"{B2B8CF8D-0D86-41FC-9EB6-6CAAD02E218F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe | 

"{B31B28DF-0DB7-419B-910C-5839657A0788}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thievesgambitcurseoftheblackcat\thievesgambitcurseoftheblackcat.exe | 

"{B3F76875-4675-49BE-BF8B-7F8F1FE65C61}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe | 

"{B43DFF8E-D85E-4FC3-BC1F-D86F533DAE6D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | 

"{B6778EB7-E0FD-4430-A169-2E2E28A011A1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cinders\cinders.exe | 

"{B87B5401-A081-4179-BC86-12F0E91B4879}" = protocol=17 | dir=in | app=c:\program files (x86)\nuance\pdf professional 8\bin\gaaihodoc.exe | 

"{BA17F4DA-5B9D-4168-806F-429BC315E016}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{BAF8A419-8FA4-426D-ABA5-43200D0D8E8F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 

"{BB2E37E6-F95D-4ECD-B3A6-76B4B3103C93}" = protocol=17 | dir=in | app=c:\users\XXX YYY\appdata\roaming\dropbox\bin\dropbox.exe | 

"{BBBBC9B9-DB6C-47F9-9B4F-0D90F22EAF7A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe | 

"{BE32B3AF-4089-49B2-94FD-A2C4FA8E8D74}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{BE6CC741-50E4-4DA0-B92D-92D3B58F9CD5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe | 

"{BF34B154-B45B-445F-8C5D-4583A9963FEF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gods will be watching\gwbw.exe | 

"{BFE764E3-861F-441A-9A94-B7E9DEDAB0CD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\frozen synapse\frozensynapse.exe | 

"{C0034611-D367-4541-BF8C-5837231C7E59}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\monster loves you!\monsterlovesyou.exe | 

"{C175F619-7418-4344-95A4-FE74F735CBC9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2753\agent.exe | 

"{C17CA9E8-B134-4B54-8A3D-CC0E69679E8A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3526\agent.exe | 

"{C2130A43-640A-42E3-9120-7DB74A8CD1C0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe | 

"{C2C75672-63A0-4433-84D1-55B2C9FC45D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hotline_miami\hotlinemiami.exe | 

"{C53FE17B-7C00-4089-9614-9A22ABA04258}" = dir=in | app=c:\program files (x86)\audials\audials 10\audials.exe | 

"{C648378E-BB72-4D0A-BFFB-B0BC6F2907AA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\valiant hearts\valiant hearts.exe | 

"{C8A264EB-517C-46EC-B652-A4199CD67A34}" = protocol=6 | dir=in | app=c:\program files (x86)\nuance\pdf professional 8\pdfpro8hook.exe | 

"{C8BCFE36-8939-4386-8439-57CD050480AC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe | 

"{C8C8F3F9-002C-4AE4-A041-6B40E58410AB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 

"{C8D4A43C-1E26-464C-B0FF-057054BECE4E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 

"{CA2675A9-0B2D-4136-954E-E0A473509FDE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe | 

"{CB7DF63E-8EFF-448A-B6BC-CD2D629B4284}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 

"{CC2BCD2E-C9D4-41C9-B268-1AA62EE4C9C4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2787\agent.exe | 

"{CE95BD6D-16AC-4063-BF8C-09C89DD0BBB6}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 

"{D16605B5-0AFC-4C75-9DF7-23FA864E50DE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\choiceofthedeathless\choiceofthedeathless.exe | 

"{D320729E-534F-42AA-A42A-E61AC051C436}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sokobond\sokobond.exe | 

"{D4E11A18-2900-4404-9032-5FECEA775B25}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe | 

"{D50F3439-5402-4502-8290-EBE7563FB420}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\7 grand steps 01\7 grand steps.exe | 

"{D5506D8C-AD9A-4601-8014-0030E5D4543D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{D641E5C4-1700-4C35-BB1A-306C3BAB5BC5}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | 

