| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: polizeitrojaner: "ihr computer wurde gesperrt"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
05.06.2012, 16:08
| #1 |
 |  polizeitrojaner: "ihr computer wurde gesperrt" hallo! ich melde mich aus dem abgesichterten modus unseres laptops. ein "polizeitrojaner" hat den computer gesperrt und will 100 € zur freischaltung.  er ist nahezu identisch mit jenem, der hier gezeigt wird:http://www.trojaner-board.de/116052-...-gesperrt.html nur halt die österrreichische version: die kreisrunde flagge links oben ist rot-weiß-rot, daneben steht: "sitz: österreich" und rechts oben hängt das logo der österreichischen polizei. sonst sieht wie gesagt alles gleich aus, auch der text ist derselbe. betriebssystem: windows 7 home premium 64 bit ich poste hier wie angewiesen die logs defogger, otl.txt und extra.txt. bitte nehmt es mir nicht übel, dass ich nicht alle namen mit sternchen geschwärzt habe – das sieht mir bei diesen zahllosen zeilen nach stundenlanger arbeit aus. ansonster hoffe ich, alles richtig gemacht zu haben und würde mich sehr über ein bisschen hilfe freuen. besten dank im voraus!! ps. defogger log: defogger_disable by jpshortstuff (23.02.10.1) Log created at 16:31 on 05/06/2012 (***) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- otl.txt: OTL logfile created on: 05.06.2012 16:34:14 - Run 1 OTL by OldTimer - Version 3.2.46.1 Folder = C:\Users\Christine\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 3,37 Gb Available Physical Memory | 86,10% Memory free 7,82 Gb Paging File | 7,30 Gb Available in Paging File | 93,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 657,54 Gb Total Space | 559,74 Gb Free Space | 85,13% Space Free | Partition Type: NTFS Drive D: | 37,99 Gb Total Space | 13,84 Gb Free Space | 36,43% Space Free | Partition Type: NTFS Computer Name: CRI | User Name: Christine | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.05 16:33:30 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Christine\Downloads\OTL.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.05.02 23:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R) SRV:64bit: - [2011.05.02 23:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2011.05.02 23:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R) SRV:64bit: - [2011.04.21 18:34:16 | 001,136,640 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV:64bit: - [2011.04.21 17:42:50 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) Intel(R) Centrino(R) Wireless Bluetooth(R) SRV:64bit: - [2010.12.17 16:46:34 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Stopped] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg) SRV:64bit: - [2010.11.21 05:24:42 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc) SRV:64bit: - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess) SRV:64bit: - [2009.07.14 03:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess) SRV - [2012.04.25 15:49:46 | 003,065,120 | ---- | M] (Emsisoft GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011.04.30 09:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2011.02.22 22:20:21 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2011.02.22 22:20:17 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2011.02.11 21:40:00 | 000,997,712 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2011.02.11 21:39:58 | 001,304,912 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service) SRV - [2011.02.11 21:39:54 | 000,907,600 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2010.12.06 12:52:40 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\watchmi\TvdService.exe -- (watchmi) SRV - [2010.11.02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [On_Demand | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP) SRV - [2010.10.07 02:46:42 | 000,159,752 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe -- (GFNEXSrv) SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009.12.19 00:40:48 | 000,104,968 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PHotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009.07.14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.06.10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.09.02 13:36:04 | 000,556,120 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2011.05.17 18:27:52 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2011.05.17 18:27:50 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2011.05.01 23:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R) DRV:64bit: - [2011.04.26 20:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011.04.21 18:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP) Intel(R) Centrino(R) DRV:64bit: - [2011.04.21 18:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL) Intel(R) Centrino(R) DRV:64bit: - [2011.04.15 11:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011.04.15 01:16:08 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2011.04.13 18:30:54 | 000,207,872 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2011.04.13 18:30:50 | 000,087,552 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.10 17:01:40 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2011.01.24 11:24:52 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2011.01.24 11:22:48 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:64bit: - [2011.01.24 10:56:06 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:55 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs) DRV:64bit: - [2010.11.21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2010.10.15 01:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2010.09.23 22:03:06 | 000,129,008 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:64bit: - [2010.08.24 18:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010.06.09 16:44:00 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2) DRV:64bit: - [2010.06.09 16:43:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1) DRV:64bit: - [2010.04.22 18:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2010.01.22 11:26:50 | 000,305,200 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.11.02 19:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2009.10.23 17:26:14 | 000,046,592 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl) DRV:64bit: - [2009.07.14 01:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2011.11.02 11:13:26 | 000,041,728 | ---- | M] (Emsi Software GmbH) [File_System | System | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver) DRV - [2011.11.02 11:13:12 | 000,063,880 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys -- (a2acc) DRV - [2011.05.19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA) DRV - [2010.05.05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util) DRV - [2009.09.11 23:11:46 | 000,014,344 | R--- | M] (PEGATRON) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys -- (PEGAGFN) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ IE - HKCU\..\SearchScopes,DefaultScope = {9824CF41-BB89-4DAC-BB30-A04257FB155A} IE - HKCU\..\SearchScopes\{9824CF41-BB89-4DAC-BB30-A04257FB155A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru [2011.09.02 17:56:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru [2011.09.02 17:56:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru [2011.09.02 17:56:34 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google  riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Christine\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony) O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [vdaoqgutrqtnsid] C:\ProgramData\vdaoqgutrqtnsidyhsww.exe () O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O9:64bit: - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O9 - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8068FE7C-7296-400B-9019-82B7F3A7BDB2}: DhcpNameServer = 212.186.211.21 195.34.133.21 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab ZAO) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab ZAO) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{abaa3f73-2e17-11e1-a774-bc7737bd8025}\Shell - "" = AutoRun O33 - MountPoints2\{abaa3f73-2e17-11e1-a774-bc7737bd8025}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{d6301f5d-1e56-11e1-bfb2-bc7737bd8025}\Shell - "" = AutoRun O33 - MountPoints2\{d6301f5d-1e56-11e1-bfb2-bc7737bd8025}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.06.05 14:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\ggswwkdcmlmuynd [2012.06.05 11:35:21 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{78D78AB4-94D3-435D-9C96-B5DD1A29113E} [2012.06.05 11:35:10 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{17F6FC29-0130-49D6-96F8-B42DD6463674} [2012.06.05 03:17:45 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{64FE5756-19E7-4529-B341-F05299200D46} [2012.06.05 01:59:01 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{83822564-DFD6-473C-8962-94CD856A5C69} [2012.06.05 01:58:39 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{B99ADAA6-A385-495E-A317-9C778ACA5CDB} [2012.06.04 14:42:32 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{077912A8-51E2-4D25-BB5A-3173DAA87B60} [2012.06.04 14:42:10 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{9271EB4E-09A4-4BA5-A600-2A873F2FEEA5} [2012.06.04 08:20:34 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{32CCED7E-AFA6-4C59-B6F7-89D4119C448F} [2012.06.04 08:20:12 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{41DD0CDF-3E48-42FA-B199-23355D69FBC4} [2012.06.03 14:31:44 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{AB2DE2E6-3888-4997-922B-0F8B0D0FA041} [2012.06.03 08:44:15 