Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 14.02.2014, 14:42   #16
Larusso
/// Selecta Jahrusso
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Ich will mir mal eine andere Logfile ansehen.

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
  • Doppelklick auf die OTL.exe
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimal Ausgabe
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 14.02.2014, 16:09   #17
wallhalla23
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Code:
ATTFilter
OTL logfile created on: 14.02.2014 15:48:33 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Andy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,36 Gb Total Physical Memory | 3,40 Gb Available Physical Memory | 53,43% Memory free
12,71 Gb Paging File | 8,96 Gb Available in Paging File | 70,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 678,54 Gb Total Space | 290,06 Gb Free Space | 42,75% Space Free | Partition Type: NTFS
Drive D: | 169,35 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ANDY-PC | User Name: Andy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Andy\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\AnVir Task Manager\anvir.exe (AnVir Software)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\a99f3a56bbedaa90734d2132d00016ec\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\921a4977671bce1f2f553e9adcdb06ee\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59312674865dc2a19c27f9f460b1673b\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (CGVPNCliService) -- C:\Program Files\CyberGhost 5\Service.exe (CyberGhost S.R.L)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (ePowerSvc) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated)
SRV:64bit: - (Live Updater Service) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Incorporated)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (APNMCP) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (TwonkyProxy) -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe ()
SRV - (TwonkyServer) -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe (PacketVideo)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SamsungAllShareV2.0) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Samsung Electronics Co., Ltd.)
SRV - (SimpleSlideShowServer) -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe (Samsung Electronics Co., Ltd.)
SRV - (GREGService) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe (NTI Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (AdobeActiveFileMonitor9.0) -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV:64bit: - (webinstr) -- C:\Windows\SysNative\drivers\webinstr.sys (Corsica)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avnetflt) -- C:\Windows\SysNative\drivers\avnetflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (libusb0) -- C:\Windows\SysNative\drivers\libusb0.sys (hxxp://libusb-win32.sourceforge.net)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\drivers\lgx64bus.sys (LG Electronics Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=2.1.10.1: C:\Users\Andy\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
 
