| |
| |||||||
Log-Analyse und Auswertung: 50 euro Virus "Achtung aus Sicherheitsgruenden wurde ihr Windowssystem blockiert"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
15.01.2012, 17:14
| #1 |
| |  50 euro Virus "Achtung aus Sicherheitsgruenden wurde ihr Windowssystem blockiert" Ich habe, denke ich, alles wie in der Anleitung durchgefuehrt, aber bei mir wurde keine extras.txt erstellt, deswegen kann ich nur den Inhalt, der odt.txt und gmer.txt posten. Bin allerdings ein Leihe, was Computer angeht und muss das ganze an einem japanischem Rechner, mit japanischem Windows machen. Ich hoffe, dass ich einen gaengigen Fehler gemacht habe und ihr Ideen habt, warum keine extras.txt erstellt wurde gmer.txt: (Im Anhang) Odt.txt: (Zu gross fuer den Anhang) OTL Logfile: Code:
ATTFilter OTL logfile created on: 2012/01/16 0:07:49 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Seika\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd 1013.32 Mb Total Physical Memory | 598.20 Mb Available Physical Memory | 59.03% Memory free 2.23 Gb Paging File | 1.97 Gb Available in Paging File | 88.45% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 56.23 Gb Total Space | 5.20 Gb Free Space | 9.25% Space Free | Partition Type: NTFS Drive D: | 9.99 Gb Total Space | 9.87 Gb Free Space | 98.82% Space Free | Partition Type: FAT32 Computer Name: SEIKA-PC | User Name: Seika | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/01/16 00:01:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Seika\Desktop\OTL.exe PRC - [2009/04/11 15:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV - [2012/01/03 22:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/11/23 09:47:56 | 000,126,008 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeService2.exe -- (SonicStage Back-End Service2) SRV - [2011/11/18 21:53:08 | 000,169,832 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe -- (PACSPTISVR) SRV - [2011/09/03 13:43:24 | 000,213,840 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Stopped] -- C:\Program Files\K7 Computing\K7TSecurity\k7tsmngr.exe -- (K7TSMngr) SRV - [2011/08/26 19:34:40 | 000,176,920 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Stopped] -- C:\Program Files\K7 Computing\K7TSecurity\k7rtscan.exe -- (K7RTScan) SRV - [2011/08/25 16:35:06 | 000,136,984 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Stopped] -- C:\Program Files\K7 Computing\K7TSecurity\k7pssrvc.exe -- (K7PSSrvc) SRV - [2011/07/30 22:42:46 | 000,148,248 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Stopped] -- C:\Program Files\K7 Computing\K7TSecurity\k7emlpxy.exe -- (K7EmlPxy) SRV - [2011/07/20 22:41:46 | 000,303,384 | ---- | M] (K7 Computing Pvt Ltd) [On_Demand | Stopped] -- C:\Program Files\K7 Computing\K7TSecurity\K7SpmSrc.exe -- (K7SpmSrc) SRV - [2011/07/01 19:26:58 | 000,230,680 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Stopped] -- C:\Program Files\K7 Computing\K7TSecurity\k7fwsrvc.exe -- (K7FWSrvc) SRV - [2011/01/20 20:25:30 | 000,262,424 | ---- | M] (K7 Computing Pvt Ltd) [Auto | Stopped] -- C:\Program Files\K7 Computing\K7TSecurity\K7CrvSvc.exe -- (K7CrvSvc) SRV - [2010/04/23 21:35:46 | 000,147,088 | ---- | M] (Koozyt, Inc.) [Auto | Stopped] -- C:\Program Files\PlaceEngine\PlaceEngineService.exe -- (PlaceEngineService) SRV - [2009/03/19 15:03:32 | 000,167,936 | ---- | M] (Teruten Inc.) [Auto | Stopped] -- C:\Windows\System32\TsService.exe -- (TsService) SRV - [2008/01/19 16:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/06/28 16:25:30 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2007/04/14 01:20:22 | 000,097,432 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2007/03/29 10:39:20 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2006/11/14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing) SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2006/05/25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) ========== Driver Services (SafeList) ========== DRV - [2011/08/26 19:35:06 | 001,006,624 | ---- | M] (K7 Computing Pvt Ltd) [File_System | Boot | Stopped] -- C:\Windows\system32\drivers\K7Sentry.sys -- (K7Sentry) DRV - [2011/07/06 17:39:00 | 000,035,872 | ---- | M] (K7 Computing Pvt Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\K7FWHlpr.sys -- (K7FWHlpr) DRV - [2011/01/02 17:23:06 | 000,009,072 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp) DRV - [2011/01/02 17:23:00 | 000,009,200 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k) DRV - [2009/04/18 21:00:58 | 000,013,600 | ---- | M] (K7 Computing Pvt Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\K7TdiHlp.sys -- (K7TdiHlp) DRV - [2007/06/28 16:23:14 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32) DRV - [2007/06/18 18:03:32 | 000,737,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007/05/31 20:58:42 | 000,011,552 | ---- | M] (Rsupport Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VRVD302.sys -- (VRVD302) DRV - [2007/04/11 16:20:30 | 000,028,816 | ---- | M] (Logicool, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2007/04/11 16:20:14 | 000,036,240 | ---- | M] (Logicool, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007/04/11 16:20:06 | 000,034,960 | ---- | M] (Logicool, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2007/01/24 14:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21) DRV - [2006/11/19 23:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk) DRV - [2006/10/18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2006/10/05 22:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dynabook.fresheye.com/cgi-bin/login.cgi IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://dynabook.fresheye.com/cgi-bin/login.cgi IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.co.jp/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\k7srff@k7computing.com: C:\Program Files\K7 Computing\K7TSecurity\K7SR [2011/09/22 00:46:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/12 08:06:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/01/13 18:50:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/07/21 19:01:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seika\AppData\Roaming\mozilla\Extensions [2011/10/26 22:18:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/10/24 01:58:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011/10/26 22:18:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011/11/12 08:06:35 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/10/09 19:33:17 | 000,001,842 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-jp.xml [2011/10/09 19:33:17 | 000,002,623 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google-jp.xml [2011/10/09 19:33:17 | 000,001,269 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\oshiete-goo.xml [2011/10/09 19:33:17 | 000,000,814 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\rakuten.xml [2011/11/12 08:06:36 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter-ja.xml [2011/10/09 19:33:17 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-ja.xml [2011/10/09 19:33:17 | 000,000,889 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-jp-auctions.xml [2011/10/09 19:33:17 | 000,000,696 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-jp.xml O1 HOSTS File: ([2006/09/19 06:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\yt.dll (Yahoo! JAPAN Corporation.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (K7 SiteRater) - {08B3B4B6-02DA-4658-8BA6-5974E3EBB03D} - C:\Program Files\K7 Computing\K7TSecurity\k7srext.dll (K7 Computing Pvt Ltd) O2 - BHO: (Yahoo!ツールバーフィッシング警告) - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files\Yahoo!\Companion\Installs\ypho.dll (Yahoo Japan Corporation. ) O2 - BHO: (FlpLauncher Class) - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - C:\Program Files\E-Book Systems\FlipViewer\fplaunch.dll () O2 - BHO: (CgooStickEnabler Object) - {4A00D3B7-319E-49D9-A7B0-C138480DEBB8} - C:\Program Files\goo\stick6\gooStick.dll (NTT Resonant Inc.) O2 - BHO: (AgreementObject Class) - {D93B7FCF-EAE0-4651-88C4-6E81A0EE1B53} - C:\Program Files\Yahoo!\Companion\Installs\yjtool.dll (Yahoo! Japan) O3 - HKLM\..\Toolbar: (gooスティック) - {2095FB03-93B3-4613-82EC-6BFCD77C043B} - C:\Program Files\goo\stick6\gooStick.dll (NTT Resonant Inc.) O3 - HKLM\..