"{D8AAFEE6-1597-4AAC-AE4B-8588238131E4}" = dir=in | app=c:\users\XXX YYY\appdata\local\microsoft\skydrive\skydrive.exe | 

"{D9036449-3238-4C51-A128-716A34737085}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\coj gunslinger\cojgunslinger.exe | 

"{D9C1BF69-B35A-4B19-872D-3AF4682F2907}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pixel piracy\pixelpiracy.exe | 

"{DB51673B-05C4-4F7F-8B68-15E7B308025E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 

"{DBC55C1E-E0B6-41FA-A074-8DD35CF0D343}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chainsawwarrior\cwsteam1.2a.exe | 

"{DBEB6B5F-A7D1-4644-AF01-05F013B63736}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{DBF84447-E69D-4C8E-BDB6-7F9F9DE37932}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{DDA7D390-04DC-4B8C-BDD3-A455938E44A7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\world of goo\worldofgoo.exe | 

"{DDB9D844-7317-4E96-A1B8-78262BA403CE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thebridge\the bridge.exe | 

"{DE69B345-949F-47D6-9382-300C1DFBDBC4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 

"{E14058B7-CFB4-46AE-9AEE-CBE7D775628D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chainsawwarrior\cwsteampc.exe | 

"{E145C576-F932-4B8A-9C27-CAD74796F655}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe | 

"{E29A7063-5DD8-43A3-B887-C9B90AEE1E5E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\psyhigh\psyhigh.exe | 

"{E37B7EF4-AFDE-4FA7-A366-09FAA452BB62}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\uplink\uplink.exe | 

"{E3D8BC56-AA0C-4347-A7CE-AC4E65C8A409}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | 

"{E4D643EF-8C39-4654-8CAA-F50F44804874}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\luftrausers\bin\luftrausers.exe | 

"{E53539E5-3FF8-44AB-8E7F-42E5B36E889C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | 

"{E7F3A7F5-EB92-4D96-9D0D-2B46A5ED5EF8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chainsawwarrior\cwsteam1.2a.exe | 

"{E8639517-ACC3-435A-AEE1-B84F5B8D7C8A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{E8FA622B-6490-42DB-A1F9-9F760961C37C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 

"{ECA61226-C8EC-4F61-A478-37A2A92D448F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe | 

"{ECA77D72-5928-49EE-9418-9DC9AF3A9A46}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 

"{F176D770-0F15-416C-BECF-0B74B9C5CF6C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chuzzle deluxe\chuzzle.exe | 

"{F201D8BE-C56B-42B1-8EA4-8545C34B0B83}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thirty_flights_of_loving\tfol.exe | 

"{F2218791-0F27-4224-9FB6-A69F23D2A97B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 

"{F2F696B5-723B-497E-B9C9-F968660F2CC2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe | 

"{F3C09EA6-CAD4-4C9D-A81E-698B455802C0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\coj gunslinger\cojgunslinger.exe | 

"{F41BC041-62E3-43BE-8AFF-A48D2F6FD9FC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chuzzle deluxe\chuzzle.exe | 

"{F4639785-E7C7-4BFD-9326-49A1C98D0541}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2293\agent.exe | 

"{F5392D4E-B5EA-434B-B194-549A5DD5F28C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deathskidmarks\deathskidmarks.exe | 

"{F659472E-5192-4F43-BA85-DD7B9D991F0E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\luftrausers\bin\luftrausers.exe | 

"{F6F861EC-D738-45D3-9160-7DA21636A4E8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bad hotel\badhotel.exe | 

"{F717BB1A-76E6-44DD-8371-68063E5FB41C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3526\agent.exe | 

"{F88DDCBD-1C32-4CB6-BE97-8B755B0ADDC6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{F8980643-C42C-4E19-AE8E-B013147CFB14}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 

"{FA37396B-A15B-4CD8-8FD2-0D3D407E282F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 

"{FB250DF9-47FE-4F80-A217-028759EC197B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2293\agent.exe | 

"{FCD88F62-B7D6-4509-882F-C2B9A2DFB843}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\papersplease\papersplease.exe | 

