| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Adware V9 und WebCake löschenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
31.05.2013, 15:16
| #1 |
| |  Adware V9 und WebCake löschen Hi Leute Ich war schon einige zeit nicht am PC gewesen als ich plötzlich aus dem Augenwikel mitbekam das sich Chrome schloss und der Explorer neustartete. Als ich dann gucken gegangen bin ist überall dieses V9 und Webcake installiert gewesen. In der Systemsteuerung wurden ca. 5 neue Programme gelistet die ich nicht installiert habe. Natürlich habe ich sie deinstalliert aber die Adware bleibt trotzdem. Auch die Durchführung von Adware Cleaner und virenprogramm brachte kein erfolg Das Problem ist jetzt V9 bleibt als Startseite selbst bei Umstellung WebCake lässt sich nicht deinstallieren und bleibt im autostart Wie kann ich diese Probleme beheben? Was könnte dieses Programm noch angerichtet haben bzw. besteht ein Risiko sodass ich Windows neuinstallieren sollte? |
|
31.05.2013, 15:28
| #2 |
| /// the machine /// TB-Ausbilder    | Adware V9 und WebCake löschen Hi,
__________________Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
__________________ |
|
31.05.2013, 16:16
| #3 |
| | Adware V9 und WebCake löschen Extras
__________________[SPOILER] OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 31.05.2013 16:36:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Max\Desktop
Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 0,70 Gb Available Physical Memory | 21,56% Memory free
5,37 Gb Paging File | 1,59 Gb Available in Paging File | 29,50% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,45 Gb Total Space | 9,57 Gb Free Space | 8,58% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 284,55 Gb Free Space | 61,09% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: BIG-UP | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{152D92E7-8E02-4B39-94CE-7ADF899D4672}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1E45F738-3AB2-407F-9739-8922CF3BA327}" = rport=137 | protocol=17 | dir=out | app=system |
"{2BD8381A-8721-44B5-A56B-152EF220B3F7}" = rport=445 | protocol=6 | dir=out | app=system |
"{36E2478C-F229-4408-8D41-70957465816E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{416BEEAD-46DC-47AF-93DC-9F9853E3C9A2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4660B6FE-768B-48B5-B970-F8410C2A5F7B}" = lport=138 | protocol=17 | dir=in | app=system |
"{54A3B772-6758-4C4A-BA50-DDE07E585D02}" = rport=139 | protocol=6 | dir=out | app=system |
"{60E35ED8-2E4E-40CA-B948-177A8C1D18AE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76DD3D63-20FC-4365-AA44-E715751129BF}" = lport=58333 | protocol=17 | dir=in | name=pando media booster |
"{79BC3586-4FAE-4990-B805-171CE7EDF26A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D345814-59DC-4842-B937-1E8B46E7F14B}" = lport=137 | protocol=17 | dir=in | app=system |
"{91323F3F-A088-4A0C-9271-5849727694D7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{92A7A5F3-1519-429A-B3A3-C95DB16F45E6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{99BA8B05-D36A-47E0-91BA-2CCD7D23684C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A14149B2-6034-4E70-ACA8-0761ABBB1FE6}" = lport=445 | protocol=6 | dir=in | app=system |
"{A92B76A5-B5D4-440F-9F98-DB926C816C89}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AA512DCC-AAFE-4A57-AEEE-C7439DB4EB23}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BDB67B06-2073-43FF-9339-8D7428AE4DDD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BE9E1B1F-7965-432C-BD07-D06DEC419607}" = rport=138 | protocol=17 | dir=out | app=system |
"{C34E7429-AB90-4715-B853-53E105F1817E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E2ED7DAE-FD9F-47E4-B18D-FA2CD42CE8A5}" = lport=58333 | protocol=6 | dir=in | name=pando media booster |
"{E6E883A8-D9EC-4981-887C-3C7BF92BC730}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F51E6035-EC58-4F44-8A73-BB55DB3112DB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{F546113D-2852-4B91-B5D1-A34EF11596F8}" = lport=139 | protocol=6 | dir=in | app=system |
"{F5FDA60E-4CF4-4149-B1ED-BE5D9279B703}" = lport=58333 | protocol=6 | dir=in | name=pando media booster |
"{FC5A3006-24B2-4BC4-9D65-44C9470858AA}" = lport=58333 | protocol=17 | dir=in | name=pando media booster |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00831140-990F-4250-B185-3DD16CBC96C6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{074792DA-641B-480F-B48F-C31C6024B94F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0C204113-2002-4A12-B6A5-9561B007CD51}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{12A355B6-16C7-4315-A9C0-3392E1D22322}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{12EE3F50-AC82-479D-8FCE-3F0CBD74AEF6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{145DBBEE-DAB8-410E-896F-6DF279E98518}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{177375AE-EF6C-4DFB-B19A-7BB454C82B18}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 16\programs\rm.exe |
"{1B6808FA-91FE-4AFD-952A-DF4FC24B3FA5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1DE6D565-3B67-41AD-85A2-69C0F575468F}" = dir=in | app=c:\program files\vmware\vmware workstation\vmware-hostd.exe |
"{2680F683-8E11-4766-BC82-CF26B8E51203}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{29944163-B7BD-4880-B24D-BB4AF724CA3D}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2DF101C9-F3FF-4A4C-AFB5-183E891B842E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{344A4E5A-46D2-4107-9AEA-AAACE3A27D93}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{35731A2F-07CB-4C65-87D7-3E25920BC452}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{38F82E63-9037-429C-B5D5-F1E55B31316E}" = dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe |
"{395123E5-289B-4146-8A30-CD53C47D98EB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3A3014C4-75EC-49C7-97AC-30ACFB0D97C0}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{3D944803-25BE-4A00-BEB6-320C359EB2A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3DD13650-D33F-4D37-8F8E-13B8B10E5F31}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{3F412B2E-9365-4771-A00F-EB8FED74F6E5}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{418DF503-33CC-41E3-BA94-97C3C70D6156}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{420A351C-40F7-4C35-A73C-5DE3C84B26BC}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{42B9D6B2-D370-49BF-BFD4-F62753BADF15}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{45FB914B-2720-4214-B016-3627A9A3BA2E}" = protocol=17 | dir=in | app=c:\program files\mungoserver\mungoserver.exe |
"{4C6836EF-30C9-4A7E-9E8E-27FC7F604BBF}" = dir=out | name=youtube player |
"{4D4A5781-37DD-481A-9BEA-4202625EA21B}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{4E135714-DFFF-46F1-9740-1D716CA13272}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4E909780-F4E8-4323-9407-841446A998E6}" = dir=out | name=dropbox |
"{4E9B1DAF-CF10-47DC-BA9B-050F3CA2E5B3}" = protocol=17 | dir=in | app=c:\program files\origin games\need for speed(tm) most wanted\nfs13.exe |
"{4ED628A7-FBEF-46FF-8023-47836768096E}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{50AC834B-588F-487C-8DFB-9658857F03E9}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{53FF59DB-809F-45C3-85B4-825426030CCE}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{54ADD778-A81C-4D63-AC4D-B1B96A3994BA}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{555E4910-67CF-4074-A1A7-A16839153737}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{578680A9-4364-46DB-8AEC-D7EBFB1B4008}" = dir=in | name=@{microsoft.bing_1.2.0.137_x86__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{58DB0533-D631-4D56-B43A-DDDA346DDF18}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{66556C2E-CAFD-4EA5-8029-5A315664B2F2}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{6C37AA55-50D8-4DC2-AA88-2575C5B310EB}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{6D8561E9-3556-41AD-8E37-E924B15791EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7069470A-7AAE-438C-B2B7-758C66CD9C79}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 16\programs\umi.exe |
"{72E0CE97-AD14-4943-A09D-E19318A4C6AC}" = dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe |
