| |
| |||||||
Alles rund um Windows: Problem mit explorer.exe verbunden mit Active Desktop-ProblemWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
01.01.2011, 14:27
| #1 |
| |  Problem: Problem mit explorer.exe verbunden mit Active Desktop-Problem Hallo erstmal, ich wollte einige Dateien verschieben. Ich kam vom Arbeitsplatz gerade mal zwei bis drei Ordner weiter und bekomme folgende Fehlermeldung: (Im Anhang) Gleichzeitig verschwindet mein Hintergrundbild und ich bekomme eine Meldung über "Active Desktop hat ein Problem festgestellt...". Somit habe ich keine möglichkeit mich auf meiner eigenen Festplatte zu "bewegen" ohne, dass eine Fehlermeldung Auftaucht. Ich habe hier im Forum über ähnliche Probleme gelesen, die dann doch nicht ganz dem entsprachen was bei mir los ist.http://www.trojaner-board.de/18759-e...et-werden.html Ähhhm.... Ja Logfile  HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:03:13, on 01.01.2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\CheckPoint\ZAForceField\IswSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\CheckPoint\ZAForceField\ForceField.exe C:\Programme\Avira\AntiVir Desktop\avshadow.exe C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Programme\Application Updater\ApplicationUpdater.exe C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe C:\Programme\Bonjour\mDNSResponder.exe C:\Programme\Gemeinsame Dateien\Portrait Displays\Shared\DTSRVC.exe C:\Programme\Gemeinsame Dateien\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe C:\Programme\Gemeinsame Dateien\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe C:\Programme\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\stsystra.exe C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\taskswitch.exe C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Skype\Phone\Skype.exe C:\Programme\Windows Media Player\WMPNSCFG.exe C:\Programme\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Programme\Opera\opera.exe C:\Programme\Mozilla Thunderbird\thunderbird.exe C:\WINDOWS\explorer.exe C:\Dokumente und Einstellungen\Damian1996\Desktop\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/home R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.web.de/tab2 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=66016 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=66016 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=66016 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=3070115 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: VMN Toolbar Astro Gemini - {A057A204-BACC-4D26-8287-79A187E26987} - C:\Programme\vmntoolbar\vmntoolbar.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\BAE\BAE.dll O2 - BHO: WEB.DE Browser Configuration by mquadr.at - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\WINDOWS\system32\ieconfig_1und1.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: VMN Toolbar Astro Gemini - {A057A204-BACC-4D26-8287-79A187E26987} - C:\Programme\vmntoolbar\vmntoolbar.dll O3 - Toolbar: (no name) - {9E709AEF-74F7-4DA3-A7FC-F3E2D5A8D793} - (no file) O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [ISW] "C:\Programme\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" O4 - HKLM\..\Run: [SearchSettings] C:\Programme\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Dokumente und Einstellungen\Damian1996\Startmenü\Programme\IMVU\Run IMVU.lnk (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\Skype4COM.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\Programme\Stardock\Object Desktop\DeskScapes\deskscapes.dll O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\Programme\Stardock\Object Desktop\DeskScapes\DesktopControlPanel.dll O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\Programme\Stardock\Object Desktop\DeskScapes\DreamControl.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Programme\Application Updater\ApplicationUpdater.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Programme\Gemeinsame Dateien\Portrait Displays\Shared\DTSRVC.exe O23 - Service: Emma Device Management (EmmaDevMgmtSvc) - Sony Ericsson Mobile Communications - C:\Programme\Gemeinsame Dateien\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe O23 - Service: Emma Update Management (EmmaUpdMgmtSvc) - Sony Ericsson Mobile Communications - C:\Programme\Gemeinsame Dateien\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Programme\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programme\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programme\Spyware Doctor\pctsSvc.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 11718 bytes Mein PC: Windows XP Media Center Edition Version 2002 SP3 AMD Sempron(tm) Processor 3400+ 1.80 GHz, 960 MB Ram ( 1GB DDR2 ) Ich weiß nicht ob ich alles richtig gemaht habe, weil ich hier neu bin  .Danke im voraus für gute Hilfe! Gruß xdix EDIT:Also habe das problem mit Active desktop nun gelöst aber explorer.exe will nicht ohne Probleme weiterleben... Geändert von xdix (01.01.2011 um 14:29 Uhr) Grund: Problem zur Hälfte gelöst |
