
Dodano 03.07.2012 21:30:08:
A to jest logo z OTL
- Kod: Zaznacz wszystko
- OTL Extras logfile created on: 03.07.2012 22:19:12 - Run 2
 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\ADA\Downloads
 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
 Internet Explorer (Version = 8.0.7600.16385)
 Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
 3,86 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 42,65% Memory free
 11,59 Gb Paging File | 9,22 Gb Available in Paging File | 79,56% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
 Drive C: | 452,32 Gb Total Space | 96,52 Gb Free Space | 21,34% Space Free | Partition Type: NTFS
 Drive D: | 182,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
 Computer Name: ADA-VAIO | User Name: ADA | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
 [color=#E56717]========== File Associations ==========[/color]
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
 [HKEY_USERS\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Classes\<extension>]
 .html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
 [color=#E56717]========== Shell Spawning ==========[/color]
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 exefile [open] -- "%1" %*
 helpfile [open] -- Reg Error: Key error.
 htmlfile [edit] -- Reg Error: Key error.
 htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
 http [open] -- Reg Error: Key error.
 https [open] -- Reg Error: Key error.
 inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
 InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
 InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
 Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1"
 Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Folder [explore] -- Reg Error: Value error.
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
 exefile [open] -- "%1" %*
 helpfile [open] -- Reg Error: Key error.
 htmlfile [edit] -- Reg Error: Key error.
 htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
 http [open] -- Reg Error: Key error.
 https [open] -- Reg Error: Key error.
 inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
 Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1"
 Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Folder [explore] -- Reg Error: Value error.
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
 [color=#E56717]========== Security Center Settings ==========[/color]
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 "cval" = 1
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
 "AntiVirusOverride" = 0
 "AntiSpywareOverride" = 0
 "FirewallOverride" = 0
 
 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
 [color=#E56717]========== Firewall Settings ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 "DisableNotifications" = 0
 "EnableFirewall" = 1
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 "DisableNotifications" = 0
 "EnableFirewall" = 1
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
 "DisableNotifications" = 0
 "EnableFirewall" = 1
 "DoNotAllowExceptions" = 0
 
 [color=#E56717]========== Authorized Applications List ==========[/color]
 
 
 [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 "{04F8C9BF-B5C4-447B-8941-778DA6AED26F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
 "{2511794A-A2A6-4CCE-9DF7-7A2A9773A314}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 "{61B1F016-3566-4636-9BF0-861204FE4C87}" = rport=137 | protocol=17 | dir=out | app=system |
 "{96D7ED9C-396D-4694-8F87-6539D9691DD4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
 "{9E783B35-F375-4ADC-84A5-0DD5A990B5F3}" = rport=445 | protocol=6 | dir=out | app=system |
 "{AA679C00-CD17-402A-9A2F-DA65E5EF1990}" = lport=139 | protocol=6 | dir=in | app=system |
 "{AE788829-0D33-4024-AEA1-5C1BC5136470}" = lport=2869 | protocol=6 | dir=in | app=system |
 "{AE7B00D7-2A80-41BB-BC62-12E1B067F9D8}" = lport=445 | protocol=6 | dir=in | app=system |
 "{B5BDF66A-3D14-4951-ABC5-CEFB9EADF3BC}" = rport=139 | protocol=6 | dir=out | app=system |
 "{B896DD2B-3B48-4595-9447-479A1DC277E1}" = lport=138 | protocol=17 | dir=in | app=system |
 "{C0D4EA05-69A1-49D9-8569-03864C8DDEC0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
 "{C4D08C98-6FC5-47FD-AC34-26052AB14BC2}" = rport=138 | protocol=17 | dir=out | app=system |
 "{DEBF61CC-75D1-4920-90B3-07108DF171C6}" = lport=137 | protocol=17 | dir=in | app=system |
 "{FFE2E089-420C-457B-A3E6-40FF5FBBD71F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 
 [color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 "{0BBA2FDD-47A3-40E2-8385-06C31574B7B2}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
 "{0F53EDA4-5BA6-47DA-B55D-BB0346F5EBE1}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio transfer support\vaiotransfer.exe |
 "{13B71459-1FD3-4147-84FE-30D42912F946}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
 "{1E71CD3C-2050-415F-B5CA-74C2F0623E33}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
 "{2238CA2B-1000-4BD3-BE31-A67C15FE2329}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
 "{32570F13-1C89-4AEC-ABCF-596E9E78D304}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
 "{331EADBA-A26C-4E69-AE2E-121B3B4DF1E1}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
 "{4EF139B5-2FE1-4E5A-B438-B96F2C2CF044}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe |
 "{5D600F3A-D3C7-4F1C-9922-2153E46CFA73}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
 "{6F4A14D5-2D1F-416B-A984-316F8F51BD54}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe |
 "{6FE90723-25BD-4BCF-968C-94209C18564D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
 "{939E27AD-57B7-4A2F-8EA7-B59752D4C23B}" = protocol=6 | dir=in | app=c:\users\ada\downloads\sweetimsetup (1).exe |
 "{95863229-C3F8-489E-BC73-DE563F7094E7}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe |
 "{9659929B-1BF6-4A79-8B3B-867F08B43CDF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
 "{975BA926-F4C8-40CE-9BDB-B5E668D1CECC}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe |
 "{9D78ECB6-6EF8-4AED-ADCE-10D51FAD6392}" = protocol=6 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe |
 "{BC612040-FF14-4A17-B9C8-A917B81C7809}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
 "{BC731A4A-1930-407A-9456-3072E42D37F4}" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
 "{C32141FD-9BAF-45CD-A16A-75A0197043ED}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |
 "{C63B85B4-7D56-4112-AA3E-3457D6CB0A9D}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe |
 "{CF5B9B28-8D6B-4088-88E8-EDCA25D1819B}" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
 "{D277B40D-2A70-4AE7-B6AE-470102752B35}" = protocol=17 | dir=in | app=c:\users\ada\downloads\sweetimsetup (1).exe |
 "{D38E5C1C-A7E5-45CE-B803-4D99038323EE}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio transfer support\vaiotransfer.exe |
 "{E7A833E6-010F-4498-B1C6-9259F63821DD}" = protocol=17 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe |
 "{F0D57DB4-DC0D-4EF9-ADF5-469A69FB8C06}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe |
 "{F17BCD72-4FD5-4E85-88C1-10F326172745}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe |
 "{F9E294DD-A887-4BCD-BF22-4F65EF85056A}" = dir=in | app=c:\program files (x86)\sony\vaio media plus\vmp.exe |
 "TCP Query User{9B7D0CC7-A31C-4F97-A102-2C6AB0421ECF}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
 "TCP Query User{B55C3A48-CEA2-4489-9907-8C701880B732}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
 "UDP Query User{2CFB0FFA-6846-40DC-864C-FFEE70F4D201}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
 "UDP Query User{BBF0278F-2B2D-4D38-896E-9917DE1FA45F}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
 