"{738DD578-1B12-47B3-8EC3-F48B31F0D2E2}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{775A2F59-23AA-4CED-8B3E-14BFF865C616}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{77C2D87D-0E8C-482E-A214-64BC5D93F597}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{7A1E0DB9-AB61-45E4-B909-7444CDEAA1C7}" = dir=in | app=c:\program files\splashtop\splashtop remote\server\srfeature.exe |
"{7EAF26E3-D57C-4D19-AAD1-BA48A137810A}" = protocol=17 | dir=in | app=c:\program files\airvideoserver\airvideoserver.exe |
"{7F38DE65-7020-490D-A7EC-172FF1CC5663}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{818E9D17-BFA3-4FB8-897F-A5D266DB6CA5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{818F8751-9936-4BF4-9304-423633CFF7D5}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{8832D552-6C72-49F6-8541-76352C71A7B8}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{8850B6D3-FA1A-4D37-8B03-AFB84EF15A30}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{890E5CDD-B0B8-4B6F-BA1E-3467B9B20938}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{8A937993-0533-4E3F-BDAE-0D76BD59B5E5}" = dir=out | name=@{microsoft.bing_1.2.0.137_x86__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{8CA8F28E-2268-4A39-88CD-5BB90ECE9E17}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{9109BCEE-BE76-425B-9E46-38774C8267B6}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 16\programs\rm.exe |
"{91A93FAB-D9FB-4A67-9023-5884ED45F6B0}" = protocol=6 | dir=in | app=c:\program files\airvideoserver\airvideoserver.exe |
"{93BD8346-87D1-4AFD-A699-CA23F1EF7942}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{94E185C6-E22A-4440-8D88-73D6D7C82685}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{96CF46A8-B96A-4D63-A3CD-841379AB4C71}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{97EC4857-362B-4BFD-9CE0-1F61BE2CEC6C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{986BC035-C617-42B8-94E9-461D92126B1F}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 16\programs\ngstudio.exe |
"{9B7E937E-97C7-4E15-8925-989863F19BCF}" = dir=out | name=shazam |
"{A1729EA2-37E2-4C83-BFFD-D74C189A1A46}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{A2C2F30D-5263-41B0-9CC7-FA624431C511}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A3B8B804-4663-4916-B022-469AB4BDA0EF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{A4B7E3A9-4E1E-4498-9AE3-FEC93F07E306}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{A56F3994-65E1-4600-A048-F1119AA49382}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{A71F307F-AFB5-46DA-8F5E-C85FEE7BAF5F}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{A92E9BEF-FF54-4C79-83D3-5858352B052A}" = protocol=6 | dir=in | app=c:\program files\origin games\need for speed(tm) most wanted\nfs13.exe |
"{AC012610-1FD5-4B07-ADC8-3AFE2605F817}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{AD0B20CF-F7D5-4913-9271-E567902CE4CA}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{B26E2198-8C00-4F32-8DEB-D8A468591A58}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{B3760BB3-420C-43FE-885A-F4CBAF90AA22}" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe |
"{B3D5B478-D89F-416A-9C48-172C8C45E3DF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{B57DAF73-0B5E-4220-B5D1-73D3CC71788C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B70C961A-AB98-453D-AD25-E6CE5AF8C470}" = dir=out | name=wetter.com |
"{BAA72E45-B613-4F27-A57D-169284CDF331}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BAE3CF41-637A-44EE-A0A1-D51761058FD0}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 16\programs\ngstudio.exe |
"{BEE5624D-E489-4A16-AC44-B094F43589F2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{BFEF2737-58AE-4674-BC57-6B843FA50CD9}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{C1BACF44-839C-4570-A34A-9356D52DF0B0}" = protocol=6 | dir=out | app=system |
"{C39B3EDF-5065-408B-B069-A07BCDA9D8C8}" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe |
"{C6F4DBD5-B330-4D6B-8691-AEFDAAC11EED}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C9B06F40-7AB4-402B-B080-BFEB4049E0B5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{CA17C4A1-DC79-4EE6-A473-1CBB719EE1A9}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 16\programs\umi.exe |
"{CC77D791-2EB2-4046-AE04-36E9D92E24BB}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe |
"{CD7AB6E9-28C5-4B16-9F77-8DA7641BCB9C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5B29DEB-EA14-4F90-AAF1-EE621821E286}" = dir=in | app=c:\program files\splashtop\splashtop remote\server\srserver.exe |
"{DA496C72-5FE2-4E14-B328-DD04CA4DEE5B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{E152C2DF-0E92-4B51-BDE8-CE89F287E53F}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe |
"{E1AF5833-8298-4110-85B0-1438BEDE9286}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{E46E6C58-8F83-4524-B2EA-FE6DCF94D7FF}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E87C4EB6-6F4C-4E7F-8385-633B5F0CA2DD}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EB43C491-7F6B-4BBA-A9FA-E1548F6FAA15}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{ED48A939-C0CD-42B7-A124-6F2DA63527EA}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{EDCA7C34-DCE9-4722-83B2-378602CB45B6}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{F061C081-9543-416F-9851-0E3EE316680F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{F3EED2E0-7246-4E18-9EF1-BC0F4FB49592}" = dir=in | app=c:\program files\splashtop\splashtop remote\server\dataproxy.exe |
"{F453260D-4B09-40C8-81F0-EC87ACDE0A78}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{F76A02B4-00E4-4BDA-B201-E1034915E5AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F97E7225-ECAD-4BDA-A1FE-6644EC9712FE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA37C219-7B63-45D6-BFE8-307929DF27B1}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{FCC5DA6B-D56E-4EBF-A8EB-314FA92CE5F1}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FDD0162F-704C-4A1C-BABD-A6483196B338}" = protocol=6 | dir=in | app=c:\program files\mungoserver\mungoserver.exe |
"{FE8A1CB0-0770-4410-B636-86411BEB706F}" = dir=in | app=c:\program files\vmware\vmware workstation\vmware-hostd.exe |
"{FFB035EA-9734-4B40-94EF-E95AC8562CEB}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"TCP Query User{081FADD0-3C88-41BA-B637-719FDCA2D5FE}C:\users\max\downloads\tinyumbrella-6.14.00.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.14.00.exe |
"TCP Query User{1C17B19C-24D4-46CE-8FE0-A75EF6FF1E23}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe |
"TCP Query User{25428D71-F681-417A-83F7-7C2D65E2820C}C:\users\max\downloads\tinyumbrella-6.10.03a.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.10.03a.exe |
"TCP Query User{2CFA2336-1AB5-46CE-9DF4-5C8A45C1B76A}C:\program files\microsoft games\age of empires\empiresx.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires\empiresx.exe |
"TCP Query User{39D18F3C-88C7-4DAE-BA36-50F390D2AF4E}C:\users\max\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{3B07D36B-A9E7-4EB0-B988-5D098A6EA879}C:\program files\idisplay\idisplay.exe" = protocol=6 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"TCP Query User{48168398-93A7-4857-9AB7-2679C6479F49}C:\users\max\downloads\tinyumbrella-6.12.00 (1).exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.12.00 (1).exe |
"TCP Query User{6012DAC7-483B-4838-A3D4-44C926D6011A}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{6A03A445-3EA6-4F55-B979-0AA8247DC554}C:\program files\airserver\airserver\airserver.exe" = protocol=6 | dir=in | app=c:\program files\airserver\airserver\airserver.exe |
"TCP Query User{883D7E94-7845-4215-9DC3-20B670728047}C:\users\max\downloads\tinyumbrella-6.10.02a.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.10.02a.exe |
"TCP Query User{90F9564D-9D6A-4670-BF93-6B430B451C19}C:\program files\microsoft games\age of empires\empires.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe |
"TCP Query User{A50C559C-E970-49D3-B82B-85F8D800E5AA}C:\program files\ppöúêö\ihelper.exe" = protocol=6 | dir=in | app=c:\program files\ppöúêö\ihelper.exe |
"TCP Query User{D71780B1-DB09-43ED-84C2-61B72491A4FE}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{DC9ED4B1-CDD2-4730-B1B2-C5C692DFD6DA}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"TCP Query User{DEBCF471-DF75-4D9C-92D9-FF92C5ADDC6C}C:\users\max\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\spotify\spotify.exe |