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{BA50F2BD-C00D-4E65-A53D-43337B31B7EB} [2012.06.03 08:36:32 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{587FC4A6-5FED-4FD3-BA84-FAA4AA1916A8} [2012.06.03 08:36:09 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{E70AB0CD-53E4-4E64-8C40-ABE6D6211153} [2012.06.03 08:35:12 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{ED948568-3679-457B-94B4-EF8130DA5CAD} [2012.06.03 08:34:36 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{52340573-43CE-48E4-8AA5-2B833BBBA3C0} [2012.06.03 00:59:53 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{DB5F2CF5-5E0A-4DE6-9DE2-D81C499B33F1} [2012.06.03 00:54:12 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{1B195DE7-A1C4-4F9F-82B6-D2A49E032692} [2012.06.03 00:53:50 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{F53FD837-1081-4BB0-8CDB-7502AD27ED19} [2012.06.02 23:44:42 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{5537A293-66FD-4AB8-9486-21D92C534C1C} [2012.06.02 23:44:20 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{4266A521-E151-4D27-B50E-9B8078EBFB8F} [2012.06.02 19:16:28 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{998D12AC-03A5-4738-B695-B85DCED5F743} [2012.06.02 19:16:06 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{EAD4AE8D-D423-4DCD-AD9E-89D26457B7A1} [2012.06.01 22:53:56 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{EFCD8544-7F5D-40B4-B462-02C452E349C4} [2012.06.01 22:53:45 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{CDB1414F-3340-40DF-830C-6A2FA4170FC7} [2012.06.01 13:01:23 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{CFEAB9B9-7D2A-4C7A-9A16-F01FC2D6F5FF} [2012.06.01 13:01:00 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{66199F92-068E-44C8-AEAC-A7AEB1523541} [2012.06.01 11:33:44 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{90787EB7-35EA-41BF-B1B0-C3687A8E63F9} [2012.06.01 11:33:20 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{6BA0C524-B4CB-4144-846A-FAC9DEE4903A} [2012.05.31 23:36:49 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{38B74254-11FF-4B3B-9089-801A2C9D1AB7} [2012.05.31 22:57:00 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{B296B2F0-3A85-4E9A-AD84-4EBBBB0593E8} [2012.05.31 22:56:38 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{4B6F0F11-95EE-4222-89E2-D33D85CD51A7} [2012.05.31 22:03:18 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{763DC0A3-93AA-4D52-B819-0D96C57010C2} [2012.05.31 22:02:55 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{CC87F53D-DA82-44F6-9D3D-529C3221FAF8} [2012.05.31 13:24:54 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{37F361C0-FBB4-4636-AC83-B684B599DBD3} [2012.05.31 13:24:43 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{E046E85B-D5FB-47C5-91BA-78E9AF1BE6AF} [2012.05.30 20:41:10 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{3702520C-7111-4C22-A6C2-699B1C8CFF74} [2012.05.30 20:40:59 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{BC2D5611-BA1F-4FB8-BFFF-74FF06CC45F7} [2012.05.30 10:26:43 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{8A1A6B89-0BCC-420F-8CE7-F651F5C578D2} [2012.05.30 10:26:20 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{D67E27EA-8528-4D8E-882A-220F88089D69} [2012.05.30 09:26:07 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{95B64402-90CF-4ACA-B885-BBA2DC4FA01C} [2012.05.30 09:25:44 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{85A3D7E3-7F84-4943-ABEA-DA63725C599E} [2012.05.29 13:43:30 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{1E502B0A-2EB7-4413-8E66-13993F234EF0} [2012.05.29 13:43:08 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{DC025FF9-6D79-48A1-B88F-0FC0AA7339D1} [2012.05.29 09:43:28 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{6463C8EE-8DFD-4DC4-9E78-D7C3501CF329} [2012.05.29 09:43:05 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{482F24C6-C711-4C10-AD0A-8A321BD867DB} [2012.05.28 19:55:32 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{F952B31F-C974-4BC9-8D5C-50FEE20DE474} [2012.05.25 23:20:55 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{284369C2-E976-4D8F-B6CE-246122648C33} [2012.05.25 23:20:33 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{24A8FEF9-2BA8-4C22-B273-ACF5F479F4D2} [2012.05.25 21:11:32 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{3D3BE350-FCB2-47FF-9478-8F87E231A96F} [2012.05.25 14:47:38 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{7697F8F2-1861-4196-B6FE-5A9C828A623D} [2012.05.25 14:47:16 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{6960A2BF-B031-41AA-AD98-B81A4E7C7ECE} [2012.05.24 16:05:54 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{444DDF97-D6D2-4888-8008-BB0921A79CD3} [2012.05.24 15:43:25 | 000,000,000 | ---D | C] -- C:\Users\Christine\Desktop\Sherlock Holmes 2 2011 TS Xvid