 [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 "{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
 "{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64
 "{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
 "{202B76AB-1B21-434E-A289-788D767D3A7C}" = Media Gallery
 "{259FD439-13B0-0136-D0A0-FA89BB05831D}" = ccc-utility64
 "{31a52f2e-32e8-4c8f-9d99-6fd0c37c99ef}" = Gigaset QuickSync
 "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
 "{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
 "{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus
 "{5BC83141-83DD-07BE-C940-04B385540F04}" = ATI Catalyst Install Manager
 "{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64
 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
 "{A3D964A6-411A-4817-9D58-5CB8808F494E}" = VAIO Media plus
 "{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
 "{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64
 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
 "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 "SynTPDeinstKey" = Synaptics Pointing Device Driver
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 "{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
 "{0483BE07-260D-4E4D-815E-F737C0A72E40}" = Adobe Flash Player 10 ActiveX
 "{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play mit PlayStation®3
 "{07B7598E-1FB8-1A95-7A30-F534A55726B4}" = CCC Help Czech
 "{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
 "{09E4C6A0-AB81-4ADA-9163-DD7B724E0BB6}" = Janosch Vorschule
 "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
 "{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
 "{159E5135-4BEA-52B7-8CDC-823F1ED6D8A5}" = CCC Help Spanish
 "{177AF091-7854-4615-8327-AC7518F62782}" = VAIO Media plus
 "{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
 "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
 "{20536917-E2DF-45D9-B41F-9AC0CAFFE48A}" = Media Gallery
 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
 "{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = PMB VAIO Edition Plug-in
 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
 "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
 "{265F0D95-A883-7162-0458-B78085B6B693}" = Catalyst Control Center Graphics Light
 "{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
 "{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4
 "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
 "{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics
 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
 "{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
 "{35111E7A-03B9-25EC-F434-A1CD976907FC}" = CCC Help Chinese Traditional
 "{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
 "{3DB5EA77-4A14-4EC9-8BFC-73BC848BDE73}" = Media Gallery
 "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
 "{427E8AD0-A4B1-D225-836E-CCB6068B490A}" = CCC Help French
 "{44D25B45-5C0E-2187-6739-E2FA0E8AFE1D}" = CCC Help Portuguese
 "{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
 "{4B9DA746-5AE1-4BA0-9087-BDB162242890}" = VAIO Media plus
 "{4E6DF745-C99E-909F-BCF0-B7C24A51E56E}" = CCC Help Japanese
 "{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
 "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
 "{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}" = VAIO Media plus
 "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
 "{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
 "{5736590B-36C7-4881-5EBE-F9B390F00774}" = Catalyst Control Center Core Implementation
 "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
 "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
 "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
 "{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
 "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
 "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
 "{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
 "{61F569A3-1647-B6F4-08C8-40A011831827}" = CCC Help English
 "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
 "{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Remote-Tastatur mit PlayStation 3
 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
 "{6A3F204B-323C-7E32-F890-A7308768728D}" = CCC Help Russian
 "{6CF47FD1-3CF8-4206-BA24-A2B1E43D8CCA}" = IncrediMail
 "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
 "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
 "{7002773F-2A53-E9F2-E161-DB3DDA0F05BE}" = CCC Help Hungarian
 "{70991E0A-1108-437E-BA7D-085702C670C0}" =
 "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
 "{734B6C6C-4740-476F-BB0C-F7AF469EDBB2}" = Remote Play with PlayStation 3
 "{76DECE17-BCF5-9640-2854-3CA049834A40}" = CCC Help Chinese Standard
 "{7A63F0C4-6B2B-694C-ED72-D0670612BC29}" = CCC Help Swedish
 "{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
 "{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
 "{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool
 "{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
 "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
 "{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