"TCP Query User{E158C07E-EE9A-4A3E-A63D-728ABC404AFE}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{E2530282-9431-4776-B5D0-C8C414F83764}C:\users\max\downloads\tinyumbrella-6.12.00.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.12.00.exe |
"UDP Query User{07FEF969-78B6-4A46-9FC5-9A561B7A7C4F}C:\users\max\downloads\tinyumbrella-6.12.00.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.12.00.exe |
"UDP Query User{2EAA01C4-EBC4-411D-99F2-A4D1FEDE33BD}C:\program files\microsoft games\age of empires\empires.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe |
"UDP Query User{367FD042-9EED-494B-9CC7-92B38B19845B}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{3F689BB1-4B6D-44A8-B7AF-64355D610C6D}C:\users\max\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{47547050-C0E0-4BEC-AB80-8E0A223D22F5}C:\program files\idisplay\idisplay.exe" = protocol=17 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"UDP Query User{56E5C61D-EDFA-40DB-A4CB-26263FA71AD9}C:\users\max\downloads\tinyumbrella-6.10.03a.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.10.03a.exe |
"UDP Query User{58417BCB-B4BC-45F6-8759-C3BEE2F44B2D}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{5D5B4657-5878-49A5-8356-8E8301F461D5}C:\program files\ppöúêö\ihelper.exe" = protocol=17 | dir=in | app=c:\program files\ppöúêö\ihelper.exe |
"UDP Query User{7C9B5880-90DC-4BC1-9BB8-C9DC3C67EB7B}C:\users\max\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\spotify\spotify.exe |
"UDP Query User{820F1EC6-2B7C-4644-B536-C07D3245686D}C:\program files\microsoft games\age of empires\empiresx.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires\empiresx.exe |
"UDP Query User{A47D37D8-2D33-477C-A759-1A6D0696B748}C:\program files\airserver\airserver\airserver.exe" = protocol=17 | dir=in | app=c:\program files\airserver\airserver\airserver.exe |
"UDP Query User{A788E914-8CCC-4F0B-95E5-BC042C7C3BFA}C:\users\max\downloads\tinyumbrella-6.12.00 (1).exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.12.00 (1).exe |
"UDP Query User{A7DE4954-C0A6-4E01-A40A-C86E0F4341B8}C:\users\max\downloads\tinyumbrella-6.14.00.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.14.00.exe |
"UDP Query User{B03F4114-F0C6-474E-BD04-886592235515}C:\users\max\downloads\tinyumbrella-6.10.02a.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.10.02a.exe |
"UDP Query User{CBB4C071-9F76-43EB-A692-007A69C51E74}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe |
"UDP Query User{E64FF3F7-1313-4878-92EE-CA5C28821636}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"UDP Query User{FFE4BB1B-EFFC-4DE8-B0D0-0DCD00D7D9DB}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}" = Creative Pack Volume 1
"{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation
"{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}" = ScoreFitter Volumes 1-2
"{11E568E0-3244-4BCB-875E-F334269DFDCB}" = iTunes
"{178D71F4-DFB1-40EC-9D95-326FD8A3E7A0}" = Motion Graphics Toolkit for Studio
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}" = Pinnacle Studio 16
"{2864C41B-EF2D-4640-95A2-526276524519}" = Borland C++Builder 6
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung Magician
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CF172C5-F121-41FA-B0B0-0D49840BF003}" = Filmmaker's Toolkit for Studio
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{636E94DA-99C0-448F-A931-3DAD83B4975F}" = SharpKeys
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Treiber
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7D0F4ACC-698A-41B9-B1E2-17594988FBEF}" = Pinnacle Studio 16 - Standard Content Pack
"{88C4D8A6-9954-46A0-965D-92E55DAB8734}" = Premium Pack Volumes 1-2
"{8F3A1F92-C29F-4DF9-8459-B739A4831C69}_is1" = SUPER © +Recorder.2013.55 (Mar 7, 2013) Version +Recorder.2013.
"{90150000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0407-0000-0000000FF1CE}" = Microsoft Access MUI (German) 2013
"{90150000-0016-0407-0000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013
"{90150000-0018-0407-0000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013
"{90150000-0019-0407-0000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013
"{90150000-001A-0407-0000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013
"{90150000-001B-0407-0000-0000000FF1CE}" = Microsoft Word MUI (German) 2013
"{90150000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français
"{90150000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano
"{90150000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013
"{90150000-0044-0407-0000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013
"{90150000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013
"{90150000-0090-0407-0000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013
"{90150000-00A1-0407-0000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013
"{90150000-00BA-0407-0000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013
"{90150000-00E1-0407-0000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013
"{90150000-00E2-0407-0000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013
"{90150000-012B-0407-0000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{985ABEF0-B6CA-C8FE-C5F7-4B22D51918DC}" = WiMP 2.3.2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch
"{ACC27C6C-374D-4390-8154-4C79C728F462}" = AirServer
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E3D181F8-246B-497F-945E-6DB98CBA6677}" = Hollywood FX Volumes 1-3
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}" = Pinnacle Studio 16 - Install Manager
"{F7214014-27EE-4237-9978-2F9D1551559B}" = Title Extreme
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"0630-0716-3135-7887" = JDownloader 2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
"ASIO4ALL" = ASIO4ALL
"AutoHotkey" = AutoHotkey 1.1.09.02
"Axife Mouse Recorder DEMO_is1" = Axife Mouse Recorder DEMO 5.01
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1" = WiMP 2.3.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"DiskAid_is1" = DiskAid 5.46
"ESI - KeyControl49 Driver Setup" = ESI - KeyControl49 Driver
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"InstallShield_{178D71F4-DFB1-40EC-9D95-326FD8A3E7A0}" = Motion Graphics Toolkit for Studio
"InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"InstallShield_{4CF172C5-F121-41FA-B0B0-0D49840BF003}" = Filmmaker's Toolkit for Studio
"ipswDownloader" = ipswDownloader 1.6
"Mozilla Firefox 16.0 (x86 de)" = Mozilla Firefox 16.0 (x86 de)
"Mp3tag" = Mp3tag v2.55a
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"Origin" = Origin
"Picasa 3" = Picasa 3
"PPÖúÊÖ PC°æ" = PPÖúÊÖ PC°æ 0.8.8
"Splashtop Software Updater" = Splashtop Software Updater
"Synthesia" = Synthesia (remove only)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"TIPP10_is1" = TIPP10 Version 2.1.0
"VLC media player" = VLC media player 2.0.6
"VMware_Workstation" = VMware Workstation
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"MusicManager" = Music Manager
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.05.2013 19:16:54 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
Error - 26.05.2013 23:07:56 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
Error - 28.05.2013 01:23:52 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
Error - 28.05.2013 08:03:29 | Computer Name = Big-Up | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\ASIO4ALL
v2\a4apanel64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 29.05.2013 02:26:50 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
Error - 29.05.2013 11:46:42 | Computer Name = Big-Up | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“
ist folgender Fehler aufgetreten: -2144927140. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error - 30.05.2013 02:43:44 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
Error - 30.05.2013 11:42:09 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
Error - 30.05.2013 12:00:00 | Computer Name = Big-Up | Source = ESENT | ID = 455
Description = svchost (1888) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei
C:\Windows\system32\SRU\SRU005CF.log.