READ NFO UnKnOwN [2012.05.24 11:51:28 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{3CB5EF64-02BD-4437-A3B9-23C552917BD9} [2012.05.24 11:51:05 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{56FF80DA-BD2C-47C9-BB23-EC2353F80029} [2012.05.23 21:34:59 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{F8D1504E-7389-4DF8-B89A-00C494DC4CC4} [2012.05.23 21:34:36 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{49A8B57A-EA76-41EF-9C34-5DCD3542D70D} [2012.05.23 11:09:20 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{7357424E-8BA9-4556-B9B7-3C6AA0D96150} [2012.05.23 11:08:58 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{44BD76E6-FDDB-4272-9F3F-E65B636EC2BD} [2012.05.23 09:58:28 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{43AA9A08-FB89-4BEA-B29B-9D4705248B27} [2012.05.23 09:58:06 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{43BD006A-1F68-4C0E-9398-3331565F4E4E} [2012.05.23 09:33:31 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{DB1E4A49-D698-48F7-9E24-77B20ABF677B} [2012.05.23 09:33:09 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{4CB1BD2A-2559-4937-8128-64392454BE0A} [2012.05.22 17:08:09 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{867597AB-ACBF-47AF-955C-7A7AB00FFC9E} [2012.05.22 17:07:46 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{0CE9569B-8D7F-4A45-BA96-A337E061B643} [2012.05.22 17:05:14 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{D7E6F1ED-B419-434B-BC8A-C59EDFC5703E} [2012.05.22 17:04:51 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{F222452B-7F30-4222-A653-F19A105039F4} [2012.05.22 13:10:03 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{9E821389-6783-4374-8E52-CA3E04A1C587} [2012.05.21 10:10:50 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{0C25D652-6401-4829-8ECE-912CAC39B4E8} [2012.05.20 12:42:01 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{76E044E8-823F-4626-8448-A9B2464B0439} [2012.05.20 12:41:38 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{3DAE0597-AEBF-4A46-8D10-A7B17DEA6626} [2012.05.19 23:12:53 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{0D12E2C3-0C18-439E-A526-2B539B844D16} [2012.05.19 10:58:21 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{B9BD12A3-389B-4A5B-95AB-B4C0FFDB9354} [2012.05.18 16:25:24 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{BDD2E57C-6927-4068-867B-BBFFB0914080} [2012.05.18 12:53:12 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{5F121190-A5EC-49A8-B058-2417201EC586} [2012.05.18 12:53:01 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{2773C70D-F849-4E38-B06C-451E476B8611} [2012.05.18 12:20:07 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{9CDDFC00-5599-4D74-AA65-25F3A625D59B} [2012.05.18 12:19:43 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{A5A45792-D64E-4755-906E-1165C3EE8D9F} [2012.05.18 12:19:05 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{7BE3059A-BA5C-484C-8CF4-0D8D6F7721FD} [2012.05.18 12:18:54 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{EFBD58FE-08F5-40CC-AFB0-E706EDD359FF} [2012.05.18 08:16:10 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{EEAA7BC7-FBC4-4668-9B21-C6848F97F6F7} [2012.05.18 08:15:48 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{6555E7CA-0BDE-4931-93AC-BCD4B7791C0B} [2012.05.17 20:00:08 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{1EF820CD-1DE1-4B45-B2B4-34FF3BD3C5FB} [2012.05.17 19:59:45 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{BA661BA4-68AB-40D1-87E4-A22C4C33C812} [2012.05.17 15:02:17 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{17837D67-FDFB-4F61-8366-07550F608A77} [2012.05.17 13:41:50 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{D28311EC-73BE-4D47-AFBD-C067C1AB0FBD} [2012.05.17 13:41:27 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{E6F8B608-460A-446F-B23F-3EF789FA7E70} [2012.05.17 11:12:22 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{9BD7D8C6-7398-4C79-B638-45886294E856} [2012.05.17 11:12:00 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{D637EE52-7BC0-45E2-AE42-CE6A56C68A5C} [2012.05.17 09:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012.05.17 09:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012.05.17 09:39:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012.05.16 15:51:44 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{F01C7B70-7D47-4182-9852-CF0877DB2351} [2012.05.16 15:51:33 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{21C2EE21-52E2-41F1-B374-B7B38D79CB3F} [2012.05.16 15:29:45 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{F438C8B2-0FAF-4D54-89FA-D93DD672108E} [2012.05.14 09:24:15 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{CA2BBE69-2CAE-48E5-968A-31A524B8AD9B} [2012.05.14 09:23:48 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{BBA2413E-BDD9-48BB-AA21-C11FA462E970} [2012.05.13 