Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Adware V9 und WebCake löschen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.05.2013, 16:16   #1
RastaWelt
 
Adware V9 und WebCake löschen - Standard

Adware V9 und WebCake löschen



Hi Leute
Ich war schon einige zeit nicht am PC gewesen als ich plötzlich aus dem Augenwikel mitbekam das sich Chrome schloss und der Explorer neustartete.
Als ich dann gucken gegangen bin ist überall dieses V9 und Webcake installiert gewesen. In der Systemsteuerung wurden ca. 5 neue Programme gelistet die ich nicht installiert habe. Natürlich habe ich sie deinstalliert aber die Adware bleibt trotzdem. Auch die Durchführung von Adware Cleaner und virenprogramm brachte kein erfolg

Das Problem ist jetzt
V9 bleibt als Startseite selbst bei Umstellung
WebCake lässt sich nicht deinstallieren und bleibt im autostart

Wie kann ich diese Probleme beheben?
Was könnte dieses Programm noch angerichtet haben bzw. besteht ein Risiko sodass ich Windows neuinstallieren sollte?

Alt 31.05.2013, 16:28   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Adware V9 und WebCake löschen - Standard

Adware V9 und WebCake löschen



Hi,

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
  • Doppelklick auf die OTL.exe
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimal Ausgabe
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 31.05.2013, 17:16   #3
RastaWelt
 