 "{88001121-87E2-2104-F9F5-ECC15DFCA1E0}" = Catalyst Control Center Graphics Full Existing
 "{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
 "{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
 "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
 "{8EB34C0B-AF54-F265-844C-3E6FA9AE2FCD}" = CCC Help German
 "{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
 "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
 "{9C73041C-AB71-995D-EEC7-B4E940F93F36}" = CCC Help Finnish
 "{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
 "{A00F8237-F496-44D2-0001-E3CCF8CD58AE}" = PhotoMizer
 "{A0E583D1-23F7-4C35-9620-B169D7715E4B}" = Adobe Premiere Elements 8.0
 "{A20548C1-4B08-C41D-A3A8-FE8C933C2A00}" = Catalyst Control Center InstallProxy
 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
 "{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
 "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" =
 "{A8D53A4E-77A1-E23E-A396-6D9C86A2F273}" = Catalyst Control Center Graphics Full New
 "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Polish
 "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
 "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
 "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
 "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
 "{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
 "{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6
 "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
 "{B941F34C-F36A-4A6F-A97C-50B5948E451F}" = VAIO Media plus
 "{BFF37C6E-D735-4487-390C-271E030AA62C}" = CCC Help Italian
 "{C2E171F6-9B58-4CE1-7B8B-B69FA04EBAB8}" = Catalyst Control Center Graphics Previews Vista
 "{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
 "{C459D829-0FF0-C210-B2BF-83DB63FC1D61}" = CCC Help Korean
 "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
 "{C5529BC1-C2BF-44E8-B62A-01913D70081C}" = Catalyst Control Center - Branding
 "{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
 "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" =
 "{C83B7CBB-C736-BF46-9832-7A9D07E9D94C}" = CCC Help Polish
 "{C8BCC14C-2807-4C2D-A659-843427BF82E2}" = TopSecret Biometrics Components
 "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
 "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
 "{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
 "{D49989B0-7BC2-F7F1-8017-3257F617347A}" = Catalyst Control Center Graphics Previews Common
 "{D5E409E8-3AF3-4B19-A291-E27AECC905B3}" = Janosch Vorschule Englisch
 "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
 "{D6DEC295-88A0-5CFA-0B29-C8FDF091FFD3}" = CCC Help Dutch
 "{D8FF4505-5977-4116-8DE4-2AF7174E70AC}" = Media Gallery
 "{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = VAIO - Media Gallery
 "{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
 "{DF693121-40C0-3020-D655-612E51616423}" = CCC Help Danish
 "{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
 "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
 "{EBDDC3CC-343A-C0DD-79BA-8A12D0A2CA10}" = CCC Help Turkish
 "{ECF0D151-BCA0-8E6D-62DB-5D44DB4A3836}" = CCC Help Thai
 "{ED1674F5-5165-49BF-B546-AE5343111540}" = WebCam
 "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
 "{F1B95046-E9DA-CFEC-42A8-C8224646AA32}" = ccc-core-static
 "{F30FE437-0E45-D409-F629-5D86960A6591}" = CCC Help Norwegian
 "{F5CC9A13-6C57-4948-75A8-3A2C92A3183B}" = Catalyst Control Center Localization All
 "{F67C14C0-D73E-C55B-E132-B1904A1A709C}" = CCC Help Greek
 "{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
 "{F7E8DD1D-9BFD-38BB-86A5-BEF313B00C51}" = Catalyst Control Center InstallProxy
 "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
 "{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
 "Adobe AIR" = Adobe AIR
 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
 "Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
 "Any Video Converter_is1" = Any Video Converter 3.3.3
 "Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9
 "BlazeDTV 6.0_is1" = BlazeDTV 6.0
 "FastStone Image Viewer" = FastStone Image Viewer 4.4
 "Freemake Video Converter_is1" = Freemake Video Converter wersja 3.0.1
 "IncrediMail" = IncrediMail 2.0
 "InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = VAIO - PMB VAIO Edition Plug-in
 "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
 "InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
 "InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
 "InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
 "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
 "LHTTSGED" = L&H TTS3000 Deutsch
 "Mozilla Firefox 9.0.1 (x86 pl)" = Mozilla Firefox 9.0.1 (x86 pl)
 "PhotoScape" = PhotoScape
 "Picasa 3" = Picasa 3
 "PremElem80" = Adobe Premiere Elements 8.0
 "Revo Uninstaller" = Revo Uninstaller 1.94
 "splashtop" = VAIO Quick Web Access
 "TC UP" = Total Commander Ultima Prime 4.7.0.0
 "VAIO Help and Support" =
 "VAIO screensaver" = VAIO screensaver
 "Windows Searchqu Toolbar" = Windows Searchqu Toolbar
 "WinLiveSuite_Wave3" = Windows Live Essentials
 "Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free
 