\Toolbar: (&Yahoo!ツールバー) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\yt.dll (Yahoo! JAPAN Corporation.) O3 - HKLM\..\Toolbar: (The翻訳ツールバー) - {FF278623-9AA4-489c-84CE-CF14D90CC70C} - c:\Program Files\TTI_V11LE\def_bar.dll (TOSHIBA SOLUTIONS CORPORATION.) O3 - HKCU\..\Toolbar\WebBrowser: (gooスティック) - {2095FB03-93B3-4613-82EC-6BFCD77C043B} - C:\Program Files\goo\stick6\gooStick.dll (NTT Resonant Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (&Yahoo!ツールバー) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\yt.dll (Yahoo! JAPAN Corporation.) O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [FlipViewer Library] C:\Program Files\E-Book Systems\FlipViewer\FlipViewerLibrary.exe (E-Book Systems Inc.) O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [K7SystemTray] "C:\Program Files\K7 Computing\Common\K7SysTry.exe" File not found O4 - HKLM..\Run: [K7TSStart] C:\Program Files\K7 Computing\K7TSecurity\k7tsecurity.exe (K7 Computing Pvt Ltd) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logicool Inc.) O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe (Napster) O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found O4 - HKLM..\Run: [PlaceEngine] C:\Program Files\PlaceEngine\PlaceEngine.exe (Koozyt Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [ThcCfg] C:\Program Files\TOSHIBA\Chain Search\IEBho\ThcCfg.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Firefox helper] C:\Users\Seika\AppData\Roaming\Mozilla\Firefox\firefox.exe () O4 - HKCU..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found O4 - HKCU..\Run: [VoipDiscount] "C:\Program Files\VoipDiscount.com\VoipDiscount\voipdiscount.exe" -nosplash -minimized File not found O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\K7WSLsp.dll (K7 Computing Pvt Ltd) O13 - gopher Prefix: missing O15 - HKLM\..Trusted Domains: fresheye.com ([dynabook] http in Trusted sites) O15 - HKLM\..Trusted Domains: remotecall.jp ([]http in Trusted sites) O15 - HKLM\..Trusted Domains: remotecall.jp ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: fritz.box ([]* in ローカル イントラネット) O15 - HKCU\..Trusted Ranges: Range1 ([*] in ローカル イントラネット) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {29BC57E0-018D-46D2-B233-338B779C169C} hxxp://view.books.yahoo.co.jp/dor/drm/components/WebShell_2_1_0_3.cab (WebShell Control) O16 - DPF: {2B658B62-1B6F-4CFF-8A7C-225B7BB15336} hxxp://www.dotbook.jp/crochet/download/T-TimeCrochet.cab (CrochetCtrl Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldde-de.cab (Windows Live Hotmail Photo Upload Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0ECD7EBF-03D2-4719-983E-E4B13B7B9F7A}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3AD797E2-F559-40EF-97F2-17D60B565E5C}: DhcpNameServer = 192.168.0.1 O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Seika\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows フォト ギャラリー壁紙.jpg O24 - Desktop BackupWallPaper: C:\Users\Seika\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows フォト ギャラリー壁紙.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/10/16 19:49:44 | 000,000,072 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (K7TSDbg) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web フォルダ ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2012/01/16 00:01:23 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Seika\Desktop\OTL.exe [2012/01/15 19:57:44 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{ED40039B-0840-46CE-9BDC-917285C1DA93} [2012/01/15 19:57:01 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{308631CC-E4F4-4625-84EB-42D50EC80E2D} [2012/01/14 06:27:04 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{ACCEB3F9-7AB6-45FC-805A-794A2B3EFEBE} [2012/01/14 06:25:40 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{2B4AA214-E49E-4250-8DCA-66CF35005F1D} [2012/01/13 18:51:21 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Roaming\Thunderbird [2012/01/13 18:51:21 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\Thunderbird [2012/01/13 18:50:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012/01/13 18:23:40 