 
[2013.10.27 13:06:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andy\AppData\Roaming\mozilla\Extensions
[2013.10.27 13:43:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.google.de/
CHR - Extension: Google Translate = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0\
CHR - Extension: Google Docs = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Wetter von wetter.com = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgapkfcninhaogfjjoohaleiclbhjmnp\1.21_0\
CHR - Extension: WOT = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.4.6_0\
CHR - Extension: YouTube = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Auf den Amazon-Wunschzettel = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\
CHR - Extension: Google-Suche = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Disconnect = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\5.13.0_0\
CHR - Extension: eBay-Erweiterung f\u00FCr Google Chrome\u2122 = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck\3.0.2.0_0\
CHR - Extension: Webcam Toy = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0\
CHR - Extension: MyPermissions Cleaner = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\liiikhhbkpmpomjmdofandjmdgapiahi\1.4.0_0\
CHR - Extension: Regen-Alarm = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\meaikaglpfemjncbioflellmppndgmok\1.1.10_0\
CHR - Extension: Google Wallet = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Wallet = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Click&Clean App = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.4_0\
CHR - Extension: Click&Clean App = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.5_0\
CHR - Extension: Google Mail = C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014.02.12 22:20:05 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (no name) - {11111111-1111-1111-1111-110511071178} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [HP Deskjet 3050 J610 series (NET)] C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.192.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49E70AA0-0D51-49B5-BB17-B93E107143FD}: DhcpNameServer = 192.168.192.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\AnVirDisabled: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.02.08 20:31:08 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.11.17 02:11:47 | 000,000,131 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.02.14 15:44:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Andy\Desktop\OTL.exe
[2014.02.14 10:08:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2014.02.14 10:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014.02.14 10:06:36 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014.02.13 12:34:20 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Software Informer
[2014.02.13 12:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
[2014.02.13 12:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\Software Informer
[2014.02.13 12:31:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftOrbits Photo Retoucher
[2014.02.13 12:31:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftOrbits Photo Retoucher
[2014.02.13 09:08:47 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.02.13 09:08:06 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.13 09:08:06 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.13 09:08:05 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.13 09:08:05 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.13 09:08:05 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.13 09:08:05 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.13 09:08:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.13 09:08:03 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.13 09:08:03 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.13 09:08:03 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.13 09:08:03 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.13 09:08:03 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.13 09:08:03 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.13 09:08:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.13 09:08:03 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.13 09:08:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.13 09:08:03 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.13 09:08:02 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.13 09:08:02 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.13 09:08:02 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.02.13 09:08:01 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.13 09:08:01 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.13 09:07:59 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.12 22:20:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.02.12 22:08:41 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014.02.12 22:08:41 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014.02.12 22:08:41 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014.02.12 22:08:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.02.12 22:08:27 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.02.12 15:21:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.02.12 15:21:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.02.12 15:20:34 | 006,573,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014.02.12 15:20:34 | 005,693,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014.02.12 15:20:34 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014.02.12 15:20:34 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014.02.11 15:14:50 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\ChemTable Software
[2014.02.11 15:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reg Organizer
[2014.02.11 15:14:44 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\ChemTable Software
[2014.02.10 16:32:15 | 000,000,000 | ---D | C] -- C:\Users\Andy\Desktop\Logfiles
[2014.02.10 15:32:03 | 000,000,000 | ---D | C] -- C:\FRST
[2014.02.10 13:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014.02.09 11:30:50 | 000,000,000 | ---D | C] -- C:\Users\Andy\Iso
[2014.02.09 10:29:18 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.02.09 10:26:00 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll
[2014.02.09 09:22:19 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014.02.08 22:29:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2014.02.08 20:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014.02.08 20:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014.02.08 12:04:34 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Malwarebytes
[2014.02.08 12:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014.02.08 12:04:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.02.08 12:04:00 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014.02.08 12:04:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014.02.07 15:07:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014.02.07 15:07:17 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014.02.07 12:25:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2014.02.05 17:31:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shark007
[2014.02.05 17:27:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Advanced
[2014.02.04 08:37:43 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2014.02.03 21:30:06 | 000,000,000 | ---D | C] -- C:\Program Files\Ekahau
[2014.02.03 11:06:21 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2014.02.02 11:36:23 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\Microsoft_Research
[2014.02.02 10:59:00 | 000,000,000 | ---D | C] -- C:\Windows\Symbols
[2014.02.02 10:59:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOM Platform 6
[2014.02.02 10:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ASCOM
[2014.02.02 10:59:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ASCOM
[2014.02.02 10:59:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASCOM
[2014.02.02 10:58:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\{BBDFE733-F48B-4E86-B7C1-E6F173F01FCF}
[2014.02.02 10:58:37 | 000,000,000 | ---D | C] -- C:\Users\Andy\Documents\ASCOM
[2014.02.02 09:49:15 | 000,000,000 | ---D | C] -- C:\Users\Andy\Documents\WWT Collections
[2014.02.02 09:49:11 | 000,000,000 | ---D | C] -- C:\Users\Andy\Documents\WWT MIDI Controller Maps