Adware V9 und WebCake löschen - Standard

Adware V9 und WebCake löschen



Extras
[SPOILER]
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 31.05.2013 16:36:35 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Max\Desktop
 Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 0,70 Gb Available Physical Memory | 21,56% Memory free
5,37 Gb Paging File | 1,59 Gb Available in Paging File | 29,50% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,45 Gb Total Space | 9,57 Gb Free Space | 8,58% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 284,55 Gb Free Space | 61,09% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: BIG-UP | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{152D92E7-8E02-4B39-94CE-7ADF899D4672}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1E45F738-3AB2-407F-9739-8922CF3BA327}" = rport=137 | protocol=17 | dir=out | app=system | 
"{2BD8381A-8721-44B5-A56B-152EF220B3F7}" = rport=445 | protocol=6 | dir=out | app=system | 
"{36E2478C-F229-4408-8D41-70957465816E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{416BEEAD-46DC-47AF-93DC-9F9853E3C9A2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4660B6FE-768B-48B5-B970-F8410C2A5F7B}" = lport=138 | protocol=17 | dir=in | app=system | 
"{54A3B772-6758-4C4A-BA50-DDE07E585D02}" = rport=139 | protocol=6 | dir=out | app=system | 
"{60E35ED8-2E4E-40CA-B948-177A8C1D18AE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{76DD3D63-20FC-4365-AA44-E715751129BF}" = lport=58333 | protocol=17 | dir=in | name=pando media booster | 
"{79BC3586-4FAE-4990-B805-171CE7EDF26A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7D345814-59DC-4842-B937-1E8B46E7F14B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{91323F3F-A088-4A0C-9271-5849727694D7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{92A7A5F3-1519-429A-B3A3-C95DB16F45E6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{99BA8B05-D36A-47E0-91BA-2CCD7D23684C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A14149B2-6034-4E70-ACA8-0761ABBB1FE6}" = lport=445 | protocol=6 | dir=in | app=system | 
"{A92B76A5-B5D4-440F-9F98-DB926C816C89}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{AA512DCC-AAFE-4A57-AEEE-C7439DB4EB23}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{BDB67B06-2073-43FF-9339-8D7428AE4DDD}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{BE9E1B1F-7965-432C-BD07-D06DEC419607}" = rport=138 | protocol=17 | dir=out | app=system | 
"{C34E7429-AB90-4715-B853-53E105F1817E}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{E2ED7DAE-FD9F-47E4-B18D-FA2CD42CE8A5}" = lport=58333 | protocol=6 | dir=in | name=pando media booster | 
"{E6E883A8-D9EC-4981-887C-3C7BF92BC730}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{F51E6035-EC58-4F44-8A73-BB55DB3112DB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe | 
"{F546113D-2852-4B91-B5D1-A34EF11596F8}" = lport=139 | protocol=6 | dir=in | app=system | 
"{F5FDA60E-4CF4-4149-B1ED-BE5D9279B703}" = lport=58333 | protocol=6 | dir=in | name=pando media booster | 
"{FC5A3006-24B2-4BC4-9D65-44C9470858AA}" = lport=58333 | protocol=17 | dir=in | name=pando media booster | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00831140-990F-4250-B185-3DD16CBC96C6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{074792DA-641B-480F-B48F-C31C6024B94F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0C204113-2002-4A12-B6A5-9561B007CD51}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{12A355B6-16C7-4315-A9C0-3392E1D22322}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{12EE3F50-AC82-479D-8FCE-3F0CBD74AEF6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{145DBBEE-DAB8-410E-896F-6DF279E98518}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe | 
"{177375AE-EF6C-4DFB-B19A-7BB454C82B18}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 16\programs\rm.exe | 
"{1B6808FA-91FE-4AFD-952A-DF4FC24B3FA5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1DE6D565-3B67-41AD-85A2-69C0F575468F}" = dir=in | app=c:\program files\vmware\vmware workstation\vmware-hostd.exe | 
"{2680F683-8E11-4766-BC82-CF26B8E51203}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{29944163-B7BD-4880-B24D-BB4AF724CA3D}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{2DF101C9-F3FF-4A4C-AFB5-183E891B842E}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{344A4E5A-46D2-4107-9AEA-AAACE3A27D93}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{35731A2F-07CB-4C65-87D7-3E25920BC452}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{38F82E63-9037-429C-B5D5-F1E55B31316E}" = dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe | 
"{395123E5-289B-4146-8A30-CD53C47D98EB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3A3014C4-75EC-49C7-97AC-30ACFB0D97C0}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{3D944803-25BE-4A00-BEB6-320C359EB2A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3DD13650-D33F-4D37-8F8E-13B8B10E5F31}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{3F412B2E-9365-4771-A00F-EB8FED74F6E5}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{418DF503-33CC-41E3-BA94-97C3C70D6156}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{420A351C-40F7-4C35-A73C-5DE3C84B26BC}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{42B9D6B2-D370-49BF-BFD4-F62753BADF15}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{45FB914B-2720-4214-B016-3627A9A3BA2E}" = protocol=17 | dir=in | app=c:\program files\mungoserver\mungoserver.exe | 
"{4C6836EF-30C9-4A7E-9E8E-27FC7F604BBF}" = dir=out | name=youtube player | 
"{4D4A5781-37DD-481A-9BEA-4202625EA21B}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{4E135714-DFFF-46F1-9740-1D716CA13272}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4E909780-F4E8-4323-9407-841446A998E6}" = dir=out | name=dropbox | 
"{4E9B1DAF-CF10-47DC-BA9B-050F3CA2E5B3}" = protocol=17 | dir=in | app=c:\program files\origin games\need for speed(tm) most wanted\nfs13.exe | 
"{4ED628A7-FBEF-46FF-8023-47836768096E}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{50AC834B-588F-487C-8DFB-9658857F03E9}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{53FF59DB-809F-45C3-85B4-825426030CCE}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{54ADD778-A81C-4D63-AC4D-B1B96A3994BA}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{555E4910-67CF-4074-A1A7-A16839153737}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{578680A9-4364-46DB-8AEC-D7EBFB1B4008}" = dir=in | name=@{microsoft.bing_1.2.0.137_x86__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{58DB0533-D631-4D56-B43A-DDDA346DDF18}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{66556C2E-CAFD-4EA5-8029-5A315664B2F2}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{6C37AA55-50D8-4DC2-AA88-2575C5B310EB}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{6D8561E9-3556-41AD-8E37-E924B15791EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7069470A-7AAE-438C-B2B7-758C66CD9C79}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 16\programs\umi.exe | 
"{72E0CE97-AD14-4943-A09D-E19318A4C6AC}" = dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe | 
"{738DD578-1B12-47B3-8EC3-F48B31F0D2E2}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{775A2F59-23AA-4CED-8B3E-14BFF865C616}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{77C2D87D-0E8C-482E-A214-64BC5D93F597}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{7A1E0DB9-AB61-45E4-B909-7444CDEAA1C7}" = dir=in | app=c:\program files\splashtop\splashtop remote\server\srfeature.exe | 
"{7EAF26E3-D57C-4D19-AAD1-BA48A137810A}" = protocol=17 | dir=in | app=c:\program files\airvideoserver\airvideoserver.exe | 
"{7F38DE65-7020-490D-A7EC-172FF1CC5663}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{818E9D17-BFA3-4FB8-897F-A5D266DB6CA5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{818F8751-9936-4BF4-9304-423633CFF7D5}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe | 
"{8832D552-6C72-49F6-8541-76352C71A7B8}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{8850B6D3-FA1A-4D37-8B03-AFB84EF15A30}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{890E5CDD-B0B8-4B6F-BA1E-3467B9B20938}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{8A937993-0533-4E3F-BDAE-0D76BD59B5E5}" = dir=out | name=@{microsoft.bing_1.2.0.137_x86__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{8CA8F28E-2268-4A39-88CD-5BB90ECE9E17}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{9109BCEE-BE76-425B-9E46-38774C8267B6}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 16\programs\rm.exe | 
"{91A93FAB-D9FB-4A67-9023-5884ED45F6B0}" = protocol=6 | dir=in | app=c:\program files\airvideoserver\airvideoserver.exe | 
"{93BD8346-87D1-4AFD-A699-CA23F1EF7942}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{94E185C6-E22A-4440-8D88-73D6D7C82685}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{96CF46A8-B96A-4D63-A3CD-841379AB4C71}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{97EC4857-362B-4BFD-9CE0-1F61BE2CEC6C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{986BC035-C617-42B8-94E9-461D92126B1F}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 16\programs\ngstudio.exe | 
"{9B7E937E-97C7-4E15-8925-989863F19BCF}" = dir=out | name=shazam | 
"{A1729EA2-37E2-4C83-BFFD-D74C189A1A46}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe | 
"{A2C2F30D-5263-41B0-9CC7-FA624431C511}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{A3B8B804-4663-4916-B022-469AB4BDA0EF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{A4B7E3A9-4E1E-4498-9AE3-FEC93F07E306}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe | 
"{A56F3994-65E1-4600-A048-F1119AA49382}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{A71F307F-AFB5-46DA-8F5E-C85FEE7BAF5F}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{A92E9BEF-FF54-4C79-83D3-5858352B052A}" = protocol=6 | dir=in | app=c:\program files\origin games\need for speed(tm) most wanted\nfs13.exe | 
"{AC012610-1FD5-4B07-ADC8-3AFE2605F817}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{AD0B20CF-F7D5-4913-9271-E567902CE4CA}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{B26E2198-8C00-4F32-8DEB-D8A468591A58}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{B3760BB3-420C-43FE-885A-F4CBAF90AA22}" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe | 
"{B3D5B478-D89F-416A-9C48-172C8C45E3DF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{B57DAF73-0B5E-4220-B5D1-73D3CC71788C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B70C961A-AB98-453D-AD25-E6CE5AF8C470}" = dir=out | name=wetter.com | 
"{BAA72E45-B613-4F27-A57D-169284CDF331}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{BAE3CF41-637A-44EE-A0A1-D51761058FD0}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 16\programs\ngstudio.exe | 
"{BEE5624D-E489-4A16-AC44-B094F43589F2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{BFEF2737-58AE-4674-BC57-6B843FA50CD9}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{C1BACF44-839C-4570-A34A-9356D52DF0B0}" = protocol=6 | dir=out | app=system | 
"{C39B3EDF-5065-408B-B069-A07BCDA9D8C8}" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe | 
"{C6F4DBD5-B330-4D6B-8691-AEFDAAC11EED}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{C9B06F40-7AB4-402B-B080-BFEB4049E0B5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{CA17C4A1-DC79-4EE6-A473-1CBB719EE1A9}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 16\programs\umi.exe | 