Error - 31.05.2013 02:21:51 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
[ System Events ]
Error - 23.05.2013 01:16:19 | Computer Name = Big-Up | Source = VDS Dynamic Provider | ID = 16908321
Description =
Error - 23.05.2013 01:16:42 | Computer Name = Big-Up | Source = VDS Dynamic Provider | ID = 16908321
Description =
Error - 23.05.2013 01:25:12 | Computer Name = Big-Up | Source = VDS Dynamic Provider | ID = 16908321
Description =
Error - 23.05.2013 15:13:20 | Computer Name = Big-Up | Source = DCOM | ID = 10016
Description =
Error - 23.05.2013 16:50:27 | Computer Name = Big-Up | Source = Service Control Manager | ID = 7034
Description = Dienst "Yontoo Desktop Updater" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 29.05.2013 07:26:08 | Computer Name = Big-Up | Source = Service Control Manager | ID = 7034
Description = Dienst "WinZiper service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 29.05.2013 11:23:51 | Computer Name = Big-Up | Source = DCOM | ID = 10010
Description =
Error - 29.05.2013 11:23:51 | Computer Name = Big-Up | Source = DCOM | ID = 10010
Description =
Error - 29.05.2013 11:30:21 | Computer Name = Big-Up | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?05.?2013 um 17:25:20 unerwartet heruntergefahren.
Error - 30.05.2013 11:27:33 | Computer Name = Big-Up | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?30.?05.?2013 um 17:26:14 unerwartet heruntergefahren.
< End of report >
[/SPOILER] OTL [SPOILER] OTL Logfile: Code:
ATTFilter OTL logfile created on: 31.05.2013 16:36:34 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Max\Desktop Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16580) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 0,70 Gb Available Physical Memory | 21,56% Memory free 5,37 Gb Paging File | 1,59 Gb Available in Paging File | 29,50% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 111,45 Gb Total Space | 9,57 Gb Free Space | 8,58% Space Free | Partition Type: NTFS Drive D: | 465,76 Gb Total Space | 284,55 Gb Free Space | 61,09% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: BIG-UP | User Name: Max | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Max\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\WebCake\WebCakeDesktop.Updater.exe (WebCake LLC) PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\ProgramData\Electronic Arts\Need For Speed World\Data\nfsw.exe (Electronic Arts) PRC - C:\Programme\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Programme\VideoLAN\VLC\vlc.exe (VideoLAN) PRC - C:\Windows\System32\taskhostex.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MsMpEng.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation) PRC - C:\Programme\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\LiveComm.exe (Microsoft Corporation) PRC - C:\Windows\System32\RuntimeBroker.exe (Microsoft Corporation) PRC - C:\Windows\System32\dasHost.exe (Microsoft Corporation) PRC - C:\Fraps\fraps.exe (Beepa P/L) ========== Modules (No Company Name) ========== MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\ppgooglenaclpluginchrome.dll () MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll () MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\pdf.dll () MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\libglesv2.dll () MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\libegl.dll () MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll () MOD - C:\Programme\VideoLAN\VLC\libvlccore.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libpng_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libdts_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\liba52_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libopus_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libflac_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\lua\liblua_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\misc\libxml_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\access\libdshow_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\access\libzip_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libavi_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll () MOD - C:\Programme\VideoLAN\VLC\libvlc.dll () MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll () MOD - C:\Programme\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll () MOD - C:\Programme\WinRAR\RarExt.dll () ========== Services (SafeList) ========== SRV - (WebCake Desktop Updater) -- C:\Program Files\WebCake\WebCakeDesktop.Updater.exe C:\Users\Max\AppData\Roaming\WebCake\WebCakeDesktop.exe File not found SRV - (AudioEndpointBuilder) -- C:\Windows\System32\AudioEndpointBuilder.dll (Microsoft Corporation) SRV - (TimeBroker) -- C:\Windows\System32\TimeBrokerServer.dll (Microsoft Corporation) SRV - (SystemEventsBroker) -- C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (netprofm) -- C:\Windows\System32\netprofmsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (SplashtopRemoteService) -- C:\Programme\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.) SRV - (SSUService) -- C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (wlidsvc) -- C:\Windows\System32\wlidsvc.dll (Microsoft Corporation) SRV - (LSM) -- C:\Windows\System32\lsm.dll (Microsoft Corporation) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (TeamViewer8) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (PrintNotify) -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (WSService) -- C:\Windows\System32\WSService.dll (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (fhsvc) -- C:\Windows\System32\fhsvc.dll (Microsoft Corporation) SRV - (BrokerInfrastructure) -- C:\Windows\System32\bisrv.dll (Microsoft Corporation) SRV - (VMnetDHCP) -- C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.) SRV - (VMware NAT Service) -- C:\Windows\System32\vmnat.exe (VMware, Inc.) SRV - (VMwareHostd) -- C:\Programme\VMware\VMware Workstation\vmware-hostd.exe () SRV - (VMAuthdService) -- C:\Programme\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) SRV - (VMUSBArbService) -- C:\Programme\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.) SRV - (WiaRpc) -- C:\Windows\System32\wiarpc.dll (Microsoft Corporation) SRV - (Wcmsvc) -- C:\Windows\System32\wcmsvc.dll (Microsoft Corporation) SRV - (VaultSvc) -- C:\Windows\System32\vaultsvc.dll (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (svsvc) -- C:\Windows\System32\svsvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (NcaSvc) -- C:\Windows\System32\NcaSvc.dll (Microsoft Corporation) SRV - (NcdAutoSetup) -- C:\Windows\System32\NcdAutoSetup.dll (Microsoft Corporation) SRV - (KeyIso) -- C:\Windows\System32\keyiso.dll (Microsoft Corporation) SRV - (EFS) -- C:\Windows\System32\efssvc.dll (Microsoft Corporation) SRV - (DsmSvc) -- C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation) SRV - (DeviceAssociationService) -- C:\Windows\System32\das.dll (Microsoft Corporation) SRV - (AllUserInstallAgent) -- C:\Windows\System32\AUInstallAgent.dll (Microsoft Corporation) SRV - (vmicvss) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation) SRV - (vmictimesync) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation) SRV - (vmicshutdown) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation) SRV - (vmicrdv) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation) SRV - (vmickvpexchange) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation) SRV - (vmicheartbeat) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (VBoxNetFlt) -- C:\Windows\system32\DRIVERS\VBoxNetFlt.sys File not found DRV - (abkswnkw) -- File not found DRV - (dtsoftbus01) -- C:\Windows\System32\Drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (VBoxNetAdp) -- C:\Windows\System32\Drivers\VBoxNetAdp.sys (Oracle Corporation) DRV - (spaceport) -- C:\Windows\System32\Drivers\spaceport.sys (Microsoft Corporation) DRV - (TPM) -- C:\Windows\System32\Drivers\tpm.sys (Microsoft Corporation) DRV - (pdc) -- C:\Windows\System32\Drivers\pdc.sys (Microsoft Corporation) DRV - (USBXHCI) -- C:\Windows\System32\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV - (storahci) -- C:\Windows\System32\Drivers\storahci.sys (Microsoft Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\Drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.) DRV - (MungoDriver) -- C:\Windows\System32\Drivers\MungoDriver.sys (Windows (R) Win 7 DDK provider) DRV - (USBHUB3) -- C:\Windows\System32\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV - (BthAvrcpTg) -- C:\Windows\System32\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV - (WdBoot) -- C:\Windows\System32\Drivers\WdBoot.sys (Microsoft Corporation) DRV - (WdFilter) -- C:\Windows\System32\Drivers\WdFilter.sys (Microsoft Corporation) DRV - (msgpiowin32) -- C:\Windows\System32\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV - (sthid) -- C:\Windows\System32\Drivers\sthid.sys (Splashtop Inc.) DRV - (bthhfhid) -- C:\Windows\System32\Drivers\BthhfHid.sys (Microsoft Corporation) DRV - (hidi2c) -- C:\Windows\System32\Drivers\hidi2c.sys (Microsoft Corporation) DRV - (FxPPM) -- C:\Windows\System32\Drivers\fxppm.sys (Microsoft Corporation) DRV - (Dot4Print) -- C:\Windows\System32\Drivers\Dot4Prt.sys (Windows (R) Win 7 DDK provider) DRV - (dot4) -- C:\Windows\System32\Drivers\Dot4.sys (Windows (R) Win 7 DDK provider) DRV - (RdpVideoMiniport) -- C:\Windows\System32\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (dam) -- C:\Windows\System32\Drivers\dam.sys (Microsoft Corporation) DRV - (sdstor) -- C:\Windows\System32\Drivers\sdstor.sys (Microsoft Corporation) DRV - (AirDisplayMirror) -- C:\Windows\System32\Drivers\AVVideoCardMirror.sys (Windows (R) Win 7 DDK provider) DRV - (AirDisplay) -- C:\Windows\System32\Drivers\AVVideoCard.sys (Windows (R) Win 7 DDK provider) DRV - (cnghwassist) -- C:\Windows\System32\Drivers\cnghwassist.sys (Microsoft Corporation) DRV - (UCX01000) -- C:\Windows\System32\Drivers\UCX01000.SYS (Microsoft Corporation) DRV - (GPIOClx0101) -- C:\Windows\System32\Drivers\msgpioclx.sys (Microsoft Corporation) DRV - (iDispService) -- C:\Windows\System32\Drivers\idisplayminiport.sys (SHAPE Services) DRV - (vmx86) -- C:\Windows\System32\Drivers\vmx86.sys (VMware, Inc.) DRV - (VMnetuserif) -- C:\Windows\System32\Drivers\vmnetuserif.sys (VMware, Inc.) DRV - (VMnetBridge) -- C:\Windows\System32\Drivers\vmnetbridge.sys (VMware, Inc.) DRV - (VMnetAdapter) -- C:\Windows\System32\Drivers\vmnetadapter.sys (VMware, Inc.) DRV - (hcmon) -- C:\Windows\System32\Drivers\hcmon.sys (VMware, Inc.) DRV - (vmusb) -- C:\Windows\System32\Drivers\vmusb.sys (VMware, Inc.) DRV - (condrv) -- C:\Windows\System32\Drivers\condrv.sys (Microsoft Corporation) DRV - (acpiex) -- C:\Windows\System32\Drivers\acpiex.sys (Microsoft Corporation) DRV - (LSI_SSS) -- C:\Windows\System32\Drivers\lsi_sss.sys (LSI Corporation) DRV - (EhStorTcgDrv) -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV - (EhStorClass) -- C:\Windows\System32\Drivers\EhStorClass.sys (Microsoft Corporation) DRV - (3ware) -- C:\Windows\System32\Drivers\3ware.sys (LSI) DRV - (VSTXRAID) -- C:\Windows\System32\Drivers\VSTXRAID.SYS (VIA Corporation) DRV - (VerifierExt) -- C:\Windows\System32\Drivers\VerifierExt.sys (Microsoft Corporation) DRV - (UASPStor) -- C:\Windows\System32\Drivers\uaspstor.sys (Microsoft Corporation) DRV - (mvumis) -- C:\Windows\System32\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV - (WFPLWFS) -- C:\Windows\System32\Drivers\wfplwfs.sys (Microsoft Corporation) DRV - (CLFS) -- C:\Windows\System32\Drivers\clfs.sys (Microsoft Corporation) DRV - (terminpt) -- C:\Windows\System32\Drivers\terminpt.sys (Microsoft Corporation) DRV - (vmbus) -- C:\Windows\System32\Drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\Drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\Drivers\storvsc.sys (Microsoft Corporation) DRV - (BasicDisplay) -- C:\Windows\System32\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV - (mshidumdf) -- C:\Windows\System32\Drivers\mshidumdf.sys (Microsoft Corporation) DRV - (HyperVideo) -- C:\Windows\System32\Drivers\HyperVideo.sys (Microsoft Corporation) DRV - (BasicRender) -- C:\Windows\System32\Drivers\BasicRender.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\Drivers\vms3cap.sys (Microsoft Corporation) DRV - (npsvctrig) -- C:\Windows\System32\Drivers\npsvctrig.sys (Microsoft Corporation) DRV - (kdnic) -- C:\Windows\System32\Drivers\kdnic.sys (Microsoft Corporation) DRV - (acpitime) -- C:\Windows\System32\Drivers\acpitime.sys (Microsoft Corporation) DRV - (gencounter) -- C:\Windows\System32\Drivers\vmgencounter.sys (Microsoft Corporation) DRV - (acpipagr) -- C:\Windows\System32\Drivers\acpipagr.sys (Microsoft Corporation) DRV - (WpdUpFltr) -- C:\Windows\System32\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\Drivers\VMBusHID.sys (Microsoft Corporation) DRV - (hyperkbd) -- C:\Windows\System32\Drivers\hyperkbd.sys (Microsoft Corporation) DRV - (SerCx) -- C:\Windows\System32\Drivers\SerCx.sys (Microsoft Corporation) DRV - (xusb22) -- C:\Windows\System32\Drivers\xusb22.sys (Microsoft Corporation) DRV - (SpbCx) -- C:\Windows\System32\Drivers\SpbCx.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\Drivers\winusb.sys (Microsoft Corporation) DRV - (TsUsbGD) -- C:\Windows\System32\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV - (BthHFEnum) -- C:\Windows\System32\Drivers\bthhfenum.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (dmvsc) -- C:\Windows\System32\Drivers\dmvsc.sys (Microsoft Corporation) DRV - (wpcfltr) -- C:\Windows\System32\Drivers\wpcfltr.sys (Microsoft Corporation) DRV - (NdisImPlatform) -- C:\Windows\System32\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV - (MsLldp) -- C:\Windows\System32\Drivers\mslldp.sys (Microsoft Corporation) DRV - (Ndu) -- C:\Windows\System32\Drivers\Ndu.sys (Microsoft Corporation) DRV - (RTL8168) -- C:\Windows\System32\Drivers\Rt630x86.sys (Realtek ) DRV - (vmci) -- C:\Windows\System32\Drivers\vmci.sys (VMware, Inc.) DRV - (vsock) -- C:\Windows\System32\Drivers\vsock.sys (VMware, Inc.) DRV - (BCM43XX) -- C:\Windows\System32\Drivers\BCMWL63.SYS (Broadcom Corporation) DRV - (Netaapl) -- C:\Windows\System32\Drivers\netaapl.sys (Apple Inc.) DRV - (vstor2-mntapi10-shared) -- C:\Windows\System32\Drivers\vstor2-mntapi10-shared.sys (VMware, Inc.) DRV - (KeyControl49) -- C:\Windows\System32\Drivers\esikey49.sys (ESI) DRV - (hamachi) -- C:\Windows\System32\Drivers\hamachi.sys (LogMeIn, Inc.) DRV - (MarvinBus) -- C:\Windows\System32\Drivers\MarvinBus.sys (Pinnacle Systems GmbH) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{8544E016-5EE2-450E-BB36-ACEF50FBEBB7}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: ebesucher-surfbar@kashiif.com:1.0.0 FF - prefs.js..extensions.enabledAddons: admin@proxy-listen.de:1.0.4.5 FF - prefs.js..extensions.enabledAddons: extension@hidemyass.com:1.2.7 FF - prefs.js..extensions.enabledAddons: foxyproxy@eric.h.jung:4.1.4 FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.14 FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.6.0.20130418072822 FF - prefs.js..network.proxy.ftp: "147.31.182.137" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.http: "147.31.182.137" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks_remote_dns: true FF - prefs.js..network.proxy.ssl: "147.31.182.137" FF - prefs.js..network.proxy.ssl_port: 3128 FF - prefs.js..network.proxy.type: 1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Max\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Max\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.30 17:51:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.16 15:06:07 | 000,000,000 | ---D | M] [2013.01.30 17:51:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Extensions [2013.05.31 08:58:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions [2013.05.19 20:23:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013.05.10 12:06:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013.05.10 12:04:33 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions\foxyproxy@eric.h.jung [2013.05.30 20:09:11 | 000,000,000 | ---D | M] (WebCake) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions\plugin@getwebcake.com [2013.04.11 20:37:38 | 000,013,955 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\k50e68b0.default\extensions\admin@proxy-listen.de.xpi [2013.04.02 15:25:27 | 000,055,696 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\k50e68b0.default\extensions\ebesucher-surfbar@kashiif.com.xpi [2013.04.11 22:37:05 | 000,053,803 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\k50e68b0.default\extensions\extension@hidemyass.com.xpi [2013.01.30 17:51:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.01.30 17:51:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions [2013.01.30 17:51:18 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012.10.06 04:14:59 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013.01.11 04:05:40 | 000,033,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012.10.06 05:22:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.06 05:22:08 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.10.06 05:22:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.10.06 05:22:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.06 05:22:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.06 05:22:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.google.de/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - Extension: Google Docs = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Play Music = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.1_0\ CHR - Extension: Google Mail = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013.05.19 16:35:11 | 000,000,718 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts O2 - BHO: (WebCake) - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Programme\WebCake\WebCakeIEClient.dll (WebCake LLC) O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [StereoLinksInstall] C:\Program Files\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) O4 - HKLM..