[2014.02.02 09:45:53 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014.02.02 09:45:53 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014.02.02 09:45:51 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014.02.02 09:45:48 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014.02.02 09:45:48 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014.02.02 09:45:47 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014.02.02 09:45:47 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014.02.02 09:45:47 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014.02.02 09:45:47 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014.02.02 09:45:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Research
[2014.01.31 12:55:23 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\Wondershare
[2014.01.31 12:55:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wondershare
[2014.01.31 12:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2014.01.31 12:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Wondershare
[2014.01.31 12:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wondershare
[2014.01.29 12:03:51 | 000,055,480 | ---- | C] (Corsica) -- C:\Windows\SysNative\drivers\webinstr.sys
[2014.01.28 10:57:44 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\UltraVNC
[2014.01.28 10:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraVNC
[2014.01.28 10:54:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uvnc bvba
[2014.01.26 12:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014.01.26 12:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014.01.26 12:20:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014.01.26 12:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014.01.26 12:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014.01.25 11:00:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014.01.25 11:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SixaxisPairTool
[2014.01.25 11:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SixaxisPairTool
[2014.01.21 14:57:21 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\MetaGeek,_LLC
[2014.01.21 14:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
[2014.01.21 14:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MetaGeek
[2014.01.21 14:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
[2014.01.21 14:21:00 | 000,000,000 | ---D | C] -- C:\Python27
[2014.01.21 14:18:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.3
[2014.01.21 14:18:29 | 000,000,000 | ---D | C] -- C:\Python33
[2014.01.21 13:40:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
[2014.01.21 13:38:15 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.01.21 13:38:15 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.01.21 13:38:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014.01.21 13:35:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
[2014.01.21 13:35:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MPC-HC
[2014.01.21 13:25:53 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\Secunia PSI
[2014.01.21 13:25:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2014.01.18 09:55:16 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\FileZilla
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014.02.14 15:44:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Andy\Desktop\OTL.exe
[2014.02.14 15:34:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.02.14 15:26:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.14 15:08:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2014.02.14 13:26:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.14 12:13:52 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.14 12:13:52 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.14 12:05:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.14 10:58:59 | 000,001,881 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014.02.13 17:57:58 | 001,620,796 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.13 17:57:58 | 000,699,786 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.02.13 17:57:58 | 000,654,584 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.13 17:57:58 | 000,149,636 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.02.13 17:57:58 | 000,122,198 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.13 12:31:31 | 000,001,079 | ---- | M] () -- C:\Users\Andy\Desktop\SoftOrbits Photo Retoucher.lnk
[2014.02.13 09:10:28 | 001,595,076 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.02.12 22:20:05 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.02.12 02:30:27 | 000,007,651 | ---- | M] () -- C:\Users\Andy\AppData\Local\Resmon.ResmonCfg
[2014.02.11 14:29:07 | 669,878,021 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014.02.10 15:26:22 | 000,000,000 | ---- | M] () -- C:\Users\Andy\defogger_reenable
[2014.02.10 13:41:08 | 000,002,263 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.02.10 11:18:12 | 000,022,964 | ---- | M] () -- C:\Users\Andy\Documents\cc_20140210_111805.reg
[2014.02.10 11:17:49 | 000,038,058 | ---- | M] () -- C:\Users\Andy\Documents\cc_20140210_111744.reg
[2014.02.10 11:15:59 | 000,000,794 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.02.08 20:31:08 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014.02.08 12:04:02 | 000,001,125 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2014.02.07 15:07:17 | 000,001,280 | ---- | M] () -- C:\Users\Andy\Desktop\Revo Uninstaller.lnk
[2014.02.06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.06 11:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.02.05 17:42:26 | 000,010,372 | ---- | M] () -- C:\Users\Andy\Documents\cc_20140205_174220.reg
[2014.02.05 10:34:07 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.02.05 10:34:07 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.02.03 21:54:25 | 000,210,490 | ---- | M] () -- C:\Users\Andy\Documents\368-awesome.jpg
[2014.02.03 21:54:02 | 000,253,455 | ---- | M] () -- C:\Users\Andy\Documents\74-awesome.jpg
[2014.02.03 21:53:52 | 000,246,837 | ---- | M] () -- C:\Users\Andy\Documents\366-awesome.jpg
[2014.02.03 21:52:22 | 000,206,014 | ---- | M] () -- C:\Users\Andy\Documents\152-awesome.jpg
[2014.02.03 21:52:03 | 000,221,243 | ---- | M] () -- C:\Users\Andy\Documents\4-awesome.jpg
[2014.02.03 21:51:22 | 000,140,895 | ---- | M] () -- C:\Users\Andy\Documents\104-awesome.jpg
[2014.02.02 11:53:49 | 000,000,883 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014.02.02 10:59:02 | 000,001,278 | ---- | M] () -- C:\Users\Public\Desktop\ASCOM Diagnostics.lnk
[2014.02.02 10:59:02 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\ProfileExplorer.lnk
[2014.01.29 12:03:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstr_01009.Wdf
[2014.01.29 12:03:50 | 000,001,734 | ---- | M] () -- C:\Windows\patsearch.bin
[2014.01.28 15:20:28 | 000,055,480 | ---- | M] (Corsica) -- C:\Windows\SysNative\drivers\webinstr.sys
[2014.01.28 10:54:50 | 000,001,166 | ---- | M] () -- C:\Users\Andy\Desktop\UltraVNC Viewer.lnk
[2014.01.28 10:54:50 | 000,001,149 | ---- | M] () -- C:\Users\Andy\Desktop\UltraVNC Server.lnk
[2014.01.26 12:20:44 | 000,001,795 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014.01.25 11:06:39 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014.01.21 14:56:44 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\inSSIDer Home.lnk
[2014.01.21 13:41:08 | 000,002,184 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014.01.21 13:34:24 | 000,002,031 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014.01.18 14:38:38 | 000,000,600 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\winscp.rnd
[2014.01.16 09:17:21 | 000,289,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014.02.14 10:08:24 | 000,001,881 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014.02.13 12:31:31 | 000,001,079 | ---- | C] () -- C:\Users\Andy\Desktop\SoftOrbits Photo Retoucher.lnk
[2014.02.12 22:08:41 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.02.12 22:08:41 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.02.12 22:08:41 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.02.12 22:08:41 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.02.12 22:08:41 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014.02.12 02:30:27 | 000,007,651 | ---- | C] () -- C:\Users\Andy\AppData\Local\Resmon.ResmonCfg
[2014.02.11 14:29:07 | 669,878,021 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014.02.10 15:26:22 | 000,000,000 | ---- | C] () -- C:\Users\Andy\defogger_reenable
[2014.02.10 13:16:42 | 000,002,263 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.02.10 13:16:33 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.10 13:16:33 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.10 11:18:07 | 000,022,964 | ---- | C] () -- C:\Users\Andy\Documents\cc_20140210_111805.reg
