RastaWelt | 31.05.2013 16:16 | Extras
[SPOILER]
OTL Logfile: Code:
OTL Extras logfile created on: 31.05.2013 16:36:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Max\Desktop
Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 0,70 Gb Available Physical Memory | 21,56% Memory free
5,37 Gb Paging File | 1,59 Gb Available in Paging File | 29,50% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,45 Gb Total Space | 9,57 Gb Free Space | 8,58% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 284,55 Gb Free Space | 61,09% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: BIG-UP | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{152D92E7-8E02-4B39-94CE-7ADF899D4672}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1E45F738-3AB2-407F-9739-8922CF3BA327}" = rport=137 | protocol=17 | dir=out | app=system |
"{2BD8381A-8721-44B5-A56B-152EF220B3F7}" = rport=445 | protocol=6 | dir=out | app=system |
"{36E2478C-F229-4408-8D41-70957465816E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{416BEEAD-46DC-47AF-93DC-9F9853E3C9A2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4660B6FE-768B-48B5-B970-F8410C2A5F7B}" = lport=138 | protocol=17 | dir=in | app=system |
"{54A3B772-6758-4C4A-BA50-DDE07E585D02}" = rport=139 | protocol=6 | dir=out | app=system |
"{60E35ED8-2E4E-40CA-B948-177A8C1D18AE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76DD3D63-20FC-4365-AA44-E715751129BF}" = lport=58333 | protocol=17 | dir=in | name=pando media booster |
"{79BC3586-4FAE-4990-B805-171CE7EDF26A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D345814-59DC-4842-B937-1E8B46E7F14B}" = lport=137 | protocol=17 | dir=in | app=system |
"{91323F3F-A088-4A0C-9271-5849727694D7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{92A7A5F3-1519-429A-B3A3-C95DB16F45E6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{99BA8B05-D36A-47E0-91BA-2CCD7D23684C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A14149B2-6034-4E70-ACA8-0761ABBB1FE6}" = lport=445 | protocol=6 | dir=in | app=system |
"{A92B76A5-B5D4-440F-9F98-DB926C816C89}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AA512DCC-AAFE-4A57-AEEE-C7439DB4EB23}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BDB67B06-2073-43FF-9339-8D7428AE4DDD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BE9E1B1F-7965-432C-BD07-D06DEC419607}" = rport=138 | protocol=17 | dir=out | app=system |
"{C34E7429-AB90-4715-B853-53E105F1817E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E2ED7DAE-FD9F-47E4-B18D-FA2CD42CE8A5}" = lport=58333 | protocol=6 | dir=in | name=pando media booster |
"{E6E883A8-D9EC-4981-887C-3C7BF92BC730}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F51E6035-EC58-4F44-8A73-BB55DB3112DB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{F546113D-2852-4B91-B5D1-A34EF11596F8}" = lport=139 | protocol=6 | dir=in | app=system |
"{F5FDA60E-4CF4-4149-B1ED-BE5D9279B703}" = lport=58333 | protocol=6 | dir=in | name=pando media booster |
"{FC5A3006-24B2-4BC4-9D65-44C9470858AA}" = lport=58333 | protocol=17 | dir=in | name=pando media booster |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00831140-990F-4250-B185-3DD16CBC96C6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{074792DA-641B-480F-B48F-C31C6024B94F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0C204113-2002-4A12-B6A5-9561B007CD51}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{12A355B6-16C7-4315-A9C0-3392E1D22322}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{12EE3F50-AC82-479D-8FCE-3F0CBD74AEF6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{145DBBEE-DAB8-410E-896F-6DF279E98518}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{177375AE-EF6C-4DFB-B19A-7BB454C82B18}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 16\programs\rm.exe |
"{1B6808FA-91FE-4AFD-952A-DF4FC24B3FA5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1DE6D565-3B67-41AD-85A2-69C0F575468F}" = dir=in | app=c:\program files\vmware\vmware workstation\vmware-hostd.exe |
"{2680F683-8E11-4766-BC82-CF26B8E51203}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{29944163-B7BD-4880-B24D-BB4AF724CA3D}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2DF101C9-F3FF-4A4C-AFB5-183E891B842E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{344A4E5A-46D2-4107-9AEA-AAACE3A27D93}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{35731A2F-07CB-4C65-87D7-3E25920BC452}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{38F82E63-9037-429C-B5D5-F1E55B31316E}" = dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe |
"{395123E5-289B-4146-8A30-CD53C47D98EB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3A3014C4-75EC-49C7-97AC-30ACFB0D97C0}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{3D944803-25BE-4A00-BEB6-320C359EB2A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3DD13650-D33F-4D37-8F8E-13B8B10E5F31}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{3F412B2E-9365-4771-A00F-EB8FED74F6E5}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{418DF503-33CC-41E3-BA94-97C3C70D6156}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{420A351C-40F7-4C35-A73C-5DE3C84B26BC}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{42B9D6B2-D370-49BF-BFD4-F62753BADF15}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{45FB914B-2720-4214-B016-3627A9A3BA2E}" = protocol=17 | dir=in | app=c:\program files\mungoserver\mungoserver.exe |
"{4C6836EF-30C9-4A7E-9E8E-27FC7F604BBF}" = dir=out | name=youtube player |
"{4D4A5781-37DD-481A-9BEA-4202625EA21B}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{4E135714-DFFF-46F1-9740-1D716CA13272}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4E909780-F4E8-4323-9407-841446A998E6}" = dir=out | name=dropbox |
"{4E9B1DAF-CF10-47DC-BA9B-050F3CA2E5B3}" = protocol=17 | dir=in | app=c:\program files\origin games\need for speed(tm) most wanted\nfs13.exe |
"{4ED628A7-FBEF-46FF-8023-47836768096E}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{50AC834B-588F-487C-8DFB-9658857F03E9}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{53FF59DB-809F-45C3-85B4-825426030CCE}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{54ADD778-A81C-4D63-AC4D-B1B96A3994BA}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{555E4910-67CF-4074-A1A7-A16839153737}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{578680A9-4364-46DB-8AEC-D7EBFB1B4008}" = dir=in | name=@{microsoft.bing_1.2.0.137_x86__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{58DB0533-D631-4D56-B43A-DDDA346DDF18}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{66556C2E-CAFD-4EA5-8029-5A315664B2F2}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{6C37AA55-50D8-4DC2-AA88-2575C5B310EB}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{6D8561E9-3556-41AD-8E37-E924B15791EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7069470A-7AAE-438C-B2B7-758C66CD9C79}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 16\programs\umi.exe |
"{72E0CE97-AD14-4943-A09D-E19318A4C6AC}" = dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe |
"{738DD578-1B12-47B3-8EC3-F48B31F0D2E2}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{775A2F59-23AA-4CED-8B3E-14BFF865C616}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{77C2D87D-0E8C-482E-A214-64BC5D93F597}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{7A1E0DB9-AB61-45E4-B909-7444CDEAA1C7}" = dir=in | app=c:\program files\splashtop\splashtop remote\server\srfeature.exe |
"{7EAF26E3-D57C-4D19-AAD1-BA48A137810A}" = protocol=17 | dir=in | app=c:\program files\airvideoserver\airvideoserver.exe |