 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
 [HKEY_USERS\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 "Google Chrome" = Google Chrome
 "UnityWebPlayer" = Unity Web Player
 
 [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
 [ Application Events ]
 Error - 01.10.2011 07:22:08 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815
 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" in Zeile 8. Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
 Error - 01.10.2011 18:32:18 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815
 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
 Error - 01.10.2011 18:33:37 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815
 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" in Zeile 8. Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
 Error - 05.10.2011 11:27:46 | Computer Name = ADA-VAIO | Source = Application Error | ID = 1000
 Description = Name der fehlerhaften Anwendung: IncMail.exe, Version: 6.2.8.4960,
 Zeitstempel: 0x4da6d188 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00025c43 ID des fehlerhaften
 Prozesses: 0xa3c Startzeit der fehlerhaften Anwendung: 0x01cc8332d3a81257 Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe Pfad
 des fehlerhaften Moduls: unknown Berichtskennung: 92d9388b-ef66-11e0-bfa7-c0cb38f2c74e
 
 Error - 05.10.2011 11:27:53 | Computer Name = ADA-VAIO | Source = Application Error | ID = 1000
 Description = Name der fehlerhaften Anwendung: IncMail.exe, Version: 6.2.8.4960,
 Zeitstempel: 0x4da6d188 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16850,
 Zeitstempel: 0x4e211485 Ausnahmecode: 0xe06d7363 Fehleroffset: 0x0000b9bc ID des fehlerhaften
 Prozesses: 0xa3c Startzeit der fehlerhaften Anwendung: 0x01cc8332d3a81257 Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 9762541b-ef66-11e0-bfa7-c0cb38f2c74e
 
 Error - 05.10.2011 11:28:23 | Computer Name = ADA-VAIO | Source = Application Hang | ID = 1002
 Description = Programm IncMail.exe, Version 6.2.8.4960 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1860 Startzeit:
 01cc83735c102d24 Endzeit: 29 Anwendungspfad: C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
 Berichts-ID:
 a688b966-ef66-11e0-bfa7-c0cb38f2c74e
 
 Error - 06.10.2011 10:15:19 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815
 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
 Error - 06.10.2011 10:16:47 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815
 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" in Zeile 8. Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
 Error - 07.10.2011 05:52:19 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815
 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
 Error - 07.10.2011 05:53:31 | Computer Name = ADA-VAIO | Source = SideBySide | ID = 16842815
 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\TC UP\PLUGINS\Media\SiMail\DelphiZip.dll" in Zeile 8. Der
 Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
 
 [ Media Center Events ]
 Error - 31.01.2011 15:53:09 | Computer Name = ADA-VAIO | Source = MCUpdate | ID = 0
 Description = 20:53:08 - Directory konnte nicht abgerufen werden (Fehler: Der Remotename
 konnte nicht aufgelöst werden: 'data.tvdownload.microsoft.com')
 
 Error - 31.01.2011 15:53:28 | Computer Name = ADA-VAIO | Source = MCUpdate | ID = 0
 Description = 20:53:17 - Fehler beim Herstellen der Internetverbindung. 20:53:17
 - Serververbindung konnte nicht hergestellt werden..
 
 [ System Events ]
 Error - 02.07.2012 23:18:25 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7026
 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
 VD_FileDisk
 
 Error - 03.07.2012 11:30:09 | Computer Name = ADA-VAIO | Source = Application Popup | ID = 1060
 Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\VD_FileDisk.SYS
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
 Error - 03.07.2012 11:31:09 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7000
 Description = Der Dienst "Nero BackItUp Scheduler 4.0" wurde aufgrund folgenden
 Fehlers nicht gestartet: %%2
 
 Error - 03.07.2012 11:31:32 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7026
 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
 VD_FileDisk
 
 Error - 03.07.2012 11:35:51 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7022
 Description = Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.
 
 Error - 03.07.2012 11:38:11 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7022
 Description = Der Dienst "Intel(R) Management & Security Application User Notification
 Service" wurde nicht richtig gestartet.
 
 Error - 03.07.2012 11:38:59 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7011
 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst SampleCollector erreicht.
 
 Error - 03.07.2012 11:39:29 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7011
 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst VSNService erreicht.
 
 Error - 03.07.2012 14:13:30 | Computer Name = ADA-VAIO | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
 Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597
 (Definition 1.129.902.0)
 
 Error - 03.07.2012 14:24:08 | Computer Name = ADA-VAIO | Source = Service Control Manager | ID = 7034
 Description = Dienst "VAIO Care Performance Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
 
 < End of report >
- Kod: Zaznacz wszystko
- OTL logfile created on: 03.07.2012 22:19:11 - Run 2
 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\ADA\Downloads
 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
 Internet Explorer (Version = 8.0.7600.16385)
 Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
 3,86 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 42,65% Memory free
 11,59 Gb Paging File | 9,22 Gb Available in Paging File | 79,56% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
 Drive C: | 452,32 Gb Total Space | 96,52 Gb Free Space | 21,34% Space Free | Partition Type: NTFS
 Drive D: | 182,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
 Computer Name: ADA-VAIO | User Name: ADA | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 [color=#E56717]========== Processes (SafeList) ==========[/color]
 