"{CC77D791-2EB2-4046-AE04-36E9D92E24BB}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe | 
"{CD7AB6E9-28C5-4B16-9F77-8DA7641BCB9C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D5B29DEB-EA14-4F90-AAF1-EE621821E286}" = dir=in | app=c:\program files\splashtop\splashtop remote\server\srserver.exe | 
"{DA496C72-5FE2-4E14-B328-DD04CA4DEE5B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe | 
"{E152C2DF-0E92-4B51-BDE8-CE89F287E53F}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe | 
"{E1AF5833-8298-4110-85B0-1438BEDE9286}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{E46E6C58-8F83-4524-B2EA-FE6DCF94D7FF}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{E87C4EB6-6F4C-4E7F-8385-633B5F0CA2DD}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{EB43C491-7F6B-4BBA-A9FA-E1548F6FAA15}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{ED48A939-C0CD-42B7-A124-6F2DA63527EA}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{EDCA7C34-DCE9-4722-83B2-378602CB45B6}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{F061C081-9543-416F-9851-0E3EE316680F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{F3EED2E0-7246-4E18-9EF1-BC0F4FB49592}" = dir=in | app=c:\program files\splashtop\splashtop remote\server\dataproxy.exe | 
"{F453260D-4B09-40C8-81F0-EC87ACDE0A78}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{F76A02B4-00E4-4BDA-B201-E1034915E5AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F97E7225-ECAD-4BDA-A1FE-6644EC9712FE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FA37C219-7B63-45D6-BFE8-307929DF27B1}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe | 
"{FCC5DA6B-D56E-4EBF-A8EB-314FA92CE5F1}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{FDD0162F-704C-4A1C-BABD-A6483196B338}" = protocol=6 | dir=in | app=c:\program files\mungoserver\mungoserver.exe | 
"{FE8A1CB0-0770-4410-B636-86411BEB706F}" = dir=in | app=c:\program files\vmware\vmware workstation\vmware-hostd.exe | 
"{FFB035EA-9734-4B40-94EF-E95AC8562CEB}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"TCP Query User{081FADD0-3C88-41BA-B637-719FDCA2D5FE}C:\users\max\downloads\tinyumbrella-6.14.00.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.14.00.exe | 
"TCP Query User{1C17B19C-24D4-46CE-8FE0-A75EF6FF1E23}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe | 
"TCP Query User{25428D71-F681-417A-83F7-7C2D65E2820C}C:\users\max\downloads\tinyumbrella-6.10.03a.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.10.03a.exe | 
"TCP Query User{2CFA2336-1AB5-46CE-9DF4-5C8A45C1B76A}C:\program files\microsoft games\age of empires\empiresx.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires\empiresx.exe | 
"TCP Query User{39D18F3C-88C7-4DAE-BA36-50F390D2AF4E}C:\users\max\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\gameranger\gameranger\gameranger.exe | 
"TCP Query User{3B07D36B-A9E7-4EB0-B988-5D098A6EA879}C:\program files\idisplay\idisplay.exe" = protocol=6 | dir=in | app=c:\program files\idisplay\idisplay.exe | 
"TCP Query User{48168398-93A7-4857-9AB7-2679C6479F49}C:\users\max\downloads\tinyumbrella-6.12.00 (1).exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.12.00 (1).exe | 
"TCP Query User{6012DAC7-483B-4838-A3D4-44C926D6011A}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe | 
"TCP Query User{6A03A445-3EA6-4F55-B979-0AA8247DC554}C:\program files\airserver\airserver\airserver.exe" = protocol=6 | dir=in | app=c:\program files\airserver\airserver\airserver.exe | 
"TCP Query User{883D7E94-7845-4215-9DC3-20B670728047}C:\users\max\downloads\tinyumbrella-6.10.02a.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.10.02a.exe | 
"TCP Query User{90F9564D-9D6A-4670-BF93-6B430B451C19}C:\program files\microsoft games\age of empires\empires.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe | 
"TCP Query User{A50C559C-E970-49D3-B82B-85F8D800E5AA}C:\program files\ppöúêö\ihelper.exe" = protocol=6 | dir=in | app=c:\program files\ppöúêö\ihelper.exe | 
"TCP Query User{D71780B1-DB09-43ED-84C2-61B72491A4FE}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{DC9ED4B1-CDD2-4730-B1B2-C5C692DFD6DA}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | 
"TCP Query User{DEBCF471-DF75-4D9C-92D9-FF92C5ADDC6C}C:\users\max\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{E158C07E-EE9A-4A3E-A63D-728ABC404AFE}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe | 
"TCP Query User{E2530282-9431-4776-B5D0-C8C414F83764}C:\users\max\downloads\tinyumbrella-6.12.00.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.12.00.exe | 
"UDP Query User{07FEF969-78B6-4A46-9FC5-9A561B7A7C4F}C:\users\max\downloads\tinyumbrella-6.12.00.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.12.00.exe | 
"UDP Query User{2EAA01C4-EBC4-411D-99F2-A4D1FEDE33BD}C:\program files\microsoft games\age of empires\empires.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe | 
"UDP Query User{367FD042-9EED-494B-9CC7-92B38B19845B}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{3F689BB1-4B6D-44A8-B7AF-64355D610C6D}C:\users\max\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\gameranger\gameranger\gameranger.exe | 
"UDP Query User{47547050-C0E0-4BEC-AB80-8E0A223D22F5}C:\program files\idisplay\idisplay.exe" = protocol=17 | dir=in | app=c:\program files\idisplay\idisplay.exe | 
"UDP Query User{56E5C61D-EDFA-40DB-A4CB-26263FA71AD9}C:\users\max\downloads\tinyumbrella-6.10.03a.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.10.03a.exe | 
"UDP Query User{58417BCB-B4BC-45F6-8759-C3BEE2F44B2D}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe | 
"UDP Query User{5D5B4657-5878-49A5-8356-8E8301F461D5}C:\program files\ppöúêö\ihelper.exe" = protocol=17 | dir=in | app=c:\program files\ppöúêö\ihelper.exe | 
"UDP Query User{7C9B5880-90DC-4BC1-9BB8-C9DC3C67EB7B}C:\users\max\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{820F1EC6-2B7C-4644-B536-C07D3245686D}C:\program files\microsoft games\age of empires\empiresx.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires\empiresx.exe | 
"UDP Query User{A47D37D8-2D33-477C-A759-1A6D0696B748}C:\program files\airserver\airserver\airserver.exe" = protocol=17 | dir=in | app=c:\program files\airserver\airserver\airserver.exe | 
"UDP Query User{A788E914-8CCC-4F0B-95E5-BC042C7C3BFA}C:\users\max\downloads\tinyumbrella-6.12.00 (1).exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.12.00 (1).exe | 
"UDP Query User{A7DE4954-C0A6-4E01-A40A-C86E0F4341B8}C:\users\max\downloads\tinyumbrella-6.14.00.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.14.00.exe | 
"UDP Query User{B03F4114-F0C6-474E-BD04-886592235515}C:\users\max\downloads\tinyumbrella-6.10.02a.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.10.02a.exe | 
"UDP Query User{CBB4C071-9F76-43EB-A692-007A69C51E74}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe | 
"UDP Query User{E64FF3F7-1313-4878-92EE-CA5C28821636}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe | 
"UDP Query User{FFE4BB1B-EFFC-4DE8-B0D0-0DCD00D7D9DB}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}" = Creative Pack Volume 1
"{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation
"{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}" = ScoreFitter Volumes 1-2
"{11E568E0-3244-4BCB-875E-F334269DFDCB}" = iTunes
"{178D71F4-DFB1-40EC-9D95-326FD8A3E7A0}" = Motion Graphics Toolkit for Studio
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}" = Pinnacle Studio 16
"{2864C41B-EF2D-4640-95A2-526276524519}" = Borland C++Builder 6
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung Magician
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CF172C5-F121-41FA-B0B0-0D49840BF003}" = Filmmaker's Toolkit for Studio
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{636E94DA-99C0-448F-A931-3DAD83B4975F}" = SharpKeys
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Treiber
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7D0F4ACC-698A-41B9-B1E2-17594988FBEF}" = Pinnacle Studio 16 - Standard Content Pack
"{88C4D8A6-9954-46A0-965D-92E55DAB8734}" = Premium Pack Volumes 1-2
"{8F3A1F92-C29F-4DF9-8459-B739A4831C69}_is1" = SUPER © +Recorder.2013.55 (Mar 7, 2013) Version +Recorder.2013.
"{90150000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0407-0000-0000000FF1CE}" = Microsoft Access MUI (German) 2013
"{90150000-0016-0407-0000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013
"{90150000-0018-0407-0000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013
"{90150000-0019-0407-0000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013
"{90150000-001A-0407-0000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013
"{90150000-001B-0407-0000-0000000FF1CE}" = Microsoft Word MUI (German) 2013
"{90150000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français
"{90150000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano
"{90150000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013
"{90150000-0044-0407-0000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013
"{90150000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013
"{90150000-0090-0407-0000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013
"{90150000-00A1-0407-0000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013
"{90150000-00BA-0407-0000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013
"{90150000-00E1-0407-0000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013
"{90150000-00E2-0407-0000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013
"{90150000-012B-0407-0000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{985ABEF0-B6CA-C8FE-C5F7-4B22D51918DC}" = WiMP 2.3.2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch
"{ACC27C6C-374D-4390-8154-4C79C728F462}" = AirServer
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E3D181F8-246B-497F-945E-6DB98CBA6677}" = Hollywood FX Volumes 1-3
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}" = Pinnacle Studio 16 - Install Manager
"{F7214014-27EE-4237-9978-2F9D1551559B}" = Title Extreme
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"0630-0716-3135-7887" = JDownloader 2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
"ASIO4ALL" = ASIO4ALL
"AutoHotkey" = AutoHotkey 1.1.09.02
"Axife Mouse Recorder DEMO_is1" = Axife Mouse Recorder DEMO 5.01
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1" = WiMP 2.3.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"DiskAid_is1" = DiskAid 5.46
"ESI - KeyControl49 Driver Setup" = ESI - KeyControl49 Driver
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"InstallShield_{178D71F4-DFB1-40EC-9D95-326FD8A3E7A0}" = Motion Graphics Toolkit for Studio
"InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"InstallShield_{4CF172C5-F121-41FA-B0B0-0D49840BF003}" = Filmmaker's Toolkit for Studio
"ipswDownloader" = ipswDownloader 1.6
"Mozilla Firefox 16.0 (x86 de)" = Mozilla Firefox 16.0 (x86 de)
"Mp3tag" = Mp3tag v2.55a
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"Origin" = Origin
"Picasa 3" = Picasa 3
"PPÖúÊÖ PC°æ" = PPÖúÊÖ PC°æ 0.8.8
"Splashtop Software Updater" = Splashtop Software Updater
"Synthesia" = Synthesia (remove only)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"TIPP10_is1" = TIPP10 Version 2.1.0
"VLC media player" = VLC media player 2.0.6
"VMware_Workstation" = VMware Workstation
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"MusicManager" = Music Manager
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.05.2013 19:16:54 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description = 
 