\Run: [USBToolTip] C:\Programme\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH) O4 - HKLM..\Run: [vmware-tray.exe] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.) O4 - HKCU..\Run: [ApplePhotoStreams] C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [iCloudServices] C:\Programme\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) O4 - HKCU..\Run: [MusicManager] C:\Users\Max\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.) O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [Spotify] C:\Users\Max\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Max\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKCU..\Run: [WebCake Desktop] C:\Users\Max\AppData\Roaming\WebCake\WebCakeDesktop.exe (WebCake LLC) O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Programme\Samsung Magician\Samsung Magician.exe (Samsung Electronics.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\vsocklib.dll (VMware, Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14D94206-BEAD-4E97-B5C5-C22B72777674}: DhcpNameServer = 10.74.210.210 10.74.210.211 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2338C3B-0FC2-4F2F-B248-CCA5CA5D8420}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\NVIDIA~1\3DVISI~1\nvStInit.dll) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.07.26 08:52:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{6327bc41-66f0-11e2-af9c-6c626d75e7ba}\Shell - "" = AutoRun O33 - MountPoints2\{6327bc41-66f0-11e2-af9c-6c626d75e7ba}\Shell\AutoRun\command - "" = "F:\Install.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.31 16:34:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe [2013.05.30 21:30:27 | 000,000,000 | ---D | C] -- C:\Program Files\LooksBuilderSE [2013.05.30 21:11:11 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\PMB Files [2013.05.30 21:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2013.05.30 21:11:04 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2013.05.30 21:10:56 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Pando_Temp [2013.05.30 21:09:41 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Avid [2013.05.30 21:09:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pinnacle [2013.05.30 21:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pegasus Imaging [2013.05.30 21:06:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle [2013.05.30 21:00:46 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2013.05.30 21:00:46 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2013.05.30 21:00:46 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2013.05.30 21:00:46 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2013.05.30 21:00:44 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2013.05.30 21:00:44 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2013.05.30 21:00:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2013.05.30 21:00:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2013.05.30 21:00:44 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2013.05.30 21:00:43 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2013.05.30 21:00:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2013.05.30 21:00:43 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2013.05.30 21:00:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2013.05.30 21:00:43 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2013.05.30 21:00:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2013.05.30 21:00:42 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2013.05.30 21:00:42 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2013.05.30 21:00:42 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2013.05.30 21:00:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2013.05.30 21:00:42 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2013.05.30 21:00:42 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2013.05.30 21:00:41 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2013.05.30 21:00:41 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2013.05.30 21:00:41 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2013.05.30 21:00:41 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2013.05.30 21:00:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2013.05.30 21:00:41 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2013.05.30 21:00:41 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2013.05.30 21:00:40 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2013.05.30 21:00:40 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2013.05.30 21:00:40 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2013.05.30 21:00:40 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2013.05.30 21:00:40 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2013.05.30 21:00:40 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2013.05.30 21:00:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2013.05.30 21:00:40 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2013.05.30 21:00:39 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2013.05.30 21:00:39 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2013.05.30 21:00:39 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2013.05.30 21:00:39 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2013.05.30 21:00:38 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2013.05.30 21:00:38 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2013.05.30 21:00:38 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2013.05.30 21:00:38 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2013.05.30 21:00:38 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2013.05.30 21:00:38 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2013.05.30 21:00:37 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2013.05.30 21:00:37 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2013.05.30 21:00:37 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2013.05.30 21:00:37 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2013.05.30 21:00:37 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2013.05.30 21:00:37 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2013.05.30 21:00:37 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2013.05.30 21:00:36 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2013.05.30 21:00:36 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2013.05.30 21:00:36 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2013.05.30 21:00:36 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2013.05.30 21:00:36 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2013.05.30 21:00:36 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2013.05.30 21:00:36 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2013.05.30 21:00:35 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2013.05.30 21:00:35 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2013.05.30 21:00:35 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2013.05.30 21:00:35 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2013.05.30 21:00:35 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2013.05.30 21:00:35 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2013.05.30 21:00:30 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2013.05.30 21:00:30 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2013.05.30 21:00:30 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2013.05.30 21:00:30 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2013.05.30 21:00:30 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2013.05.30 21:00:30 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2013.05.30 21:00:29 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2013.05.30 21:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avid [2013.05.30 20:59:30 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Pinnacle [2013.05.30 20:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 16 [2013.05.30 20:59:17 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Downloaded Installations [2013.05.30 20:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle [2013.05.30 20:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PCTV Systems [2013.05.30 20:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle [2013.05.30 20:10:43 | 000,719,872 | -HS- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll [2013.05.30 20:10:43 | 000,369,152 | -HS- | C] (The Public) -- C:\Windows\System32\avisynth.dll [2013.05.30 20:10:42 | 000,070,656 | -HS- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2013.05.30 20:10:41 | 000,070,656 | -HS- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll [2013.05.30 20:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5 [2013.05.30 20:09:52 | 000,327,749 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\drvc.dll [2013.05.30 20:09:52 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll [2013.05.30 20:09:52 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\System32\nbDX.dll [2013.05.30 20:09:52 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\System32\flvDX.dll [2013.05.30 20:09:52 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\System32\msfDX.dll [2013.05.30 20:09:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft [2013.05.30 20:09:51 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax [2013.05.30 20:09:51 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax [2013.05.30 20:09:51 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSSplitter.ax [2013.05.30 20:09:51 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSDecoder.ax [2013.05.30 20:09:51 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax [2013.05.30 20:09:50 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\System32\RealMediaDX.ax [2013.05.30 20:09:49 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax [2013.05.30 20:09:48 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\System32\AVCDX.ax [2013.05.30 20:09:30 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft [2013.05.30 20:09:10 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\WebCake [2013.05.30 20:09:10 | 000,000,000 | ---D | C] -- C:\Program Files\WebCake [2013.05.30 17:05:16 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Splashtop [2013.05.30 17:03:45 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\FileFly [2013.05.30 17:03:45 | 000,000,000 | ---D | C] -- C:\ProgramData\FileFly [2013.05.30 17:01:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop [2013.05.29 15:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2013.05.29 15:57:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2013.05.29 15:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2013.05.29 15:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\StarApp [2013.05.29 13:17:48 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\WinZipper [2013.05.29 13:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\WinZipper [2013.05.28 07:39:30 | 000,000,000 | ---D | C] -- C:\Users\Max\Pictures [2013.05.25 00:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirServer [2013.05.25 00:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\AirServer [2013.05.24 06:04:01 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager [2013.05.23 22:50:30 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\GoPlayer [2013.05.23 22:49:48 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\eDownload [2013.05.23 22:25:01 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1 [2013.05.23 22:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\WiMP [2013.05.23 22:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2013.05.23 08:01:29 | 000,000,000 | ---D | C] -- C:\ico [2013.05.23 07:46:28 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\TXT [2013.05.23 05:54:12 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Mp3tag [2013.05.23 05:53:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag [2013.05.23 05:53:54 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3tag [2013.05.22 07:02:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013.05.22 07:02:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.05.22 07:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013.05.22 07:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2013.05.21 19:14:05 | 000,000,000 | ---D | C] -- C:\Windows\rescache [2013.05.21 03:47:23 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Skype [2013.05.21 03:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2013.05.21 03:33:20 | 000,000,000 | ---D | C] -- C:\Program Files\GamersFirst [2013.05.21 03:13:05 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst [2013.05.21 03:13:00 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\GamersFirst [2013.05.18 12:32:03 | 010,789,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.UI.Xaml.dll [2013.05.18 12:32:02 | 002,767,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2013.05.18 12:32:02 | 001,593,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2013.05.18 12:32:00 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAudDecMFT.dll [2013.05.18 12:31:59 | 003,390,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.05.18 12:31:59 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll [2013.05.18 12:31:58 | 000,248,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd_02_10ec.dll [2013.05.18 12:31:57 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\twinui.dll [2013.05.18 12:31:57 | 000,426,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll [2013.05.18 12:31:57 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2013.05.18 12:31:57 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll [2013.05.18 12:31:56 | 002,035,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2013.05.18 12:31:56 | 001,166,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.efi [2013.05.18 12:31:56 | 001,034,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.efi [2013.05.18 12:31:56 | 000,939,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2013.05.18 12:31:56 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpncore.dll [2013.05.18 12:31:56 | 000,324,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll [2013.05.18 12:31:56 | 000,207,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe [2013.05.18 12:31:55 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2013.05.18 12:31:55 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2013.05.18 12:31:55 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RecoveryDrive.exe [2013.05.18 12:31:55 | 000,457,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll [2013.05.18 12:31:55 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Networking.dll [2013.05.18 12:31:54 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll [2013.05.18 12:31:54 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll [2013.05.18 12:31:54 | 000,123,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll [2013.05.18 12:31:54 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Robocopy.exe [2013.05.18 12:31:53 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2013.05.18 12:31:53 | 000,238,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spaceport.sys [2013.05.18 12:31:53 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2013.05.18 12:31:53 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iuilp.dll [2013.05.18 12:31:53 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fhengine.dll [2013.05.18 12:31:53 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEndpointBuilder.dll [2013.05.18 12:31:52 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fhcfg.dll [2013.05.18 12:31:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys [2013.05.18 12:31:51 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl [2013.05.18 12:31:51 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFMediaEngine.dll [2013.05.18 12:31:51 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2013.05.18 12:31:50 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll [2013.05.18 12:31:49 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll [2013.05.18 12:31:49 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll [2013.05.18 12:31:49 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll [2013.05.18 12:31:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2013.05.16 00:34:33 | 000,693,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.05.16 00:34:33 | 000,078,200 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.05.15 19:09:55 | 000,000,000 | ---D | C] -- C:\Users\Max\Application Data [2013.05.15 11:20:47 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.05.15 11:20:47 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.05.15 11:20:46 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.05.15 11:20:41 | 000,104,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2013.05.15 11:20:37 | 005,586,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013.05.09 12:54:04 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\VMware [2013.05.09 12:54:04 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\VMware [2013.05.09 12:50:29 | 000,063,128 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vsocklib.dll [2013.05.09 12:50:29 | 000,061,296 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vsock.sys [2013.05.09 12:50:03 | 000,357,016 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe [2013.05.09 12:50:00 | 000,435,864 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe [2013.05.09 12:50:00 | 000,025,752 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vmnetuserif.sys [2013.05.09 12:49:59 | 000,779,928 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vnetlib.dll [2013.05.09 12:49:58 | 000,041,496 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\hcmon.sys [2013.05.09 12:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware [2013.05.09 12:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware [2013.05.09 12:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\VMware [2013.05.09 12:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware [2013.05.09 12:49:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Virtual Machines [2013.05.09 11:36:16 | 000,000,000 | ---D | C] -- C:\Users\Max\VirtualBox VMs [2013.05.09 11:35:21 | 000,000,000 | ---D | C] -- C:\Users\Max\.VirtualBox [2013.05.09 11:34:38 | 000,188,176 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxDrv.sys [2013.05.09 11:34:26 | 000,094,480 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [2013.05.07 16:33:25 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Nero [2013.05.07 16:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2013.05.07 12:28:48 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\BANDISOFT [2013.05.07 12:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.31 16:33:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe [2013.05.31 16:33:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.31 16:08:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3665671309-745949747-257478601-1001UA.job [2013.05.31 14:43:24 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.31 14:43:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.31 09:05:22 | 000,754,576 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.05.31 09:05:22 | 000,712,730 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.05.31 09:05:22 | 000,156,830 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.05.31 09:05:22 | 000,133,626 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.05.31 08:59:13 | 000,491,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.05.31 08:59:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.05.31 08:59:05 | 2791,034,880 | -HS- | M] () -- C:\hiberfil.sys [2013.05.30 21:41:05 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2013.05.30 21:09:00 | 000,002,226 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle Studio 16.lnk [2013.05.30 20:09:53 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\SUPER ©.lnk [2013.05.29 15:27:09 | 000,217,194 | ---- | M] () -- C:\Users\Max\Desktop\com.ericday.itether_1.0.4_iphoneos-arm.deb [2013.05.29 13:37:19 | 204,270,226 | ---- | M] () -- C:\Users\Max\Desktop\Cubasis [Steinberg Media Technologies GmbH] (v1.4 iPad ONZE os51)-[BurnIt.Lr17.ipa [2013.05.29 13:17:42 | 000,002,387 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.05.29 13:17:42 | 000,001,341 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.27 06:08:00 | 000,000,862 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3665671309-745949747-257478601-1001Core.job [2013.05.23 22:24:54 | 000,000,815 | ---- | M] () -- C:\Users\Public\Desktop\WiMP.lnk [2013.05.23 08:02:25 | 000,001,699 | ---- | M] () -- C:\Users\Max\Desktop\Music.lnk [2013.05.23 05:53:55 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk [2013.05.22 07:02:51 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.05.19 16:35:11 | 000,000,718 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2013.05.19 16:35:11 | 000,000,717 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.umbrella [2013.05.09 12:49:53 | 000,001,024 | ---- | M] () -- C:\.rnd [2013.05.09 12:49:49 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk [2013.05.07 22:07:50 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.05.07 22:07:50 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.05.02 17:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.30 21:09:00 | 000,002,226 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle Studio 16.lnk [2013.05.30 20:57:08 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI [2013.05.30 20:10:42 | 000,032,256 | -HS- | C] () -- C:\Windows\System32\AVSredirect.dll [2013.05.30 20:09:53 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\SUPER ©.lnk [2013.05.30 20:09:52 | 000,188,416 | RHS- | C] () -- C:\Windows\System32\winDCE32.dll [2013.05.30 20:09:51 | 000,121,344 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.ax [2013.05.30 20:09:51 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll [2013.05.30 20:09:51 | 000,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax [2013.05.30 20:09:50 | 000,120,832 | RHS- | C] () -- C:\Windows\System32\MPCDx.ax [2013.05.30 20:09:50 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\RLMPCDec.ax [2013.05.30 20:09:50 | 000,070,656 | RHS- | C] () -- C:\Windows\System32\RLAPEDec.ax [2013.05.30 20:09:49 | 000,195,584 | RHS- | C] () -- C:\Windows\System32\MatroskaDX.ax [2013.05.30 20:09:49 | 000,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax [2013.05.30 20:09:49 | 000,097,280 | RHS- | C] () -- C:\Windows\System32\FLACDX.ax [2013.05.30 20:09:48 | 000,227,328 | RHS- | C] () -- C:\Windows\System32\ac3DX.ax [2013.05.30 20:09:48 | 000,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax [2013.05.29 15:27:08 | 000,217,194 | ---- | C] () -- C:\Users\Max\Desktop\com.ericday.itether_1.0.4_iphoneos-arm.deb [2013.05.29 13:37:02 | 204,270,226 | ---- | C] () -- C:\Users\Max\Desktop\Cubasis [Steinberg Media Technologies GmbH] (v1.4 iPad ONZE os51)-[BurnIt.Lr17.ipa [2013.05.24 06:03:45 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3665671309-745949747-257478601-1001UA.job [2013.05.24 06:03:44 | 000,000,862 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3665671309-745949747-257478601-1001Core.job [2013.05.23 22:24:54 | 000,000,827 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiMP.lnk [2013.05.23 22:24:54 | 000,000,815 | ---- | C] () -- C:\Users\Public\Desktop\WiMP.lnk [2013.05.23 07:57:28 | 000,001,699 | ---- | C] () -- C:\Users\Max\Desktop\Music.lnk [2013.05.23 05:53:55 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk [2013.05.22 07:02:51 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.05.21 04:30:59 | 000,491,056 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2013.05.18 12:31:47 | 000,387,688 | ---- | C] () -- C:\Windows\System32\ApnDatabase.xml [2013.05.09 12:49:53 | 000,001,024 | ---- | C] () -- C:\.rnd [2013.05.09 12:49:49 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk [2013.03.22 22:14:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll [2013.02.01 14:37:45 | 000,136,348 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2013.01.28 20:58:20 | 000,083,968 | ---- | C] () -- C:\Windows\System32\OEMLicense.dll [2012.11.19 09:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll [2012.11.19 09:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll [2012.10.19 05:52:30 | 002,907,040 | ---- | C] () -- C:\Windows\System32\PortChanger.exe [2012.07.26 10:41:52 | 000,754,576 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2012.07.26 10:41:52 | 000,305,546 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2012.07.26 10:41:52 | 000,156,830 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2012.07.26 10:41:52 | 000,040,390 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2012.07.26 08:55:27 | 000,712,730 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2012.07.26 08:55:27 | 000,296,742 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2012.07.26 08:55:27 | 000,133,626 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2012.07.26 08:55:27 | 000,033,362 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2012.07.26 08:53:47 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2012.07.26 08:53:46 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2012.07.26 08:03:55 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012.07.26 03:20:38 | 000,071,680 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2012.07.25 22:41:36 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012.07.25 22:24:47 | 000,526,068 | ---- | C] () -- C:\Windows\System32\staticurllist.bin [2012.07.14 04:00:46 | 000,043,882 | ---- | C] () -- C:\Windows\System32\srms.dat [2012.06.26 07:10:06 | 003,668,480 | ---- | C] () -- C:\Windows\System32\CosmoRenderer.dll [2012.06.02 22:25:24 | 000,008,192 | ---- | C] () -- C:\Windows\System32\settings.dat [2012.06.02 16:31:24 | 001,520,828 | ---- | C] () -- C:\Windows\System32\WpcNBModel.bin [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat ========== ZeroAccess Check ========== [2013.05.13 15:50:02 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2012.07.26 05:20:13 | 000,354,304 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > [/SPOILER] |
|
31.05.2013, 18:28
| #4 | |
| /// the machine /// TB-Ausbilder | Adware V9 und WebCake löschenCombofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.05.2013, 20:29
| #5 |
| | Adware V9 und WebCake löschen Leider funktioniert Combofix nicht auf Win 8. Gibt es vielleicht ein anderes Programm? |
|
01.06.2013, 06:52
| #6 |
| /// the machine /// TB-Ausbilder | Adware V9 und WebCake löschen Mein Fehler  Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches OTL Logfile bitte.
__________________ --> Adware V9 und WebCake löschen |
|
| Themen zu Adware V9 und WebCake löschen |
| adware, beheben, cleaner, deinstalliere, deinstallieren, deinstalliert, explorer, gucken, installiert, löschen, natürlich, neue, neuinstallieren, nicht installiert, plötzlich, problem, probleme, programme, risiko, seite, startseite, systems, systemsteuerung, v9 webcake adware virus windows, virenprogramm, webcake, windows, überall |
Linear-Darstellung