"{7F38DE65-7020-490D-A7EC-172FF1CC5663}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{818E9D17-BFA3-4FB8-897F-A5D266DB6CA5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{818F8751-9936-4BF4-9304-423633CFF7D5}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{8832D552-6C72-49F6-8541-76352C71A7B8}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{8850B6D3-FA1A-4D37-8B03-AFB84EF15A30}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{890E5CDD-B0B8-4B6F-BA1E-3467B9B20938}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{8A937993-0533-4E3F-BDAE-0D76BD59B5E5}" = dir=out | name=@{microsoft.bing_1.2.0.137_x86__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{8CA8F28E-2268-4A39-88CD-5BB90ECE9E17}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{9109BCEE-BE76-425B-9E46-38774C8267B6}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 16\programs\rm.exe |
"{91A93FAB-D9FB-4A67-9023-5884ED45F6B0}" = protocol=6 | dir=in | app=c:\program files\airvideoserver\airvideoserver.exe |
"{93BD8346-87D1-4AFD-A699-CA23F1EF7942}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{94E185C6-E22A-4440-8D88-73D6D7C82685}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{96CF46A8-B96A-4D63-A3CD-841379AB4C71}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{97EC4857-362B-4BFD-9CE0-1F61BE2CEC6C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{986BC035-C617-42B8-94E9-461D92126B1F}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 16\programs\ngstudio.exe |
"{9B7E937E-97C7-4E15-8925-989863F19BCF}" = dir=out | name=shazam |
"{A1729EA2-37E2-4C83-BFFD-D74C189A1A46}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{A2C2F30D-5263-41B0-9CC7-FA624431C511}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A3B8B804-4663-4916-B022-469AB4BDA0EF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{A4B7E3A9-4E1E-4498-9AE3-FEC93F07E306}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{A56F3994-65E1-4600-A048-F1119AA49382}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{A71F307F-AFB5-46DA-8F5E-C85FEE7BAF5F}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{A92E9BEF-FF54-4C79-83D3-5858352B052A}" = protocol=6 | dir=in | app=c:\program files\origin games\need for speed(tm) most wanted\nfs13.exe |
"{AC012610-1FD5-4B07-ADC8-3AFE2605F817}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{AD0B20CF-F7D5-4913-9271-E567902CE4CA}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{B26E2198-8C00-4F32-8DEB-D8A468591A58}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{B3760BB3-420C-43FE-885A-F4CBAF90AA22}" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe |
"{B3D5B478-D89F-416A-9C48-172C8C45E3DF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{B57DAF73-0B5E-4220-B5D1-73D3CC71788C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B70C961A-AB98-453D-AD25-E6CE5AF8C470}" = dir=out | name=wetter.com |
"{BAA72E45-B613-4F27-A57D-169284CDF331}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BAE3CF41-637A-44EE-A0A1-D51761058FD0}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 16\programs\ngstudio.exe |
"{BEE5624D-E489-4A16-AC44-B094F43589F2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{BFEF2737-58AE-4674-BC57-6B843FA50CD9}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{C1BACF44-839C-4570-A34A-9356D52DF0B0}" = protocol=6 | dir=out | app=system |
"{C39B3EDF-5065-408B-B069-A07BCDA9D8C8}" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\dropbox\bin\dropbox.exe |
"{C6F4DBD5-B330-4D6B-8691-AEFDAAC11EED}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C9B06F40-7AB4-402B-B080-BFEB4049E0B5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{CA17C4A1-DC79-4EE6-A473-1CBB719EE1A9}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 16\programs\umi.exe |
"{CC77D791-2EB2-4046-AE04-36E9D92E24BB}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe |
"{CD7AB6E9-28C5-4B16-9F77-8DA7641BCB9C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5B29DEB-EA14-4F90-AAF1-EE621821E286}" = dir=in | app=c:\program files\splashtop\splashtop remote\server\srserver.exe |
"{DA496C72-5FE2-4E14-B328-DD04CA4DEE5B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{E152C2DF-0E92-4B51-BDE8-CE89F287E53F}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe |
"{E1AF5833-8298-4110-85B0-1438BEDE9286}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{E46E6C58-8F83-4524-B2EA-FE6DCF94D7FF}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E87C4EB6-6F4C-4E7F-8385-633B5F0CA2DD}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EB43C491-7F6B-4BBA-A9FA-E1548F6FAA15}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{ED48A939-C0CD-42B7-A124-6F2DA63527EA}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{EDCA7C34-DCE9-4722-83B2-378602CB45B6}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{F061C081-9543-416F-9851-0E3EE316680F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{F3EED2E0-7246-4E18-9EF1-BC0F4FB49592}" = dir=in | app=c:\program files\splashtop\splashtop remote\server\dataproxy.exe |
"{F453260D-4B09-40C8-81F0-EC87ACDE0A78}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{F76A02B4-00E4-4BDA-B201-E1034915E5AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F97E7225-ECAD-4BDA-A1FE-6644EC9712FE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA37C219-7B63-45D6-BFE8-307929DF27B1}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{FCC5DA6B-D56E-4EBF-A8EB-314FA92CE5F1}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FDD0162F-704C-4A1C-BABD-A6483196B338}" = protocol=6 | dir=in | app=c:\program files\mungoserver\mungoserver.exe |
"{FE8A1CB0-0770-4410-B636-86411BEB706F}" = dir=in | app=c:\program files\vmware\vmware workstation\vmware-hostd.exe |
"{FFB035EA-9734-4B40-94EF-E95AC8562CEB}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"TCP Query User{081FADD0-3C88-41BA-B637-719FDCA2D5FE}C:\users\max\downloads\tinyumbrella-6.14.00.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.14.00.exe |
"TCP Query User{1C17B19C-24D4-46CE-8FE0-A75EF6FF1E23}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe |
"TCP Query User{25428D71-F681-417A-83F7-7C2D65E2820C}C:\users\max\downloads\tinyumbrella-6.10.03a.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.10.03a.exe |
"TCP Query User{2CFA2336-1AB5-46CE-9DF4-5C8A45C1B76A}C:\program files\microsoft games\age of empires\empiresx.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires\empiresx.exe |
"TCP Query User{39D18F3C-88C7-4DAE-BA36-50F390D2AF4E}C:\users\max\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{3B07D36B-A9E7-4EB0-B988-5D098A6EA879}C:\program files\idisplay\idisplay.exe" = protocol=6 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"TCP Query User{48168398-93A7-4857-9AB7-2679C6479F49}C:\users\max\downloads\tinyumbrella-6.12.00 (1).exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.12.00 (1).exe |
"TCP Query User{6012DAC7-483B-4838-A3D4-44C926D6011A}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{6A03A445-3EA6-4F55-B979-0AA8247DC554}C:\program files\airserver\airserver\airserver.exe" = protocol=6 | dir=in | app=c:\program files\airserver\airserver\airserver.exe |
"TCP Query User{883D7E94-7845-4215-9DC3-20B670728047}C:\users\max\downloads\tinyumbrella-6.10.02a.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.10.02a.exe |
"TCP Query User{90F9564D-9D6A-4670-BF93-6B430B451C19}C:\program files\microsoft games\age of empires\empires.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe |
"TCP Query User{A50C559C-E970-49D3-B82B-85F8D800E5AA}C:\program files\ppöúêö\ihelper.exe" = protocol=6 | dir=in | app=c:\program files\ppöúêö\ihelper.exe |
"TCP Query User{D71780B1-DB09-43ED-84C2-61B72491A4FE}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{DC9ED4B1-CDD2-4730-B1B2-C5C692DFD6DA}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"TCP Query User{DEBCF471-DF75-4D9C-92D9-FF92C5ADDC6C}C:\users\max\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\max\appdata\roaming\spotify\spotify.exe |
"TCP Query User{E158C07E-EE9A-4A3E-A63D-728ABC404AFE}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{E2530282-9431-4776-B5D0-C8C414F83764}C:\users\max\downloads\tinyumbrella-6.12.00.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.12.00.exe |
