GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv Hallo zusammen, ich bin neu hier, weil ich mir den GVU-Trojaner eingefangen habe und ihn bisher noch nicht selbst beseitigen konnte. Ich habe Windows 7 - 64 bit. Ich habe Avast, es war aber zu dem Zeitpunkt deaktiviert. Anmerkung: Ich hatte/habe auch den Windows sality Virus. Ich habe wie bereits erwähnt den sogenannten GVU-Trojaner (hat sich von selbst auf meinen PC geladen), der ein unschließbares Fenster öffnet mit einer Warnung, dass mein Computer gesperrt wurde und ich 100€ zahlen soll um einem Strafverfahren zu entgehen oder so ähnlich. Er zeigt meine IP und meinen Wohnort an und ich glaub sogar ein Webcambild. Man kann weder Taskmanager öffnen noch sonst etwas, wenn das Fenster sich öffnet. Dieses öffnet sich NUR, wenn der Computer Internetzugang hat. Was habe ich bisher versucht? - Avast Scan und Reparatur - Kaspersky Rescue Disk beim booten. Der fand auch einiges, ich habe nach Empfehlung Sachen desinfiziert oder in Quarantäne verschoben alles ohne Erfolg. Dann habe ich den vollständigen Malwarebytes Anti-Malware Scan durchgeführt und alle Schädlinge (es waren 2) entfernt.
Malwarebytes Anti-Malware www.malwarebytes.org Datenbank Version: v2012.07.03.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 07.08.2012 02:06:07 mbam-log-2012-08-07 (03-08-57).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Infizierte Dateien: 2 C:\Users\***\Downloads\mist\microsoftoffice2010germanlanguagepackx86xiso.exe (PUP.Adware.MediaGet) -> Keine Aktion durchgeführt. D:\khjka.exe (Malware.Packer.Gen) -> Keine Aktion durchgeführt. (Ende)
![]() | #2 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv hi
__________________der sality ist ein file infektor, eig können wir uns da gleich jede arbeit sparen und das system neu machen. 1. Datenrettung:
ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________ |
![]() | #3 |
| ![]() GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv Hi Markus,
__________________vielen Dank für die schnelle Antwort, auch wenn das, was ich lese sehr frustrierend für mich ist. Ich wollte Datenrettung und Formatieren eigentlich vermeiden, da ich momentan keine freie externe Festplatte zur Verfügung habe... außerdem dauert es so ewig bis ich da alles wieder draufgespielt und eingerichtet habe und die Zeit hab ich gerade nicht, weil ich eine Bachelorarbeit schreiben muss :/ Natürlich bleibt mir nichts andere übrig, wenn nichts anderes machbar ist... Die Sache ist die: Ich habe mein System vom Sality Virus gereinigt. Seither funktionierte es wieder problemlos. Nun habe ich natürlich ein bisschen hier im Forum gelesen. Es heißt ja oft, dass es noch nicht bedeutet, dass der PC sauber ist, nur weil er wieder besser läuft richtig? Kann man an den Txt Dateien sehen, ob ich noch den Sality habe? Wäre es überhaupt möglich, dass ich ihn erfolgreich entfernt habe? Wenn ja, kann ich irgendwie versuchen, den GVU Trojaner zu beseitigen? Ich habe den in einer früheren Version schon einmal erfolgreich vom PC einer Freundin verjagen können. Ist der neue so bösartig, dass da nix machbar ist? Nur interessenshalber: Wenn der Trojaner die Webcams anschalten kann, heißt das, dass es wirklich irgendwo so kranke Menschen gibt, die einen beobachten würden? Oder ist das nur ein Automatismus um einen einzuschüchtern? ![]() Vielen vielen Dank nochmals für die Mühe man sich hier macht, den Leuten zu helfen! Das ist nicht selbstverständlich seine Zeit für jemand Fremdes zu opfern... Ihr seid ganz große Klasse! ![]() |
![]() | #4 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv hi, dieser virus befällt ausführbare dateien, wie exe, dll usw. es kann daher zu problemen kommen, selbst bei anscheinener bereinigung deswegen rate ich dir zum neu aufsetzen die webcam wird, bei den mir bekannten variannten, nicht zum spionieren verwendet
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
![]() | #5 |
| ![]() GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv Scheint ja ein echt fieses Ding zu sein. Da bleibt mir wohl echt nichts anderes übrig, als den PC platt zu machen. Dazu hätte ich auch ein paar Fragen. Ich wäre Dir sehr dankbar, wenn du mir weiterhin zur Seite stehen könntest... Du schreibst, dass ich meine Daten mit Parted Magic sichern solle. Da es sich dabei um ein Live Linux Sytem handelt, habe ich mich gefragt, ob ich auch Ubuntu stattdessen nutzen kann. Das ist doch auch eine lesende Linux Distribution oder? So eine CD habe ich mir nämlich vor längerer Zeit schon einmal erstellt. Oder ist Parted Magic schlichtweg besser und bedienungsfreundlicher? Daten sichern... Ich habe mir die Liste mit den Endungen angeschaut. Allerdings würde ich gerne nochmal nachfragen, ob ich das richtig verstanden habe... Bedeutet das, dass ich die dateien, die vom system direkt ausführbar sind, nicht sichern sollte? Bzw. Da sich Sality in ausführbaren Dateien einnistet sollte ich keine exe Dateien und co speichern oder? Ich habe keine Windows CD. Ich glaube, dass ist auf dem fertig Laptop (Sony Vaio Windows 64 bit) mit drauf... kann das sein? Brauch ich dann eine DVD? bzw. Muss ich mir trotzdem Windows 7 ISO downloaden? Da in dem Thread steht, dass empfohlen wird, professional zu installieren. Allerdings habe ich eine Home Premium Lizenz... dann fällt das wegen der Lizenz flach oder? Viele Grüße, Lisa |
![]() | #6 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv hi das gerät müsste ne recovery funktion haben. die kann man bei start über f9 f10 f11 oder alt+f9 bzw alt+f10 starten ausführbare dateien nicht sichern, genau. und über ubuntu ist das auch ok
__________________ --> GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv |
![]() | #7 |
| ![]() GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv Nochmals hallo! Ich haben ne neue Externe Festplatte, die Daten gesichert und den PC platt gemacht. Nun ist er neu formateiert und ich habe schon ein paar Sachen neu draufgespielt. Zudem habe ich ihn gescannt und wollte das Ergebnis mal hier posten. Wäre super, wenn da jemand nochmal drüber schauen könnte, ob alles in Ordnung ist... Vielen Dank! PS. Ich habe jetzt seit 3 Tagen jedes Mal eine Fehlermeldung bekommen, wenn ich eine Antwort posten wollte. Ich habe es jetzt ca. 15 Mal vergeblich versucht. Deswegen probiere ich jetzt mal, die OTL Dateien in den Anhang zu packen... Edit: Funktioniert auch nicht: zu groß. Also mach ich jetzt mehrere Posts... Code:
Malwarebytes Anti-Malware www.malwarebytes.org Datenbank Version: v2012.08.09.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Lisa :: PUPI [Administrator] 09.08.2012 19:16:02 mbam-log-2012-08-09 (19-16-02).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Durchsuchte Objekte: 358177 Laufzeit: 37 Minute(n), 54 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende)
![]() | #8 |
ATTFilter OTL logfile created on: 09.08.2012 22:56:50 - Run 1 OTL by OldTimer - Version Folder = C:\Users\Lisa\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,92 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 41,96% Memory free 7,83 Gb Paging File | 4,55 Gb Available in Paging File | 58,12% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 200,00 Gb Total Space | 56,38 Gb Free Space | 28,19% Space Free | Partition Type: NTFS Drive D: | 246,68 Gb Total Space | 241,62 Gb Free Space | 97,95% Space Free | Partition Type: NTFS Computer Name: PUPI | User Name: Lisa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.08.07 02:38:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe PRC - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- D:\Programme\Teamviewer\TeamViewer_Service.exe PRC - [2012.01.20 15:23:00 | 000,054,432 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe PRC - [2011.11.30 18:49:50 | 000,082,592 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe PRC - [2011.07.12 16:10:34 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2011.07.12 16:10:28 | 000,923,984 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2011.07.07 15:44:12 | 000,183,432 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe PRC - [2011.07.07 15:44:12 | 000,066,696 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe PRC - [2011.06.17 22:02:56 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2011.06.17 22:02:41 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2011.05.20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2011.05.20 10:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2011.03.15 14:44:30 | 000,428,384 | ---- | M] (Sony Corporation) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE PRC - [2011.02.23 14:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe PRC - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe ========== Modules (No Company Name) ========== MOD - [2012.08.09 05:57:43 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\\System.Runtime.Remoting.resources.dll MOD - [2012.04.24 00:35:09 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\\System.Drawing.dll MOD - [2012.03.22 00:32:36 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\\System.Windows.Forms.dll MOD - [2012.02.11 01:31:42 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\\WindowsBase.dll MOD - [2012.01.04 04:51:03 | 003,190,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\\System.dll MOD - [2012.01.04 04:50:59 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\\mscorlib.dll MOD - [2010.11.21 05:24:32 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\\System.Configuration.dll MOD - [2010.11.21 05:23:48 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\\System.Xml.dll MOD - [2010.11.21 05:23:48 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\\System.Runtime.Remoting.dll MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\\mscorlib.resources.dll MOD - [2009.06.10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\\Accessibility.