Error - 26.05.2013 23:07:56 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description = 
 
Error - 28.05.2013 01:23:52 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description = 
 
Error - 28.05.2013 08:03:29 | Computer Name = Big-Up | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\ASIO4ALL
 v2\a4apanel64.exe".  Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.05.2013 02:26:50 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description = 
 
Error - 29.05.2013 11:46:42 | Computer Name = Big-Up | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“
 ist folgender Fehler aufgetreten: -2144927140. Weitere Informationen finden Sie
 im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 30.05.2013 02:43:44 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description = 
 
Error - 30.05.2013 11:42:09 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description = 
 
Error - 30.05.2013 12:00:00 | Computer Name = Big-Up | Source = ESENT | ID = 455
Description = svchost (1888) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei
 C:\Windows\system32\SRU\SRU005CF.log.
 
Error - 31.05.2013 02:21:51 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description = 
 
[ System Events ]
Error - 23.05.2013 01:16:19 | Computer Name = Big-Up | Source = VDS Dynamic Provider | ID = 16908321
Description = 
 
Error - 23.05.2013 01:16:42 | Computer Name = Big-Up | Source = VDS Dynamic Provider | ID = 16908321
Description = 
 
Error - 23.05.2013 01:25:12 | Computer Name = Big-Up | Source = VDS Dynamic Provider | ID = 16908321
Description = 
 
Error - 23.05.2013 15:13:20 | Computer Name = Big-Up | Source = DCOM | ID = 10016
Description = 
 
Error - 23.05.2013 16:50:27 | Computer Name = Big-Up | Source = Service Control Manager | ID = 7034
Description = Dienst "Yontoo Desktop Updater" wurde unerwartet beendet. Dies ist
 bereits 1 Mal passiert.
 
Error - 29.05.2013 07:26:08 | Computer Name = Big-Up | Source = Service Control Manager | ID = 7034
Description = Dienst "WinZiper service" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 29.05.2013 11:23:51 | Computer Name = Big-Up | Source = DCOM | ID = 10010
Description = 
 
Error - 29.05.2013 11:23:51 | Computer Name = Big-Up | Source = DCOM | ID = 10010
Description = 
 
Error - 29.05.2013 11:30:21 | Computer Name = Big-Up | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?05.?2013 um 17:25:20 unerwartet heruntergefahren.
 
Error - 30.05.2013 11:27:33 | Computer Name = Big-Up | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?30.?05.?2013 um 17:26:14 unerwartet heruntergefahren.
 
 
< End of report >
         
--- --- ---

[/SPOILER]