"UDP Query User{07FEF969-78B6-4A46-9FC5-9A561B7A7C4F}C:\users\max\downloads\tinyumbrella-6.12.00.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.12.00.exe |
"UDP Query User{2EAA01C4-EBC4-411D-99F2-A4D1FEDE33BD}C:\program files\microsoft games\age of empires\empires.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe |
"UDP Query User{367FD042-9EED-494B-9CC7-92B38B19845B}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{3F689BB1-4B6D-44A8-B7AF-64355D610C6D}C:\users\max\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{47547050-C0E0-4BEC-AB80-8E0A223D22F5}C:\program files\idisplay\idisplay.exe" = protocol=17 | dir=in | app=c:\program files\idisplay\idisplay.exe |
"UDP Query User{56E5C61D-EDFA-40DB-A4CB-26263FA71AD9}C:\users\max\downloads\tinyumbrella-6.10.03a.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.10.03a.exe |
"UDP Query User{58417BCB-B4BC-45F6-8759-C3BEE2F44B2D}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{5D5B4657-5878-49A5-8356-8E8301F461D5}C:\program files\ppöúêö\ihelper.exe" = protocol=17 | dir=in | app=c:\program files\ppöúêö\ihelper.exe |
"UDP Query User{7C9B5880-90DC-4BC1-9BB8-C9DC3C67EB7B}C:\users\max\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\max\appdata\roaming\spotify\spotify.exe |
"UDP Query User{820F1EC6-2B7C-4644-B536-C07D3245686D}C:\program files\microsoft games\age of empires\empiresx.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires\empiresx.exe |
"UDP Query User{A47D37D8-2D33-477C-A759-1A6D0696B748}C:\program files\airserver\airserver\airserver.exe" = protocol=17 | dir=in | app=c:\program files\airserver\airserver\airserver.exe |
"UDP Query User{A788E914-8CCC-4F0B-95E5-BC042C7C3BFA}C:\users\max\downloads\tinyumbrella-6.12.00 (1).exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.12.00 (1).exe |
"UDP Query User{A7DE4954-C0A6-4E01-A40A-C86E0F4341B8}C:\users\max\downloads\tinyumbrella-6.14.00.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.14.00.exe |
"UDP Query User{B03F4114-F0C6-474E-BD04-886592235515}C:\users\max\downloads\tinyumbrella-6.10.02a.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\tinyumbrella-6.10.02a.exe |
"UDP Query User{CBB4C071-9F76-43EB-A692-007A69C51E74}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe |
"UDP Query User{E64FF3F7-1313-4878-92EE-CA5C28821636}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"UDP Query User{FFE4BB1B-EFFC-4DE8-B0D0-0DCD00D7D9DB}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}" = Creative Pack Volume 1
"{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation
"{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}" = ScoreFitter Volumes 1-2
"{11E568E0-3244-4BCB-875E-F334269DFDCB}" = iTunes
"{178D71F4-DFB1-40EC-9D95-326FD8A3E7A0}" = Motion Graphics Toolkit for Studio
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}" = Pinnacle Studio 16
"{2864C41B-EF2D-4640-95A2-526276524519}" = Borland C++Builder 6
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung Magician
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CF172C5-F121-41FA-B0B0-0D49840BF003}" = Filmmaker's Toolkit for Studio
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{636E94DA-99C0-448F-A931-3DAD83B4975F}" = SharpKeys
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Treiber
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7D0F4ACC-698A-41B9-B1E2-17594988FBEF}" = Pinnacle Studio 16 - Standard Content Pack
"{88C4D8A6-9954-46A0-965D-92E55DAB8734}" = Premium Pack Volumes 1-2
"{8F3A1F92-C29F-4DF9-8459-B739A4831C69}_is1" = SUPER © +Recorder.2013.55 (Mar 7, 2013) Version +Recorder.2013.
"{90150000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0407-0000-0000000FF1CE}" = Microsoft Access MUI (German) 2013
"{90150000-0016-0407-0000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013
"{90150000-0018-0407-0000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013
"{90150000-0019-0407-0000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013
"{90150000-001A-0407-0000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013
"{90150000-001B-0407-0000-0000000FF1CE}" = Microsoft Word MUI (German) 2013
"{90150000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français
"{90150000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano
"{90150000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013
"{90150000-0044-0407-0000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013
"{90150000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013
"{90150000-0090-0407-0000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013
"{90150000-00A1-0407-0000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013
"{90150000-00BA-0407-0000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013
"{90150000-00E1-0407-0000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013
"{90150000-00E2-0407-0000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013
"{90150000-012B-0407-0000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{985ABEF0-B6CA-C8FE-C5F7-4B22D51918DC}" = WiMP 2.3.2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch
"{ACC27C6C-374D-4390-8154-4C79C728F462}" = AirServer
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E3D181F8-246B-497F-945E-6DB98CBA6677}" = Hollywood FX Volumes 1-3
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}" = Pinnacle Studio 16 - Install Manager
"{F7214014-27EE-4237-9978-2F9D1551559B}" = Title Extreme
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"0630-0716-3135-7887" = JDownloader 2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
"ASIO4ALL" = ASIO4ALL
"AutoHotkey" = AutoHotkey 1.1.09.02
"Axife Mouse Recorder DEMO_is1" = Axife Mouse Recorder DEMO 5.01
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1" = WiMP 2.3.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"DiskAid_is1" = DiskAid 5.46
"ESI - KeyControl49 Driver Setup" = ESI - KeyControl49 Driver
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"InstallShield_{178D71F4-DFB1-40EC-9D95-326FD8A3E7A0}" = Motion Graphics Toolkit for Studio
"InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"InstallShield_{4CF172C5-F121-41FA-B0B0-0D49840BF003}" = Filmmaker's Toolkit for Studio
"ipswDownloader" = ipswDownloader 1.6
"Mozilla Firefox 16.0 (x86 de)" = Mozilla Firefox 16.0 (x86 de)
"Mp3tag" = Mp3tag v2.55a
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"Origin" = Origin
"Picasa 3" = Picasa 3
"PPÖúÊÖ PC°æ" = PPÖúÊÖ PC°æ 0.8.8
"Splashtop Software Updater" = Splashtop Software Updater
"Synthesia" = Synthesia (remove only)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"TIPP10_is1" = TIPP10 Version 2.1.0
"VLC media player" = VLC media player 2.0.6
"VMware_Workstation" = VMware Workstation
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"MusicManager" = Music Manager
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.05.2013 19:16:54 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
Error - 26.05.2013 23:07:56 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
Error - 28.05.2013 01:23:52 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
Error - 28.05.2013 08:03:29 | Computer Name = Big-Up | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\ASIO4ALL
v2\a4apanel64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 29.05.2013 02:26:50 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
Error - 29.05.2013 11:46:42 | Computer Name = Big-Up | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“
ist folgender Fehler aufgetreten: -2144927140. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error - 30.05.2013 02:43:44 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
Error - 30.05.2013 11:42:09 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
Error - 30.05.2013 12:00:00 | Computer Name = Big-Up | Source = ESENT | ID = 455
Description = svchost (1888) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei
C:\Windows\system32\SRU\SRU005CF.log.