|
02.01.2011, 12:02
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Problem mit explorer.exe verbunden mit Active Desktop-Problem Anleitung / Hilfe Hallo und
__________________ Zitat:
Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
03.01.2011, 11:52
| #3 |
| | Problem mit explorer.exe verbunden mit Active Desktop-Problem Details Ich weiß nicht wie aber ich habs hingekriegt
__________________ . Trotzdem danke für die hilfe. Anti-Malware ist mir sehr nützlich (wurden gleich 24 infizierte  Dateien angezeigt) Gruss xdix |
|
03.01.2011, 12:24
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lösung: Problem mit explorer.exe verbunden mit Active Desktop-Problem Würdest du auch dann bitte das Log posten!! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
05.01.2011, 11:31
| #5 |
| | Wie Problem mit explorer.exe verbunden mit Active Desktop-Problem geht klar!OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.01.2011 13:29:03 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Dami\Internet
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
958,00 Mb Total Physical Memory | 211,00 Mb Available Physical Memory | 22,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 51,19 Gb Total Space | 10,37 Gb Free Space | 20,26% Space Free | Partition Type: NTFS
Drive D: | 18,61 Gb Total Space | 15,40 Gb Free Space | 82,74% Space Free | Partition Type: NTFS
Drive E: | 15,26 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: DAMIAN | User Name: Damian1996 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Programme\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Programme\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [open] -- explorer.exe "%1" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"10421:UDP" = 10421:UDP:*:Enabled:SingleClick Discovery Protocol
"10426:UDP" = 10426:UDP:*:Enabled:SingleClick ICC
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Dell Network Assistant\ezi_hnm2.exe" = C:\Programme\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Dell Network Assistant -- (SingleClick Systems)
"C:\Programme\Rockstar Games\Midnight Club II Demo\mc2_demo.exe" = C:\Programme\Rockstar Games\Midnight Club II Demo\mc2_demo.exe:*:Enabled:mc2_demo -- File not found
"C:\Programme\Microsoft Games\Midtown Madness 2\midtown2.icd" = C:\Programme\Microsoft Games\Midtown Madness 2\midtown2.icd:*:Disabled:Midtown Madness 2 Executable -- File not found
"C:\Programme\ToonCar\ToonCar.exe" = C:\Programme\ToonCar\ToonCar.exe:*:Disabled:ToonCar -- File not found
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programme\Sony Ericsson\SEMC OMSI Module\SEMC OMSI Module.exe" = C:\Programme\Sony Ericsson\SEMC OMSI Module\SEMC OMSI Module.exe:*:Enabled:SEMC OMSI Module -- ()
"C:\Programme\Nakido\nakido.exe" = C:\Programme\Nakido\nakido.exe:*:Enabled:Nakido -- File not found
"C:\Programme\Pinnacle\VideoSpin\Programs\RM.exe" = C:\Programme\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager -- File not found
"C:\Programme\Pinnacle\VideoSpin\Programs\umi.exe" = C:\Programme\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi -- File not found
"C:\Programme\Pinnacle\VideoSpin\Programs\VideoSpin.exe" = C:\Programme\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin -- File not found
"C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
"C:\Programme\Save Tube Video Company\SaveTubeVideo\downloader.exe" = C:\Programme\Save Tube Video Company\SaveTubeVideo\downloader.exe:*:Enabled:SaveTubeVideo -- File not found
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{0240BDFB-2995-4A3F-8C96-18D41282B716}" = Dell Network Assistant
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B68672F-C64F-4D29-9EDC-ECDCBE3C5F19}" = ArcSoft TotalMedia Extreme