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{D9AB3AEE-0648-4B8A-9BB5-99242858C214} [2012/01/13 18:22:57 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{00266A0D-D8B0-48DE-A61A-927912755321} [2012/01/12 19:46:53 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{C6645C7A-9615-4B8B-B6DC-C27D26309CDB} [2012/01/12 19:46:11 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{BDEF88AB-4E52-43D8-B715-1FD079BC5106} [2012/01/11 19:17:50 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{9AA2BED5-9E0C-4D02-9F5A-3D8DACAFA9BE} [2012/01/11 19:16:27 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{9AD185A9-C5A2-44E8-B84A-2CCCD2263703} [2012/01/10 19:36:37 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{A7734E89-F769-4188-8D19-3F9EBDEF3BF6} [2012/01/10 19:34:27 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{D51A4D9B-685A-4EF2-ADDB-C18FDC4AAD7F} [2012/01/09 18:33:02 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{CF774160-8E6F-41E9-B5C3-2E7B25889B31} [2012/01/09 18:32:34 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{B3CE083D-AAC5-41D2-8076-2F104E6538C3} [2012/01/08 22:12:43 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{E6B598A9-6263-42FF-BE80-085FDDC9FCAA} [2012/01/08 22:12:18 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{7DEF9D41-F0B3-4CBF-AFC5-8BCE7AD79261} [2012/01/08 07:35:29 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{B6DF0528-3248-469F-AF29-2477413884B0} [2012/01/08 07:34:48 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{2AB42F33-63DF-4618-8F9C-9DE80A69C968} [2012/01/07 18:42:07 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{827C6AC0-5B5B-4DA0-AEE2-18F711CB6018} [2012/01/07 18:41:04 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{9A660104-BB0D-4C14-867B-A11E1A785EB4} [2012/01/06 20:30:14 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{8922A3FF-13F3-4CE5-9072-246F6265943D} [2012/01/06 20:29:31 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{C4431E16-AB13-495A-8DFB-27D2973D23E5} [2012/01/05 20:15:59 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{8C108F3B-5FD7-4265-A2D0-A07A3928B0FD} [2012/01/05 20:15:43 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{1714D940-E6A1-41AF-A8CC-EA6F65DD94EE} [2012/01/04 19:57:20 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{15EAE675-3B5A-46BC-8482-891E1C90476D} [2012/01/04 19:56:11 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{5D1E30CF-5215-4922-BCB9-8E73294B74A0} [2012/01/03 21:30:38 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{2C67721F-6489-4B1E-BE83-D5B37D91ECFF} [2012/01/03 21:29:47 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{16CB9A51-B854-4A0F-8944-2DFB45AE01CF} [2012/01/03 07:06:33 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{7489135A-A83E-43D9-89FD-21E93B9C9D69} [2012/01/03 07:06:07 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{382E9A8E-35CF-45A5-BF24-9931E1A50530} [2012/01/02 19:05:33 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{27C17CB0-55CF-4457-B5E8-C042992D76AD} [2012/01/02 19:05:02 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{9B034263-DF03-4861-ACE2-8298BFDAA665} [2012/01/01 21:27:31 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{09C1ACF6-8413-4074-AD56-F4C4BD683FDD} [2012/01/01 21:26:55 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{039B43FA-A343-4860-8336-AB356075231B} [2011/12/31 20:35:45 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{873423AB-4F4F-498F-A3FF-BC67B8BB6E56} [2011/12/31 20:35:07 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{E5599B5C-DC42-4E8C-9141-97C7F46D4ED9} [2011/12/31 00:47:51 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{D3610F73-EBD3-4BDD-9AB5-30ABEF9802EC} [2011/12/31 00:47:23 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{037F987E-F897-4774-87A5-27B1638A6792} [2011/12/29 19:13:33 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{B44598BB-605A-4CB0-8560-7752CC19B0B8} [2011/12/29 19:13:02 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{3A889340-EDF2-432D-B582-9C9E508C388E} [2011/12/29 06:44:17 