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.11.30 18:49:50 | 000,260,768 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV:64bit: - [2011.07.20 00:33:46 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- D:\Programme\Teamviewer\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.06.27 12:29:24 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Programme\Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012.05.10 18:44:34 | 001,259,104 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent) SRV - [2012.01.20 15:23:00 | 000,054,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService) SRV - [2011.07.15 16:43:38 | 000,969,352 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService) SRV - [2011.07.13 10:14:44 | 000,552,584 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2011.07.12 16:10:34 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2011.07.12 16:10:32 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service) SRV - [2011.07.12 16:10:28 | 000,923,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2011.07.07 15:44:12 | 000,066,696 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service) SRV - [2011.07.05 22:27:00 | 000,199,272 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService) SRV - [2011.06.17 22:02:56 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2011.06.17 22:02:41 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2011.06.16 22:51:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2011.05.20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011.05.19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2011.05.02 14:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2011.05.02 14:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2011.05.02 14:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2011.04.21 09:34:16 | 001,136,640 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV - [2011.04.21 08:42:50 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV - [2011.03.15 14:44:30 | 000,428,384 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2011.03.01 21:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2011.02.23 14:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) SRV - [2011.02.21 12:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2011.02.21 12:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2011.02.18 22:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper) SRV - [2011.02.18 22:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV - [2011.01.20 12:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService) SRV - [2011.01.20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0) SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.05.20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc) SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.12.09 19:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:64bit: - [2011.11.15 01:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2011.07.20 00:42:15 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2011.07.20 00:34:07 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.07.20 00:34:07 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.07.20 00:30:07 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2011.07.06 16:33:58 | 000,052,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2011.06.25 05:13:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011.06.21 15:19:16 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd) DRV:64bit: - [2011.06.21 15:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2011.06.21 15:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2011.06.17 22:02:39 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2011.06.16 22:51:52 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2011.06.15 22:19:55 | 001,439,280 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011.06.14 06:24:06 | 000,207,872 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2011.06.14 06:24:06 | 000,087,552 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2011.05.01 14:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:64bit: - [2011.04.21 09:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP) DRV:64bit: - [2011.04.21 09:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.30 03:19:52 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.05.20 15:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo) DRV:64bit: - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2010.03.19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009.07.31 03:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.06.10 22:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.facebook.com/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/ IE - HKCU\..\SearchScopes,DefaultScope = {80ECED3D-1F24-4EB0-AFDF-4FA726353E2A} IE - HKCU\..\SearchScopes\{80ECED3D-1F24-4EB0-AFDF-4FA726353E2A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: c:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.08.09 05:32:23 | 000,000,000 | ---D | M] O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] c:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Programme\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Append to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convert to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append Link Target to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.) O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DDBAE932-BF05-43AE-8FB6-C6173F4FBB87}: DhcpNameServer = O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{98796a5e-e1ce-11e1-93d0-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{98796a5e-e1ce-11e1-93d0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.08.09 22:48:50 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe [2012.08.09 19:21:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache [2012.08.09 19:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.08.09 19:16:38 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Google [2012.08.09 19:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2012.08.09 19:15:10 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Malwarebytes [2012.08.09 19:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.08.09 19:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.08.09 19:14:59 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.08.09 19:14:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.08.09 19:11:44 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys [2012.08.09 19:11:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012.08.09 19:11:27 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\LogMeIn Hamachi [2012.08.09 18:51:49 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\iolo [2012.08.09 18:51:42 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care [2012.08.09 18:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam [2012.08.09 18:30:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam [2012.08.09 18:30:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam [2012.08.09 18:27:03 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Sony [2012.08.09 18:26:42 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Podcasts [2012.08.09 18:26:42 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Media Go [2012.08.09 18:26:06 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Sony [2012.08.09 17:22:41 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012.08.09 12:43:53 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Studium [2012.08.09 12:17:19 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\ArcSoft [2012.08.09 12:17:15 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\ArcSoft [2012.08.09 12:16:14 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Skype [2012.08.09 12:16:10 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012.08.09 12:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.08.09 12:16:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.08.09 11:13:59 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\TS3Client [2012.08.09 09:20:15 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Sony PMB [2012.08.09 09:20:14 | 000,000,000 | -H-D | C] -- C:\Users\Lisa\Documents\Operation H [2012.08.09 09:20:14 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\RCT3 [2012.08.09 09:20:14 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\ICQ [2012.08.09 09:20:14 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Eigene Scans [2012.08.09 09:20:14 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\DVDVideoSoft [2012.08.09 09:20:13 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Command and Conquer Generals Data [2012.08.09 09:19:45 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Ausland [2012.08.09 09:19:43 | 000,000,000 | -H-D | C] -- C:\Users\Lisa\Documents\Audio Recorder for Free [2012.08.09 09:19:43 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Any Video Converter Professional [2012.08.09 09:19:43 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Adobe [2012.08.09 09:04:50 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Lisa\mbam-setup- [2012.08.09 09:03:48 | 000,000,000 | ---D | C] -- C:\Users\Lisa\we're alive [2012.08.09 08:58:38 | 000,000,000 | ---D | C] -- C:\Users\Lisa\USA [2012.08.09 08:58:37 | 000,000,000 | ---D | C] -- C:\Users\Lisa\people [2012.08.09 08:57:42 | 000,000,000 | ---D | C] -- C:\Users\Lisa\mama cam [2012.08.09 08:57:40 | 000,000,000 | ---D | C] -- C:\Users\Lisa\HG world [2012.08.09 08:57:40 | 000,000,000 | ---D | C] -- C:\Users\Lisa\gorilla [2012.08.09 08:57:35 | 000,000,000 | ---D | C] -- C:\Users\Lisa\CD [2012.08.09 08:56:15 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Cam 2Gb all 18.4.12 [2012.08.09 08:56:00 | 000,000,000 | ---D | C] -- C:\Users\Lisa\bilder bearb udo [2012.08.09 08:55:49 | 000,000,000 | ---D | C] -- C:\Users\Lisa\4.0 [2012.08.09 08:55:49 | 000,000,000 | ---D | C] -- C:\Users\Lisa\25. Bday [2012.08.09 08:55:49 | 000,000,000 | ---D | C] -- C:\Users\Lisa\.tfo4 [2012.08.09 08:49:00 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Rechnungen [2012.08.09 08:48:30 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Bachelorarbeit [2012.08.09 08:41:36 | 000,000,000 | ---D | C] -- C:\Users\Lisa\temp [2012.08.09 08:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M [2012.08.09 08:38:09 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\ICQ Search [2012.08.09 08:37:54 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\ICQ [2012.08.09 08:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2012.08.09 08:14:48 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Xfire [2012.08.09 08:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire [2012.08.09 08:14:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire [2012.08.09 07:54:02 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Meine empfangenen Dateien [2012.08.09 07:15:06 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Battlefield 2 [2012.08.09 07:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES [2012.08.09 06:58:02 | 000,000,000 | ---D | C] -- C:\Update [2012.08.09 06:48:31 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\ATI [2012.08.09 06:48:31 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\ATI [2012.08.09 06:48:31 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.08.09 06:47:38 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Intel Corporation [2012.08.09 06:47:38 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Adobe [2012.08.09 06:47:30 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Adobe [2012.08.09 06:47:11 | 000,000,000 | R--D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.08.09 06:47:11 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Searches [2012.08.09 06:47:11 | 000,000,000 | R--D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.08.09 