"{FF41C6E5-4AEF-4A9B-B054-69D24A07FA8D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe | 

"{FFD325A6-6E9C-4A4C-BB16-DB5BBDEA4C44}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"TCP Query User{41E2BC74-E6A8-458B-BF2D-77999F849E9C}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe | 

"TCP Query User{7306D5E0-4038-4711-ABC0-ED77928EECCC}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe | 

"TCP Query User{7D8A0A29-7A26-44C7-94F3-BB7B5F8B0702}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base28667\sc2.exe | 

"TCP Query User{7E0A3558-D051-4C63-9B4D-5F1E25B12B9A}C:\users\XXX YYY\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe" = protocol=6 | dir=in | app=c:\users\XXX YYY\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe | 

"TCP Query User{93DCFAB4-2EAB-406F-9BC4-1E54F4AD1E3B}C:\program files (x86)\hearthstone\hearthstone.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe | 

"TCP Query User{99019B52-1BB4-4FF3-AF89-C65658D03EC7}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe | 

"TCP Query User{9D26D9CD-E748-402A-BF1A-7AD11A06A15E}C:\users\XXX YYY\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\XXX YYY\appdata\roaming\dropbox\bin\dropbox.exe | 

"TCP Query User{A2D0B27B-1622-437D-B6FB-67F66E338FDC}C:\users\XXX YYY\appdata\local\temp\keygen.exe" = protocol=6 | dir=in | app=c:\users\XXX YYY\appdata\local\temp\keygen.exe | 

"TCP Query User{B62A04FC-8BF7-488F-9389-76DE581F8ADD}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe | 

"TCP Query User{E1415188-21C3-4923-A617-04D237609E70}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 

"TCP Query User{F250CFED-67B1-4329-A096-F2D45A06EF99}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base28667\sc2.exe | 

"UDP Query User{0C4BE49E-9563-4FBD-AD7A-67106C6EF1BC}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe | 

"UDP Query User{16847C87-2931-4C2D-868D-EB9E4D56B3C4}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base28667\sc2.exe | 

"UDP Query User{2A81068D-663F-446A-8047-8B0A42A50B1E}C:\users\XXX YYY\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe" = protocol=17 | dir=in | app=c:\users\XXX YYY\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe | 

"UDP Query User{3B3C3F1A-1775-4224-80FE-313EDD3F3786}C:\program files (x86)\hearthstone\hearthstone.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe | 

"UDP Query User{6712700A-2688-45C0-BF78-E6CF784ABCF1}C:\users\XXX YYY\appdata\local\temp\keygen.exe" = protocol=17 | dir=in | app=c:\users\XXX YYY\appdata\local\temp\keygen.exe | 

"UDP Query User{67B25918-80FE-428A-82A9-C6EE51ECE401}C:\users\XXX YYY\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\XXX YYY\appdata\roaming\dropbox\bin\dropbox.exe | 

"UDP Query User{79C0A985-B13D-42BC-9EB9-AB02983F41D2}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 

"UDP Query User{9E18685F-B363-4A46-BBA9-9B3487290BD1}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base28667\sc2.exe | 

"UDP Query User{A044C5B5-CE76-456F-BF94-4649B01F5D8E}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe | 

"UDP Query User{BD264D43-C7D1-4611-BD8D-908D0B0F683A}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe | 

"UDP Query User{E8F34B47-07BF-4E88-A684-FDE9BF790B96}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0F841121-4DB6-4B31-839F-7F5AB3BB3423}" = Protector Suite 2009

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{25058321-C33E-496B-8915-6FD64D362CAF}" = Windows Live MIME IFilter

"{26A24AE4-039D-4CA4-87B4-2F86417045FF}" = Java 7 Update 45 (64-bit)

"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610

"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6619085B-A9D5-4DDD-800B-964903EAF546}" = Microsoft Lync Web App Plug-in

"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64

"{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}" = VAIO Care Recovery

"{72EF03F5-0507-4861-9A44-D99FD4C41418}" = Paint.NET v3.5.11

"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610

"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010

"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.GuardService" = NVIDIA Guard Service 1.3