OTL

[SPOILER]
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 31.05.2013 16:36:34 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Max\Desktop
 Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 0,70 Gb Available Physical Memory | 21,56% Memory free
5,37 Gb Paging File | 1,59 Gb Available in Paging File | 29,50% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,45 Gb Total Space | 9,57 Gb Free Space | 8,58% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 284,55 Gb Free Space | 61,09% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: BIG-UP | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Max\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\WebCake\WebCakeDesktop.Updater.exe (WebCake LLC)
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\ProgramData\Electronic Arts\Need For Speed World\Data\nfsw.exe (Electronic Arts)
PRC - C:\Programme\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\VideoLAN\VLC\vlc.exe (VideoLAN)
PRC - C:\Windows\System32\taskhostex.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation)
PRC - C:\Programme\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\LiveComm.exe (Microsoft Corporation)
PRC - C:\Windows\System32\RuntimeBroker.exe (Microsoft Corporation)
PRC - C:\Windows\System32\dasHost.exe (Microsoft Corporation)
PRC - C:\Fraps\fraps.exe (Beepa P/L)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll ()
MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\pdf.dll ()
MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\libglesv2.dll ()
MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\libegl.dll ()
MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll ()
MOD - C:\Programme\VideoLAN\VLC\libvlccore.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libpng_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libdts_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\liba52_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libopus_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libflac_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\lua\liblua_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\misc\libxml_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libdshow_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libzip_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libavi_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\libvlc.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll ()
MOD - C:\Programme\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (WebCake Desktop Updater) -- C:\Program Files\WebCake\WebCakeDesktop.Updater.exe C:\Users\Max\AppData\Roaming\WebCake\WebCakeDesktop.exe File not found
SRV - (AudioEndpointBuilder) -- C:\Windows\System32\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV - (TimeBroker) -- C:\Windows\System32\TimeBrokerServer.dll (Microsoft Corporation)
SRV - (SystemEventsBroker) -- C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (netprofm) -- C:\Windows\System32\netprofmsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (SplashtopRemoteService) -- C:\Programme\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
SRV - (SSUService) -- C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (wlidsvc) -- C:\Windows\System32\wlidsvc.dll (Microsoft Corporation)
SRV - (LSM) -- C:\Windows\System32\lsm.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer8) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (PrintNotify) -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (WSService) -- C:\Windows\System32\WSService.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (fhsvc) -- C:\Windows\System32\fhsvc.dll (Microsoft Corporation)
SRV - (BrokerInfrastructure) -- C:\Windows\System32\bisrv.dll (Microsoft Corporation)
SRV - (VMnetDHCP) -- C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\System32\vmnat.exe (VMware, Inc.)
SRV - (VMwareHostd) -- C:\Programme\VMware\VMware Workstation\vmware-hostd.exe ()
SRV - (VMAuthdService) -- C:\Programme\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Programme\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
SRV - (WiaRpc) -- C:\Windows\System32\wiarpc.dll (Microsoft Corporation)
SRV - (Wcmsvc) -- C:\Windows\System32\wcmsvc.dll (Microsoft Corporation)
SRV - (VaultSvc) -- C:\Windows\System32\vaultsvc.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (svsvc) -- C:\Windows\System32\svsvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (NcaSvc) -- C:\Windows\System32\NcaSvc.dll (Microsoft Corporation)
SRV - (NcdAutoSetup) -- C:\Windows\System32\NcdAutoSetup.dll (Microsoft Corporation)
SRV - (KeyIso) -- C:\Windows\System32\keyiso.dll (Microsoft Corporation)
SRV - (EFS) -- C:\Windows\System32\efssvc.dll (Microsoft Corporation)
SRV - (DsmSvc) -- C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation)
SRV - (DeviceAssociationService) -- C:\Windows\System32\das.dll (Microsoft Corporation)
SRV - (AllUserInstallAgent) -- C:\Windows\System32\AUInstallAgent.dll (Microsoft Corporation)
SRV - (vmicvss) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmictimesync) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicshutdown) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicrdv) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmickvpexchange) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicheartbeat) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (VBoxNetFlt) -- C:\Windows\system32\DRIVERS\VBoxNetFlt.sys File not found
DRV - (abkswnkw) --  File not found
DRV - (dtsoftbus01) -- C:\Windows\System32\Drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (VBoxNetAdp) -- C:\Windows\System32\Drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (spaceport) -- C:\Windows\System32\Drivers\spaceport.sys (Microsoft Corporation)
DRV - (TPM) -- C:\Windows\System32\Drivers\tpm.sys (Microsoft Corporation)
DRV - (pdc) -- C:\Windows\System32\Drivers\pdc.sys (Microsoft Corporation)
DRV - (USBXHCI) -- C:\Windows\System32\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV - (storahci) -- C:\Windows\System32\Drivers\storahci.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\Drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (MungoDriver) -- C:\Windows\System32\Drivers\MungoDriver.sys (Windows (R) Win 7 DDK provider)
DRV - (USBHUB3) -- C:\Windows\System32\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV - (BthAvrcpTg) -- C:\Windows\System32\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV - (WdBoot) -- C:\Windows\System32\Drivers\WdBoot.sys (Microsoft Corporation)
DRV - (WdFilter) -- C:\Windows\System32\Drivers\WdFilter.sys (Microsoft Corporation)
DRV - (msgpiowin32) -- C:\Windows\System32\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV - (sthid) -- C:\Windows\System32\Drivers\sthid.sys (Splashtop Inc.)
DRV - (bthhfhid) -- C:\Windows\System32\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV - (hidi2c) -- C:\Windows\System32\Drivers\hidi2c.sys (Microsoft Corporation)
DRV - (FxPPM) -- C:\Windows\System32\Drivers\fxppm.sys (Microsoft Corporation)
DRV - (Dot4Print) -- C:\Windows\System32\Drivers\Dot4Prt.sys (Windows (R) Win 7 DDK provider)
DRV - (dot4) -- C:\Windows\System32\Drivers\Dot4.sys (Windows (R) Win 7 DDK provider)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (dam) -- C:\Windows\System32\Drivers\dam.sys (Microsoft Corporation)
DRV - (sdstor) -- C:\Windows\System32\Drivers\sdstor.sys (Microsoft Corporation)
DRV - (AirDisplayMirror) -- C:\Windows\System32\Drivers\AVVideoCardMirror.sys (Windows (R) Win 7 DDK provider)
DRV - (AirDisplay) -- C:\Windows\System32\Drivers\AVVideoCard.sys (Windows (R) Win 7 DDK provider)
DRV - (cnghwassist) -- C:\Windows\System32\Drivers\cnghwassist.sys (Microsoft Corporation)
DRV - (UCX01000) -- C:\Windows\System32\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV - (GPIOClx0101) -- C:\Windows\System32\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV - (iDispService) -- C:\Windows\System32\Drivers\idisplayminiport.sys (SHAPE Services)
DRV - (vmx86) -- C:\Windows\System32\Drivers\vmx86.sys (VMware, Inc.)
DRV - (VMnetuserif) -- C:\Windows\System32\Drivers\vmnetuserif.sys (VMware, Inc.)
DRV - (VMnetBridge) -- C:\Windows\System32\Drivers\vmnetbridge.sys (VMware, Inc.)
DRV - (VMnetAdapter) -- C:\Windows\System32\Drivers\vmnetadapter.sys (VMware, Inc.)
DRV - (hcmon) -- C:\Windows\System32\Drivers\hcmon.sys (VMware, Inc.)
DRV - (vmusb) -- C:\Windows\System32\Drivers\vmusb.sys (VMware, Inc.)
DRV - (condrv) -- C:\Windows\System32\Drivers\condrv.sys (Microsoft Corporation)
DRV - (acpiex) -- C:\Windows\System32\Drivers\acpiex.sys (Microsoft Corporation)
DRV - (LSI_SSS) -- C:\Windows\System32\Drivers\lsi_sss.sys (LSI Corporation)
DRV - (EhStorTcgDrv) -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV - (EhStorClass) -- C:\Windows\System32\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV - (3ware) -- C:\Windows\System32\Drivers\3ware.sys (LSI)
DRV - (VSTXRAID) -- C:\Windows\System32\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV - (VerifierExt) -- C:\Windows\System32\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV - (UASPStor) -- C:\Windows\System32\Drivers\uaspstor.sys (Microsoft Corporation)
DRV - (mvumis) -- C:\Windows\System32\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV - (WFPLWFS) -- C:\Windows\System32\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV - (CLFS) -- C:\Windows\System32\Drivers\clfs.sys (Microsoft Corporation)
DRV - (terminpt) -- C:\Windows\System32\Drivers\terminpt.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\Drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\Drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\Drivers\storvsc.sys (Microsoft Corporation)
DRV - (BasicDisplay) -- C:\Windows\System32\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV - (mshidumdf) -- C:\Windows\System32\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV - (HyperVideo) -- C:\Windows\System32\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV - (BasicRender) -- C:\Windows\System32\Drivers\BasicRender.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\Drivers\vms3cap.sys (Microsoft Corporation)
DRV - (npsvctrig) -- C:\Windows\System32\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV - (kdnic) -- C:\Windows\System32\Drivers\kdnic.sys (Microsoft Corporation)
DRV - (acpitime) -- C:\Windows\System32\Drivers\acpitime.sys (Microsoft Corporation)
DRV - (gencounter) -- C:\Windows\System32\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV - (acpipagr) -- C:\Windows\System32\Drivers\acpipagr.sys (Microsoft Corporation)
DRV - (WpdUpFltr) -- C:\Windows\System32\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\Drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (hyperkbd) -- C:\Windows\System32\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV - (SerCx) -- C:\Windows\System32\Drivers\SerCx.sys (Microsoft Corporation)
DRV - (xusb22) -- C:\Windows\System32\Drivers\xusb22.sys (Microsoft Corporation)
DRV - (SpbCx) -- C:\Windows\System32\Drivers\SpbCx.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\Drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (BthHFEnum) -- C:\Windows\System32\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\Drivers\dmvsc.sys (Microsoft Corporation)
DRV - (wpcfltr) -- C:\Windows\System32\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV - (NdisImPlatform) -- C:\Windows\System32\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV - (MsLldp) -- C:\Windows\System32\Drivers\mslldp.sys (Microsoft Corporation)
DRV - (Ndu) -- C:\Windows\System32\Drivers\Ndu.sys (Microsoft Corporation)
DRV - (RTL8168) -- C:\Windows\System32\Drivers\Rt630x86.sys (Realtek                                            )
DRV - (vmci) -- C:\Windows\System32\Drivers\vmci.sys (VMware, Inc.)
DRV - (vsock) -- C:\Windows\System32\Drivers\vsock.sys (VMware, Inc.)
DRV - (BCM43XX) -- C:\Windows\System32\Drivers\BCMWL63.SYS (Broadcom Corporation)
DRV - (Netaapl) -- C:\Windows\System32\Drivers\netaapl.sys (Apple Inc.)
DRV - (vstor2-mntapi10-shared) -- C:\Windows\System32\Drivers\vstor2-mntapi10-shared.sys (VMware, Inc.)
DRV - (KeyControl49) -- C:\Windows\System32\Drivers\esikey49.sys (ESI)
DRV - (hamachi) -- C:\Windows\System32\Drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (MarvinBus) -- C:\Windows\System32\Drivers\MarvinBus.sys (Pinnacle Systems GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8544E016-5EE2-450E-BB36-ACEF50FBEBB7}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: ebesucher-surfbar@kashiif.com:1.0.0
FF - prefs.js..extensions.enabledAddons: admin@proxy-listen.de:1.0.4.5
FF - prefs.js..extensions.enabledAddons: extension@hidemyass.com:1.2.7
FF - prefs.js..extensions.enabledAddons: foxyproxy@eric.h.jung:4.1.4
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.14
FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.6.0.20130418072822
FF - prefs.js..network.proxy.ftp: "147.31.182.137"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "147.31.182.137"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "147.31.182.137"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Max\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Max\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.30 17:51:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.16 15:06:07 | 000,000,000 | ---D | M]
 