06:47:03 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Identities [2012.08.09 06:47:00 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Contacts [2012.08.09 06:46:47 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\VirtualStore [2012.08.09 06:45:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\VAIO Startup Setting Tool [2012.08.09 06:45:06 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012.08.09 06:44:55 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Sony Corporation [2012.08.09 06:44:50 | 000,000,000 | --SD | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft [2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Videos [2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Saved Games [2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Pictures [2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Music [2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Links [2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Favorites [2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Downloads [2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Documents [2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Desktop [2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Vorlagen [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\AppData\Local\Verlauf [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\AppData\Local\Temporary Internet Files [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Startmenü [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\SendTo [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Recent [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Netzwerkumgebung [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Lokale Einstellungen [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Documents\Eigene Videos [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Documents\Eigene Musik [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Eigene Dateien [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Documents\Eigene Bilder [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Druckumgebung [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Cookies [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\AppData\Local\Anwendungsdaten [2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Anwendungsdaten [2012.08.09 06:44:50 | 000,000,000 | -H-D | C] -- C:\Users\Lisa\AppData [2012.08.09 06:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Temp [2012.08.09 06:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Roaming [2012.08.09 06:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Microsoft [2012.08.09 06:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Media Center Programs [2012.08.09 06:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Macromedia [2012.08.09 06:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Intel [2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\Programme [2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.08.09 06:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote for VAIO [2012.08.09 06:30:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote [2012.08.09 06:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Evernote [2012.08.09 06:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation [2012.08.09 06:29:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Corporation [2012.08.09 06:29:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation [2012.08.09 06:27:49 | 000,021,176 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\iolorgdf64.exe [2012.08.09 06:27:49 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo [2012.08.09 06:25:39 | 000,000,000 | ---D | C] -- C:\Windows\en [2012.08.09 06:20:15 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2012.08.09 06:20:08 | 000,000,000 | ---D | C] -- C:\Windows\uk [2012.08.09 06:19:58 | 000,000,000 | ---D | C] -- C:\Windows\tr [2012.08.09 06:19:48 | 000,000,000 | ---D | C] -- C:\Windows\sv [2012.08.09 06:19:43 | 000,000,000 | ---D | C] -- C:\Windows\sk [2012.08.09 06:19:38 | 000,000,000 | ---D | C] -- C:\Windows\ru [2012.08.09 06:19:34 | 000,000,000 | ---D | C] -- C:\Windows\ro [2012.08.09 06:19:30 | 000,000,000 | ---D | C] -- C:\Windows\pt-pt [2012.08.09 06:19:26 | 000,000,000 | ---D | C] -- C:\Windows\pl [2012.08.09 06:19:21 | 000,000,000 | ---D | C] -- C:\Windows\no [2012.08.09 06:19:17 | 000,000,000 | ---D | C] -- C:\Windows\it [2012.08.09 06:19:13 | 000,000,000 | ---D | C] -- C:\Windows\hu [2012.08.09 06:19:07 | 000,000,000 | ---D | C] -- C:\Windows\el [2012.08.09 06:19:02 | 000,000,000 | ---D | C] -- C:\Windows\de [2012.08.09 06:18:57 | 000,000,000 | ---D | C] -- C:\Windows\fr [2012.08.09 06:18:51 | 000,000,000 | ---D | C] -- C:\Windows\fi [2012.08.09 06:18:46 | 000,000,000 | ---D | C] -- C:\Windows\nl [2012.08.09 06:18:41 | 000,000,000 | ---D | C] -- C:\Windows\da [2012.08.09 06:18:36 | 000,000,000 | ---D | C] -- C:\Windows\cs [2012.08.09 06:18:31 | 000,000,000 | ---D | C] -- C:\Windows\bg [2012.08.09 06:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012.08.09 06:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2012.08.09 06:12:11 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.08.09 06:12:07 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2012.08.09 06:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012.08.09 06:11:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012.08.09 06:11:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2012.08.09 06:08:58 | 000,000,000 | ---D | C] -- C:\VAIO Sample Contents [2012.08.09 06:06:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.08.09 06:05:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Europe Limited [2012.08.09 06:05:51 | 088,851,008 | ---- | C] (Axialis Software) -- C:\Windows\SysNative\VAIO Hero Screensaver - Fall 2011 - DE.scr [2012.08.09 06:03:53 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main [2012.08.09 06:03:25 | 000,000,000 | -H-D | C] -- C:\SPLASH.000 [2012.08.09 06:03:01 | 000,000,000 | -H-D | C] -- C:\SPLASH.SYS [2012.08.09 06:02:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Downloaded Installations [2012.08.09 06:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation [2012.08.09 06:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2012.08.09 05:59:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\winrm [2012.08.09 05:59:14 | 000,000,000 | ---D | C] -- C:\Windows\de-DE [2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer [2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WCN [2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF [2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sysprep [2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\slmgr [2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Printing_Admin_Scripts [2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\de-DE [2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE [2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de [2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407 [2012.08.09 05:59:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winrm [2012.08.09 05:59:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WCN [2012.08.09 05:59:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\slmgr [2012.08.09 05:59:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE [2012.08.09 05:59:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407 [2012.08.09 05:59:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Printing_Admin_Scripts [2012.08.09 05:59:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de [2012.08.09 05:58:11 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui [2012.08.09 05:58:11 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui [2012.08.09 05:58:08 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui [2012.08.09 05:58:08 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui [2012.08.09 05:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2012.08.09 05:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB [2012.08.09 05:54:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012.08.09 05:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Media Go Install [2012.08.09 05:48:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft [2012.08.09 05:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Webcam Suite [2012.08.09 05:48:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft [2012.08.09 05:48:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft [2012.08.09 05:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc [2012.08.09 05:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate [2012.08.09 05:45:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software [2012.08.09 05:37:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2012.08.09 05:37:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2012.08.09 05:33:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012.08.09 05:33:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2012.08.09 05:32:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.08.09 05:32:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012.08.09 05:32:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012.08.09 05:30:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2012.08.09 05:28:35 | 000,000,000 | ---D | C] -- C:\_FS_SWRINFO [2012.08.09 05:28:33 | 000,000,000 | ---D | C] -- C:\Documentation [2012.08.09 05:27:29 | 000,000,000 | ---D | C] -- C:\Windows\Sonysys [2012.08.09 05:27:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony [2012.08.09 05:27:07 | 000,000,000 | ---D | C] -- C:\Temp [2012.08.09 05:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2012.08.09 05:25:43 | 000,158,832 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe.a002.deleteme [2012.08.09 05:24:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee [2012.08.09 05:24:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee [2012.08.09 05:24:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012.08.09 05:24:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Online Backup [2012.08.09 05:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012.08.09 05:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.08.09 05:23:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.08.09 05:23:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.08.09 05:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012.08.09 05:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared [2012.08.09 05:23:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Shared [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\2C0A [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0C0A [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0C04 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0816 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0804 