"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)

"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{D16A2127-B927-4379-B153-3DEC091E4EEB}" = Intel(R) PROSet/Wireless WiFi-Software

"{D9FFE40D-1A85-4541-992C-5EF505F391A4}" = VAIO Care

"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64

"{EF3293DE-FCAC-4742-91BF-AD0174143FC3}" = HP Deskjet 3050 J610 series - Grundlegende Software für das Gerät

"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64

"Canon UFR II Printer Driver" = Deinst. f. Druckertreiber UFR II

"NVIDIA Drivers" = NVIDIA Drivers

"O365HomePremRetail - de-de" = Microsoft Office 365 - de-de

"ProInst" = Intel PROSet Wireless

"Recuva" = Recuva

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"TOP" = TOP

"WinRAR archiver" = WinRAR 5.01 beta 1 (64-bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}" = Windows Live Writer

"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery

"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network

"{0BE9E708-5DC0-4963-9CFD-0AA519090E79}" = Junk Mail filter update

"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse

"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common

"{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1" = Wondershare Dr.Fone for Android(Build 4.8.1.136)

"{1F4E59C0-EE31-47EE-BCC3-1A73C3F023BF}" = Qualcomm Gobi 2000 Package for Sony

"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder

"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0

"{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics

"{30827CFE-8B67-9DF9-580F-78BAA616E50E}" = simfy

"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7

"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology

"{41BF4A3B-D60A-4E92-883F-C88C8C157261}" = Fotogalerie

"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform

"{462A1E00-58EA-4D63-96F4-3EFAEC9A5BCA}" = Avira

"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support

"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool

"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync

"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen

"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper

"{636E94DA-99C0-448F-A931-3DAD83B4975F}" = SharpKeys

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer

"{66233218-CA57-4AB2-BA43-A97AA4635960}" = Windows Live Essentials

"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband

"{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = 

"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update

"{70991E0A-1108-437E-BA7D-085702C670C0}" = 

"{70C91B91-61E8-4D06-86D6-A9DCC291983A}" = Movie Maker

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{714E162E-CD4F-4F1B-8302-7F5179409C25}" = Windows Live Writer

"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center

"{77D28FF5-242F-488A-8215-937D6A4D69E0}" = Adobe AIR

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = 

"{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool

"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 

"{87DABDEA-47A4-4182-AA7C-2C90DAAE3117}" = Photo Common

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110

"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010

"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010

"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010

"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010

"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010

"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010

"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010

"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010

"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010

"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010

"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component

"{90150000-008C-0407-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{955E4722-1480-4198-A144-65FA5F4446DA}" = Windows Live Writer

"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A781940-AC41-4D5E-8E1E-76A04B916FB9}" = Helium

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86

"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update

"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610

"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate

"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = 

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A951D5DA-4759-4C3B-9C36-C6BF30082A2F}" = Windows Live Writer Resources

"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager

"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Deutsch

"{AC7E7905-8C59-4806-A96D-30936A2B1FC5}" = Citrix Online Launcher

"{B23EE11C-66FA-4395-AB02-5F7103DC485C}" = Windows Live Messenger

"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform

"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default

"{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}" = Windows Live Mail

"{bd538030-07d4-4999-a525-7fafa2483f56}" = Avira

"{C5711BC2-2E1C-4556-9922-02BF2865A5EE}" = iMindMap 6

"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch

"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = 

"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions

"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86

"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh

"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver

"{D928A4B7-126D-47B6-AD76-9848E51E1426}" = Audials

"{DB083AE1-3354-4AAD-BD44-5F2CC4B2ECE6}" = VTech Download Agent Library

"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker

"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.18

"{E703613B-BDAB-433E-A66A-DE0263E3D35D}" = Windows Live Messenger

"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F7232FE1-BC35-4229-8D76-D49941FE9929}" = Windows Live Mail