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{46569DB3-71FD-4A4F-9B89-FAA306AAAE6B} [2011/12/29 06:43:53 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{94EA9F61-B0E7-4CAE-80B7-EC86B431BD4B} [2011/12/28 18:43:15 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{667B30F9-D5F8-47C3-A3B7-9271A8C5CB81} [2011/12/28 18:42:25 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{C148EDC3-03A5-4C08-A1B9-3685DB16F31A} [2011/12/28 06:41:43 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{562EECE4-C7B3-4863-AAB2-EEBAFF7E3AA0} [2011/12/28 06:41:18 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{BF17E2D8-6202-4545-BA34-28B2EA543AD7} [2011/12/27 18:40:49 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{E2D9F53D-171F-4261-8EC4-B8C8A396D3AD} [2011/12/27 18:40:27 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{F52FAE60-BF12-4938-8E3B-9EA5BA8BABD2} [2011/12/26 20:51:01 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{5F14CAA1-5657-4FCE-8550-C6D029FC6A94} [2011/12/26 20:50:14 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{5FBF604C-ADD4-48E2-B82A-4FD1F7A46D18} [2011/12/25 22:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x-アプリ [2011/12/25 20:04:29 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{9E8A2100-FC5D-4C3E-B6AD-7D5F5B33C9DB} [2011/12/25 20:03:55 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{ACB0CE5C-114D-4B8C-A22F-7F9393945DB1} [2011/12/24 20:35:25 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{74D812C3-5664-4470-A943-76B2AE19C3D7} [2011/12/24 20:34:59 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{1191F5D3-A65D-4A47-9D3D-286EBC215A85} [2011/12/23 18:44:39 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{25854317-9175-46A4-A1FC-34C1A374D994} [2011/12/23 18:44:06 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{6876031A-CFD9-4657-9532-5C12AE8014D9} [2011/12/23 06:43:09 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{F8A90BD0-3827-4DA0-A5DC-247BC2579419} [2011/12/23 06:42:27 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{17C9D7EC-4CE4-44A8-A529-436C280F265C} [2011/12/22 18:41:35 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{52F1B099-C961-4E79-A1B4-6389C4247B76} [2011/12/22 18:40:52 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{03C1005F-AF36-4304-83CE-5B5A66321E0D} [2011/12/22 05:44:23 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{FA8C8182-F817-43F8-A66F-9B332BC9EDD9} [2011/12/22 05:43:25 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{77446444-5A4F-4442-8F77-E0C3FD736B68} [2011/12/21 06:51:22 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{BD9084E5-F652-40B8-8B9A-922D7C2AB128} [2011/12/21 06:50:58 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{DF9793AF-A8A0-403B-B274-08F94EF4F666} [2011/12/20 18:50:31 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{3130DECD-D102-40FE-A73F-1B9E5971D027} [2011/12/20 18:49:55 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{C35150AD-67F4-40C8-8982-A658ED5A8850} [2011/12/19 17:32:17 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{2B17D393-5F90-4AE8-B378-C0FAFA5E4CC8} [2011/12/19 17:31:30 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{43CD005B-B366-4A40-9D6F-82F910F852FE} [2011/12/18 21:27:34 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{E450D212-0A8E-41F2-882F-FF94B708A532} [2011/12/18 21:26:33 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{573753C2-4063-4006-B32B-F3E8C82DC7E6} [2011/12/18 05:28:36 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{48AE7D59-C06C-4FEC-9BF9-2B3624506A0A} [2011/12/18 05:27:50 | 000,000,000 | ---D | C] -- C:\Users\Seika\AppData\Local\{438D9A10-EFD6-444F-9F4B-FB54A0318841} [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/01/16 00:01:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Seika\Desktop\OTL.exe [2012/01/16 00:00:13 | 000,000,000 | ---- | M] () -- C:\Users\Seika\defogger_reenable [2012/01/15 23:49:10 | 000,050,477 | ---- | M] () -- C:\Users\Seika\Desktop\Defogger.exe [2012/01/15 23:43:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/01/15 23:27:29 | 000,614,076 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/01/15 23:27:29 | 000,391,020 | ---- | M] () -- C:\Windows\System32\perfh011.dat [2012/01/15 23:27:29 | 000,112,694 | ---- | M] () -- C:\Windows\System32\perfc011.dat [2012/01/15 23:27:29 | 000,112,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/01/15 23:13:51 | 000,000,674 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/01/15 23:13:42 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/01/15 23:13:42 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/01/15 22:36:50 | 000,000,678 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/01/15 19:57:15 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2012/01/13 18:50:48 | 000,001,922 | ---- | M] () -- C:\Users\Seika\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk [2012/01/13 18:50:47 | 000,001,898 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2011/12/28 07:20:05 | 000,039,653 | ---- | M] () -- C:\Users\Seika\Documents\Lebenslauf.pdf [2011/12/28 06:01:39 | 002,193,502 | ---- | M] () -- C:\Users\Seika\Documents\Passbild.BMP [2011/12/28 06:00:24 | 000,027,136 | ---- | M] () -- C:\Users\Seika\Documents\Lebenslauf.dot [2011/12/25 22:03:52 | 000,001,559 | ---- | M] () -- C:\Users\Public\Desktop\x-アプリ.lnk [2011/12/25 00:36:58 | 000,002,828 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys [2011/12/25 00:36:00 | 000,000,088 | RHS- | M] () -- C:\Windows\System32\900F0A26CD.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/01/16 00:00:13 | 000,000,000 | ---- | C] () -- C:\Users\Seika\defogger_reenable [2012/01/15 23:49:09 | 000,050,477 | ---- | C] () -- C:\Users\Seika\Desktop\Defogger.exe [2012/01/13 18:50:45 | 000,001,922 | ---- | C] () -- C:\Users\Seika\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk [2012/01/13 18:50:45 | 000,001,898 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012/01/13 18:50:42 | 000,001,910 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2011/12/28 06:01:35 | 002,193,502 | ---- | C] () -- C:\Users\Seika\Documents\Passbild.BMP [2011/12/28 06:00:22 | 000,027,136 | ---- | C] () -- C:\Users\Seika\Documents\Lebenslauf.dot [2011/12/25 21:56:57 | 000,001,559 | ---- | C] () -- C:\Users\Public\Desktop\x-アプリ.lnk [2010/07/15 15:10:26 | 000,000,680 | ---- | C] () -- C:\Users\Seika\AppData\Local\d3d9caps.dat [2009/09/25 15:40:20 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/09/25 15:37:54 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/09/06 18:13:05 | 000,126,976 | ---- | C] () -- C:\Windows\System32\TptmLib.dll [2009/03/19 15:43:20 | 000,230,928 | ---- | C] () -- C:\Windows\System32\TsMng.exe [2009/03/13 13:29:48 | 000,208,896 | ---- | C] () -- C:\Windows\System32\TptLIB.dll [2009/02/09 16:27:08 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TsCheckHook.dll [2009/01/30 01:33:17 | 000,024,206 | ---- | C] () -- C:\Users\Seika\AppData\Roaming\UserTile.png [2009/01/09 01:16:00 | 000,012,288 | ---- | C] () -- C:\Users\Seika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/01/08 11:04:06 | 000,126,976 | ---- | C] () -- C:\Windows\System32\TptBmlib.dll [2008/10/11 19:13:40 | 000,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys [2008/10/11 19:13:40 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\900F0A26CD.sys [2008/08/14 23:32:11 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008/07/13 23:39:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008/06/02 01:08:25 | 000,516,690 | ---- | C] () -- C:\Windows\tbs_rookiesUninst.exe [2008/03/31 16:19:22 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2007/08/03 10:09:51 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2007/08/03 02:27:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2007/08/03 02:27:26 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2007/08/03 02:27:26 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2007/08/03 02:27:26 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2007/08/03 02:27:26 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2007/08/03 02:27:26 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2007/08/03 00:44:12 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat [2007/08/03 00:44:12 