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0424 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\041F [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\041E [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\041D [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\041B [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0419 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0416 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0415 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0414 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0413 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0412 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0411 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0410 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040E [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040D [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040C [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040B [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040A [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0409 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0408 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0406 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0405 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0404 [2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0401 [2012.08.09 05:21:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics [2012.08.09 05:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2012.08.09 05:21:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda [2012.08.09 05:20:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2012.08.09 05:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel [2012.08.09 05:20:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012.08.09 05:20:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2012.08.09 05:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2012.08.09 05:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012.08.09 05:19:35 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012.08.09 05:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2012.08.09 05:18:11 | 000,425,064 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2012.08.09 05:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming [2012.08.09 05:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless [2012.08.09 05:15:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2012.08.09 05:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012.08.09 05:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2012.08.09 05:15:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2012.08.09 05:15:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2012.08.09 05:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012.08.09 05:14:50 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2012.08.09 05:14:50 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2012.08.09 05:14:50 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2012.08.09 05:14:50 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2012.08.09 05:14:50 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2012.08.09 05:14:50 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll [2012.08.09 05:14:50 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2012.08.09 05:14:50 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2012.08.09 05:14:50 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2012.08.09 05:14:50 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2012.08.09 05:14:50 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2012.08.09 05:14:50 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll [2012.08.09 05:14:50 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2012.08.09 05:14:50 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll [2012.08.09 05:14:50 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2012.08.09 05:14:49 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2012.08.09 05:14:49 | 002,238,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2012.08.09 05:14:49 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2012.08.09 05:14:49 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2012.08.09 05:14:49 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2012.08.09 05:14:49 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2012.08.09 05:14:49 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2012.08.09 05:14:49 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2012.08.09 05:14:49 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2012.08.09 05:14:49 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2012.08.09 05:14:49 | 000,603,472 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll [2012.08.09 05:14:49 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2012.08.09 05:14:49 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2012.08.09 05:14:49 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2012.08.09 05:14:49 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2012.08.09 05:14:49 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2012.08.09 05:14:49 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2012.08.09 05:14:49 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2012.08.09 05:14:49 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2012.08.09 05:14:49 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2012.08.09 05:14:49 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2012.08.09 05:14:49 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2012.08.09 05:14:49 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2012.08.09 05:14:49 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2012.08.09 05:14:49 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2012.08.09 05:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012.08.09 05:14:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012.08.09 05:13:27 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2012.08.09 05:13:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012.08.09 05:11:40 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2012.08.09 05:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2012.08.09 05:11:37 | 000,000,000 | ---D | C] -- C:\Intel [2012.08.09 05:05:39 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.08.09 05:02:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.08.09 22:33:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.08.09 20:34:49 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.08.09 19:33:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.08.09 19:18:36 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.08.09 19:11:43 | 000,000,625 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2012.08.09 19:08:07 | 000,001,405 | ---- | M] () -- C:\Users\Lisa\Desktop\Internet Explorer (64-bit).lnk [2012.08.09 19:03:18 | 000,020,992 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.09 19:03:18 | 000,020,992 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.09 18:56:30 | 000,298,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.08.09 18:55:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.08.09 18:54:54 | 3155,025,920 | -HS- | M] () -- C:\hiberfil.sys [2012.08.09 18:51:49 | 000,074,703 | ---- | M] () -- C:\Windows\SysWow64\mfc45.dll [2012.08.09 18:39:41 | 001,590,446 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.08.09 18:39:41 | 000,696,888 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.08.09 18:39:41 | 000,652,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.08.09 18:39:41 | 000,148,152 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.08.09 18:39:41 | 000,121,098 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.08.09 18:39:39 | 001,590,446 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.08.09 18:31:03 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk [2012.08.09 18:12:26 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\Browserwahl.lnk [2012.08.09 13:29:11 | 000,000,698 | ---- | M] () -- C:\Users\Lisa\Desktop\C&C Generals.lnk [2012.08.09 12:16:10 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.08.09 09:08:58 | 000,000,146 | ---- | M] () -- C:\Users\Lisa\Desktop\Verknüpfung.lnk [2012.08.09 08:41:35 | 000,000,678 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2012.08.09 08:38:09 | 000,000,676 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7M.lnk [2012.08.09 08:38:09 | 000,000,159 | ---- | M] () -- C:\Users\Public\Desktop\Suche im Internet.url [2012.08.09 08:34:42 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2012.08.09 08:14:47 | 000,000,630 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk [2012.08.09 07:26:54 | 000,000,770 | ---- | M] () -- C:\Users\Public\Desktop\Play BF2 Online Now!.lnk [2012.08.09 07:26:54 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 2.lnk [2012.08.09 06:46:56 | 000,000,000 | RH-- | M] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCSE1E1E.mrk [2012.08.09 06:46:56 | 000,000,000 | RH-- | M] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCSE1E1E.mrk [2012.08.09 06:46:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btmaux_01009.Wdf [2012.08.09 06:46:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf [2012.08.09 06:46:22 | 000,000,074 | -H-- | M] () -- C:\splash.idx [2012.08.09 06:44:39 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012.08.09 06:44:39 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012.08.09 06:30:26 | 000,001,834 | ---- | M] () -- C:\Windows\SysNative\snyinst.oem [2012.08.09 06:29:45 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iwdbus_01009.Wdf [2012.08.09 06:29:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WDKMD_01009.Wdf [2012.08.09 06:18:13 | 000,000,020 | ---- | M] () -- C:\Windows\xõÁ [2012.08.09 06:09:46 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl [2012.08.09 06:05:52 | 088,851,008 | ---- | M] (Axialis Software) -- C:\Windows\SysNative\VAIO Hero Screensaver - Fall 2011 - DE.scr [2012.08.09 05:58:58 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat [2012.08.09 05:58:58 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat [2012.08.09 05:58:11 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui [2012.08.09 05:58:11 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui [2012.08.09 05:58:08 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui [2012.08.09 05:58:08 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui [2012.08.09 05:22:51 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012.08.09 05:21:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2012.08.09 05:17:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf [2012.08.07 03:20:41 | 000,000,000 | ---- | M] () -- C:\Users\Lisa\defogger_reenable [2012.08.07 02:38:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe [2012.08.07 02:03:29 | 000,000,746 | ---- | M] () -- C:\Users\Lisa\ Malwarebytes Anti-Malware .lnk [2012.08.07 01:54:38 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Lisa\mbam-setup- [2012.08.06 20:39:00 | 280,012,800 | ---- | M] () -- C:\Users\Lisa\kav_rescue_10.iso [2012.08.06 14:05:00 | 000,111,568 | ---- | M] () -- C:\Users\Lisa\Desktop\Zugang_Zulassung_Master-GH_R_2012.pdf [2012.08.06 04:08:18 | 000,042,757 | ---- | M] () -- C:\Users\Lisa\Desktop\filme.rtf [2012.08.04 15:03:22 | 000,033,585 | -H-- | M] () -- C:\Users\Lisa\Documents\iq.rtf [2012.07.31 00:29:12 | 000,000,425 | ---- | M] () -- C:\Users\Lisa\Desktop\musik.rtf [2012.07.28 20:07:13 | 000,001,003 | ---- | M] () -- C:\Users\Lisa\trauerbrief.rtf [2012.07.26 16:48:18 | 001,285,060 | ---- | M] () -- C:\Users\Lisa\Desktop\01 CNC Generals - C_USA04.mp3 [2012.07.26 16:38:10 | 004,744,801 | ---- | M] () -- C:\Users\Lisa\Desktop\01 CNC Generals - USA_01.mp3 [2012.07.24 01:18:26 | 000,001,934 | -H-- | M] () -- C:\Users\Lisa\Documents\how to c&c generals.rtf [2012.07.23 22:21:28 | 001,646,385 | ---- | M] () -- C:\Users\Lisa\CIMG7985.JPG [2012.07.23 22:19:16 | 001,713,803 | ---- | M] () -- C:\Users\Lisa\CIMG7984.JPG [2012.07.21 22:16:12 | 000,000,195 | -H-- | M] () -- C:\Users\Lisa\Documents\nicknames.rtf [2012.07.16 03:23:54 | 016,099,328 | ---- | M] () -- C:\Users\Lisa\einaudi - divenire.mp3 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.08.09 19:21:58 | 000,002,555 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk [2012.08.09 19:18:36 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.08.09 19:16:53 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.08.09 19:16:41 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.08.09 19:16:39 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.08.09 19:11:05 | 000,000,625 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2012.08.09 19:08:07 | 000,001,405 | ---- | C] () -- C:\Users\Lisa\Desktop\Internet Explorer (64-bit).lnk [2012.08.09 19:05:34 | 000,001,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk [2012.08.09 18:51:49 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll [2012.08.09 18:51:42 | 000,002,024 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk [2012.08.09 18:31:03 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk [2012.08.09 18:12:26 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk [2012.08.09 13:29:11 | 000,000,698 | ---- | C] () -- C:\Users\Lisa\Desktop\C&C Generals.lnk [2012.08.09 12:16:10 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012.08.09 09:19:43 | 000,063,066 | -H-- | C] () -- C:\Users\Lisa\Documents\romantic 14.5.12.rtf [2012.08.09 09:19:43 | 000,045,659 | -H-- | C] () -- C:\Users\Lisa\Documents\log rich 2.3..rtf [2012.08.09 09:19:43 | 000,033,585 | -H-- | C] () -- C:\Users\Lisa\Documents\iq.rtf [2012.08.09 09:19:43 | 000,032,525 | -H-- | C] () -- C:\Users\Lisa\Documents\log rich 3.3..rtf [2012.08.09 09:19:43 | 000,025,886 | -H-- | C] () -- C:\Users\Lisa\Documents\romantic xfire 29.4.12.rtf [2012.08.09 09:19:43 | 000,019,927 | -H-- | C] () -- C:\Users\Lisa\Documents\log bensin 20.2.12.rtf [2012.08.09 09:19:43 | 000,018,192 | -H-- | C] () -- C:\Users\Lisa\Documents\romantic 5.5.12.rtf [2012.08.09 09:19:43 | 000,016,566 | -H-- | C] () -- C:\Users\Lisa\Documents\romantic 7.5.12.rtf [2012.08.09 09:19:43 | 000,015,182 | -H-- | C] () -- C:\Users\Lisa\Documents\Introduction.odt [2012.08.09 09:19:43 | 000,011,724 | -H-- | C] () -- C:\Users\Lisa\Documents\log bensin 26.2.12.rtf [2012.08.09 09:19:43 | 000,003,114 | -H-- | C] () -- C:\Users\Lisa\Documents\romantic 29.4.12.rtf [2012.08.09 09:19:43 | 000,001,934 | -H-- | C] () -- C:\Users\Lisa\Documents\how to c&c generals.rtf [2012.08.09 09:19:43 | 000,001,868 | -H-- | C] () -- C:\Users\Lisa\Documents\message bay.rtf [2012.08.09 09:19:43 | 000,000,770 | -H-- | C] () -- C:\Users\Lisa\Documents\[kat.ph]pokemon.yellow.gelb.edition.rar.torrent [2012.08.09 09:19:43 | 000,000,202 | -H-- | C] () -- C:\Users\Lisa\Documents\Zitate.rtf [2012.08.09 09:19:43 | 000,000,201 | -H-- | C] () -- C:\Users\Lisa\Documents\künster.rtf [2012.08.09 09:19:43 | 000,000,195 | -H-- | C] () -- C:\Users\Lisa\Documents\nicknames.rtf [2012.08.09 09:19:42 | 001,977,037 | -H-- | C] () -- C:\Users\Lisa\Documents\Futterautomat_3581.pdf [2012.08.09 09:19:42 | 001,699,378 | -H-- | C] () -- C:\Users\Lisa\Documents\CIMG7801.JPG [2012.08.09 09:19:42 | 001,625,098 | -H-- | C] () -- C:\Users\Lisa\Documents\CIMG7800.JPG [2012.08.09 09:19:42 | 001,621,520 | -H-- | C] () -- C:\Users\Lisa\Documents\CIMG7799.JPG [2012.08.09 09:19:42 | 000,029,807 | -H-- | C] () -- C:\Users\Lisa\Documents\anleitung blow.rtf [2012.08.09 09:19:42 | 000,002,181 | -H-- | C] () -- C:\Users\Lisa\Documents\dr. hartel hirtengrund.rtf [2012.08.09 09:19:42 | 000,000,629 | -H-- | C] () -- C:\Users\Lisa\Documents\bilder links.rtf [2012.08.09 09:19:42 | 000,000,292 | -H-- | C] () -- C:\Users\Lisa\Documents\adressen elite etc.rtf [2012.08.09 09:08:58 | 000,000,146 | ---- | C] () -- C:\Users\Lisa\Desktop\Verknüpfung.lnk [2012.08.09 09:04:50 | 004,760,280 | ---- | C] () -- C:\Users\Lisa\Usher - Scream [128].mp3 [2012.08.09 09:04:50 | 000,720,909 | ---- | C] () -- C:\Users\Lisa\xfire problem 1.jpg [2012.08.09 09:04:50 | 000,372,102 | ---- | C] () -- C:\Users\Lisa\Studierendenausweis Lisa Graf.jpg [2012.08.09 09:04:50 | 000,142,411 | ---- | C] () -- C:\Users\Lisa\snowpersons.png [2012.08.09 09:04:50 | 000,085,953 | ---- | C] () -- C:\Users\Lisa\Picture 526.jpg [2012.08.09 09:04:50 | 000,073,147 | ---- | C] () -- C:\Users\Lisa\route-map-seattle.gif [2012.08.09 09:04:50 | 000,056,632 | ---- | C] () -- C:\Users\Lisa\mecca.jpg [2012.08.09 09:04:50 | 000,051,756 | ---- | C] () -- C:\Users\Lisa\Picture 533.jpg [2012.08.09 09:04:50 | 000,027,356 | ---- | C] () -- C:\Users\Lisa\uh60 5.6.12.rtf [2012.08.09 09:04:50 | 000,023,512 | ---- | C] () -- C:\Users\Lisa\sunisastar.jpg [2012.08.09 09:04:50 | 000,001,003 | ---- | C] () -- C:\Users\Lisa\trauerbrief.rtf [2012.08.09 09:04:50 | 000,000,266 | ---- | C] () -- C:\Users\Lisa\Pappa.vcf [2012.08.09 09:04:49 | 003,745,086 | ---- | C] () -- C:\Users\Lisa\matt 1.jpg [2012.08.09 09:04:49 | 000,000,746 | ---- | C] () -- C:\Users\Lisa\ Malwarebytes Anti-Malware .lnk [2012.08.09 09:04:46 | 117,011,527 | ---- | C] () -- C:\Users\Lisa\LPLTDE.rar [2012.08.09 09:04:46 | 009,299,642 | ---- | C] () -- C:\Users\Lisa\Linkin Park - Burn It Down (www.SongsLover.com).mp3 [2012.08.09 09:04:46 | 000,040,119 | ---- | C] () -- C:\Users\Lisa\l3.jpg [2012.08.09 09:04:46 | 000,038,054 | ---- | C] () -- C:\Users\Lisa\l2.jpg [2012.08.09 09:04:46 | 000,006,730 | ---- | C] () -- C:\Users\Lisa\log xfire.rtf [2012.08.09 09:04:39 | 280,012,800 | ---- | C] () -- C:\Users\Lisa\kav_rescue_10.iso [2012.08.09 09:04:39 | 000,039,415 | ---- | C] () -- C:\Users\Lisa\Jesuslol.jpg [2012.08.09 09:04:38 | 016,099,328 | ---- | C] () -- C:\Users\Lisa\einaudi - divenire.mp3 [2012.08.09 09:04:38 | 009,451,147 | ---- | C] () -- C:\Users\Lisa\Jason Derulo - Breathing (www.SongsLover.com).mp3 [2012.08.09 09:04:38 | 001,713,803 | ---- | C] () -- C:\Users\Lisa\CIMG7984.JPG [2012.08.09 09:04:38 | 001,674,596 | ---- | C] () -- C:\Users\Lisa\CIMG7917.JPG [2012.08.09 09:04:38 | 001,661,795 | ---- | C] () -- C:\Users\Lisa\CIMG7916.JPG [2012.08.09 09:04:38 | 001,652,969 | ---- | C] () -- C:\Users\Lisa\CIMG7914.JPG [2012.08.09 09:04:38 | 001,649,730 | ---- | C] () -- C:\Users\Lisa\CIMG7977.JPG [2012.08.09 09:04:38 | 001,646,385 | ---- | C] () -- C:\Users\Lisa\CIMG7985.JPG [2012.08.09 09:04:38 | 001,638,229 | ---- | C] () -- C:\Users\Lisa\CIMG7915.JPG [2012.08.09 09:04:38 | 001,610,571 | ---- | C] () -- C:\Users\Lisa\CIMG7879.JPG [2012.08.09 09:04:38 | 000,961,968 | ---- | C] () -- C:\Users\Lisa\DSC00001.JPG [2012.08.09 09:04:38 | 000,190,334 | ---- | C] () -- C:\Users\Lisa\deshawn williams.jpg [2012.08.09 09:04:38 | 000,083,577 | ---- | C] () -- C:\Users\Lisa\daughter.jpg [2012.08.09 09:04:38 | 000,078,518 | ---- | C] () -- C:\Users\Lisa\DSC_7371.jpg [2012.08.09 09:04:38 | 000,068,037 | ---- | C] () -- C:\Users\Lisa\DSC_7364.jpg [2012.08.09 09:04:38 | 000,056,749 | ---- | C] () -- C:\Users\Lisa\DSC_7363.jpg [2012.08.09 09:04:38 | 000,044,743 | ---- | C] () -- C:\Users\Lisa\DSC_7362.jpg [2012.08.09 09:04:38 | 000,011,259 | ---- | C] () -- C:\Users\Lisa\gsview64.ini [2012.08.09 09:04:38 | 000,006,568 | ---- | C] () -- C:\Users\Lisa\images.jpg [2012.08.09 09:04:38 | 000,000,609 | ---- | C] () -- C:\Users\Lisa\flüge usa.rtf [2012.08.09 09:04:38 | 000,000,000 | ---- | C] () -- C:\Users\Lisa\defogger_reenable [2012.08.09 09:04:37 | 001,623,206 | ---- | C] () -- C:\Users\Lisa\CIMG7878.JPG [2012.08.09 09:04:37 | 001,566,426 | ---- | C] () -- C:\Users\Lisa\CIMG7876.JPG [2012.08.09 09:04:37 | 000,067,106 | ---- | C] () -- C:\Users\Lisa\7327_310_500_My-Teacher-Believes-In-Evolution.jpg [2012.08.09 09:04:37 | 000,036,401 | ---- | C] () -- C:\Users\Lisa\car.jpg [2012.08.09 09:04:37 | 000,005,166 | ---- | C] () -- C:\Users\Lisa\1274633255324s.jpg [2012.08.09 09:04:37 | 000,000,044 | ---- | C] () -- C:\Users\Lisa\.edu.xtec.properties [2012.08.09 08:50:33 | 004,744,801 | ---- | C] () -- C:\Users\Lisa\Desktop\01 CNC Generals - USA_01.mp3 [2012.08.09 08:50:33 | 001,285,060 | ---- | C] () -- C:\Users\Lisa\Desktop\01 CNC Generals - C_USA04.mp3 [2012.08.09 08:50:33 | 001,129,406 | ---- | C] () -- C:\Users\Lisa\Desktop\01Bewerbungsbogen300409_090810_end02_bearb_2_neu.pdf [2012.08.09 08:50:33 | 000,510,888 | ---- | C] () -- C:\Users\Lisa\Desktop\03_Zusatzfragebogen_zum_Bewerbungsbogen_e.pdf [2012.08.09 08:50:33 | 000,111,568 | ---- | C] () -- C:\Users\Lisa\Desktop\Zugang_Zulassung_Master-GH_R_2012.pdf [2012.08.09 08:50:33 | 000,097,617 | ---- | C] () -- C:\Users\Lisa\Desktop\02_Erläuterungsblatt_2008jul_090810_end02.pdf [2012.08.09 08:50:33 | 000,092,501 | ---- | C] () -- C:\Users\Lisa\Desktop\verspätung erstattung 2.pdf [2012.08.09 08:50:33 | 000,082,075 | ---- | C] () -- C:\Users\Lisa\Desktop\MDB85421-fgr_barrierefrei12.pdf [2012.08.09 08:50:33 | 000,042,757 | ---- | C] () -- C:\Users\Lisa\Desktop\filme.rtf [2012.08.09 08:50:33 | 000,000,425 | ---- | C] () -- C:\Users\Lisa\Desktop\musik.rtf [2012.08.09 08:41:35 | 000,000,678 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2012.08.09 08:41:35 | 000,000,678 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk [2012.08.09 08:38:09 | 000,000,676 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7M.lnk [2012.08.09 08:38:09 | 000,000,159 | ---- | C] () -- C:\Users\Public\Desktop\Suche im Internet.url [2012.08.09 08:34:42 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2012.08.09 08:14:47 | 000,000,630 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk [2012.08.09 07:26:54 | 000,000,770 | ---- | C] () -- C:\Users\Public\Desktop\Play BF2 Online Now!.lnk [2012.08.09 07:26:54 