"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote

"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Hilfe

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center

"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 

"{FC071B45-4A5F-408F-92F8-4D9D693E866F}" = Windows Live UX Platform Language Pack

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX

"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI

"Avira AntiVir Desktop" = Avira Free Antivirus

"Battle.net" = Battle.net

"DED9B6BE-2B04-4799-A88F-8BBF4D114AAF_is1" = TBBackup 2 (Freiversion)

"DivX Setup" = DivX-Setup

"FastStone Capture" = FastStone Capture 5.3

"Google Chrome" = Google Chrome

"Internet Manager" = Internet Manager

"julitecCRM_is1" = julitecCRM 7.5

"Long Live The Queen_is1" = Long Live The Queen (Demo) 1.0

"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.0.4.1028

"MarketingTools" = VAIO Marketing Tools

"Mozilla Firefox 35.0.1 (x86 de)" = Mozilla Firefox 35.0.1 (x86 de)

"Mozilla Thunderbird 31.4.0 (x86 de)" = Mozilla Thunderbird 31.4.0 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"Office14.PROPLUS" = Microsoft Office Professional Plus 2010

"OpenAL" = OpenAL

"RaidCall" = RaidCall

"Razer Core" = Razer Core

"Simfy" = simfy

"Steam App 12500" = Puzzle Quest

"Steam App 1510" = Uplink

"Steam App 204240" = The Bridge

"Steam App 212680" = FTL: Faster Than Light

"Steam App 214700" = Thirty Flights of Loving

"Steam App 219150" = Hotline Miami

"Steam App 22000" = World of Goo

"Steam App 226740" = Monster Loves You!

"Steam App 231200" = Kentucky Route Zero

"Steam App 231720" = Bad Hotel

"Steam App 233150" = LUFTRAUSERS

"Steam App 238930" = 7 Grand Steps, Step 1: What Ancients Begat

"Steam App 239030" = Papers, Please

"Steam App 251710" = Chainsaw Warrior

"Steam App 260230" = Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™

"Steam App 262060" = Darkest Dungeon

"Steam App 262450" = Dead Man's Draw

"Steam App 264140" = Pixel Piracy

"Steam App 274290" = Gods Will Be Watching

"Steam App 290260" = Sokobond

"Steam App 293680" = Cinders

"Steam App 318310" = Choice of the Deathless

"Steam App 326150" = Death Skid Marks

"Steam App 328550" = Thieves' Gambit: Curse of the Black Cat

"Steam App 3300" = Bejeweled 2 Deluxe

"Steam App 3310" = Chuzzle Deluxe

"Steam App 3320" = Insaniquarium! Deluxe

"Steam App 339510" = Psy High

"Steam App 3590" = Plants vs. Zombies: Game of the Year

"Steam App 98200" = Frozen Synapse

"TeamViewer 9" = TeamViewer 9

"TreeSize Free_is1" = TreeSize Free V2.7

"VAIO Help and Support" = 

"VAIO screensaver" = VAIO screensaver

"VTechDownloadManager" = VTech Download Manager

"WinLiveSuite" = Windows Live Essentials

"XnView_is1" = XnView 2.22

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"ActiveTouchMeetingClient" = Cisco WebEx Meetings

"Dropbox" = Dropbox

"GoXXXeeting" = GoXXXeeting 6.0.0.1259

"OneDriveSetup.exe" = Microsoft OneDrive

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 10.02.2015 11:05:02 | Computer Name = XXXYYY-VAIO | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030,

 Zeitstempel: 0x5476d099  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,

 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000007fe927eaa71

ID

 des fehlerhaften Prozesses: 0xf90  Startzeit der fehlerhaften Anwendung: 0x01d044b37be3b110

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VCAgent.exe  Pfad des

 fehlerhaften Moduls: unknown  Berichtskennung: 2fbe96c6-b136-11e4-8008-0024bed7ff33

 

Error - 10.02.2015 11:13:52 | Computer Name = XXXYYY-VAIO | Source = VmbService | ID = 0

Description = GetProcessOwner

 