 PRC - [2012.07.03 22:15:03 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\ADA\Downloads\OTL.com
 PRC - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
 PRC - [2011.05.19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
 PRC - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
 PRC - [2011.01.29 06:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
 PRC - [2011.01.20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
 PRC - [2010.06.20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
 PRC - [2010.06.20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
 PRC - [2010.06.18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
 PRC - [2010.06.09 15:56:02 | 000,384,880 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
 PRC - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
 PRC - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
 PRC - [2010.05.31 19:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
 PRC - [2010.05.31 17:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
 PRC - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
 PRC - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
 PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
 PRC - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
 PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
 PRC - [2007.03.06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
 PRC - [2002.12.17 18:55:12 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
 
 
 [color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 MOD - [2012.06.28 12:28:56 | 000,438,296 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
 MOD - [2012.06.28 12:28:54 | 003,972,120 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
 MOD - [2012.06.28 12:27:40 | 000,554,520 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\libglesv2.dll
 MOD - [2012.06.28 12:27:38 | 000,117,784 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\libegl.dll
 MOD - [2012.06.28 12:27:29 | 000,140,328 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\avutil-51.dll
 MOD - [2012.06.28 12:27:28 | 000,262,184 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\avformat-54.dll
 MOD - [2012.06.28 12:27:26 | 002,386,984 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll
 MOD - [2012.06.28 10:27:26 | 009,252,040 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
 MOD - [2012.06.28 10:27:26 | 009,252,040 | ---- | M] () -- C:\Users\ADA\AppData\Local\Google\Chrome\APPLIC~1\200113~1.47\gcswf32.dll
 
 
 [color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
 SRV:[b]64bit:[/b] - [2011.01.29 06:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
 SRV:[b]64bit:[/b] - [2010.10.08 08:55:08 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
 SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
 SRV - [2012.01.13 10:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
 SRV - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
 SRV - [2011.05.19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
 SRV - [2011.02.18 22:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
 SRV - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
 SRV - [2011.01.20 12:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
 SRV - [2011.01.20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
 SRV - [2010.08.19 18:43:23 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Programme\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64) Cyberlink RichVideo64 Service(CRVS)
 SRV - [2010.08.11 08:46:06 | 000,845,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
 SRV - [2010.07.29 13:22:44 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
 SRV - [2010.06.21 18:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
 SRV - [2010.06.20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
 SRV - [2010.06.20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
 SRV - [2010.06.18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
 SRV - [2010.06.09 15:56:02 | 000,384,880 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
 SRV - [2010.06.08 23:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
 SRV - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
 SRV - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
 SRV - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
 SRV - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
 SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
 SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
 SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
 SRV - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
 SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
 SRV - [2007.03.06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
 SRV - [2002.12.17 18:55:12 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
 SRV - [2002.12.17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
 
 
 [color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
 DRV:[b]64bit:[/b] - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
 DRV:[b]64bit:[/b] - [2011.10.14 14:35:50 | 000,507,392 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA)
 DRV:[b]64bit:[/b] - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
 DRV:[b]64bit:[/b] - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
 DRV:[b]64bit:[/b] - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
 DRV:[b]64bit:[/b] - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
 DRV:[b]64bit:[/b] - [2010.10.08 08:55:08 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
 DRV:[b]64bit:[/b] - [2010.06.24 22:34:53 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
 DRV:[b]64bit:[/b] - [2010.06.24 22:33:43 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
 DRV:[b]64bit:[/b] - [2010.06.23 22:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
 DRV:[b]64bit:[/b] - [2010.06.23 22:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
 DRV:[b]64bit:[/b] - [2010.06.23 22:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
 DRV:[b]64bit:[/b] - [2010.06.23 22:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
 DRV:[b]64bit:[/b] - [2010.06.23 22:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
 DRV:[b]64bit:[/b] - [2010.06.23 22:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
 DRV:[b]64bit:[/b] - [2010.06.23 22:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
 DRV:[b]64bit:[/b] - [2010.05.31 23:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
 DRV:[b]64bit:[/b] - [2010.05.31 23:36:41 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
 DRV:[b]64bit:[/b] - [2010.05.31 23:31:21 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
 DRV:[b]64bit:[/b] - [2010.05.31 22:10:13 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
 DRV:[b]64bit:[/b] - [2010.05.28 22:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
 DRV:[b]64bit:[/b] - [2010.05.28 22:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
 DRV:[b]64bit:[/b] - [2010.04.29 12:20:20 | 000,182,912 | ---- | M] (Etron) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ETdrv.sys -- (usbet)
 DRV:[b]64bit:[/b] - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
 DRV:[b]64bit:[/b] - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
 DRV:[b]64bit:[/b] - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
 DRV:[b]64bit:[/b] - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
 DRV:[b]64bit:[/b] - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
 DRV:[b]64bit:[/b] - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
 DRV:[b]64bit:[/b] - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
 DRV:[b]64bit:[/b] - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
 DRV:[b]64bit:[/b] - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
 DRV:[b]64bit:[/b] - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
 DRV:[b]64bit:[/b] - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
 DRV:[b]64bit:[/b] - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
 DRV:[b]64bit:[/b] - [2009.02.20 18:09:18 | 000,054,272 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys -- (GigasetGenericUSB_x64)
 DRV:[b]64bit:[/b] - [2008.06.16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
 DRV:[b]64bit:[/b] - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
 DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 DRV - [2006.01.13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\vd_filedisk.sys -- (VD_FileDisk)
 