Error - 31.05.2013 02:21:51 | Computer Name = Big-Up | Source = Office 2013 Licensing Service | ID = 0
Description =
[ System Events ]
Error - 23.05.2013 01:16:19 | Computer Name = Big-Up | Source = VDS Dynamic Provider | ID = 16908321
Description =
Error - 23.05.2013 01:16:42 | Computer Name = Big-Up | Source = VDS Dynamic Provider | ID = 16908321
Description =
Error - 23.05.2013 01:25:12 | Computer Name = Big-Up | Source = VDS Dynamic Provider | ID = 16908321
Description =
Error - 23.05.2013 15:13:20 | Computer Name = Big-Up | Source = DCOM | ID = 10016
Description =
Error - 23.05.2013 16:50:27 | Computer Name = Big-Up | Source = Service Control Manager | ID = 7034
Description = Dienst "Yontoo Desktop Updater" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 29.05.2013 07:26:08 | Computer Name = Big-Up | Source = Service Control Manager | ID = 7034
Description = Dienst "WinZiper service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 29.05.2013 11:23:51 | Computer Name = Big-Up | Source = DCOM | ID = 10010
Description =
Error - 29.05.2013 11:23:51 | Computer Name = Big-Up | Source = DCOM | ID = 10010
Description =
Error - 29.05.2013 11:30:21 | Computer Name = Big-Up | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?05.?2013 um 17:25:20 unerwartet heruntergefahren.
Error - 30.05.2013 11:27:33 | Computer Name = Big-Up | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?30.?05.?2013 um 17:26:14 unerwartet heruntergefahren.
< End of report > --- --- ---
[/SPOILER]
OTL
[SPOILER]
OTL Logfile: Code:
OTL logfile created on: 31.05.2013 16:36:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Max\Desktop
Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 0,70 Gb Available Physical Memory | 21,56% Memory free
5,37 Gb Paging File | 1,59 Gb Available in Paging File | 29,50% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,45 Gb Total Space | 9,57 Gb Free Space | 8,58% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 284,55 Gb Free Space | 61,09% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: BIG-UP | User Name: Max | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Max\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\WebCake\WebCakeDesktop.Updater.exe (WebCake LLC)
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\ProgramData\Electronic Arts\Need For Speed World\Data\nfsw.exe (Electronic Arts)
PRC - C:\Programme\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\VideoLAN\VLC\vlc.exe (VideoLAN)
PRC - C:\Windows\System32\taskhostex.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation)
PRC - C:\Programme\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\LiveComm.exe (Microsoft Corporation)
PRC - C:\Windows\System32\RuntimeBroker.exe (Microsoft Corporation)
PRC - C:\Windows\System32\dasHost.exe (Microsoft Corporation)
PRC - C:\Fraps\fraps.exe (Beepa P/L)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll ()
MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\pdf.dll ()
MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\libglesv2.dll ()
MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\libegl.dll ()
MOD - C:\Programme\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll ()
MOD - C:\Programme\VideoLAN\VLC\libvlccore.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libpng_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libdts_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\liba52_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libopus_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libflac_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\lua\liblua_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\misc\libxml_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libdshow_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libzip_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libavi_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\libvlc.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll ()
MOD - C:\Programme\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
========== Services (SafeList) ==========
SRV - (WebCake Desktop Updater) -- C:\Program Files\WebCake\WebCakeDesktop.Updater.exe C:\Users\Max\AppData\Roaming\WebCake\WebCakeDesktop.exe File not found
SRV - (AudioEndpointBuilder) -- C:\Windows\System32\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV - (TimeBroker) -- C:\Windows\System32\TimeBrokerServer.dll (Microsoft Corporation)
SRV - (SystemEventsBroker) -- C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (netprofm) -- C:\Windows\System32\netprofmsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (SplashtopRemoteService) -- C:\Programme\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
SRV - (SSUService) -- C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (wlidsvc) -- C:\Windows\System32\wlidsvc.dll (Microsoft Corporation)
SRV - (LSM) -- C:\Windows\System32\lsm.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer8) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (PrintNotify) -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (WSService) -- C:\Windows\System32\WSService.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (fhsvc) -- C:\Windows\System32\fhsvc.dll (Microsoft Corporation)
SRV - (BrokerInfrastructure) -- C:\Windows\System32\bisrv.dll (Microsoft Corporation)
SRV - (VMnetDHCP) -- C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\System32\vmnat.exe (VMware, Inc.)