[2013.01.30 17:51:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Extensions
[2013.05.31 08:58:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions
[2013.05.19 20:23:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013.05.10 12:06:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.05.10 12:04:33 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions\foxyproxy@eric.h.jung
[2013.05.30 20:09:11 | 000,000,000 | ---D | M] (WebCake) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions\plugin@getwebcake.com
[2013.04.11 20:37:38 | 000,013,955 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\k50e68b0.default\extensions\admin@proxy-listen.de.xpi
[2013.04.02 15:25:27 | 000,055,696 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\k50e68b0.default\extensions\ebesucher-surfbar@kashiif.com.xpi
[2013.04.11 22:37:05 | 000,053,803 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\k50e68b0.default\extensions\extension@hidemyass.com.xpi
[2013.01.30 17:51:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.01.30 17:51:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2013.01.30 17:51:18 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.10.06 04:14:59 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.01.11 04:05:40 | 000,033,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2012.10.06 05:22:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.06 05:22:08 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.06 05:22:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.06 05:22:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.06 05:22:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.06 05:22:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Play Music = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.1_0\
CHR - Extension: Google Mail = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.05.19 16:35:11 | 000,000,718 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O2 - BHO: (WebCake) - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Programme\WebCake\WebCakeIEClient.dll (WebCake LLC)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [StereoLinksInstall] C:\Program Files\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [USBToolTip] C:\Programme\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [vmware-tray.exe] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [iCloudServices] C:\Programme\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [MusicManager] C:\Users\Max\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Spotify] C:\Users\Max\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Max\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [WebCake Desktop] C:\Users\Max\AppData\Roaming\WebCake\WebCakeDesktop.exe (WebCake LLC)
O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Programme\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14D94206-BEAD-4E97-B5C5-C22B72777674}: DhcpNameServer = 10.74.210.210 10.74.210.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2338C3B-0FC2-4F2F-B248-CCA5CA5D8420}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\NVIDIA~1\3DVISI~1\nvStInit.dll) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.07.26 08:52:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6327bc41-66f0-11e2-af9c-6c626d75e7ba}\Shell - "" = AutoRun
O33 - MountPoints2\{6327bc41-66f0-11e2-af9c-6c626d75e7ba}\Shell\AutoRun\command - "" = "F:\Install.exe" 
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.31 16:34:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe
[2013.05.30 21:30:27 | 000,000,000 | ---D | C] -- C:\Program Files\LooksBuilderSE
[2013.05.30 21:11:11 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\PMB Files
[2013.05.30 21:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013.05.30 21:11:04 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2013.05.30 21:10:56 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Pando_Temp
[2013.05.30 21:09:41 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Avid
[2013.05.30 21:09:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pinnacle
[2013.05.30 21:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pegasus Imaging
[2013.05.30 21:06:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2013.05.30 21:00:46 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2013.05.30 21:00:46 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2013.05.30 21:00:46 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2013.05.30 21:00:46 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2013.05.30 21:00:44 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2013.05.30 21:00:44 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2013.05.30 21:00:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2013.05.30 21:00:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2013.05.30 21:00:44 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2013.05.30 21:00:43 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2013.05.30 21:00:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2013.05.30 21:00:43 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2013.05.30 21:00:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2013.05.30 21:00:43 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2013.05.30 21:00:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2013.05.30 21:00:42 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2013.05.30 21:00:42 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2013.05.30 21:00:42 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2013.05.30 21:00:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2013.05.30 21:00:42 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2013.05.30 21:00:42 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2013.05.30 21:00:41 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2013.05.30 21:00:41 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2013.05.30 21:00:41 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2013.05.30 21:00:41 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2013.05.30 21:00:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2013.05.30 21:00:41 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2013.05.30 21:00:41 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2013.05.30 21:00:40 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2013.05.30 21:00:40 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2013.05.30 21:00:40 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2013.05.30 21:00:40 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2013.05.30 21:00:40 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2013.05.30 21:00:40 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2013.05.30 21:00:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2013.05.30 21:00:40 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2013.05.30 21:00:39 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2013.05.30 21:00:39 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2013.05.30 21:00:39 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2013.05.30 21:00:39 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2013.05.30 21:00:38 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2013.05.30 21:00:38 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2013.05.30 21:00:38 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2013.05.30 21:00:38 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2013.05.30 21:00:38 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2013.05.30 21:00:38 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2013.05.30 21:00:37 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2013.05.30 21:00:37 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2013.05.30 21:00:37 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2013.05.30 21:00:37 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2013.05.30 21:00:37 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2013.05.30 21:00:37 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2013.05.30 21:00:37 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2013.05.30 21:00:36 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2013.05.30 21:00:36 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2013.05.30 21:00:36 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2013.05.30 21:00:36 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2013.05.30 21:00:36 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2013.05.30 21:00:36 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2013.05.30 21:00:36 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2013.05.30 21:00:35 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2013.05.30 21:00:35 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2013.05.30 21:00:35 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2013.05.30 21:00:35 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2013.05.30 21:00:35 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2013.05.30 21:00:35 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2013.05.30 21:00:30 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2013.05.30 21:00:30 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2013.05.30 21:00:30 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2013.05.30 21:00:30 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2013.05.30 21:00:30 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2013.05.30 21:00:30 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2013.05.30 21:00:29 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2013.05.30 21:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avid
[2013.05.30 20:59:30 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Pinnacle
[2013.05.30 20:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 16
[2013.05.30 20:59:17 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Downloaded Installations
[2013.05.30 20:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2013.05.30 20:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PCTV Systems
[2013.05.30 20:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2013.05.30 20:10:43 | 000,719,872 | -HS- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2013.05.30 20:10:43 | 000,369,152 | -HS- | C] (The Public) -- C:\Windows\System32\avisynth.dll
[2013.05.30 20:10:42 | 000,070,656 | -HS- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2013.05.30 20:10:41 | 000,070,656 | -HS- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll
[2013.05.30 20:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2013.05.30 20:09:52 | 000,327,749 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\drvc.dll
[2013.05.30 20:09:52 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2013.05.30 20:09:52 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\System32\nbDX.dll
[2013.05.30 20:09:52 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\System32\flvDX.dll
[2013.05.30 20:09:52 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\System32\msfDX.dll
[2013.05.30 20:09:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2013.05.30 20:09:51 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax
[2013.05.30 20:09:51 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax
[2013.05.30 20:09:51 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSSplitter.ax
[2013.05.30 20:09:51 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSDecoder.ax
[2013.05.30 20:09:51 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax
[2013.05.30 20:09:50 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\System32\RealMediaDX.ax
[2013.05.30 20:09:49 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax
[2013.05.30 20:09:48 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\System32\AVCDX.ax
[2013.05.30 20:09:30 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft
[2013.05.30 20:09:10 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\WebCake
[2013.05.30 20:09:10 | 000,000,000 | ---D | C] -- C:\Program Files\WebCake
[2013.05.30 17:05:16 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Splashtop
[2013.05.30 17:03:45 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\FileFly
[2013.05.30 17:03:45 | 000,000,000 | ---D | C] -- C:\ProgramData\FileFly
[2013.05.30 17:01:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2013.05.29 15:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.05.29 15:57:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.05.29 15:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013.05.29 15:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\StarApp
[2013.05.29 13:17:48 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\WinZipper
[2013.05.29 13:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\WinZipper
[2013.05.28 07:39:30 | 000,000,000 | ---D | C] -- C:\Users\Max\Pictures
[2013.05.25 00:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirServer
[2013.05.25 00:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\AirServer
[2013.05.24 06:04:01 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
[2013.05.23 22:50:30 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\GoPlayer
[2013.05.23 22:49:48 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\eDownload
[2013.05.23 22:25:01 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1
[2013.05.23 22:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\WiMP
[2013.05.23 22:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2013.05.23 08:01:29 | 000,000,000 | ---D | C] -- C:\ico
[2013.05.23 07:46:28 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\TXT
[2013.05.23 05:54:12 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Mp3tag
[2013.05.23 05:53:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
[2013.05.23 05:53:54 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3tag