10:11:09 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{571B1528-3EE2-4CE3-9ECB-8D7D545FA127} [2012.05.13 10:10:58 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{35F2DE3C-37FF-4FB0-B1C5-EDB453BEA0F3} [2012.05.12 20:57:24 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{6D72B63A-8724-4565-A9D0-131D4B98C82C} [2012.05.12 10:13:33 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{0A4B5533-4605-4727-B16E-C798A57ABFDD} [2012.05.12 10:13:11 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{8398F0B3-0651-4670-820E-D04130970C9D} [2012.05.12 09:13:38 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{D17EDC50-9900-4370-BB65-E2615A808576} [2012.05.10 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{8B860A95-6034-4139-B15C-0000704E731D} [2012.05.10 21:49:26 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{4A5DCC0E-A380-4D46-8F38-8954EB62204C} [2012.05.10 15:59:48 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{4F6457B4-9158-40B7-BF01-52F1DB042AE6} [2012.05.10 15:59:25 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{D02BF33D-761C-43F3-A110-0AA62F42DDC7} [2012.05.08 10:23:01 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{957D1751-C688-4CF0-ABC6-B754E7F32E9F} [2012.05.08 10:22:38 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{D205B83C-2DD1-48A9-9F33-EB5FBD335AFB} [2012.05.07 13:38:44 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{2CE76FB3-194C-4262-8AD6-E5A1A7C2A5E7} [2012.05.07 13:38:33 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{78E72FED-0A8A-4C40-867A-5545337CC407} [2012.05.07 07:45:34 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{B9C317CB-8786-4882-9B0F-DA4AF76C927C} [2012.05.07 07:45:23 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{61BADE39-2CCE-44AA-8CD6-A1C1F0879FF0} [2012.05.06 18:50:01 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{402537C6-F17E-4D36-A0D0-E5A2DC5C0C8B} [2012.05.06 18:49:39 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\{BDCDDBED-160E-444B-BA97-F1F3EF40CDD8} [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.05 16:31:25 | 000,000,000 | ---- | M] () -- C:\Users\Christine\defogger_reenable [2012.06.05 16:30:23 | 000,050,477 | ---- | M] () -- C:\Users\Christine\Desktop\Defogger.exe [2012.06.05 16:28:13 | 000,669,394 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.05 16:28:13 | 000,620,946 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.05 16:28:13 | 000,134,952 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.05 16:28:13 | 000,110,876 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.05 16:23:54 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat [2012.06.05 16:23:53 | 3151,327,232 | -HS- | M] () -- C:\hiberfil.sys [2012.06.05 16:19:23 | 001,500,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.05 16:15:10 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.05 14:17:44 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.05 14:17:44 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.05 14:05:46 | 000,000,448 | ---- | M] () -- C:\ProgramData\mwwhxkwpuzcdkxr [2012.06.05 14:05:42 | 000,053,248 | ---- | M] () -- C:\ProgramData\vdaoqgutrqtnsidyhsww.exe [2012.06.05 14:05:42 | 000,053,248 | ---- | M] () -- C:\Users\Christine\0.09356871798761801.exe [2012.06.05 13:28:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.05.30 21:10:53 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk [2012.05.24 08:21:55 | 000,002,715 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.05.11 10:38:38 | 000,387,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.05 16:31:25 | 000,000,000 | ---- | C] () -- C:\Users\Christine\defogger_reenable [2012.06.05 16:30:23 | 000,050,477 | ---- | C] () -- C:\Users\Christine\Desktop\Defogger.exe [2012.06.05 14:05:46 | 000,053,248 | ---- | C] () -- C:\ProgramData\vdaoqgutrqtnsidyhsww.exe [2012.06.05 14:05:42 | 000,053,248 | ---- | C] () -- C:\Users\Christine\0.09356871798761801.exe [2012.06.05 14:05:42 | 000,000,448 | ---- | C] () -- C:\ProgramData\mwwhxkwpuzcdkxr [2011.11.28 15:30:42 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2011.10.17 10:46:32 | 001,527,912 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.06.08 21:34:59 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011.06.08 21:34:59 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.05.27 03:14:01 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.05.27 03:14:00 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.05.27 03:14:00 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin ========== LOP Check ========== [2012.04.06 15:03:58 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\Philipp Winterberg [2012.05.26 09:10:31 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\SoftGrid Client [2011.10.17 10:47:42 