SRV - (VMwareHostd) -- C:\Programme\VMware\VMware Workstation\vmware-hostd.exe ()
SRV - (VMAuthdService) -- C:\Programme\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Programme\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
SRV - (WiaRpc) -- C:\Windows\System32\wiarpc.dll (Microsoft Corporation)
SRV - (Wcmsvc) -- C:\Windows\System32\wcmsvc.dll (Microsoft Corporation)
SRV - (VaultSvc) -- C:\Windows\System32\vaultsvc.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (svsvc) -- C:\Windows\System32\svsvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (NcaSvc) -- C:\Windows\System32\NcaSvc.dll (Microsoft Corporation)
SRV - (NcdAutoSetup) -- C:\Windows\System32\NcdAutoSetup.dll (Microsoft Corporation)
SRV - (KeyIso) -- C:\Windows\System32\keyiso.dll (Microsoft Corporation)
SRV - (EFS) -- C:\Windows\System32\efssvc.dll (Microsoft Corporation)
SRV - (DsmSvc) -- C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation)
SRV - (DeviceAssociationService) -- C:\Windows\System32\das.dll (Microsoft Corporation)
SRV - (AllUserInstallAgent) -- C:\Windows\System32\AUInstallAgent.dll (Microsoft Corporation)
SRV - (vmicvss) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmictimesync) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicshutdown) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicrdv) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmickvpexchange) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicheartbeat) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (VBoxNetFlt) -- C:\Windows\system32\DRIVERS\VBoxNetFlt.sys File not found
DRV - (abkswnkw) -- File not found
DRV - (dtsoftbus01) -- C:\Windows\System32\Drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (VBoxNetAdp) -- C:\Windows\System32\Drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (spaceport) -- C:\Windows\System32\Drivers\spaceport.sys (Microsoft Corporation)
DRV - (TPM) -- C:\Windows\System32\Drivers\tpm.sys (Microsoft Corporation)
DRV - (pdc) -- C:\Windows\System32\Drivers\pdc.sys (Microsoft Corporation)
DRV - (USBXHCI) -- C:\Windows\System32\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV - (storahci) -- C:\Windows\System32\Drivers\storahci.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\Drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (MungoDriver) -- C:\Windows\System32\Drivers\MungoDriver.sys (Windows (R) Win 7 DDK provider)
DRV - (USBHUB3) -- C:\Windows\System32\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV - (BthAvrcpTg) -- C:\Windows\System32\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV - (WdBoot) -- C:\Windows\System32\Drivers\WdBoot.sys (Microsoft Corporation)
DRV - (WdFilter) -- C:\Windows\System32\Drivers\WdFilter.sys (Microsoft Corporation)
DRV - (msgpiowin32) -- C:\Windows\System32\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV - (sthid) -- C:\Windows\System32\Drivers\sthid.sys (Splashtop Inc.)
DRV - (bthhfhid) -- C:\Windows\System32\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV - (hidi2c) -- C:\Windows\System32\Drivers\hidi2c.sys (Microsoft Corporation)
DRV - (FxPPM) -- C:\Windows\System32\Drivers\fxppm.sys (Microsoft Corporation)
DRV - (Dot4Print) -- C:\Windows\System32\Drivers\Dot4Prt.sys (Windows (R) Win 7 DDK provider)
DRV - (dot4) -- C:\Windows\System32\Drivers\Dot4.sys (Windows (R) Win 7 DDK provider)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (dam) -- C:\Windows\System32\Drivers\dam.sys (Microsoft Corporation)
DRV - (sdstor) -- C:\Windows\System32\Drivers\sdstor.sys (Microsoft Corporation)
DRV - (AirDisplayMirror) -- C:\Windows\System32\Drivers\AVVideoCardMirror.sys (Windows (R) Win 7 DDK provider)
DRV - (AirDisplay) -- C:\Windows\System32\Drivers\AVVideoCard.sys (Windows (R) Win 7 DDK provider)
DRV - (cnghwassist) -- C:\Windows\System32\Drivers\cnghwassist.sys (Microsoft Corporation)
DRV - (UCX01000) -- C:\Windows\System32\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV - (GPIOClx0101) -- C:\Windows\System32\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV - (iDispService) -- C:\Windows\System32\Drivers\idisplayminiport.sys (SHAPE Services)
DRV - (vmx86) -- C:\Windows\System32\Drivers\vmx86.sys (VMware, Inc.)
DRV - (VMnetuserif) -- C:\Windows\System32\Drivers\vmnetuserif.sys (VMware, Inc.)
DRV - (VMnetBridge) -- C:\Windows\System32\Drivers\vmnetbridge.sys (VMware, Inc.)
DRV - (VMnetAdapter) -- C:\Windows\System32\Drivers\vmnetadapter.sys (VMware, Inc.)
DRV - (hcmon) -- C:\Windows\System32\Drivers\hcmon.sys (VMware, Inc.)
DRV - (vmusb) -- C:\Windows\System32\Drivers\vmusb.sys (VMware, Inc.)
DRV - (condrv) -- C:\Windows\System32\Drivers\condrv.sys (Microsoft Corporation)
DRV - (acpiex) -- C:\Windows\System32\Drivers\acpiex.sys (Microsoft Corporation)
DRV - (LSI_SSS) -- C:\Windows\System32\Drivers\lsi_sss.sys (LSI Corporation)
DRV - (EhStorTcgDrv) -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV - (EhStorClass) -- C:\Windows\System32\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV - (3ware) -- C:\Windows\System32\Drivers\3ware.sys (LSI)
DRV - (VSTXRAID) -- C:\Windows\System32\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV - (VerifierExt) -- C:\Windows\System32\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV - (UASPStor) -- C:\Windows\System32\Drivers\uaspstor.sys (Microsoft Corporation)
DRV - (mvumis) -- C:\Windows\System32\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV - (WFPLWFS) -- C:\Windows\System32\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV - (CLFS) -- C:\Windows\System32\Drivers\clfs.sys (Microsoft Corporation)
DRV - (terminpt) -- C:\Windows\System32\Drivers\terminpt.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\Drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\Drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\Drivers\storvsc.sys (Microsoft Corporation)
DRV - (BasicDisplay) -- C:\Windows\System32\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV - (mshidumdf) -- C:\Windows\System32\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV - (HyperVideo) -- C:\Windows\System32\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV - (BasicRender) -- C:\Windows\System32\Drivers\BasicRender.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\Drivers\vms3cap.sys (Microsoft Corporation)
DRV - (npsvctrig) -- C:\Windows\System32\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV - (kdnic) -- C:\Windows\System32\Drivers\kdnic.sys (Microsoft Corporation)
DRV - (acpitime) -- C:\Windows\System32\Drivers\acpitime.sys (Microsoft Corporation)
DRV - (gencounter) -- C:\Windows\System32\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV - (acpipagr) -- C:\Windows\System32\Drivers\acpipagr.sys (Microsoft Corporation)
DRV - (WpdUpFltr) -- C:\Windows\System32\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\Drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (hyperkbd) -- C:\Windows\System32\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV - (SerCx) -- C:\Windows\System32\Drivers\SerCx.sys (Microsoft Corporation)
DRV - (xusb22) -- C:\Windows\System32\Drivers\xusb22.sys (Microsoft Corporation)
DRV - (SpbCx) -- C:\Windows\System32\Drivers\SpbCx.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\Drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (BthHFEnum) -- C:\Windows\System32\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\Drivers\dmvsc.sys (Microsoft Corporation)
DRV - (wpcfltr) -- C:\Windows\System32\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV - (NdisImPlatform) -- C:\Windows\System32\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV - (MsLldp) -- C:\Windows\System32\Drivers\mslldp.sys (Microsoft Corporation)
DRV - (Ndu) -- C:\Windows\System32\Drivers\Ndu.sys (Microsoft Corporation)
DRV - (RTL8168) -- C:\Windows\System32\Drivers\Rt630x86.sys (Realtek )
DRV - (vmci) -- C:\Windows\System32\Drivers\vmci.sys (VMware, Inc.)