 
 [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
 [color=#E56717]========== Internet Explorer ==========[/color]
 
 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
 IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms}
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
 IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms}
 
 
 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{08BE6EE1-8079-47C9-A38A-75478049A4DD}: "URL" = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcearchTerms}&rf=sonyslices
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{6E1C308D-3DF5-48A3-819A-5F93D048AF7F}: "URL" = http://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{7345481F-7D5C-4F1F-B5B8-65E3A33378A0}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-W1&o=100000080&src=crm&q={searchTerms}&locale=&apn_ptnrs=JM&apn_dtid=YYYYYYYYDE&apn_uid=b74a7517-8d27-4ba1-ac99-eb5e60f2a890&apn_sauid=2757DB68-7B85-4BAB-848E-CA99B4442FEE&
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{8559D8B2-251B-42ED-8273-4C12CD1E5B98}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{8EA3CDFF-2737-4D7C-82D4-307ECCF20F7B}: "URL" = http://start.funmoods.com/results.php?f=4&a=make&q={searchTerms}
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{97D9E0FC-6DC0-4316-B570-BC0C58C90222}: "URL" = http://de.shopping.com/?linkin_id=8056363
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms}
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 IE - HKU\S-1-5-21-293356991-225826379-2249491693-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 [color=#E56717]========== FireFox ==========[/color]
 
 FF - prefs.js..browser.search.defaultengine: "Ask.com"
 FF - prefs.js..browser.search.defaultenginename: "Search Results"
 FF - prefs.js..browser.search.order.1: "Search Results"
 FF - prefs.js..browser.search.selectedEngine: "Search Results"
 FF - prefs.js..browser.search.useDBForOrder: true
 FF - prefs.js..browser.startup.homepage: "http://www.gazeta.pl/0,0.html?p=128"
 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7
 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4
 FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=421&sr=0&q="
 
 
 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
 FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
 FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
 FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll File not found
 FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ADA\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ADA\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ADA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.02.01 14:23:02 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.13 18:16:16 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.02 20:16:37 | 000,000,000 | ---D | M]
 
 [2012.02.09 18:15:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADA\AppData\Roaming\mozilla\Extensions
 [2012.06.16 20:43:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions
 [2012.02.09 18:15:35 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
 [2011.07.03 17:45:05 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\de-DE@dictionaries.addons.mozilla.org
 [2012.02.03 10:31:23 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\ADA\AppData\Roaming\mozilla\Firefox\Profiles\1svcy6jz.default\extensions\ffxtlbr@funmoods.com
 [2011.11.09 17:05:26 | 000,002,406 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\askcom.xml
 [2012.02.01 14:23:14 | 000,001,798 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\funmoods.xml
 [2012.02.09 18:15:30 | 000,002,515 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\Search_Results.xml
 [2012.02.04 22:10:54 | 000,003,915 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\Mozilla\Firefox\Profiles\1svcy6jz.default\searchplugins\sweetim.xml
 [2012.07.02 23:13:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 [2011.05.16 19:01:05 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
 [2012.05.23 19:28:04 | 000,061,109 | ---- | M] () (No name found) -- C:\USERS\ADA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1SVCY6JZ.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
 [2012.01.10 22:52:44 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\ADA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1SVCY6JZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
 [2012.01.13 18:16:16 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
 [2011.10.31 06:57:31 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
 [2011.10.31 06:57:31 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
 [2011.10.31 06:57:31 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
 [2011.10.31 06:57:31 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
 [2012.02.09 18:15:30 | 000,002,515 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
 [2011.10.31 06:57:31 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
 [2011.10.31 06:57:31 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
 [color=#E56717]========== Chrome ==========[/color]
 
 CHR - default_search_provider: Search Results (Enabled)
 CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&appid=0&systemid=421&sr=0&q={searchTerms}
 CHR - default_search_provider: suggest_url =
 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
 CHR - plugin: Native Client (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
 CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
 CHR - plugin: Shockwave Flash (Disabled) = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
 CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
 CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_1\plugin/npVKPlugin.dll
 CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
 CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
 CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
 CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
 CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
 CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
 CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
 CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
 CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
 CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
 CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
 CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
 CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
 CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
 CHR - plugin: Unity Player (Enabled) = C:\Users\ADA\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
 CHR - plugin: Google Update (Enabled) = C:\Users\ADA\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
 CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
 CHR - Extension: Szukaj w Google = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
 CHR - Extension: Fiery Music = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon\1_0\
 CHR - Extension: SweetIM for Facebook = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
 CHR - Extension: SweetIM for Facebook = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
 CHR - Extension: Szukaj w Google = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
 CHR - Extension: Fiery Music = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon\1_0\
 CHR - Extension: SweetIM for Facebook = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
 CHR - Extension: SweetIM for Facebook = C:\Users\ADA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
 