[2013.05.22 07:02:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.05.22 07:02:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.05.22 07:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.05.22 07:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.05.21 19:14:05 | 000,000,000 | ---D | C] -- C:\Windows\rescache
[2013.05.21 03:47:23 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Skype
[2013.05.21 03:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.05.21 03:33:20 | 000,000,000 | ---D | C] -- C:\Program Files\GamersFirst
[2013.05.21 03:13:05 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2013.05.21 03:13:00 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\GamersFirst
[2013.05.18 12:32:03 | 010,789,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.UI.Xaml.dll
[2013.05.18 12:32:02 | 002,767,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2013.05.18 12:32:02 | 001,593,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2013.05.18 12:32:00 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAudDecMFT.dll
[2013.05.18 12:31:59 | 003,390,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.05.18 12:31:59 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2013.05.18 12:31:58 | 000,248,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd_02_10ec.dll
[2013.05.18 12:31:57 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\twinui.dll
[2013.05.18 12:31:57 | 000,426,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2013.05.18 12:31:57 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013.05.18 12:31:57 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2013.05.18 12:31:56 | 002,035,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013.05.18 12:31:56 | 001,166,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.efi
[2013.05.18 12:31:56 | 001,034,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.efi
[2013.05.18 12:31:56 | 000,939,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2013.05.18 12:31:56 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpncore.dll
[2013.05.18 12:31:56 | 000,324,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2013.05.18 12:31:56 | 000,207,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2013.05.18 12:31:55 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2013.05.18 12:31:55 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2013.05.18 12:31:55 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RecoveryDrive.exe
[2013.05.18 12:31:55 | 000,457,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2013.05.18 12:31:55 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Networking.dll
[2013.05.18 12:31:54 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
[2013.05.18 12:31:54 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
[2013.05.18 12:31:54 | 000,123,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2013.05.18 12:31:54 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Robocopy.exe
[2013.05.18 12:31:53 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013.05.18 12:31:53 | 000,238,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spaceport.sys
[2013.05.18 12:31:53 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2013.05.18 12:31:53 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iuilp.dll
[2013.05.18 12:31:53 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fhengine.dll
[2013.05.18 12:31:53 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEndpointBuilder.dll
[2013.05.18 12:31:52 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fhcfg.dll
[2013.05.18 12:31:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013.05.18 12:31:51 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2013.05.18 12:31:51 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFMediaEngine.dll
[2013.05.18 12:31:51 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2013.05.18 12:31:50 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll
[2013.05.18 12:31:49 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2013.05.18 12:31:49 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2013.05.18 12:31:49 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2013.05.18 12:31:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013.05.16 00:34:33 | 000,693,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.16 00:34:33 | 000,078,200 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.15 19:09:55 | 000,000,000 | ---D | C] -- C:\Users\Max\Application Data
[2013.05.15 11:20:47 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.15 11:20:47 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.15 11:20:46 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.05.15 11:20:41 | 000,104,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013.05.15 11:20:37 | 005,586,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.05.09 12:54:04 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\VMware
[2013.05.09 12:54:04 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\VMware
[2013.05.09 12:50:29 | 000,063,128 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vsocklib.dll
[2013.05.09 12:50:29 | 000,061,296 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vsock.sys
[2013.05.09 12:50:03 | 000,357,016 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
[2013.05.09 12:50:00 | 000,435,864 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
[2013.05.09 12:50:00 | 000,025,752 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vmnetuserif.sys
[2013.05.09 12:49:59 | 000,779,928 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vnetlib.dll
[2013.05.09 12:49:58 | 000,041,496 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\hcmon.sys
[2013.05.09 12:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2013.05.09 12:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2013.05.09 12:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\VMware
[2013.05.09 12:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2013.05.09 12:49:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Virtual Machines
[2013.05.09 11:36:16 | 000,000,000 | ---D | C] -- C:\Users\Max\VirtualBox VMs
[2013.05.09 11:35:21 | 000,000,000 | ---D | C] -- C:\Users\Max\.VirtualBox
[2013.05.09 11:34:38 | 000,188,176 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxDrv.sys
[2013.05.09 11:34:26 | 000,094,480 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSBMon.sys
[2013.05.07 16:33:25 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Nero
[2013.05.07 16:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013.05.07 12:28:48 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\BANDISOFT
[2013.05.07 12:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.31 16:33:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe
[2013.05.31 16:33:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.31 16:08:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3665671309-745949747-257478601-1001UA.job
[2013.05.31 14:43:24 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.31 14:43:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.31 09:05:22 | 000,754,576 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.05.31 09:05:22 | 000,712,730 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.31 09:05:22 | 000,156,830 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.31 09:05:22 | 000,133,626 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.31 08:59:13 | 000,491,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.31 08:59:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.05.31 08:59:05 | 2791,034,880 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.30 21:41:05 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.05.30 21:09:00 | 000,002,226 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle Studio 16.lnk
[2013.05.30 20:09:53 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\SUPER ©.lnk
[2013.05.29 15:27:09 | 000,217,194 | ---- | M] () -- C:\Users\Max\Desktop\com.ericday.itether_1.0.4_iphoneos-arm.deb
[2013.05.29 13:37:19 | 204,270,226 | ---- | M] () -- C:\Users\Max\Desktop\Cubasis [Steinberg Media Technologies GmbH] (v1.4 iPad ONZE os51)-[BurnIt.Lr17.ipa
[2013.05.29 13:17:42 | 000,002,387 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.05.29 13:17:42 | 000,001,341 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.27 06:08:00 | 000,000,862 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3665671309-745949747-257478601-1001Core.job
[2013.05.23 22:24:54 | 000,000,815 | ---- | M] () -- C:\Users\Public\Desktop\WiMP.lnk
[2013.05.23 08:02:25 | 000,001,699 | ---- | M] () -- C:\Users\Max\Desktop\Music.lnk
[2013.05.23 05:53:55 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2013.05.22 07:02:51 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.05.19 16:35:11 | 000,000,718 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.05.19 16:35:11 | 000,000,717 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.umbrella
[2013.05.09 12:49:53 | 000,001,024 | ---- | M] () -- C:\.rnd
[2013.05.09 12:49:49 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2013.05.07 22:07:50 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.07 22:07:50 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.02 17:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.05.30 21:09:00 | 000,002,226 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle Studio 16.lnk
[2013.05.30 20:57:08 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.05.30 20:10:42 | 000,032,256 | -HS- | C] () -- C:\Windows\System32\AVSredirect.dll
[2013.05.30 20:09:53 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\SUPER ©.lnk
[2013.05.30 20:09:52 | 000,188,416 | RHS- | C] () -- C:\Windows\System32\winDCE32.dll
[2013.05.30 20:09:51 | 000,121,344 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.ax
[2013.05.30 20:09:51 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2013.05.30 20:09:51 | 000,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax
[2013.05.30 20:09:50 | 000,120,832 | RHS- | C] () -- C:\Windows\System32\MPCDx.ax
[2013.05.30 20:09:50 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\RLMPCDec.ax
[2013.05.30 20:09:50 | 000,070,656 | RHS- | C] () -- C:\Windows\System32\RLAPEDec.ax
[2013.05.30 20:09:49 | 000,195,584 | RHS- | C] () -- C:\Windows\System32\MatroskaDX.ax
[2013.05.30 20:09:49 | 000,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax
[2013.05.30 20:09:49 | 000,097,280 | RHS- | C] () -- C:\Windows\System32\FLACDX.ax
[2013.05.30 20:09:48 | 000,227,328 | RHS- | C] () -- C:\Windows\System32\ac3DX.ax
[2013.05.30 20:09:48 | 000,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax
[2013.05.29 15:27:08 | 000,217,194 | ---- | C] () -- C:\Users\Max\Desktop\com.ericday.itether_1.0.4_iphoneos-arm.deb
[2013.05.29 13:37:02 | 204,270,226 | ---- | C] () -- C:\Users\Max\Desktop\Cubasis [Steinberg Media Technologies GmbH] (v1.4 iPad ONZE os51)-[BurnIt.Lr17.ipa
[2013.05.24 06:03:45 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3665671309-745949747-257478601-1001UA.job
[2013.05.24 06:03:44 | 000,000,862 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3665671309-745949747-257478601-1001Core.job
[2013.05.23 22:24:54 | 000,000,827 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiMP.lnk
[2013.05.23 22:24:54 | 000,000,815 | ---- | C] () -- C:\Users\Public\Desktop\WiMP.lnk
[2013.05.23 07:57:28 | 000,001,699 | ---- | C] () -- C:\Users\Max\Desktop\Music.lnk
[2013.05.23 05:53:55 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2013.05.22 07:02:51 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.05.21 04:30:59 | 000,491,056 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.18 12:31:47 | 000,387,688 | ---- | C] () -- C:\Windows\System32\ApnDatabase.xml
[2013.05.09 12:49:53 | 000,001,024 | ---- | C] () -- C:\.rnd
[2013.05.09 12:49:49 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2013.03.22 22:14:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[2013.02.01 14:37:45 | 000,136,348 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2013.01.28 20:58:20 | 000,083,968 | ---- | C] () -- C:\Windows\System32\OEMLicense.dll
[2012.11.19 09:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2012.11.19 09:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2012.10.19 05:52:30 | 002,907,040 | ---- | C] () -- C:\Windows\System32\PortChanger.exe
[2012.07.26 10:41:52 | 000,754,576 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2012.07.26 10:41:52 | 000,305,546 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2012.07.26 10:41:52 | 000,156,830 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2012.07.26 10:41:52 | 000,040,390 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2012.07.26 08:55:27 | 000,712,730 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2012.07.26 08:55:27 | 000,296,742 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2012.07.26 08:55:27 | 000,133,626 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2012.07.26 08:55:27 | 000,033,362 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2012.07.26 08:53:47 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2012.07.26 08:53:46 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2012.07.26 08:03:55 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:20:38 | 000,071,680 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2012.07.25 22:41:36 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:24:47 | 000,526,068 | ---- | C] () -- C:\Windows\System32\staticurllist.bin
[2012.07.14 04:00:46 | 000,043,882 | ---- | C] () -- C:\Windows\System32\srms.dat
[2012.06.26 07:10:06 | 003,668,480 | ---- | C] () -- C:\Windows\System32\CosmoRenderer.dll
[2012.06.02 22:25:24 | 000,008,192 | ---- | C] () -- C:\Windows\System32\settings.dat
[2012.06.02 16:31:24 | 001,520,828 | ---- | C] () -- C:\Windows\System32\WpcNBModel.bin
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
========== ZeroAccess Check ==========
 