DRV - (vsock) -- C:\Windows\System32\Drivers\vsock.sys (VMware, Inc.)
DRV - (BCM43XX) -- C:\Windows\System32\Drivers\BCMWL63.SYS (Broadcom Corporation)
DRV - (Netaapl) -- C:\Windows\System32\Drivers\netaapl.sys (Apple Inc.)
DRV - (vstor2-mntapi10-shared) -- C:\Windows\System32\Drivers\vstor2-mntapi10-shared.sys (VMware, Inc.)
DRV - (KeyControl49) -- C:\Windows\System32\Drivers\esikey49.sys (ESI)
DRV - (hamachi) -- C:\Windows\System32\Drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (MarvinBus) -- C:\Windows\System32\Drivers\MarvinBus.sys (Pinnacle Systems GmbH)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8544E016-5EE2-450E-BB36-ACEF50FBEBB7}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: ebesucher-surfbar@kashiif.com:1.0.0
FF - prefs.js..extensions.enabledAddons: admin@proxy-listen.de:1.0.4.5
FF - prefs.js..extensions.enabledAddons: extension@hidemyass.com:1.2.7
FF - prefs.js..extensions.enabledAddons: foxyproxy@eric.h.jung:4.1.4
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.14
FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.6.0.20130418072822
FF - prefs.js..network.proxy.ftp: "147.31.182.137"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "147.31.182.137"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "147.31.182.137"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Max\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Max\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.30 17:51:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.16 15:06:07 | 000,000,000 | ---D | M]
[2013.01.30 17:51:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Extensions
[2013.05.31 08:58:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions
[2013.05.19 20:23:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013.05.10 12:06:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.05.10 12:04:33 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions\foxyproxy@eric.h.jung
[2013.05.30 20:09:11 | 000,000,000 | ---D | M] (WebCake) -- C:\Users\Max\AppData\Roaming\mozilla\Firefox\Profiles\k50e68b0.default\extensions\plugin@getwebcake.com
[2013.04.11 20:37:38 | 000,013,955 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\k50e68b0.default\extensions\admin@proxy-listen.de.xpi
[2013.04.02 15:25:27 | 000,055,696 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\k50e68b0.default\extensions\ebesucher-surfbar@kashiif.com.xpi
[2013.04.11 22:37:05 | 000,053,803 | ---- | M] () (No name found) -- C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\k50e68b0.default\extensions\extension@hidemyass.com.xpi
[2013.01.30 17:51:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.01.30 17:51:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2013.01.30 17:51:18 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.10.06 04:14:59 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.01.11 04:05:40 | 000,033,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2012.10.06 05:22:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.06 05:22:08 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.06 05:22:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.06 05:22:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.06 05:22:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.06 05:22:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Play Music = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.1_0\
CHR - Extension: Google Mail = C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.05.19 16:35:11 | 000,000,718 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O2 - BHO: (WebCake) - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Programme\WebCake\WebCakeIEClient.dll (WebCake LLC)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [StereoLinksInstall] C:\Program Files\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [USBToolTip] C:\Programme\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [vmware-tray.exe] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [iCloudServices] C:\Programme\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [MusicManager] C:\Users\Max\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Spotify] C:\Users\Max\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Max\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [WebCake Desktop] C:\Users\Max\AppData\Roaming\WebCake\WebCakeDesktop.exe (WebCake LLC)
O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Programme\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14D94206-BEAD-4E97-B5C5-C22B72777674}: DhcpNameServer = 10.74.210.210 10.74.210.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2338C3B-0FC2-4F2F-B248-CCA5CA5D8420}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\NVIDIA~1\3DVISI~1\nvStInit.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.07.26 08:52:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6327bc41-66f0-11e2-af9c-6c626d75e7ba}\Shell - "" = AutoRun
O33 - MountPoints2\{6327bc41-66f0-11e2-af9c-6c626d75e7ba}\Shell\AutoRun\command - "" = "F:\Install.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.31 16:34:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe
[2013.05.30 21:30:27 | 000,000,000 | ---D | C] -- C:\Program Files\LooksBuilderSE
[2013.05.30 21:11:11 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\PMB Files
[2013.05.30 21:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013.05.30 21:11:04 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2013.05.30 21:10:56 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Pando_Temp
[2013.05.30 21:09:41 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Avid
[2013.05.30 21:09:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pinnacle
[2013.05.30 21:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pegasus Imaging
[2013.05.30 21:06:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2013.05.30 21:00:46 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2013.05.30 21:00:46 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2013.05.30 21:00:46 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2013.05.30 21:00:46 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2013.05.30 21:00:44 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2013.05.30 21:00:44 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2013.05.30 21:00:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2013.05.30 21:00:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2013.05.30 21:00:44 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2013.05.30 21:00:43 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2013.05.30 21:00:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2013.05.30 21:00:43 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2013.05.30 21:00:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2013.05.30 21:00:43 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2013.05.30 21:00:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2013.05.30 21:00:42 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2013.05.30 21:00:42 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2013.05.30 21:00:42 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2013.05.30 21:00:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2013.05.30 21:00:42 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2013.05.30 21:00:42 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2013.05.30 21:00:41 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2013.05.30 21:00:41 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2013.05.30 21:00:41 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2013.05.30 21:00:41 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2013.05.30 21:00:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2013.05.30 21:00:41 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2013.05.30 21:00:41 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2013.05.30 21:00:40 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2013.05.30 21:00:40 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2013.05.30 21:00:40 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2013.05.30 21:00:40 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2013.05.30 21:00:40 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2013.05.30 21:00:40 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2013.05.30 21:00:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2013.05.30 21:00:40 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2013.05.30 21:00:39 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2013.05.30 21:00:39 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2013.05.30 21:00:39 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2013.05.30 21:00:39 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2013.05.30 21:00:38 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2013.05.30 21:00:38 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2013.05.30 21:00:38 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2013.05.30 21:00:38 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2013.05.30 21:00:38 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2013.05.30 21:00:38 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2013.05.30 21:00:37 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2013.05.30 21:00:37 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2013.05.30 21:00:37 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2013.05.30 21:00:37 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2013.05.30 21:00:37 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2013.05.30 21:00:37 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2013.05.30 21:00:37 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2013.05.30 21:00:36 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2013.05.30 21:00:36 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2013.05.30 21:00:36 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2013.05.30 21:00:36 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2013.05.30 21:00:36 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2013.05.30 21:00:36 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2013.05.30 21:00:36 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2013.05.30 21:00:35 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2013.05.30 21:00:35 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2013.05.30 21:00:35 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2013.05.30 21:00:35 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2013.05.30 21:00:35 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2013.05.30 21:00:35 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2013.05.30 21:00:30 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2013.05.30 21:00:30 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2013.05.30 21:00:30 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2013.05.30 21:00:30 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2013.05.30 21:00:30 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2013.05.30 21:00:30 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2013.05.30 21:00:29 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2013.05.30 21:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avid