[2014.02.10 11:17:46 | 000,038,058 | ---- | C] () -- C:\Users\Andy\Documents\cc_20140210_111744.reg
[2014.02.08 20:31:08 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014.02.08 12:04:02 | 000,001,125 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2014.02.07 15:07:17 | 000,001,280 | ---- | C] () -- C:\Users\Andy\Desktop\Revo Uninstaller.lnk
[2014.02.05 17:42:23 | 000,010,372 | ---- | C] () -- C:\Users\Andy\Documents\cc_20140205_174220.reg
[2014.02.03 21:54:25 | 000,210,490 | ---- | C] () -- C:\Users\Andy\Documents\368-awesome.jpg
[2014.02.03 21:54:02 | 000,253,455 | ---- | C] () -- C:\Users\Andy\Documents\74-awesome.jpg
[2014.02.03 21:53:52 | 000,246,837 | ---- | C] () -- C:\Users\Andy\Documents\366-awesome.jpg
[2014.02.03 21:52:21 | 000,206,014 | ---- | C] () -- C:\Users\Andy\Documents\152-awesome.jpg
[2014.02.03 21:52:03 | 000,221,243 | ---- | C] () -- C:\Users\Andy\Documents\4-awesome.jpg
[2014.02.03 21:51:21 | 000,140,895 | ---- | C] () -- C:\Users\Andy\Documents\104-awesome.jpg
[2014.02.02 10:59:02 | 000,001,278 | ---- | C] () -- C:\Users\Public\Desktop\ASCOM Diagnostics.lnk
[2014.02.02 10:59:02 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\ProfileExplorer.lnk
[2014.01.29 12:03:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstr_01009.Wdf
[2014.01.29 12:03:51 | 000,001,734 | ---- | C] () -- C:\Windows\patsearch.bin
[2014.01.28 10:54:50 | 000,001,166 | ---- | C] () -- C:\Users\Andy\Desktop\UltraVNC Viewer.lnk
[2014.01.28 10:54:50 | 000,001,149 | ---- | C] () -- C:\Users\Andy\Desktop\UltraVNC Server.lnk
[2014.01.26 12:20:44 | 000,001,795 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014.01.21 14:56:44 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\inSSIDer Home.lnk
[2014.01.21 13:41:08 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2014.01.21 13:38:16 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.21 13:34:24 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2014.01.21 13:34:24 | 000,002,031 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014.01.18 09:54:43 | 000,000,600 | ---- | C] () -- C:\Users\Andy\AppData\Roaming\winscp.rnd
[2013.12.25 12:08:05 | 001,595,076 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.11.28 11:52:36 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.11.21 16:25:35 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013.11.21 16:24:09 | 000,025,088 | ---- | C] () -- C:\Windows\SysWow64\installer_x64.exe
[2013.11.21 16:24:09 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\installer_x86.exe
[2013.11.04 11:57:17 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv7
[2013.10.29 18:17:05 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2013.10.26 12:21:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.10.26 12:19:03 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 14.02.2014 15:48:33 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Andy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,36 Gb Total Physical Memory | 3,40 Gb Available Physical Memory | 53,43% Memory free
12,71 Gb Paging File | 8,96 Gb Available in Paging File | 70,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 678,54 Gb Total Space | 290,06 Gb Free Space | 42,75% Space Free | Partition Type: NTFS
Drive D: | 169,35 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ANDY-PC | User Name: Andy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00893836-E47D-4D47-92F3-576BECC60BAE}" = lport=139 | protocol=6 | dir=in | app=system | 
"{0124D101-14A3-41C8-B39E-308114260548}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{07428934-B925-44E4-A391-CFB20BEF6861}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{1DFAA758-E3FC-4A3A-AC21-7E91C593CFE3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1ED068DE-B044-44B3-9381-BE03AD069580}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{272808DA-7ADD-499D-9A24-485D6F230A91}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{33CE99EE-DE82-46A9-886A-3A952E065B8E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{3CEDF478-80B6-4DD5-AF6B-4475CA802B94}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3D3E00BC-CC38-4024-BF08-F64AE49EB7E5}" = rport=445 | protocol=6 | dir=out | app=system | 
"{45A50C95-50F9-43F0-9C68-27A7F047D75C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{48C7C854-8CD0-4DEE-9181-4801FE4D73A6}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{5174235E-646C-404C-AD53-1A83051F1C41}" = lport=445 | protocol=6 | dir=in | app=system | 
"{55975577-B50C-4394-93F4-FAAC7E13BBB0}" = rport=138 | protocol=17 | dir=out | app=system | 
"{6F748A12-CD19-4E8D-A1E5-BD739DD72C9B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{708B734C-17D1-4E49-B925-8B54437E2A9B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{729911B6-FEEF-4A4E-B387-C1E83EFFEC7C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{86CFCCA6-1064-4000-9939-378CB2A8C43F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{891E7D46-3902-47BE-93D4-57FA22359D4A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{991445AA-ED4F-4C6C-8456-0300AC19D5F7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{C929CCD3-39DF-4FC0-BC2C-DC953877C658}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D870C75B-F90B-48CE-A67F-81068942C984}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DD2A575F-DDA2-4FE1-9F76-63DC736F50FC}" = rport=137 | protocol=17 | dir=out | app=system | 
"{E4F8D53A-B3F6-4CB7-A833-1AA25C14CD53}" = lport=138 | protocol=17 | dir=in | app=system | 
"{EDC8F2DF-1E86-4EB1-BE00-9A9053948022}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{EF6D7A9B-42EC-4672-A01D-D595385E76E6}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04123A8C-C30D-473C-A72C-EF30AC360E87}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0798CDAD-CAF7-451F-8536-C7E2211713D7}" = protocol=17 | dir=in | app=c:\program files (x86)\uvnc bvba\ultravnc\winvnc.exe | 
"{0DA487D0-AF0F-4701-9F48-04AC76B47B60}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1D439F50-FEB9-4E6D-B396-D93D2D0F21F2}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{2A91B698-D156-4319-9881-F05BC4EF872D}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe | 
"{2AA43A1A-114A-4BC5-9E8D-ED2450E80AE9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3B1BA522-62EB-4D51-80CA-6600B77B8CC6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4730C186-FD76-4374-BB9E-5E372BC13F5D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{47B81E1A-EAC5-4457-AD54-203204FE2CFA}" = protocol=17 | dir=in | app=c:\program files (x86)\uvnc bvba\ultravnc\vncviewer.exe | 
"{4848237F-7F2B-43ED-8CFC-10E7F76CEBB1}" = protocol=6 | dir=out | app=system | 
"{48B6551A-8BC8-4F49-9762-10580C05BB18}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{4FF8D50E-36E1-48B1-9473-E6A2826014C8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{5D15DCFE-7102-4243-B629-34AB973074B9}" = dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicatorcom.exe | 
"{6C3B1FA5-7EB6-4C05-AAEA-C5FE2D15150E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6F1CF5C1-2017-4CA9-934A-F9F019DBA8FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{71E95E30-F5BD-4567-BE7B-4FB3C5843086}" = dir=in | app=c:\users\andy\appdata\local\microsoft\skydrive\skydrive.exe | 
"{725CDEE9-D0EF-47C9-9D3D-657E425E4977}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{72EA340D-E419-49A1-B7C0-B5A75D2D3AB0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{7F34FA24-8354-427A-83B0-91388AA2F9BE}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe | 
"{88F35BB9-EA74-45AC-AD83-C2A7529C821F}" = dir=in | app=c:\program files (x86)\cyberlink\homemedia\homemedia.exe | 
"{8A81E08F-A66D-4B51-8CB2-AF9D3D5AB97C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8C5AEE58-20D1-452D-9C0E-6759626F62B0}" = protocol=6 | dir=in | app=c:\users\andy\downloads\tinyumbrella-7.04.00.exe | 
"{8CE3E07F-9E51-4497-9AFD-5F1D19204A14}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{9CAEA2D2-6A53-4795-A49A-4B2421EA4E93}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9D65C75D-B485-42FF-836C-5C60495BE058}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe | 
"{A8152052-2135-4450-94C6-BA2162206E8B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{B4104056-023F-4F43-939C-046290A850D6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B6CA7111-3AEE-4F21-BA52-3230C4C97F92}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{C8BCCE57-E33D-4932-AA5B-FB9D6DB3DA0F}" = protocol=6 | dir=in | app=c:\program files (x86)\uvnc bvba\ultravnc\winvnc.exe | 