[2013.05.13 15:50:02 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012.07.26 05:20:13 | 000,354,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
--- --- ---

[/SPOILER]
__________________

Alt 31.05.2013, 19:28   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Adware V9 und WebCake löschen - Standard

Adware V9 und WebCake löschen



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.05.2013, 21:29   #5
RastaWelt
 
Adware V9 und WebCake löschen - Standard

Adware V9 und WebCake löschen



Leider funktioniert Combofix nicht auf Win 8. Gibt es vielleicht ein anderes Programm?


Alt 01.06.2013, 07:52   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Adware V9 und WebCake löschen - Standard

Adware V9 und WebCake löschen



Mein Fehler

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches OTL Logfile bitte.
__________________
--> Adware V9 und WebCake löschen

Antwort

Themen zu Adware V9 und WebCake löschen
adware, beheben, cleaner, deinstalliere, deinstallieren, deinstalliert, explorer, gucken, installiert, löschen, natürlich, neue, neuinstallieren, nicht installiert, plötzlich, problem, probleme, programme, risiko, seite, startseite, systems, systemsteuerung, v9 webcake adware virus windows, virenprogramm, webcake, windows, überall



Ähnliche Themen: Adware V9 und WebCake löschen


  1. Adware Cleaner kann Malware nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 25.12.2014 (9)
  2. Adware löschen :s
    Plagegeister aller Art und deren Bekämpfung - 23.08.2014 (2)
  3. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  4. Lollipop Adware löschen
    Plagegeister aller Art und deren Bekämpfung - 02.01.2014 (1)
  5. Topic Torch by WebCake (adware)
    Plagegeister aller Art und deren Bekämpfung - 25.12.2013 (1)
  6. Vollständiges Löschen von Maleware: ADWARE/iBryte.U und ADWARE/InstallCore.Gen
    Plagegeister aller Art und deren Bekämpfung - 03.12.2013 (11)
  7. WebCake Deals and WebCake Ads entfernen
    Anleitungen, FAQs & Links - 13.08.2013 (2)
  8. PUP.Webcake / Adware BProtector entdeckt
    Log-Analyse und Auswertung - 30.07.2013 (9)
  9. Ordner Webcake lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 10.06.2013 (40)
  10. ADWARE/Adware.Gen7 Datei einfach löschen?
    Log-Analyse und Auswertung - 15.05.2013 (9)
  11. AdWare Servads löschen
    Plagegeister aller Art und deren Bekämpfung - 13.12.2012 (19)
  12. Viren,Trojaner,Adware und Riskware löschen
    Plagegeister aller Art und deren Bekämpfung - 13.10.2012 (2)
  13. PC von Adware.Agent.ZGen, Adware.ClickPotato, Adware.ShopperReports, Adware.Hotbar, Adwa angegriffen
    Mülltonne - 30.06.2011 (0)
  14. Kann nicht Spyware Adware löschen!
    Plagegeister aller Art und deren Bekämpfung - 27.07.2006 (15)
  15. Adware.Srv32 -Registry-Eintrag löschen?
    Plagegeister aller Art und deren Bekämpfung - 07.05.2006 (2)
  16. Adware nicht zu löschen(webdlg32.dll)!!!
    Log-Analyse und Auswertung - 26.01.2005 (2)
  17. Adware ISTbar löschen?
    Plagegeister aller Art und deren Bekämpfung - 20.08.2004 (5)

Zum Thema Adware V9 und WebCake löschen - Hi Leute Ich war schon einige zeit nicht am PC gewesen als ich plötzlich aus dem Augenwikel mitbekam das sich Chrome schloss und der Explorer neustartete. Als ich dann gucken - Adware V9 und WebCake löschen...
Archiv
Du betrachtest: Adware V9 und WebCake löschen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.