[2013.05.30 20:59:30 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Pinnacle
[2013.05.30 20:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 16
[2013.05.30 20:59:17 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Downloaded Installations
[2013.05.30 20:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2013.05.30 20:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PCTV Systems
[2013.05.30 20:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2013.05.30 20:10:43 | 000,719,872 | -HS- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2013.05.30 20:10:43 | 000,369,152 | -HS- | C] (The Public) -- C:\Windows\System32\avisynth.dll
[2013.05.30 20:10:42 | 000,070,656 | -HS- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2013.05.30 20:10:41 | 000,070,656 | -HS- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll
[2013.05.30 20:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2013.05.30 20:09:52 | 000,327,749 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\drvc.dll
[2013.05.30 20:09:52 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2013.05.30 20:09:52 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\System32\nbDX.dll
[2013.05.30 20:09:52 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\System32\flvDX.dll
[2013.05.30 20:09:52 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\System32\msfDX.dll
[2013.05.30 20:09:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2013.05.30 20:09:51 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax
[2013.05.30 20:09:51 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax
[2013.05.30 20:09:51 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSSplitter.ax
[2013.05.30 20:09:51 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSDecoder.ax
[2013.05.30 20:09:51 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax
[2013.05.30 20:09:50 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\System32\RealMediaDX.ax
[2013.05.30 20:09:49 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax
[2013.05.30 20:09:48 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\System32\AVCDX.ax
[2013.05.30 20:09:30 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft
[2013.05.30 20:09:10 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\WebCake
[2013.05.30 20:09:10 | 000,000,000 | ---D | C] -- C:\Program Files\WebCake
[2013.05.30 17:05:16 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\Splashtop
[2013.05.30 17:03:45 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\FileFly
[2013.05.30 17:03:45 | 000,000,000 | ---D | C] -- C:\ProgramData\FileFly
[2013.05.30 17:01:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2013.05.29 15:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.05.29 15:57:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.05.29 15:37:13 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013.05.29 15:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\StarApp
[2013.05.29 13:17:48 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\WinZipper
[2013.05.29 13:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\WinZipper
[2013.05.28 07:39:30 | 000,000,000 | ---D | C] -- C:\Users\Max\Pictures
[2013.05.25 00:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirServer
[2013.05.25 00:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\AirServer
[2013.05.24 06:04:01 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
[2013.05.23 22:50:30 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\GoPlayer
[2013.05.23 22:49:48 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\eDownload
[2013.05.23 22:25:01 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1
[2013.05.23 22:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\WiMP
[2013.05.23 22:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2013.05.23 08:01:29 | 000,000,000 | ---D | C] -- C:\ico
[2013.05.23 07:46:28 | 000,000,000 | ---D | C] -- C:\Users\Max\Desktop\TXT
[2013.05.23 05:54:12 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Mp3tag
[2013.05.23 05:53:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
[2013.05.23 05:53:54 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3tag
[2013.05.22 07:02:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.05.22 07:02:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.05.22 07:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.05.22 07:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.05.21 19:14:05 | 000,000,000 | ---D | C] -- C:\Windows\rescache
[2013.05.21 03:47:23 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Skype
[2013.05.21 03:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.05.21 03:33:20 | 000,000,000 | ---D | C] -- C:\Program Files\GamersFirst
[2013.05.21 03:13:05 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2013.05.21 03:13:00 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\GamersFirst
[2013.05.18 12:32:03 | 010,789,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.UI.Xaml.dll
[2013.05.18 12:32:02 | 002,767,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2013.05.18 12:32:02 | 001,593,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2013.05.18 12:32:00 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAudDecMFT.dll
[2013.05.18 12:31:59 | 003,390,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.05.18 12:31:59 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2013.05.18 12:31:58 | 000,248,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd_02_10ec.dll
[2013.05.18 12:31:57 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\twinui.dll
[2013.05.18 12:31:57 | 000,426,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2013.05.18 12:31:57 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013.05.18 12:31:57 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2013.05.18 12:31:56 | 002,035,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013.05.18 12:31:56 | 001,166,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.efi
[2013.05.18 12:31:56 | 001,034,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.efi
[2013.05.18 12:31:56 | 000,939,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2013.05.18 12:31:56 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpncore.dll
[2013.05.18 12:31:56 | 000,324,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2013.05.18 12:31:56 | 000,207,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2013.05.18 12:31:55 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2013.05.18 12:31:55 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2013.05.18 12:31:55 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RecoveryDrive.exe
[2013.05.18 12:31:55 | 000,457,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2013.05.18 12:31:55 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Networking.dll
[2013.05.18 12:31:54 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
[2013.05.18 12:31:54 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
[2013.05.18 12:31:54 | 000,123,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2013.05.18 12:31:54 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Robocopy.exe
[2013.05.18 12:31:53 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013.05.18 12:31:53 | 000,238,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spaceport.sys
[2013.05.18 12:31:53 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2013.05.18 12:31:53 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iuilp.dll
[2013.05.18 12:31:53 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fhengine.dll
[2013.05.18 12:31:53 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEndpointBuilder.dll
[2013.05.18 12:31:52 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fhcfg.dll
[2013.05.18 12:31:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013.05.18 12:31:51 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2013.05.18 12:31:51 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFMediaEngine.dll
[2013.05.18 12:31:51 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2013.05.18 12:31:50 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fmifs.dll
[2013.05.18 12:31:49 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2013.05.18 12:31:49 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2013.05.18 12:31:49 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2013.05.18 12:31:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013.05.16 00:34:33 | 000,693,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.16 00:34:33 | 000,078,200 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.15 19:09:55 | 000,000,000 | ---D | C] -- C:\Users\Max\Application Data