"{CA9FA8AA-9506-4642-A524-EBFF2B2A9DF6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CD70AA4A-3977-4F67-808F-A02AC129D51D}" = dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe | 
"{CDE41431-965A-4711-86EF-61917E0A0EF5}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{CED5469A-B88E-46CE-9609-DDF16065EFCA}" = protocol=6 | dir=in | app=c:\program files (x86)\uvnc bvba\ultravnc\vncviewer.exe | 
"{D3574EAE-6A11-4B4F-B522-DB49E9016BFE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{D42B370C-0AE1-465F-BABE-95DCEDE51AF9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{D9460844-4565-44BD-B108-FCEE3FC529BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{DB065251-9CC4-4AE0-B7D8-9A4D10F3D4C1}" = protocol=6 | dir=in | app=c:\program files (x86)\twonky\twonkyserver\twonkystarter.exe | 
"{DB7E81F8-81AA-49FA-9257-D7D51EAF03B9}" = dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe | 
"{DC259851-3FB8-4F99-9DB7-3F87F54E5184}" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe | 
"{DFB0856A-C1A4-46E5-9FBD-FE556168B77C}" = protocol=17 | dir=in | app=c:\users\andy\downloads\tinyumbrella-7.04.00.exe | 
"{E44CB94B-E376-4CB6-82F2-05AA306D2371}" = protocol=17 | dir=in | app=c:\program files (x86)\twonky\twonkyserver\twonkystarter.exe | 
"{F5013DFE-0B0C-43D7-9E29-834BACED5FA6}" = protocol=17 | dir=in | app=c:\program files (x86)\twonky\twonkyserver\twonkyserver.exe | 
"{F6339508-E419-4D4E-82B8-FD72975C2697}" = protocol=6 | dir=in | app=c:\program files (x86)\twonky\twonkyserver\twonkyserver.exe | 
"{F7EA5930-5976-479E-BBCF-883EEDE914FE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{F8E310EA-255D-4BED-B056-F0147B117E52}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"TCP Query User{74139AB5-0967-44EA-97BD-FD8D08ECAA11}C:\users\andy\downloads\tinyumbrella-7.02.01a.exe" = protocol=6 | dir=in | app=c:\users\andy\downloads\tinyumbrella-7.02.01a.exe | 
"TCP Query User{7B5F09F1-7604-493F-BDB1-551BB1FF1557}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
"TCP Query User{87AAA673-8231-4993-B6A3-2E3F4CB100D8}C:\users\andy\appdata\roaming\acestream\engine\ace_engine.exe" = protocol=6 | dir=in | app=c:\users\andy\appdata\roaming\acestream\engine\ace_engine.exe | 
"TCP Query User{C8C5A959-503D-44E4-AE11-42912B888FFB}C:\users\andy\downloads\tinyumbrella-7.04.00.exe" = protocol=6 | dir=in | app=c:\users\andy\downloads\tinyumbrella-7.04.00.exe | 
"UDP Query User{83476296-1D45-4FE8-BE60-30975498988A}C:\users\andy\appdata\roaming\acestream\engine\ace_engine.exe" = protocol=17 | dir=in | app=c:\users\andy\appdata\roaming\acestream\engine\ace_engine.exe | 
"UDP Query User{94E12E9A-9CE7-426E-AE88-AA8CC541EBDE}C:\users\andy\downloads\tinyumbrella-7.04.00.exe" = protocol=17 | dir=in | app=c:\users\andy\downloads\tinyumbrella-7.04.00.exe | 
"UDP Query User{A1973AD8-7549-491F-9DBF-C5FDB5853C0A}C:\users\andy\downloads\tinyumbrella-7.02.01a.exe" = protocol=17 | dir=in | app=c:\users\andy\downloads\tinyumbrella-7.02.01a.exe | 
"UDP Query User{EC3B538E-46A9-4AEB-8362-23538E51BB8C}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}" = iTunes
"{29938C06-6962-4C27-A94C-25E4F424A665}_is1" = FileViewPro
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{30AD92E0-E077-EA9A-2D30-97C5E6644930}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8961E141-B307-4882-ABAD-77A3E76A40C1}" = ASCOM Platform 6 - SP3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E3}" = Python 2.7.6 (64-bit)
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{E7F13A64-2E17-6800-06A9-D898C728A755}" = ATI Catalyst Install Manager
"{e9d90870-ab19-32a8-aa93-f8348ba21d05}" = Python 3.3.3 (64-bit)
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF3293DE-FCAC-4742-91BF-AD0174143FC3}" = HP Deskjet 3050 J610 series - Grundlegende Software für das Gerät
"{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}" = Apple Mobile Device Support
"CCleaner" = CCleaner
"CyberGhost VPN 5_is1" = CyberGhost 5
"Elantech" = ETDWare PS/2-X64 8.0.6.0_WHQL
"HitmanPro37" = HitmanPro 3.7
"Software Informer_is1" = Software Informer 1.2
"VLC media player" = VLC media player 2.1.2
"WinRAR archiver" = WinRAR 5.01 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{01994B47-23FB-7678-E11A-ACB21F6EFA08}" = CCC Help Korean
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera
"{0215ADBE-2C36-1651-F537-A37749153A65}" = CCC Help Japanese
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer
"{060689B2-F271-4D1B-9E53-97FACB1FD107}" = Windows Live Essentials
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger
"{078F45F3-4A17-47BA-8309-0B287198FFFA}" = Windows Live Essentials
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{0C22AFC1-F5B5-4FC5-B620-0326D4AE1053}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0CDBAAE4-BD9F-5DB4-BA6A-58373173FD4E}" = PX Profile Update
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0DAC2E86-97E8-94F6-5BF0-C08043BFF517}" = CCC Help Turkish
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{119A44B5-6237-4D56-8424-5DAE70ED3F4E}" = Windows Live UX Platform Language Pack
"{120C160F-F53D-4A15-A873-E79BF5B98B48}" = Windows Live Photo Common
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{18C928E6-31F0-4DD5-BD4D-55FBCF599712}" = Windows Live UX Platform Language Pack
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A68E3D6-7B89-4C9F-AF3E-8ED4FF79FB0C}" = Windows Live UX Platform Language Pack
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{226F0D93-76DE-4F1C-B14D-DE10443ADB60}" = Windows Live Movie Maker
"{23B93929-FAD4-40E5-96C6-0E977BB87204}" = Windows Live Essentials
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.7.0
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{278FC815-162D-459D-A42F-B3D8120E9725}" = Windows Live UX Platform Language Pack
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28950295-A98C-4081-AC82-045E9879945E}" = Windows Live UX Platform Language Pack
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2BB6EF5D-44A3-5206-BBD5-26ECC066F58F}" = CCC Help English
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{304D04C5-C4C7-DF22-E13B-653E48C841EE}" = CCC Help Finnish
"{30ADC681-8493-4955-B3E9-A08D4DAF316F}" = Windows Live Essentials
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3206854C-84DC-4BB0-9CDF-25BC3826810B}" = Windows Live UX Platform Language Pack
"{3272CD17-7958-452A-8E6E-8C85CFFDBEDF}" = Windows Live UX Platform Language Pack
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3C60C40A-934A-4008-B68B-E70F58420AA1}" = Windows Live Essentials
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F3C94C4-C251-4D3B-B810-1C0319B8ACAD}" = Windows Live Temel Parçalar
"{41564952-412D-5637-00A7-A758B70C0A00}" = Avira SearchFree Toolbar
"{41F11B70-481A-76A9-3D4B-2D368F192CF5}" = CCC Help Russian
"{4224D19D-2E7D-4E90-97A4-20C654B28AB8}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{45A5BEBD-2CA0-6B5D-70EC-D0DED8B0A473}" = CCC Help Polish
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46804E41-834A-4A0A-BC77-D4A744D78E8C}" = Windows Live Essentials
"{46BC55A2-B4CE-46B5-8303-A2076B899505}" = Windows Live UX Platform Language Pack
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{47824255-3AD0-400A-851A-FCC69553FE66}" = Windows Live Essentials
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D27EAF3-5029-65C1-F240-48B1335F129B}" = CCC Help French
"{4D7BAC8A-51B8-4243-8567-1415C4272D13}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4E803843-C363-50D6-6CB2-5F11D667602D}" = CCC Help Danish
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{545C7FEC-BC4C-41DA-D6C1-59513E428CBE}" = CCC Help Norwegian
"{54FCE80F-7ED4-4612-29EA-3CBE66313038}" = CCC Help Czech
"{566E862A-6CFD-4CFD-A2BB-69C81A08176E}" = Windows Live UX Platform Language Pack
"{57CA189D-BAEB-49BC-AE75-CE70E9B775E1}" = Catalyst Control Center - Branding
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5ADFC0D3-BED0-4BCA-946A-6B28D71BBEAA}" = Stereoscopic Player
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5D90ABE5-8A35-4947-8269-6F40BCE47A95}" = Windows Live Messenger
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{602643BD-3C18-4ADE-B4A1-192F93D443EA}" = Windows Live UX Platform Language Pack
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{622A0A32-9711-43D3-A6F1-B0FC78F1A68A}_is1" = MassTube 12.0.0.271 Alpha 6
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6BA68C11-0B63-4192-B880-0B5E3F7949F9}" = Windows Live UX Platform Language Pack
"{6C25E9F7-D3F2-77A7-6C10-C1BD7B6C6280}" = CCC Help Dutch
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{709D0207-B1F8-4ADC-BB2F-CDBE2367A475}_is1" = TweakMe!