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\TP [2012.06.05 16:15:29 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\uTorrent [2011.09.22 11:45:00 | 000,000,000 | ---D | M] -- C:\Users\Christine\AppData\Roaming\Windows Live Writer [2009.07.14 07:08:49 | 000,031,276 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > extras.txt.: OTL Extras logfile created on: 05.06.2012 16:34:14 - Run 1 OTL by OldTimer - Version 3.2.46.1 Folder = C:\Users\Christine\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 3,37 Gb Available Physical Memory | 86,10% Memory free 7,82 Gb Paging File | 7,30 Gb Available in Paging File | 93,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 657,54 Gb Total Space | 559,74 Gb Free Space | 85,13% Space Free | Partition Type: NTFS Drive D: | 37,99 Gb Total Space | 13,84 Gb Free Space | 36,43% Space Free | Partition Type: NTFS Computer Name: CRI | User Name: Christine | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0EE1A0D3-BE2F-4AFF-A444-2BB9F73466C9}" = rport=445 | protocol=6 | dir=out | app=system | "{1FCE3EC0-7668-4347-AEAC-943CB44EA225}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{24F1B636-87D4-4D9A-85F6-AEEDB01CCBE5}" = rport=10243 | protocol=6 | dir=out | app=system | "{2C3B61FE-C54C-4C93-B7FA-F059B6627A89}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{366E80A5-3A9C-4B07-90DC-FDEC37785014}" = lport=2869 | protocol=6 | dir=in | app=system | "{3D28D494-9B9B-48C9-A587-44D9604F6D38}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{544D4260-85F7-4E0A-B1AF-00BC1EBFA2F7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{55CBD0F8-98C5-4F52-9C17-D0C96176F61B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{6237552F-0386-4A21-8A80-474C5FA52384}" = lport=10243 | protocol=6 | dir=in | app=system | "{6D9C337C-61AD-4D6E-B07A-8170FF6DDA78}" = lport=138 | protocol=17 | dir=in | app=system | "{70440DFD-872D-4F8D-9190-83EBFD721F4D}" = rport=137 | protocol=17 | dir=out | app=system | "{713748AF-DFBA-49B3-B678-0AFAB204697C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{A73BADC6-D772-450E-8F9A-4F5F8663CF40}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A8A0F995-765A-45F6-8E36-D44BFDA2E301}" = lport=445 | protocol=6 | dir=in | app=system | "{B779B561-388C-4E1F-8D8B-89F3229A769E}" = rport=138 | protocol=17 | dir=out | app=system | "{B903DC9C-169B-4DFD-B34C-CED154B50780}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{C2607E71-B7B4-43BE-8F7A-53630F247B7C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C465ADB8-FE5C-43D7-B1CA-50B7A5A78C81}" = rport=139 | protocol=6 | dir=out | app=system | "{CF7434B2-E45F-4519-AC38-6F995D8B44E9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D4A2076F-1D2A-4C49-91D9-B8B01BCCC769}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{EAE9B112-5610-44AE-B601-B267AD15721D}" = lport=137 | protocol=17 | dir=in | app=system | "{F55436C8-04AA-4BA7-9198-6BDC724E9558}" = lport=139 | protocol=6 | dir=in | app=system | "{F8EE7150-31CD-48EC-AE18-E63FE186151D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{13E3B754-6D40-4F79-96DA-A084368F3565}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{19A11E9D-92CE-4919-9D3D-0E0A443560E4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{276D861A-D1E5-454C-8884-23222F9CC86F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{2D697F46-BC3A-416A-AB13-CA9BB3B805D7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{36666C50-92B5-44D1-B7B6-3605E2FBDA8E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{42791D9D-BBC5-42C4-B9D4-E26264153C3B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{4DD629FC-9E9E-44BA-A549-B5C723213937}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{556D68ED-9371-4720-8023-BB1363723A0E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{56FF91BF-D9B4-4BFE-8893-22A52B2B35AD}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | "{5F088A94-99FF-46B9-AE81-45EB02FE5F7A}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{64F29847-216C-4052-ACBE-BC39673AC642}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{75AD480C-E378-480A-8AD9-ECC6E7CF7E50}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{8AC7AA19-DFF3-4725-B4C2-124595B6D6AB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8DA0E4D4-D63C-4D27-9366-0EB7A5CA73CC}" = protocol=6 | dir=out | app=system | "{908364B7-8066-427B-8CA3-EB9B249A77B8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{90F878C4-4F84-4AF7-A133-DCA8AD0E7848}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{9537DFCD-41BA-473C-94B5-30672DA5D074}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A1E00855-8C67-428E-9D45-1D8112D1DEEC}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{A4375050-CE60-4C95-95EB-02B9E6EA68AB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A71A9547-D380-4870-956A-172EB5E3ABA7}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | "{A7DAA2A7-9CED-4823-B253-BAA027BE72B7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | "{ACE7C606-C4AF-4A44-8185-D436C1A9B502}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | "{B0A55AA0-26CB-46BC-B1EC-DBF1853043C1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B72A039A-B829-4720-869F-2FB336F58F6F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{BD3B4D4A-B032-4CE4-B42F-29AE7ACCEB23}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C3A3DBAE-AB36-4BA0-8632-2A29C2B7CA96}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{CE6648A1-93DD-42C3-8F74-737C3856F2E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DCFC396E-8FBB-40E2-A7B3-B3A0A9CB48F5}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{F71B195E-646D-4351-8CA9-A93DC8AFACD5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java(TM) 6 Update 25 (64-bit) "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display "{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources "{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software "{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources "{46AE421C-BF1B-4B62-BE0E-62FE09C6D5B5}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit "{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{C7B40C35-85AE-4303-9EEA-1A1EA779664D}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D3836C5E-6824-4C9F-9B45-09C989B13EF6}" = VR-pulse Installer "{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}" = Microsoft Mathematics (64-Bit) "{EC1369CF-15BD-4FAF-BA84-65E4788C682E}" = AMI VR-pulse OS Switcher "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "CNXT_AUDIO_HDA" = Conexant HD Audio "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "ProInst" = Intel PROSet Wireless "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content "_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}" = Corel Graphics - Windows Shell Extension "_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5 "{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0DD706AF-B542-438C-999E-B30C7F625C8D}" = Intel(R) WiDi "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema "{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger "{2F14F550-0FFC-4285-B673-880744D428A3}" = CorelDRAW Essentials X5 - Custom Data "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34809713-7886-4F6A-B9D5-CC74DBC1C77E}" = CorelDRAW Essentials X5 - Redist "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}" = CorelDRAW Essentials X5 - WT "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery "{4433CEC6-DA32-4D7B-BA95-B47C68498287}" = CorelDRAW Essentials X5 - Connect "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{48106FE4-B1AF-4941-BF3D-83E6C4B7CAF3}" = Alcor Micro USB Card Reader "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger "{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content "{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{666D7CED-12E0-4BA3-B594-5681961E7B02}" = CorelDRAW Essentials X5 - IPM "{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger "{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh "{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common "{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}" = CorelDRAW Essentials X5 - DE "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz "{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár "{72DB27D3-FE05-4227-AF5A-11CD101ECF09}" = Corel Graphics - Windows Shell Extension "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live "{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}" = CorelDRAW Essentials X5 - IT "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources "{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials "{834F4E2F-E9DF-4FA9-8499-FF6B91012898}" = CorelDRAW Essentials X5 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{85E8F38F-0303-401E-A518-0302DF88EB07}" = CorelDRAW Essentials X5 - Draw "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{89BA6E81-B60A-49BC-B283-80560A9E60DF}" = CorelDRAW Essentials X5 - PHOTO-PAINT "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA4D1C5E-116A-4FF4-AA91-28F526868203}" = watchmi "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.2) MUI "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4 "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer "{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D0BEB150-2046-4F94-AE7B-EA76772592F6}" = CorelDRAW Essentials X5 - Common "{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{D7E60152-6C65-4982-8840-B6D28BF881BD}" = CorelDRAW Essentials X5 - FR "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy "{E4BE9367-168B-4B30-B198-EE37C99FB147}" = CorelDRAW Essentials X5 - Filters "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}" = PHotkey "{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas "{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live "{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E7BE4D1A-B529-448B-8407-889705B65185}" = CorelDRAW Essentials X5 - ES "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5 - Setup Files "{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.065 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA6AF809-9A80-423A-A57A-C7D726A04E4C}" = CorelDRAW Essentials X5 - EN "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AmUStor" = Alcor Micro USB Card Reader "Ashampoo Burning Studio_is1" = Ashampoo Burning Studio "Ashampoo Photo Commander_is1" = Ashampoo Photo Commander "Ashampoo Photo Optimizer_is1" = Ashampoo Photo Optimizer "Ashampoo Snap_is1" = Ashampoo Snap "Free RAR Extract Frog" = Free RAR Extract Frog "Google Chrome" = Google Chrome "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow "InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy "InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011 "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "ProInst" = Intel PROSet Wireless "uTorrent" = µTorrent "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite" = Windows Live Essentials ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 20.05.2012 07:07:24 | Computer Name = Cri | Source = Microsoft-Windows-Defrag | ID = 257 Description = Error - 24.05.2012 05:41:59 | Computer Name = Cri | Source = Microsoft-Windows-Defrag | ID = 257 Description = Error - 24.05.2012 05:46:21 | Computer Name = Cri | Source = Microsoft-Windows-Defrag | ID = 257 Description = Error - 28.05.2012 18:13:58 | Computer Name = Cri | Source = Microsoft-Windows-Defrag | ID = 257 Description = Error - 30.05.2012 05:05:00 | Computer Name = Cri | Source = Microsoft-Windows-Defrag | ID = 257 Description = Error - 05.06.2012 10:28:10 | Computer Name = Cri | Source = Microsoft-Windows-LoadPerf | ID = 3001 Description = Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "12536". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten. Error - 05.06.2012 10:28:10 | Computer Name = Cri | Source = Microsoft-Windows-LoadPerf | ID = 3001 Description = Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "12536". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten. Error - 05.06.2012 10:28:10 | Computer Name = Cri | Source = Microsoft-Windows-LoadPerf | ID = 3011 Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error - 05.06.2012 10:28:13 | Computer Name = Cri | Source = Microsoft-Windows-LoadPerf | ID = 3001 Description = Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "12536". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten. Error - 05.06.2012 10:28:13 | Computer Name = Cri | Source = Microsoft-Windows-LoadPerf | ID = 3001 Description = Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "12536". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten. [ Media Center Events ] Error - 31.03.2012 07:23:08 | Computer Name = Cri | Source = MCUpdate | ID = 0 Description = 13:23:03 - Fehler beim Herstellen der Internetverbindung. 13:23:08 - Serververbindung konnte nicht hergestellt werden.. Error - 31.03.2012 07:23:27 | Computer Name = Cri | Source = MCUpdate | ID = 0 Description = 13:23:26 - Fehler beim Herstellen der Internetverbindung. 13:23:26 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 05.06.2012 10:24:27 | Computer Name = Cri | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 05.06.2012 10:24:27 | Computer Name = Cri | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 05.06.2012 10:24:27 | Computer Name = Cri | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 05.06.2012 10:24:27 | Computer Name = Cri | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 05.06.2012 10:24:27 | Computer Name = Cri | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 05.06.2012 10:24:27 | Computer Name = Cri | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 05.06.2012 10:24:27 | Computer Name = Cri | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 05.06.2012 10:24:27 | Computer Name = Cri | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 05.06.2012 10:24:27 | Computer Name = Cri | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 05.06.2012 10:24:27 | Computer Name = Cri | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 < End of report > |
| Themen zu polizeitrojaner: "ihr computer wurde gesperrt" |
| adobe, autorun, avp.exe, bho, browser, computer, defender, emsisoft, error, fehler, firefox, flash player, format, gesperrt, gfnexsrv.exe, google earth, home, hängt, install.exe, kaspersky, logfile, microsoft office starter 2010, monitor, plug-in, registry, rundll, scan, searchscopes, software, svchost.exe, tastatur, usb, usb 3.0, version=1.0 |
Baum-Darstellung