 O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
 O2:[b]64bit:[/b] - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\BROWSE~1.DLL (Bandoo Media, inc)
 O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
 O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll File not found
 O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()
 O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL (Bandoo Media, inc)
 O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll File not found
 O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
 O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
 O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()
 O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
 O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
 O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
 O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
 O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
 O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
 O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
 O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
 O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
 O4 - HKU\S-1-5-21-293356991-225826379-2249491693-1000..\RunOnce: [JavaInstallRetry] C:\Users\ADA\AppData\LocalLow\Sun\Java\JRERunOnce.exe (Oracle Corporation)
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
 O7 - HKU\S-1-5-21-293356991-225826379-2249491693-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
 O8:[b]64bit:[/b] - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
 O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
 O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
 O13[b]64bit:[/b] - gopher Prefix: missing
 O13 - gopher Prefix: missing
 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 192.168.2.1
 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.2.1
 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
 O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
 O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
 O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
 O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
 O20 - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll (Bandoo Media, inc)
 O20 - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll (Bandoo Media, inc)
 O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
 O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
 O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
 O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
 O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
 O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
 O32 - HKLM CDRom: AutoRun - 0
 O32 - AutoRun File - [2007.09.26 07:00:00 | 000,000,064 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
 O33 - MountPoints2\{59383d41-f715-11df-85f6-806e6f6e6963}\Shell - "" = AutoRun
 O33 - MountPoints2\{59383d41-f715-11df-85f6-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2010.07.14 12:36:42 | 000,103,816 | R--- | M] (CANON INC.)
 O34 - HKLM BootExecute: (autocheck autochk *)
 O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
 O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
 O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
 O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
 [2012.07.03 21:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
 [2012.07.03 21:01:46 | 000,000,000 | ---D | C] -- C:\Users\ADA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
 [2012.07.02 21:48:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon
 [2012.07.02 21:37:22 | 000,000,000 | ---D | C] -- C:\canon_downloads
 [2012.07.02 21:19:10 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
 [2012.07.02 20:16:37 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
 [2012.06.23 07:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Gigaset QuickSync
 [2012.06.23 07:49:38 | 000,000,000 | ---D | C] -- C:\Users\ADA\AppData\Local\Gigaset_Communications_Gm
 [2012.06.23 07:48:51 | 000,054,272 | ---- | C] (Siemens Home and Office Communication Devices GmbH & Co. KG) -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys
 [2012.06.23 07:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync
 [2012.06.23 07:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gigaset QuickSync
 [2012.06.21 17:41:26 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
 [2012.06.21 17:41:26 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
 [2012.06.21 17:41:26 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
 [2012.06.21 17:40:41 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
 [2012.06.21 17:40:41 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
 [2012.06.21 17:40:41 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
 [2012.06.21 17:39:54 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
 [2012.06.21 17:39:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
 [2012.06.14 16:52:56 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
 [2012.06.14 16:52:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
 [2012.06.14 16:52:36 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
 [2012.06.14 16:52:34 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
 [2012.06.14 16:52:33 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
 [2012.06.14 16:52:18 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
 [2012.06.14 16:52:18 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
 [2012.06.14 16:52:18 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
 [2012.06.14 16:52:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
 [2012.06.14 16:52:16 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
 [2012.06.14 16:52:16 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
 [2012.06.14 16:52:16 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
 [2012.06.14 16:52:16 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
 [2012.06.14 16:52:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
 [2012.06.14 16:52:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
 [2012.06.14 16:52:15 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
 [2012.06.14 16:52:15 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
 [2012.06.14 16:25:21 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
 [2012.06.14 16:25:21 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
 [2012.06.14 16:25:21 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
 [2012.06.14 16:25:17 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
 [2012.06.14 16:25:13 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
 [2012.06.14 16:25:12 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
 [2012.06.14 16:25:05 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
 [2012.06.14 16:24:48 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
 [2012.06.14 16:24:45 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
 [2012.06.07 17:35:52 | 000,000,000 | ---D | C] -- C:\Users\ADA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terzio
 [2012.06.07 17:03:46 | 000,000,000 | ---D | C] -- C:\Terzio
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
 [2012.07.03 21:27:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-293356991-225826379-2249491693-1000UA.job
 [2012.07.03 21:01:47 | 000,001,264 | ---- | M] () -- C:\Users\ADA\Desktop\Revo Uninstaller.lnk
 [2012.07.03 20:59:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2012.07.03 20:25:00 | 000,013,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
 [2012.07.03 20:25:00 | 000,013,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
 [2012.07.03 20:13:44 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-293356991-225826379-2249491693-1000Core.job
 [2012.07.03 17:30:10 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
 [2012.07.02 21:18:49 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
 [2012.07.01 21:03:55 | 000,634,072 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
 [2012.07.01 21:03:55 | 000,114,306 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
 [2012.07.01 21:03:54 | 001,558,548 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
 [2012.07.01 21:03:54 | 000,677,036 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
 [2012.07.01 21:03:54 | 000,140,516 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
 [2012.06.23 08:00:59 | 000,012,841 | ---- | M] () -- C:\Users\ADA\AppData\Roaming\UserTile.png
 [2012.06.23 07:48:48 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\Gigaset QuickSync.exe.lnk
 [2012.06.14 18:24:24 | 000,481,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 [2012.06.07 17:35:53 | 000,001,712 | ---- | M] () -- C:\Users\Public\Desktop\Janosch Vorschule.lnk
 [2012.06.07 17:09:02 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Janosch Vorschule Englisch.lnk
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 [color=#E56717]========== Files Created - No Company Name ==========[/color]
 