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell" = WildTangent Games App (Packard Bell Games)
"{70E5B14F-90ED-4D3D-A136-7851C9190942}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{763944C0-4CF7-473E-BEF3-9E6C9ACF5AD3}" = Windows Live Essentials
"{765D66D1-A924-4801-BC22-D0D7E0DDDEAF}" = Windows Live UX Platform Language Pack
"{767BF3D9-EC05-40BA-84BA-2B06C6B88FB2}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A9122B2-CF90-4ACB-8E10-AA83F725916B}" = Основные компоненты Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82A7E300-CB80-4084-8BB5-423F2D6908B1}" = Windows Live UX Platform Language Pack
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84402369-AD42-8C41-090F-468BC3B1CEBB}" = CCC Help Chinese Traditional
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}" = Windows Live Argazki Galeria
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{89CD148A-64A8-18AA-E2E0-AF784B03D14E}" = CCC Help Hungarian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E285C75-9BE2-4349-972B-DECDDF472656}" = Windows Live Writer Resources
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{9262B08F-E183-4FED-A2BD-23FF1A84EB7A}" = HPDiagnosticCoreDll
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}" = Windows Live Mail
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{9498AAF7-0D2A-430E-A2B0-8EBF23DB0C05}" = Windows Live Essentials
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA9248E-C0E7-F51E-5B0E-F9C00D8663C8}" = Catalyst Control Center Localization All
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}" = inSSIDer Home
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A18681FF-9745-436F-A013-6FC1A7F7EC67}" = Windows Live UX Platform Language Pack
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = HomeMedia
"{AA806DB1-E882-4834-8102-B5F256BE9A2F}" = Windows Live Essentials
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AAFDD7EF-1580-E9B2-6723-EBB386DD3253}" = CCC Help Thai
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Deutsch
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADEB1E6F-1C01-4EEB-A551-8E3F8CD2F35F}" = Windows Live UX Platform Language Pack
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B22FB9DD-BA6C-CFCF-C31F-C19E611D6B7D}" = CCC Help Spanish
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B524274D-5B48-4DCC-8C1D-3D66A35B3685}" = Windows Live 程式集
"{B5DAF7CF-928B-3A5E-7BF5-8CCE4F5F69A4}" = CCC Help Chinese Standard
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B79EE44A-428E-4983-A366-7CD70545681F}" = Windows Live Essentials
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BDD0222F-D1C2-47DB-ABBE-62EB4F887A56}" = Windows Live UX Platform Language Pack
"{BDDC2D1F-092F-476F-A7D7-819AA5F434DF}" = Windows Live UX Platform Language Pack
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C4557453-4DB0-4D45-8CD1-B098026A407D}" = Windows Live UX Platform Language Pack
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}" = Windows Live UX Platform Language Pack
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0083B85-A6DE-12E3-4AD3-AC4D44854222}" = CCC Help Italian
"{D069BF2F-8648-B4CE-FB72-09B1ABC74288}" = Catalyst Control Center Profiles Mobile
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D265857F-A9CB-C813-7F98-13A210DEF14C}" = Catalyst Control Center
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D3A7E344-4732-4340-9E90-C3EB372711CD}" = Windows Live UX Platform Language Pack
"{D3E5A972-9A15-427D-AE78-8181A5FD943C}" = eBay Worldwide
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger
"{D57EE916-8D07-12B9-AEE6-95579E3ED100}" = CCC Help Greek
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D7B24A43-A287-41AC-9957-F616A2B25A9D}_is1" = MassFaces 3.6.3.112
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DA3042C3-0112-4BBA-81EE-49A07085E7EC}" = Windows Live UX Platform Language Pack
"{DAA742AD-F959-4BD5-B5EB-E4AB593707FE}" = Windows Live Essentials
"{DAD92257-9160-45F6-B6C4-2DA354DCC5A9}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE7D8CF9-9C52-4BE0-B3E0-D4F116C524A8}" = Windows Live
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DEE5D26C-EEE8-4D83-96D3-4F7D595D0FC4}" = Windows Live Essentials
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{DFB53C63-3092-9EE6-3628-541479E81347}" = CCC Help Portuguese
"{DFF8BA6D-A415-F77C-2AAC-C1413B5D75E4}" = Catalyst Control Center InstallProxy
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{E22F5F97-BEFE-9ACB-8410-9DD3AC2C4D8D}" = CCC Help Swedish
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E6FEFE9A-73C3-457B-ADF0-9865FFC5B3B3}" = Windows Live Essentials
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{EC5B21B9-9AC6-4892-9E1B-C98D30AB0395}" = Windows Live UX Platform Language Pack
"{EC5E0CAF-BC28-401C-B8BE-89C496D6D66F}" = Windows Live Essentials
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{EE4C3B7B-ABFD-4985-9F16-3361031E4475}" = Windows Live Essentials
"{EE999A5F-3D40-4475-BBD3-FB867C93D77F}" = Windows Live Essentials
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{F077FF52-187F-406C-ABC9-222A693D1883}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F13587F7-AA4C-4C2E-AE7D-F33F3CCE57A9}" = Windows Live Messenger
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F3080E90-9674-1627-2654-98437E7B31ED}" = CCC Help German
"{F45E6106-4877-4298-92E7-0948015560C2}" = Windows Liven peruspaketti
"{F4DC3E82-471A-4949-A311-7AE803D203E1}" = Windows Live Essentials
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Hilfe
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{FA12037C-B6FA-4825-86BC-D58AA6A9CC24}" = Podstawowe programy Windows Live
"{FA29B84F-8306-4A62-A340-F2C41305E7AF}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCBC19F7-E068-4B7A-ACBB-CE9CCEB4B21F}" = Windows Live Messenger
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF2DE2F0-A25E-4AE6-A2E0-056665520F1C}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"3DBDBuster 4.0 RC" = 3DBDBuster 4.0 RC Installer Version 0.001
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"AnVir Task Manager" = AnVir Task Manager
"Avira AntiVir Desktop" = Avira Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"DartPro_is1" = DartPro 2.9.0.0
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Packard Bell MyBackup
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"ipswDownloader" = ipswDownloader 2.0
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.12.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Thunderbird 24.3.0 (x86 de)" = Mozilla Thunderbird 24.3.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"PremElem90" = Adobe Premiere Elements 9
"Revo Uninstaller" = Revo Uninstaller 1.95
"SixaxisPairTool_is1" = SixaxisPairTool 0.2.5
"SoftOrbits Photo Retoucher_is1" = SoftOrbits Photo Retoucher 1.3
"TwonkyServer" = Twonky Server
"Ultravnc2_is1" = UltraVnc
"Veetle TV" = Veetle TV
"VirtualCloneDrive" = VirtualCloneDrive
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"WinLiveSuite" = Windows Live Essentials
"WTA-0d653228-8c68-483a-b555-4d96f39331c2" = Diner Dash 2 Restaurant Rescue
"WTA-137dd3cf-9c53-409c-bf57-49a2f363acf2" = Mystery P.I. - The London Caper
"WTA-2a206660-dc0b-48b7-8496-c427c3873c1a" = Agatha Christie - 4:50 from Paddington
"WTA-2b2d48bf-cd68-4c7a-85b4-03f8f7fc4995" = Penguins!
"WTA-3c111aff-fbd7-4ddd-8791-24c9ae8e8958" = Torchlight
"WTA-47f5720e-ef49-4ccd-8da7-2625befd0f3a" = Virtual Villagers - The Secret City
"WTA-58822e99-1a55-467a-80d7-d4cafdb54b72" = Crazy Chicken Kart 2
"WTA-607389e4-1972-48e3-827d-16497157680e" = Slingo Deluxe
"WTA-60b0e68b-e64b-4131-be47-65222162347f" = FATE
"WTA-909c1eb1-e701-483f-838a-2e430f2de39a" = Wedding Dash
"WTA-af8cd63f-d090-4d2f-ae91-2a3d5ee88f32" = Zuma Deluxe
"WTA-b710d369-03e1-4c57-a332-b4326ddc135b" = Jewel Quest Solitaire
"WTA-c50239f8-8180-49e3-bb2e-ab50446ac51c" = Polar Bowler
"WTA-cae679f6-45b3-4b4a-ac90-307517f9977e" = John Deere Drive Green
"WTA-dbf4d14e-1b8b-4b38-8b45-8fc60d0f04d9" = Bejeweled 2 Deluxe
"WTA-ee4b8618-49b0-4ca1-9dde-8281696f8f25" = Chuzzle Deluxe
"WTA-f682afe0-0226-4bc4-9223-ee73638e41c4" = Plants vs. Zombies - Game of the Year
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AceStream" = Ace Stream Media 2.1.10.1
"optimizer_chrome" = Widevine Media Optimizer Chrome 6.0.0
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Zero Install (per-user)_is1" = Zero Install (per-user)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.02.2014 20:28:22 | Computer Name = Andy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8003
 