Error - 10.02.2015 13:05:14 | Computer Name = XXXYYY-VAIO | Source = .NET Runtime | ID = 1026

Description = 

 

Error - 10.02.2015 13:05:15 | Computer Name = XXXYYY-VAIO | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030,

 Zeitstempel: 0x5476d099  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,

 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000007fe942aaa71

ID

 des fehlerhaften Prozesses: 0xab0  Startzeit der fehlerhaften Anwendung: 0x01d04545f56955ba

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VCAgent.exe  Pfad des

 fehlerhaften Moduls: unknown  Berichtskennung: fb4c71f3-b146-11e4-8937-0024bed7ff33

 

Error - 11.02.2015 10:25:24 | Computer Name = XXXYYY-VAIO | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500,

 Zeitstempel: 0x54c1f9f3  Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500,

 Zeitstempel: 0x54c1f224  Ausnahmecode: 0x80000003  Fehleroffset: 0x00001425  ID des fehlerhaften

 Prozesses: 0x1794  Startzeit der fehlerhaften Anwendung: 0x01d045dd26db1aa4  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll  Berichtskennung:

 d0750001-b1f9-11e4-b649-0024bed7ff33

 

Error - 11.02.2015 10:26:41 | Computer Name = XXXYYY-VAIO | Source = .NET Runtime | ID = 1026

Description = 

 

Error - 11.02.2015 10:26:41 | Computer Name = XXXYYY-VAIO | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030,

 Zeitstempel: 0x5476d099  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,

 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000007fe93fbaeb1

ID

 des fehlerhaften Prozesses: 0x17f4  Startzeit der fehlerhaften Anwendung: 0x01d045ddab418f50

Pfad

 der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VCAgent.exe  Pfad des

 fehlerhaften Moduls: unknown  Berichtskennung: febe3e5e-b1f9-11e4-b649-0024bed7ff33

 

Error - 11.02.2015 10:27:27 | Computer Name = XXXYYY-VAIO | Source = Avira Service Host | ID = 0

Description = Fehler beim Verarbeiten von Sitzungsänderung. System.NullReferenceException:

 Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.     bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription

 changeDescription)     bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32

 eventType, Int32 sessionId)

 

Error - 11.02.2015 10:50:11 | Computer Name = XXXYYY-VAIO | Source = Application Hang | ID = 1002

Description = Programm DeadMansDraw.exe, Version 0.0.0.0 kann nicht mehr unter Windows

 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,

 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 168c    Startzeit:

 01d04609e9f8941f    Endzeit: 2773    Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Dead

 Mans Draw\DeadMansDraw.exe    Berichts-ID: 3ed509c4-b1fd-11e4-bd64-0024bed7ff33  

 

Error - 11.02.2015 11:06:06 | Computer Name = XXXYYY-VAIO | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: FRST64.exe, Version: 11.2.2015.1,

 Zeitstempel: 0x54db6942  Name des fehlerhaften Moduls: FRST64.exe, Version: 11.2.2015.1,

 Zeitstempel: 0x54db6942  Ausnahmecode: 0xc00000fd  Fehleroffset: 0x0000000000014c33

ID

 des fehlerhaften Prozesses: 0x1898  Startzeit der fehlerhaften Anwendung: 0x01d0460c161067db

Pfad

 der fehlerhaften Anwendung: C:\Users\XXX YYY\Desktop\FRST64.exe  Pfad des fehlerhaften

 Moduls: C:\Users\XXX YYY\Desktop\FRST64.exe  Berichtskennung: 805f71b4-b1ff-11e4-bd64-0024bed7ff33

 

[ ESRV_SVC Events ]

Error - 09.01.2015 05:26:38 | Computer Name = XXXYYY-VAIO | Source = ESRV_SVC | ID = 2

Description = 

 

Error - 09.01.2015 15:12:56 | Computer Name = XXXYYY-VAIO | Source = ESRV_SVC | ID = 2

Description = 

 

Error - 10.01.2015 05:18:59 | Computer Name = XXXYYY-VAIO | Source = ESRV_SVC | ID = 2