 [2012.07.03 21:01:47 | 000,001,264 | ---- | C] () -- C:\Users\ADA\Desktop\Revo Uninstaller.lnk
 [2012.06.23 08:00:59 | 000,012,841 | ---- | C] () -- C:\Users\ADA\AppData\Roaming\UserTile.png
 [2012.06.23 07:48:48 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\Gigaset QuickSync.exe.lnk
 [2012.06.07 17:35:53 | 000,001,712 | ---- | C] () -- C:\Users\Public\Desktop\Janosch Vorschule.lnk
 [2012.06.07 17:09:02 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Janosch Vorschule Englisch.lnk
 [2012.01.22 20:05:54 | 000,758,018 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
 [2012.01.22 20:05:54 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
 [2012.01.15 18:46:45 | 000,017,408 | ---- | C] () -- C:\Users\ADA\AppData\Local\WebpageIcons.db
 [2011.10.14 14:38:00 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\systeminfo.dll
 [2011.07.04 20:51:44 | 000,000,000 | ---- | C] () -- C:\Users\ADA\AppData\Local\{C9CFCFBA-6C1C-4CD5-B479-B01BA1DAD6B6}
 [2011.03.30 17:15:54 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
 [2011.02.13 22:04:29 | 000,004,900 | ---- | C] () -- C:\ProgramData\hvcatrnw.tht
 [2011.01.28 21:24:59 | 000,000,168 | RHS- | C] () -- C:\ProgramData\FC8332F981.sys
 [2011.01.28 21:24:58 | 000,008,456 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
 [2011.01.25 23:13:48 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 [2011.01.24 16:52:54 | 000,000,042 | ---- | C] () -- C:\Users\ADA\AppData\Roaming\default.pls
 [2011.01.24 16:22:50 | 000,001,024 | ---- | C] () -- C:\Users\ADA\.rnd
 [2010.12.28 15:55:43 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
 [2010.12.09 16:09:38 | 000,074,240 | ---- | C] () -- C:\Users\ADA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 [2010.10.08 08:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 [2010.07.13 00:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
 [2010.07.12 22:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
 [2010.07.12 22:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
 [2010.07.12 22:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
 [2010.07.12 22:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
 [2010.07.12 22:27:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
 [2010.07.12 22:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat
 [2010.07.12 22:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat
 
 [color=#E56717]========== LOP Check ==========[/color]
 
 [2010.12.09 16:09:04 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\ACD Systems
 [2012.01.22 20:12:30 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\AnvSoft
 [2012.02.14 22:17:31 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Ashampoo
 [2012.02.14 21:27:15 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Canneverbe Limited
 [2011.01.24 21:28:36 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
 [2012.06.01 16:22:37 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Engelmann Media
 [2012.02.09 18:15:46 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\FreeBurner
 [2011.04.08 23:37:53 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Gadu-Gadu 10
 [2010.12.03 11:36:10 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\GHISLER
 [2010.12.09 13:06:01 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\HEXelon
 [2011.04.10 00:14:17 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\IrfanView
 [2011.02.05 21:30:24 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\MAGIX
 [2011.02.13 22:04:41 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\MOVAVI
 [2010.12.09 13:15:22 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\No Company Name
 [2011.11.05 14:27:27 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Opera
 [2011.05.17 21:34:10 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\PhotoScape
 [2011.01.24 21:27:57 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
 [2012.06.04 21:01:13 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\PowerCinema
 [2011.02.06 20:46:58 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Publish Providers
 [2011.01.28 17:28:52 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\SoftGrid Client
 [2011.08.28 19:58:15 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Sony
 [2011.01.25 23:15:02 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\TP
 [2011.02.15 23:28:56 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Ulead Systems
 [2012.05.16 21:14:46 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\Unity
 [2011.05.19 23:08:26 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\UNOUndercover
 [2011.04.09 23:23:14 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\XnView
 [2011.10.13 17:59:21 | 000,000,000 | ---D | M] -- C:\Users\ADA\AppData\Roaming\ZapodajUploader
 [2012.05.01 14:47:02 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
 [color=#E56717]========== Purity Check ==========[/color]
 
 
 
 [color=#E56717]========== Alternate Data Streams ==========[/color]
 
 @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:CC02DF48
 < End of report >

 
	
 
	