Error - 13.02.2014 20:28:22 | Computer Name = Andy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8003
 
Error - 13.02.2014 20:28:23 | Computer Name = Andy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 13.02.2014 20:28:23 | Computer Name = Andy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9002
 
Error - 13.02.2014 20:28:23 | Computer Name = Andy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9002
 
Error - 14.02.2014 05:51:30 | Computer Name = Andy-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.02.2014 05:54:44 | Computer Name = Andy-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Andy\Downloads\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 14.02.2014 06:35:36 | Computer Name = Andy-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.02.2014 07:03:43 | Computer Name = Andy-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Check Point Install Utility" konnte
 nicht heruntergefahren werden.
 
Error - 14.02.2014 07:05:56 | Computer Name = Andy-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 13.02.2014 12:56:49 | Computer Name = Andy-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 13.02.2014 12:56:51 | Computer Name = Andy-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 13.02.2014 12:56:52 | Computer Name = Andy-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 13.02.2014 12:56:53 | Computer Name = Andy-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 13.02.2014 16:07:24 | Computer Name = Andy-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?13.?02.?2014 um 20:16:08 unerwartet heruntergefahren.
 
Error - 13.02.2014 18:54:11 | Computer Name = Andy-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 13.02.2014 19:51:30 | Computer Name = Andy-PC | Source = volsnap | ID = 393230
Description = Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers
 auf Volume "C:" abgebrochen.
 
Error - 14.02.2014 05:50:37 | Computer Name = Andy-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?02.?2014 um 10:10:56 unerwartet heruntergefahren.
 
Error - 14.02.2014 08:16:02 | Computer Name = Andy-PC | Source = volsnap | ID = 393230
Description = Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers
 auf Volume "C:" abgebrochen.
 
Error - 14.02.2014 10:58:33 | Computer Name = Andy-PC | Source = volsnap | ID = 393230
Description = Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers
 auf Volume "C:" abgebrochen.
 