[2013.05.15 11:20:47 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.15 11:20:47 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.15 11:20:46 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.05.15 11:20:41 | 000,104,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013.05.15 11:20:37 | 005,586,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.05.09 12:54:04 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\VMware
[2013.05.09 12:54:04 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Local\VMware
[2013.05.09 12:50:29 | 000,063,128 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vsocklib.dll
[2013.05.09 12:50:29 | 000,061,296 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vsock.sys
[2013.05.09 12:50:03 | 000,357,016 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
[2013.05.09 12:50:00 | 000,435,864 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
[2013.05.09 12:50:00 | 000,025,752 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vmnetuserif.sys
[2013.05.09 12:49:59 | 000,779,928 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vnetlib.dll
[2013.05.09 12:49:58 | 000,041,496 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\hcmon.sys
[2013.05.09 12:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2013.05.09 12:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2013.05.09 12:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\VMware
[2013.05.09 12:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2013.05.09 12:49:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Virtual Machines
[2013.05.09 11:36:16 | 000,000,000 | ---D | C] -- C:\Users\Max\VirtualBox VMs
[2013.05.09 11:35:21 | 000,000,000 | ---D | C] -- C:\Users\Max\.VirtualBox
[2013.05.09 11:34:38 | 000,188,176 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxDrv.sys
[2013.05.09 11:34:26 | 000,094,480 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSBMon.sys
[2013.05.07 16:33:25 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\Nero
[2013.05.07 16:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013.05.07 12:28:48 | 000,000,000 | ---D | C] -- C:\Users\Max\AppData\Roaming\BANDISOFT
[2013.05.07 12:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.05.31 16:33:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Max\Desktop\OTL.exe
[2013.05.31 16:33:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.31 16:08:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3665671309-745949747-257478601-1001UA.job
[2013.05.31 14:43:24 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.31 14:43:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.31 09:05:22 | 000,754,576 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.05.31 09:05:22 | 000,712,730 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.31 09:05:22 | 000,156,830 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.31 09:05:22 | 000,133,626 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.31 08:59:13 | 000,491,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.31 08:59:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.05.31 08:59:05 | 2791,034,880 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.30 21:41:05 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.05.30 21:09:00 | 000,002,226 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle Studio 16.lnk
[2013.05.30 20:09:53 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\SUPER ©.lnk
[2013.05.29 15:27:09 | 000,217,194 | ---- | M] () -- C:\Users\Max\Desktop\com.ericday.itether_1.0.4_iphoneos-arm.deb
[2013.05.29 13:37:19 | 204,270,226 | ---- | M] () -- C:\Users\Max\Desktop\Cubasis [Steinberg Media Technologies GmbH] (v1.4 iPad ONZE os51)-[BurnIt.Lr17.ipa
[2013.05.29 13:17:42 | 000,002,387 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.05.29 13:17:42 | 000,001,341 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.27 06:08:00 | 000,000,862 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3665671309-745949747-257478601-1001Core.job
[2013.05.23 22:24:54 | 000,000,815 | ---- | M] () -- C:\Users\Public\Desktop\WiMP.lnk
[2013.05.23 08:02:25 | 000,001,699 | ---- | M] () -- C:\Users\Max\Desktop\Music.lnk
[2013.05.23 05:53:55 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2013.05.22 07:02:51 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.05.19 16:35:11 | 000,000,718 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.05.19 16:35:11 | 000,000,717 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.umbrella
[2013.05.09 12:49:53 | 000,001,024 | ---- | M] () -- C:\.rnd
[2013.05.09 12:49:49 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2013.05.07 22:07:50 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.07 22:07:50 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.02 17:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.30 21:09:00 | 000,002,226 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle Studio 16.lnk
[2013.05.30 20:57:08 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.05.30 20:10:42 | 000,032,256 | -HS- | C] () -- C:\Windows\System32\AVSredirect.dll
[2013.05.30 20:09:53 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\SUPER ©.lnk
[2013.05.30 20:09:52 | 000,188,416 | RHS- | C] () -- C:\Windows\System32\winDCE32.dll
[2013.05.30 20:09:51 | 000,121,344 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.ax
[2013.05.30 20:09:51 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2013.05.30 20:09:51 | 000,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax
[2013.05.30 20:09:50 | 000,120,832 | RHS- | C] () -- C:\Windows\System32\MPCDx.ax
[2013.05.30 20:09:50 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\RLMPCDec.ax
[2013.05.30 20:09:50 | 000,070,656 | RHS- | C] () -- C:\Windows\System32\RLAPEDec.ax
[2013.05.30 20:09:49 | 000,195,584 | RHS- | C] () -- C:\Windows\System32\MatroskaDX.ax
[2013.05.30 20:09:49 | 000,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax
[2013.05.30 20:09:49 | 000,097,280 | RHS- | C] () -- C:\Windows\System32\FLACDX.ax
[2013.05.30 20:09:48 | 000,227,328 | RHS- | C] () -- C:\Windows\System32\ac3DX.ax
[2013.05.30 20:09:48 | 000,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax
[2013.05.29 15:27:08 | 000,217,194 | ---- | C] () -- C:\Users\Max\Desktop\com.ericday.itether_1.0.4_iphoneos-arm.deb
[2013.05.29 13:37:02 | 204,270,226 | ---- | C] () -- C:\Users\Max\Desktop\Cubasis [Steinberg Media Technologies GmbH] (v1.4 iPad ONZE os51)-[BurnIt.Lr17.ipa
[2013.05.24 06:03:45 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3665671309-745949747-257478601-1001UA.job
[2013.05.24 06:03:44 | 000,000,862 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3665671309-745949747-257478601-1001Core.job
[2013.05.23 22:24:54 | 000,000,827 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiMP.lnk
[2013.05.23 22:24:54 | 000,000,815 | ---- | C] () -- C:\Users\Public\Desktop\WiMP.lnk
[2013.05.23 07:57:28 | 000,001,699 | ---- | C] () -- C:\Users\Max\Desktop\Music.lnk
[2013.05.23 05:53:55 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2013.05.22 07:02:51 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.05.21 04:30:59 | 000,491,056 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.18 12:31:47 | 000,387,688 | ---- | C] () -- C:\Windows\System32\ApnDatabase.xml
[2013.05.09 12:49:53 | 000,001,024 | ---- | C] () -- C:\.rnd
[2013.05.09 12:49:49 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2013.03.22 22:14:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[2013.02.01 14:37:45 | 000,136,348 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2013.01.28 20:58:20 | 000,083,968 | ---- | C] () -- C:\Windows\System32\OEMLicense.dll
[2012.11.19 09:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2012.11.19 09:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2012.10.19 05:52:30 | 002,907,040 | ---- | C] () -- C:\Windows\System32\PortChanger.exe
[2012.07.26 10:41:52 | 000,754,576 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2012.07.26 10:41:52 | 000,305,546 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2012.07.26 10:41:52 | 000,156,830 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2012.07.26 10:41:52 | 000,040,390 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2012.07.26 08:55:27 | 000,712,730 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2012.07.26 08:55:27 | 000,296,742 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2012.07.26 08:55:27 | 000,133,626 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2012.07.26 08:55:27 | 000,033,362 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2012.07.26 08:53:47 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2012.07.26 08:53:46 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2012.07.26 08:03:55 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:20:38 | 000,071,680 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2012.07.25 22:41:36 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:24:47 | 000,526,068 | ---- | C] () -- C:\Windows\System32\staticurllist.bin
[2012.07.14 04:00:46 | 000,043,882 | ---- | C] () -- C:\Windows\System32\srms.dat
[2012.06.26 07:10:06 | 003,668,480 | ---- | C] () -- C:\Windows\System32\CosmoRenderer.dll
[2012.06.02 22:25:24 | 000,008,192 | ---- | C] () -- C:\Windows\System32\settings.dat
[2012.06.02 16:31:24 | 001,520,828 | ---- | C] () -- C:\Windows\System32\WpcNBModel.bin
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== ZeroAccess Check ==========
[2013.05.13 15:50:02 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012.07.26 05:20:13 | 000,354,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report > --- --- ---
[/SPOILER] |