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 2.lnk [2012.08.09 06:47:16 | 000,001,405 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.08.09 06:47:13 | 000,001,439 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.08.09 06:46:56 | 000,000,000 | RH-- | C] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCSE1E1E.mrk [2012.08.09 06:46:56 | 000,000,000 | RH-- | C] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCSE1E1E.mrk [2012.08.09 06:46:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btmaux_01009.Wdf [2012.08.09 06:46:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf [2012.08.09 06:46:22 | 000,001,955 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited.lnk [2012.08.09 06:30:26 | 3155,025,920 | -HS- | C] () -- C:\hiberfil.sys [2012.08.09 06:29:45 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iwdbus_01009.Wdf [2012.08.09 06:29:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WDKMD_01009.Wdf [2012.08.09 06:29:33 | 000,002,052 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk [2012.08.09 06:18:26 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [2012.08.09 06:18:16 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [2012.08.09 06:18:13 | 000,000,020 | ---- | C] () -- C:\Windows\xõÁ [2012.08.09 06:16:39 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2012.08.09 06:14:03 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2012.08.09 06:09:30 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl [2012.08.09 06:09:22 | 000,001,275 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk [2012.08.09 06:08:29 | 000,002,072 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk [2012.08.09 06:07:56 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Easy Connect.lnk [2012.08.09 06:07:40 | 000,002,269 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk [2012.08.09 05:59:43 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat [2012.08.09 05:59:42 | 000,696,888 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat [2012.08.09 05:59:42 | 000,148,152 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat [2012.08.09 05:59:42 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat [2012.08.09 05:56:23 | 000,001,139 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk [2012.08.09 05:54:42 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [2012.08.09 05:50:37 | 000,001,303 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Gallery.lnk [2012.08.09 05:47:29 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.08.09 05:44:50 | 000,002,267 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 9.lnk [2012.08.09 05:41:10 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk [2012.08.09 05:41:00 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2012.08.09 05:38:28 | 000,001,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 9.lnk [2012.08.09 05:32:43 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Standard.lnk [2012.08.09 05:32:43 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk [2012.08.09 05:30:15 | 000,002,197 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Smart Network.lnk [2012.08.09 05:28:36 | 000,001,995 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk [2012.08.09 05:28:19 | 000,001,531 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk [2012.08.09 05:22:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.08.09 05:21:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2012.08.09 05:21:02 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll [2012.08.09 05:20:13 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2012.08.09 05:20:13 | 000,003,929 | ---- | C] () -- C:\Windows\SysNative\atipblup.dat [2012.08.09 05:18:11 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2012.08.09 05:17:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf [2012.08.09 05:14:51 | 000,003,178 | ---- | C] () -- C:\Windows\SysNative\drivers\RtPCEE4.DAT [2012.08.09 05:05:29 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.08.09 05:05:25 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.05.03 04:55:52 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2011.07.20 02:29:42 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.07.20 02:29:36 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.07.20 02:29:35 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.07.20 02:29:35 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.07.20 02:29:35 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.07.20 02:29:34 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011.07.01 23:08:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.06.21 10:08:55 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.03.31 08:59:24 | 000,002,169 | ---- | C] () -- C:\Windows\XENcfg.ini [2011.02.11 01:03:27 | 001,590,446 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== LOP Check ========== [2012.08.09 17:19:03 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ [2012.08.09 08:38:09 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ Search [2012.08.09 18:51:49 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\iolo [2012.08.09 18:26:06 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Sony [2012.08.09 12:23:22 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TS3Client [2009.07.14 07:08:49 | 000,006,166 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > |
ATTFilter OTL Extras logfile created on: 09.08.2012 22:56:50 - Run 1 OTL by OldTimer - Version Folder = C:\Users\Lisa\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,92 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 41,96% Memory free 7,83 Gb Paging File | 4,55 Gb Available in Paging File | 58,12% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 200,00 Gb Total Space | 56,38 Gb Free Space | 28,19% Space Free | Partition Type: NTFS Drive D: | 246,68 Gb Total Space | 241,62 Gb Free Space | 97,95% Space Free | Partition Type: NTFS Computer Name: PUPI | User Name: Lisa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{08CCF9A8-D1EE-470D-8834-81541844EDBF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{09BBC57C-C471-4237-9B47-4D6654034B3C}" = rport=137 | protocol=17 | dir=out | app=system | "{1321E03F-EC41-4636-866F-C064B3CB03BB}" = rport=138 | protocol=17 | dir=out | app=system | "{2EEAAE20-0887-4E3E-9ECB-4F6CFCDBD55D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{36F94918-EAAD-418A-B540-0DC9454EA951}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{3FF6BE07-5723-4C0A-A726-4A14CD729431}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{56308B3F-9D6F-45AB-8505-B906359F0053}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{67DA2E36-BCA7-427F-B55A-D748C3B94EDF}" = rport=139 | protocol=6 | dir=out | app=system | "{7411F4BE-9685-437B-9FDF-BB619785BD54}" = lport=137 | protocol=17 | dir=in | app=system | "{764C211C-F735-4EE8-B3B7-6E6515A153B8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{86F44AA0-D996-404B-9C5B-7CD4344D5124}" = lport=139 | protocol=6 | dir=in | app=system | "{A7EAF060-03F6-4D27-9CFF-F8D991A9A3B6}" = lport=138 | protocol=17 | dir=in | app=system | "{C9CD1683-044F-4D1D-A332-6D69DEC68651}" = rport=445 | protocol=6 | dir=out | app=system | "{D6561BF9-854D-41F7-8FF5-DF53E89EA592}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{FF812803-9281-44AD-9F0E-3D6BF35C1438}" = lport=445 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0461AEB6-0689-40F2-9207-86352EAC95EA}" = protocol=6 | dir=in | app=d:\programme\teamviewer\teamviewer_service.exe | "{0C265F36-146E-4A99-A3C0-3DCF6082A7E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{1993D99C-9E05-4FFD-BB01-DC9D0E7C7894}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | "{1EC0234B-04AA-4F6D-B565-036382E95F6C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | "{212E0F1B-AF5D-4008-BE00-8054EAADE7CB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | "{2D54FA35-C63D-4BB3-982D-6AF874B7CB12}" = protocol=6 | dir=in | app=d:\programme\icq7m\icq.exe | "{30634DFB-03BA-46FA-90E1-B3785D3154C2}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{3DB65B9E-4662-4331-BF73-F12FF0C62594}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{43E0962D-7676-426E-811C-523D356E41C5}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{5B47D2BF-229A-4E20-8D46-8B3B0FE09D29}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | "{5C5FA524-1C7F-4AFA-8527-817AE1CC2A6F}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{5F74C3DC-DDB3-461D-9AB6-E250FD3AEC9D}" = protocol=17 | dir=in | app=d:\programme\teamviewer\teamviewer_service.exe | "{696942CB-23B7-404E-809A-5D8AF30CCF48}" = protocol=6 | dir=in | app=d:\games\battlefield 2\bf2.exe | "{72A8D0EF-EE65-4241-885F-9B04238C1F44}" = protocol=17 | dir=in | app=d:\programme\icq7m\icq.exe | "{7578A827-03DC-408C-AA78-794429424FFB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | "{7DF80B3E-729E-451F-A96A-EC16543492A3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{7EBF0CC5-8436-4F2C-AAC7-4769330114EB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | "{97C511AB-44A4-4B71-A93D-447D7A3B7A58}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{A1F671F2-3C39-48C5-A1C0-D7C94E6136A9}" = protocol=17 | dir=in | app=d:\programme\icq7m\icq.exe | "{A21257A6-273A-4451-9FD7-96159524BFDB}" = protocol=6 | dir=in | app=d:\programme\icq7m\icq.exe | "{B219063A-1780-4F0F-B4BA-5A1D619F617F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | "{BA834357-D44B-4F07-9809-5B8848581941}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{BFB4AAC8-0E39-462D-BE41-34ACDE012B57}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{C2A5B914-1C1A-47E2-9BB2-486C52D474F7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | "{C581D8AE-4811-40B0-A6C9-ED7E45964BF8}" = protocol=17 | dir=in | app=d:\games\battlefield 2\bf2.exe | "{DB01692D-2082-44BE-9FE3-D4D645C8F286}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{DD8E77E3-8DDE-401A-B357-ED2A5FA122E1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{DF172C42-5F9E-490C-9B27-B1B6311C5860}" = protocol=6 | dir=in | app=d:\programme\teamviewer\teamviewer.exe | "{E8BF9C85-E655-4240-AC5C-00D8728233F5}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | "{FA25D3ED-761A-4FD2-B357-5B46FD8C07D3}" = protocol=17 | dir=in | app=d:\programme\teamviewer\teamviewer.exe | "TCP Query User{77C20C55-3EE3-4470-A76F-1F0790D7BAA5}D:\programme\xfire\xfire.exe" = protocol=6 | dir=in | app=d:\programme\xfire\xfire.exe | "UDP Query User{94E0822A-D2D4-41B2-9970-C0B6A8FA4DE0}D:\programme\xfire\xfire.exe" = protocol=17 | dir=in | app=d:\programme\xfire\xfire.