 
< End of report >
         
__________________


Alt 14.02.2014, 21:04   #18
Larusso
/// Selecta Jahrusso
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



ich finde da nichts

Downloade dir bitte einmal Avast Browser Cleaner und führe es wie beschrieben aus.

:/
__________________
__________________

Alt 14.02.2014, 21:16   #19
wallhalla23
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Hatte den schon am 11.02. ausgeführt und zeigt mir an das alles sauber ist.
Schwieriger Fall...

Alt 14.02.2014, 21:17   #20
Larusso
/// Selecta Jahrusso
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Ich frag mal meine Kollegen. Eventuell übersehe ich was

__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 14.02.2014, 22:04   #21
Larusso
/// Selecta Jahrusso
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Kurze Zwischenfrage.

Hast du ein Google Konto ?
__________________
--> Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links

Alt 14.02.2014, 22:11   #22
wallhalla23
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Ja hab ich

Alt 15.02.2014, 10:06   #23
Larusso
/// Selecta Jahrusso
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Hy.

Das Problem ist bei Chrome, dass der sich automatisch mit Google synchronisiert. Bedeutet also, wenn wir ihn neu installieren dann kann es sein, dass die Malware,welche ich nicht finde, wieder von deinem Google Konto "mitinstalliert" wird.

Ich würde dich vorerst mal bitten, die automatische Synchronisierung auszuschalten
https://support.google.com/chromeboo.../1281195?hl=de

Danach einmal Chrome zu deinstallieren und neu installieren.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 15.02.2014, 11:00   #24
wallhalla23
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Wenn ich das richtig verstanden habe dann muss ich Chrome einfach deinstallieren dann neu installieren aber nicht anmelden...ist das richtig so? Denn ich finde nichts wo ich die automatische Syncronisation ausstellen kann.
Mal kurz angemerkt: Ich habe seit heute morgen keine Ads im Browser bemerkt aber das hatte ich schonmal. Eine Zeitlang geht es gut und dann 1-2 Std später ist wieder alles voll gewesen.

Wie gesagt Schwieriger Fall

Geändert von wallhalla23 (15.02.2014 um 11:09 Uhr)

Alt 15.02.2014, 11:38   #25
Larusso
/// Selecta Jahrusso
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Ja, versuchen wir es einfach mal mit dem simplen Weg.

Das auch der Grund, warum ich mich mit Chrome einfach nicht anfreunden kann.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 15.02.2014, 12:06   #26
wallhalla23
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Ich hatte eigentlich nie schwierigkeiten mit Chrome und benutze ihn schon von Anfang an.

Ich habe es jetzt doch etwas anders gemacht und zwar hab ich auf Erweiterte Synchronisationseinstellungen dann oben auf Auswahl Synchroniesieren geklickt. Habe alle haken entfernt außer Passwörter. Dann auf OK...die Meldung "wird vom Googlekonto gelöscht habe ich bestätigt.
Als nächstes Chrome deinstalliert und wieder neuinstalliert mit Anmeldung. Bis jetzt keine Ads zusehen...Ich denke das ich erstmal abwarten muß oder was meinst du dazu?

Geändert von wallhalla23 (15.02.2014 um 12:27 Uhr)

Alt 15.02.2014, 13:17   #27
Larusso
/// Selecta Jahrusso
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Cool

Beachte das mal bis morgen oder so und melde dich dann wieder wie es aussieht.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 16.02.2014, 10:47   #28
wallhalla23
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Ja klar das mache ich...schon einmal ein riesen Danke schön auch wenn es erst ein "vielleicht fertig" ist.

So da bin ich wieder...also gestern hatte ich keine Ads und heute fing es vor einer halben std wieder an das soll mal einer verstehen aber dafür haben wir ja euch (Y)

Alt 16.02.2014, 11:08   #29
Larusso
/// Selecta Jahrusso
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Ich muss jetzt fragen.

Sonst noch irgendeine gecrackte Software installiert ?
Ich sehe bei dir einen Haufen Software, auf die man getrost verzichten kann.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 16.02.2014, 11:31   #30
wallhalla23
 
Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Standard

Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links



Also nein ich habe keine weitere gecrackte Software drauf...nicht das ich wüßte...man ist ja immer Jäger und Sammler auch wenn man weiß das es im eigentlichen Sinne verkehrt ist...gehe öfters auch mal durch um überflüssiges zu entfernen aber meist ist das nicht viel.

Antwort

Themen zu Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links
adw-cleaner, angemeldet, anti-malware, auf werbung umgeleitet, ausprobiert, gemeldet, griff, grüne, grüne links, hoffe, installer, link, links, malwarebytes, nicht mehr, probiert, problem, progs, revo uninstaller, spyhunter, texte, umgeleitet, umgewandelt, uninstaller, webseite, webseiten, werbung, windows, windows 7




Ähnliche Themen: Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links


  1. Windows 7 Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 07.09.2015 (10)
  2. Windows 7: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 19.08.2015 (11)
  3. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 30.07.2015 (8)
  4. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 08.05.2015 (16)
  5. Windows 7: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 24.04.2015 (31)
  6. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 11.02.2015 (19)
  7. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Plagegeister aller Art und deren Bekämpfung - 25.11.2014 (9)
  8. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 12.11.2014 (8)
  9. Windows 7: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 11.09.2014 (13)
  10. Windows 7: Internet Explorer startet automatisch Werbung/ Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 27.07.2014 (7)
  11. Windows 7: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 17.05.2014 (7)
  12. Windows 7: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 28.04.2014 (9)
  13. Windows 7 : grüne ungewollte Links im Text, Umleitung auf Webseiten mit Werbung
    Log-Analyse und Auswertung - 04.03.2014 (9)
  14. Windows 7: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 07.01.2014 (6)
  15. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 30.11.2013 (12)
  16. Windows 7: Webseiten werden auf werbung umgeleitet
    Log-Analyse und Auswertung - 27.10.2013 (9)
  17. Windows 8: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 24.08.2013 (5)

Zum Thema Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links - Ich will mir mal eine andere Logfile ansehen. Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ). Doppelklick auf die - Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links...
Archiv
Du betrachtest: Windows 7: Webseiten werden auf Werbung umgeleitet usw und grüne Links auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.