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat [2007/08/02 23:06:40 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007/08/02 23:06:06 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll [2006/11/03 00:43:28 | 000,391,020 | ---- | C] () -- C:\Windows\System32\perfh011.dat [2006/11/03 00:43:28 | 000,139,030 | ---- | C] () -- C:\Windows\System32\perfi011.dat [2006/11/03 00:43:28 | 000,112,694 | ---- | C] () -- C:\Windows\System32\perfc011.dat [2006/11/03 00:43:28 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd011.dat [2006/11/02 21:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 21:44:53 | 000,365,928 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 20:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe [2006/11/02 19:33:01 | 000,614,076 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 19:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 19:33:01 | 000,112,568 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 19:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 19:25:21 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006/11/02 19:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 17:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 17:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 16:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 16:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006/06/16 12:00:00 | 000,139,264 | ---- | C] () -- C:\Windows\System32\VSPpg8.dll [2005/09/15 23:10:22 | 000,160,768 | ---- | C] () -- C:\Windows\System32\unrar.dll ========== LOP Check ========== [2008/09/07 02:28:26 | 000,000,000 | ---D | M] -- C:\Users\Seika\AppData\Roaming\Babylon [2011/02/15 22:36:39 | 000,000,000 | ---D | M] -- C:\Users\Seika\AppData\Roaming\Canon [2009/08/29 23:58:10 | 000,000,000 | ---D | M] -- C:\Users\Seika\AppData\Roaming\CravingExplorer [2008/03/23 00:22:26 | 000,000,000 | ---D | M] -- C:\Users\Seika\AppData\Roaming\EBookSys [2009/11/03 09:18:45 | 000,000,000 | ---D | M] -- C:\Users\Seika\AppData\Roaming\ndr [2011/02/15 22:37:02 | 000,000,000 | ---D | M] -- C:\Users\Seika\AppData\Roaming\Panasonic [2008/03/11 23:25:03 | 000,000,000 | ---D | M] -- C:\Users\Seika\AppData\Roaming\PCHelpNavi [2011/04/16 18:42:12 | 000,000,000 | ---D | M] -- C:\Users\Seika\AppData\Roaming\TeamViewer [2012/01/13 18:51:39 | 000,000,000 | ---D | M] -- C:\Users\Seika\AppData\Roaming\Thunderbird [2011/05/20 04:56:06 | 000,000,000 | ---D | M] -- C:\Users\Seika\AppData\Roaming\TOSHIBA [2009/12/19 20:02:01 | 000,000,000 | ---D | M] -- C:\Users\Seika\AppData\Roaming\VoipDiscount [2012/01/12 01:22:21 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2008/03/10 12:44:18 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2011/01/27 15:30:38 | 000,000,000 | ---D | M] -- C:\0d3e446e78c97925da4795dc57df [2010/12/18 01:32:18 | 000,000,000 | ---D | M] -- C:\42b74ab4e1807388511075 [2010/06/26 02:06:06 | 000,000,000 | ---D | M] -- C:\6b1f01da9ef1b9e06ff3e941 [2010/12/20 19:37:48 | 000,000,000 | ---D | M] -- C:\744b8970bd032ddbec5d74e700 [2011/01/02 18:50:41 | 000,000,000 | ---D | M] -- C:\9f321a86a2b450ed4770f5f473ba9ed4 [2011/01/13 15:19:45 | 000,000,000 | ---D | M] -- C:\bd002aec588a9f106896b72d685a [2009/09/26 23:45:39 | 000,000,000 | -HSD | M] -- C:\Boot [2010/09/01 12:04:27 | 000,000,000 | ---D | M] -- C:\c6438648d9f02d6782a89e17cf8171 [2010/10/12 15:32:34 | 000,000,000 | ---D | M] -- C:\c7f684958c7f065eeda2c7bdaa540f71 [2010/01/03 18:15:31 | 000,000,000 | ---D | M] -- C:\Cache [2011/02/10 23:13:28 | 000,000,000 | ---D | M] -- C:\de8c547cce86157b6a8b45d4874d06 [2006/11/02 21:59:44 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2007/08/03 01:24:00 | 000,000,000 | ---D | M] -- C:\dynabookBanner [2010/12/25 13:36:45 | 000,000,000 | ---D | M] -- C:\fb7bc48ea95d2928f8e80e9a [2010/01/03 18:15:31 | 000,000,000 | ---D | M] -- C:\Microsoft [2007/08/03 02:50:13 | 000,000,000 | RH-D | M] -- C:\MSOCache [2007/08/03 01:54:57 | 000,000,000 | ---D | M] -- C:\My Music [2008/06/14 15:35:34 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012/01/13 23:57:03 | 000,000,000 | R--D | M] -- C:\Program Files [2011/10/24 02:00:49 | 000,000,000 | -H-D | M] -- C:\ProgramData [2007/08/03 02:45:29 | 000,000,000 | ---D | M] -- C:\Room1048 [2009/07/08 18:43:25 | 000,000,000 | ---D | M] -- C:\SysLogs [2012/01/15 22:38:09 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2007/08/03 10:22:21 | 000,000,000 | ---D | M] -- C:\TOSAPINS [2007/08/03 02:22:25 | 000,000,000 | ---D | M] -- C:\toshiba [2007/08/03 02:20:40 | 000,000,000 | ---D | M] -- C:\tosutils [2008/03/10 12:43:48 | 000,000,000 | R--D | M] -- C:\Users [2012/01/15 22:41:28 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > < MD5 for: AFD.SYS > [2011/04/21 22:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\System32\drivers\afd.sys [2011/04/21 22:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys [2011/04/21 22:16:42 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=48EB99503533C27AC6135648E5474457 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys [2006/11/02 17:58:43 | 000,270,336 | ---- | M] (Microsoft Corporation) MD5=5D24CAF8EFD924A875698FF28384DB8B -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6000.16386_none_d5b1809661820e7c\afd.sys [2011/04/21 22:28:53 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=70EE0FC7A0F384DBD929A01384AEEB4B -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys [2008/01/19 14:57:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=763E172A55177E478CB419F88FD0BA03 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys [2009/04/11 13:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=A201207363AA900ABF1A388468688570 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys [2011/04/21 22:12:21 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=C8AF25017CECB75906A571AC70D2D306 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys < MD5 for: EXPLORER.EXE > [2008/10/29 15:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008/10/29 15:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008/10/30 12:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2008/03/20 22:03:08 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe [2008/03/20 22:03:08 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe [2009/04/11 15:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009/04/11 15:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008/10/28 11:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2006/11/02 18:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe [2008/01/19 16:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: REGEDIT.EXE > [2008/01/19 16:33:24 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe [2008/01/19 16:33:24 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe [2006/11/02 18:45:35 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=F13123E76FDA33E55F11E0EB832E832A -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe < MD5 for: USERINIT.EXE > [2008/01/19 16:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008/01/19 16:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2006/11/02 18:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe < MD5 for: WININIT.EXE > [2008/01/19 16:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008/01/19 16:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [2006/11/02 18:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe < MD5 for: WINLOGON.EXE > [2009/04/11 15:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009/04/11 15:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2006/11/02 18:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe [2008/01/19 16:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-01-11 18:00:30 < > < End of report > Geändert von Fabian G. (15.01.2012 um 17:23 Uhr) Grund: codelog hinzugefuegt |
| Themen zu 50 euro Virus "Achtung aus Sicherheitsgruenden wurde ihr Windowssystem blockiert" |
| adobe, bho, blockiert, bonjour, canon, computer, defender, error, euro, explorer, fehler, firefox, format, google earth, home, logfile, mozilla thunderbird, object, plug-in, realtek, registry, required, rundll, scan, security, software, version=1.0, virus, vista, warum, windows, winlogon.exe, wurde ihr |
Baum-Darstellung