Description = 

 

Error - 18.01.2015 07:07:20 | Computer Name = XXXYYY-VAIO | Source = ESRV_SVC | ID = 2

Description = 

 

Error - 19.01.2015 05:18:30 | Computer Name = XXXYYY-VAIO | Source = ESRV_SVC | ID = 2

Description = 

 

Error - 19.01.2015 08:32:22 | Computer Name = XXXYYY-VAIO | Source = ESRV_SVC | ID = 2

Description = 

 

Error - 19.01.2015 09:17:08 | Computer Name = XXXYYY-VAIO | Source = ESRV_SVC | ID = 2

Description = 

 

Error - 26.01.2015 04:39:38 | Computer Name = XXXYYY-VAIO | Source = ESRV_SVC | ID = 2

Description = 

 

Error - 26.01.2015 08:54:29 | Computer Name = XXXYYY-VAIO | Source = ESRV_SVC | ID = 2

Description = 

 

Error - 28.01.2015 04:37:28 | Computer Name = XXXYYY-VAIO | Source = ESRV_SVC | ID = 2

Description = 

 

[ System Events ]

Error - 10.02.2015 11:21:19 | Computer Name = XXXYYY-VAIO | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%2

 

Error - 10.02.2015 11:21:19 | Computer Name = XXXYYY-VAIO | Source = Service Control Manager | ID = 7000

Description = Der Dienst "PDFProFiltSrv" wurde aufgrund folgenden Fehlers nicht 

gestartet:   %%2

 

Error - 11.02.2015 05:26:54 | Computer Name = XXXYYY-VAIO | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 Internet Manager. OUC erreicht.

 

Error - 11.02.2015 05:26:54 | Computer Name = XXXYYY-VAIO | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%1053

 

Error - 11.02.2015 05:26:54 | Computer Name = XXXYYY-VAIO | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%2

 

Error - 11.02.2015 05:26:54 | Computer Name = XXXYYY-VAIO | Source = Service Control Manager | ID = 7000

Description = Der Dienst "PDFProFiltSrv" wurde aufgrund folgenden Fehlers nicht 

gestartet:   %%2

 

Error - 11.02.2015 10:27:24 | Computer Name = XXXYYY-VAIO | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 Internet Manager. OUC erreicht.

 

Error - 11.02.2015 10:27:24 | Computer Name = XXXYYY-VAIO | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%1053

 

Error - 11.02.2015 10:27:24 | Computer Name = XXXYYY-VAIO | Source = Service Control Manager | ID = 7000

Description = Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%2

 

Error - 11.02.2015 10:27:24 | Computer Name = XXXYYY-VAIO | Source = Service Control Manager | ID = 7000

Description = Der Dienst "PDFProFiltSrv" wurde aufgrund folgenden Fehlers nicht 

gestartet:   %%2

 

[ USER_ESRV_SVC Events ]

Error - 05.12.2014 06:33:57 | Computer Name = XXXYYY-VAIO | Source = USER_ESRV_SVC | ID = 2

Description = 

 

Error - 05.12.2014 06:33:57 | Computer Name = XXXYYY-VAIO | Source = USER_ESRV_SVC | ID = 2

Description = 

 

Error - 05.12.2014 06:33:57 | Computer Name = XXXYYY-VAIO | Source = USER_ESRV_SVC | ID = 2

Description = 

 

Error - 05.12.2014 06:33:57 | Computer Name = XXXYYY-VAIO | Source = USER_ESRV_SVC | ID = 2

Description = 

 

Error - 30.12.2014 09:58:22 | Computer Name = XXXYYY-VAIO | Source = USER_ESRV_SVC | ID = 2

Description = 

 

Error - 30.12.2014 09:58:22 | Computer Name = XXXYYY-VAIO | Source = USER_ESRV_SVC | ID = 2

Description = 

 

Error - 30.12.2014 09:58:22 | Computer Name = XXXYYY-VAIO | Source = USER_ESRV_SVC | ID = 2

Description = 

 

 

< End of report >