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0EF86E06-C755-4C6F-8E47-2528D0546C0A}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology "{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery "{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in "{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources "{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources "{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit) "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display "{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources "{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources "{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64 "{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources "{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources "{3A4170BE-09B7-5658-285E-6D35E9C87101}" = ATI Catalyst Install Manager "{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi-Software "{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64 "{471F7C0A-CA3A-4F4C-8346-DE36AD5E23D1}" = VAIO Care "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources "{4EFA8109-732B-4026-9F0C-B70ECF3F9293}" = Windows Live Remote Service Resources "{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources "{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources "{549AD5FB-F52D-4307-864A-C0008FB35D96}" = VCCx64 "{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam "{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation "{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{82F3914F-383E-4345-9451-B4E34541B6F1}" = AMD Media Foundation Decoders "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation "{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources "{9F672527-2BE4-47AB-B061-C057BDE30B30}" = Windows Live Remote Client Resources "{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources "{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed "{AAE37DF4-D7E4-9FB9-ACBE-BD785F900240}" = ccc-utility64 "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources "{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64 "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64 "{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources "{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "ProInst" = Intel PROSet Wireless "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9 "{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh "{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger "{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh "{046885A1-B4AE-4459-A0D1-8C93706698D6}" = "{0483BE07-260D-4E4D-815E-F737C0A72E40}" = Adobe Flash Player 10 ActiveX "{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM) "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play mit PlayStation®3 "{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack "{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger "{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{0F895695-33CC-4203-9C47-25EF2AC9441C}" = Media Go "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail "{103FCC16-8501-C8E8-2A8C-93102D3251D3}" = CCC Help Finnish "{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh "{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh "{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer "{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar "{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker "{13EC74A6-4707-4D26-B9B9-E173403F3B08}" = Quick Web Access "{14A9CAFF-0C9F-FC97-C846-3C8ACD93936B}" = CCC Help Korean "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common "{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima "{1B0545C4-620F-4661-A369-C4D113F24932}" = Windows Live Writer Resources "{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar "{1E908A99-3D67-3634-8242-44E91A121035}" = CCC Help Polish "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack "{2303F9E7-6293-4A85-BC21-CA226FAD5CE4}" = Windows Live Mail "{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi "{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack "{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer "{2594059F-25BF-028A-9AF9-01890A70D1C0}" = CCC Help French "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer "{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{270380EB-8812-42E1-8289-53700DB840D2}" = PMB VAIO Edition Plug-in "{270B5FA2-363F-255D-DE7D-48EA599E0642}" = CCC Help Dutch "{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger "{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer "{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger "{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}" = Основи Windows Live "{2CC7C829-048B-3DD8-790D-13F5DF7AA86A}" = CCC Help Chinese Traditional "{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh "{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources "{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger "{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{364CB34F-039F-2688-0C57-FF3E7A32BDB6}" = CCC Help Danish "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger "{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh "{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3C83762B-4AF9-E183-0586-DD35618A20EB}" = Catalyst Control Center "{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery "{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer "{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live "{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer "{4BF87DDC-2B9B-1904-89FE-FB84FC016C21}" = CCC Help Russian "{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack "{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti "{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack "{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources "{53F29A32-7D03-4635-A8B3-839D921F6F96}" = Adobe Flash Player 10 Plugin "{542ABB05-DC1D-E332-D153-44D997380C82}" = CCC Help Thai "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update "{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri "{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources "{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen "{5DF8AD8E-3597-2699-D7C9-694CBD07E617}" = CCC Help Japanese "{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{630C8469-7638-A7C2-D4DF-FA4117FF81AF}" = CCC Help Greek "{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86 "{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail "{63E64E94-7D42-EDB9-DDE8-CDF82C067E8C}" = Catalyst Control Center Profiles Mobile "{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials "{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{66081CDD-C1FE-415F-BB3A-F2622BA27461}" = PMB VAIO Edition Guide "{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0 "{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}" = Елемент керування Windows Live Mesh ActiveX для віддалених підключень "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{67898C03-26AE-FA57-052F-DC4957232ADF}" = CCC Help Portuguese "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger "{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources "{6A183D7E-D76F-8E0E-7DB1-007F521F0056}" = CCC Help German "{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger "{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh "{6AC57EEF-2733-4DE6-81BB-E78ACB964C22}" = Windows Live Photo Common "{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz "{6E899F31-606A-E6E1-42D2-D1A91B7FA30C}" = CCC Help Italian "{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger "{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker "{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common "{70991E0A-1108-437E-BA7D-085702C670C0}" = "{70DE9E60-DE22-4362-B868-1B8922F78C1A}" = Remote Keyboard "{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer "{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh "{71FC647F-E91F-4DD2-BEA4-7B4172015DCE}" = VHD "{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár "{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources "{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker "{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack "{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live "{781A93CD-1608-427D-B7F0-D05C07795B25}" = Intel(R) WiDi "{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M "{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common "{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker "{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect "{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources "{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger "{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi "{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources "{8004AD43-6058-0058-0EF9-46EDB04221FF}" = CCC Help Turkish "{803E4FA5-A940-4420-B89D-A8BC2E160247}" = "{80651674-74AA-4155-AF2D-1339E628D187}" = Windows Live Movie Maker "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials "{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail "{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = "{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common "{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common "{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery "{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8AA8BC62-929A-6FF2-655B-79E2FB4B1810}" = Catalyst Control Center Graphics Previews Common "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center "{91BD94FE-ADCA-49CC-BE96-97D4BBC36FAF}" = Windows Live Mesh "{92280FD3-A119-41E6-A740-A62DBA4DFB53}" = Windows Live UX Platform Language Pack "{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A30289C-813A-D9E7-0F75-D26EA7BB533F}" = CCC Help Hungarian "{9AE76A96-BF2F-8AB9-46B8-74F1FB68AD4C}" = PX Profile Update "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86 "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources "{AC76BA86-1033-F400-BA7E-000000000005}" = Adobe Acrobat X Standard - English, Français, Deutsch "{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common "{AE35BB59-31F9-C205-1915-08B73D5A4D8C}" = CCC Help Chinese Standard "{AF0893D0-63E2-5356-6E79-09974852DBC4}" = CCC Help Swedish "{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych "{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B1893E3F-9BDF-443F-BED0-1AAA2D9E0D68}" = ArcSoft Magic-i Visual Effects 2 "{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení "{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB "{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default "{B77DE05C-7C84-4011-B93F-A29D0D2840F4}" = ArcSoft WebCam Companion 4 "{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86 "{BA185E4B-55BC-9788-371A-24705F4923BB}" = CCC Help English "{BA469F53-3131-47B0-9683-2C27F3546CD3}" = Remote Play with PlayStation 3 "{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений "{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose "{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common "{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi "{BE9E4DD1-6228-46C6-8EF9-42F7A4F6CC9D}" = VAIO Data Restore Tool "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live "{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh "{C115A674-A398-49E5-9C6E-C0A541D3EA10}" = Фотоколекція Windows Live "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader "{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch "{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker "{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common "{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery "{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86 "{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D57A002F-2B34-4E7B-A58B-0A4FBDA2E93F}" = Windows Live Messenger "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{D7F13995-E383-848E-7925-ABDEC6B1E2EA}" = CCC Help Spanish "{D9173CE7-83E1-D410-06A2-49F2798A72DB}" = Catalyst Control Center InstallProxy "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker "{DB1DAF88-F975-DD6B-5287-15A02DE306A6}" = CCC Help Czech "{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{DF184496-1CA2-4D07-92E7-0BD251D7DEF0}" = VCCx86 "{DFE03E4C-4B8D-4B0B-BFC8-F473889E4149}" = Catalyst Control Center - Branding "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack "{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger "{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9 "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver "{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F28C98E9-BAC1-41FF-81F2-8885925CCB48}" = Windows Live Writer "{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help "{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack "{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις "{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger "{F6EC0360-CAC5-1272-7258-FC182F61A945}" = CCC Help Norwegian "{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.4 "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail "{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}" = VAIO - Media Gallery "{FB22916E-D494-91F2-7CC0-910867BF2C03}" = Catalyst Control Center Localization All "{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker "{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = "{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials "{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "Adobe AIR" = Adobe AIR "Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "GameSpy Arcade" = GameSpy Arcade "Google Chrome" = Google Chrome "InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}" = VAIO - PMB VAIO Edition Plug-in "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}" = VAIO - PMB VAIO Edition Guide "InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0 "LogMeIn Hamachi" = LogMeIn Hamachi "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version "PremElem90" = Adobe Premiere Elements 9 "ProInst" = Intel PROSet Wireless "splashtop" = Quick Web Access "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeamViewer 7" = TeamViewer 7 "VAIO Help and Support" = "VAIO Hero Screensaver - Fall 2011 Screensaver" = VAIO Hero Screensaver - Fall 2011 Screensaver "WinLiveSuite" = Windows Live Essentials "Xfire" = Xfire (remove only) ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 09.08.2012 12:55:45 | Computer Name = Pupi | Source = WinMgmt | ID = 10 Description = Error - 09.08.2012 13:06:05 | Computer Name = Pupi | Source = System.ServiceModel | ID = 65641 Description = Error - 09.08.2012 13:06:06 | Computer Name = Pupi | Source = .NET Runtime | ID = 1026 Description = Error - 09.08.2012 13:06:07 | Computer Name = Pupi | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: VAIOShell.exe, Version:, Zeitstempel: 0x4f276329 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651, Zeitstempel: 0x4e21213c Ausnahmecode: 0xe0434352 Fehleroffset: 0x000000000000cacd ID des fehlerhaften Prozesses: 0x139c Startzeit der fehlerhaften Anwendung: 0x01cd7651359249d3 Pfad der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VAIOShell.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: 824dfa03-e244-11e1-b616-88532e65c231 Error - 09.08.2012 13:20:54 | Computer Name = Pupi | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "F:\Download\SoftonicDownloader_fuer_floats-mobile-agent.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 09.08.2012 13:20:54 | Computer Name = Pupi | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "F:\Download\SoftonicDownloader_for_divx-web-player.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 09.08.2012 15:01:49 | Computer Name = Pupi | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 09.08.2012 15:01:49 | Computer Name = Pupi | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 09.08.2012 15:01:49 | Computer Name = Pupi | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 09.08.2012 15:01:49 | Computer Name = Pupi | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". [ System Events ] Error - 09.08.2012 12:10:28 | Computer Name = Pupi | Source = Service Control Manager | ID = 7034 Description = Dienst "Adobe Active File Monitor V9" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 09.08.2012 12:10:29 | Computer Name = Pupi | Source = Service Control Manager | ID = 7034 Description = Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 09.08.2012 12:10:29 | Computer Name = Pupi | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error - 09.08.2012 12:10:30 | Computer Name = Pupi | Source = Service Control Manager | ID = 7034 Description = Dienst "CamMonitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 09.08.2012 12:10:31 | Computer Name = Pupi | Source = Service Control Manager | ID = 7034 Description = Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 09.08.2012 12:10:34 | Computer Name = Pupi | Source = Service Control Manager | ID = 7034 Description = Dienst "VCService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 09.08.2012 12:10:34 | Computer Name = Pupi | Source = Service Control Manager | ID = 7031 Description = Der Dienst "VAIO Event Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts. Error - 09.08.2012 12:10:38 | Computer Name = Pupi | Source = Service Control Manager | ID = 7000 Description = Der Dienst "VAIO Event Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%109 Error - 09.08.2012 12:10:39 | Computer Name = Pupi | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%109 Error - 09.08.2012 12:12:22 | Computer Name = Pupi | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: %%16405 < End of report > Vielen Dank nochmal |
![]() | #10 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv sorry für die wartezeit. pc absichern: als antimalware programm würde ich emsisoft empfehlen. diese haben für mich den besten schutz kostet aber etwas. http://www.trojaner-board.de/103809-...i-malware.html testversion: Meine Antivirus-Empfehlung: Emsisoft Anti-Malware insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren. vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen. kostenlos, aber eben nicht ganz so gut wäre avast zu empfehlen. http://www.trojaner-board.de/110895-...antivirus.html sag mir welches du nutzt, dann gebe ich konfigurationshinweise. bitte dein bisheriges av deinstalieren die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch! http://www.trojaner-board.de/96344-a...-rechners.html Starte bitte mit der Passage, Windows Vista und Windows 7 Bitte beginne damit, Windows Updates zu instalieren. Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst. Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist: - Updates automatisch Instalieren, - Täglich - Uhrzeit wählen - Bitte den gesammten rest anhaken, außer: - detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist. Klicke jetzt die Schaltfläche "OK" Klicke jetzt "nach Updates suchen". Bitte instaliere zunächst wichtige Updates. Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren. Mache das selbe bitte mit den optionalen Updates. Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist. aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen. als browser rate ich dir zu chrome: Installation von Google Chrome für mehrere Nutzerkonten - Google Chrome-Hilfe anleitung lesen bitte falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung Sandboxie Die devinition einer Sandbox ist hier nachzulesen: Sandbox Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen. Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen. Download Link: Sandboxie Download - Sandboxie 3.72 anleitung: http://www.trojaner-board.de/71542-a...sandboxie.html ausführliche anleitung als pdf, auch abarbeiten: Sandbox Einstellungen | bitte folgende zusatz konfiguration machen: sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen. dort klicke auf sandbox einstellungen. beschrenkungen, bei programm start und internet zugriff schreibe: chrome.exe dann gehe auf anwendungen, webbrowser, chrome. dort aktiviere alles außer gesammten profil ordner freigeben. Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen. Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate. Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten. Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten. Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar. Weiter mit: Maßnahmen für ALLE Windows-Versionen alles komplett durcharbeiten anmerkung zu file hippo. in den settings zusätzlich auswählen: hide beta updates. Run updateChecker when Windows starts Backup Programm: in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an: http://www.trojaner-board.de/82962-w...en-backup.html Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar. Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist. Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern bitte auch lesen, wie mache ich programme für alle sichtbar: Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox. wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird Sandboxie immer gestartet wenn du nen browser aufrufst. wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser passwort sicherheit: jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort bei der passwort verwaltung und erstellung hilft roboform Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager anleitung: RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
![]() |
Themen zu GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv |
antivirus, any video converter, bho, bingbar, browser, computer, converter, document, error, excel, failed, firefox, flash player, gvu trojaner, hilfreich, home, iexplore.exe, igdpmd64.sys, install.exe, kaspersky, logfile, microsoft office starter 2010, ntdll.dll, object, officejet, plug-in, pup.adware.mediaget, realtek, registry, sality, scan, senden, software, taskmanager, teamspeak, trojaner, usb 3.0, windows |