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17424F35-8B77-4ADF-BC63-BF9B81418539}" = Apple Application Support
"{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}" = Corel Graphics Suite 11
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1EE88B84-7BE5-4FB5-8DEA-B81D5409D62E}" = Opera 11.00
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2C39F7CF-E022-4C0D-B1BA-AF6DDD931054}" = ArcSoft MediaImpression
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160220}" = Java(TM) SE Development Kit 6 Update 22
"{34BDF3BF-AA61-42E7-8818-C16A304910FC}" = Emma Core
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5546F2F4-236B-4E96-8D5C-7447BBC3C0B0}" = HAMA 4in1 Racing Wheel
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58B2B6D3-E5FF-4D16-87AC-52CC5717C7C6}" = Tiscali Internet
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6700FEF4-5D7A-43B5-94C8-9541CC4C1BF6}" = 61857
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68D5CEF9-0DA8-47FE-B0EB-4CBFB5AAF662}" = ArcSoft PhotoImpression 4
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon
"{7148F0A8-6813-11D6-A77B-00B0D0142090}" = Java 2 Runtime Environment, SE v1.4.2_09
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{843B6370-4102-4FE9-9519-C0206A0A27DF}" = BlueSoleil
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7050037-F0EA-4BAB-BCD5-FC05507D6147}" = Alt-Tab Task Switcher Powertoy for Windows XP
"{A7B44FB6-5631-4A4A-9DAD-82F7E3C767B9}" = Visual C++ Runtime
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{ABB2B52E-D1C1-49F1-AF2D-863B4CB9E580}" = Oracle VM VirtualBox 3.2.12
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1205500-2179-11D7-B0B9-0000E24D4B29}" = Digital Camera
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1" = SRWare Iron 6.0.475
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{C9FB6FFC-B3D2-4AA0-AC05-73DB7796B638}" = DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CC8C451E-A820-48C8-AE92-A0FF088969D8}" = Stereoscopic Player
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB64BF25-3593-4E4E-AA85-84AEF1D1475F}" = Broadcom Management Programs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl
"{FDA7A7CB-F1DE-42A9-83A6-27BE6CD6E8F3}" = SmartControl II
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"00BD1CD47675C125126C80095FCC12CFA4D311DB" = Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe SVG Viewer" = Adobe SVG Viewer
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Any Video Converter_is1" = Any Video Converter 3.1.7
"AV Voice Changer Software 7.0" = AV Voice Changer Software 7.0
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup.divx.com" = DivX-Setup
"FaJo XP File Security Extension_is1" = FaJo XP File Security Extension v1.2
"Gadu-Gadu 10" = Gadu-Gadu 10
"Homeworld2" = Homeworld2
"IcoFX_is1" = IcoFX 1.6.4
"LHTTSGED" = L&H TTS3000 Deutsch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.0.11)" = Mozilla Thunderbird (3.0.11)
"OpenAL" = OpenAL
"PC Wizard 2010_is1" = PC Wizard 2010.1.93
"pcwSIcons_is1" = pcwSIcons 2
"Rigs of Rods" = Rigs of Rods
"RocketDock_is1" = RocketDock 1.3.5
"ST6UNST #1" = USB Beipiel1
"ST6UNST #2" = USB Beipiel1 (C:\Programme\Beispiel\)
"VLC media player" = VLC media player 1.1.5
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 01.01.2011 10:18:20 | Computer Name = DAMIAN | Source = VSS | ID = 5013
Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager"
aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070422" (konvertiert
in 0x800423f4) fehlgeschlagen.
Error - 01.01.2011 10:35:29 | Computer Name = DAMIAN | Source = VSS | ID = 5013
Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager"
aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070422" (konvertiert
in 0x800423f4) fehlgeschlagen.
Error - 01.01.2011 12:00:54 | Computer Name = DAMIAN | Source = VSS | ID = 5013
Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager"
aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070422" (konvertiert
in 0x800423f4) fehlgeschlagen.
Error - 01.01.2011 12:04:32 | Computer Name = DAMIAN | Source = VSS | ID = 5013
Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager"
aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070422" (konvertiert
in 0x800423f4) fehlgeschlagen.
Error - 02.01.2011 04:59:00 | Computer Name = DAMIAN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
Modul lmpgspl.ax, Version 3.5.0.64, Fehleradresse 0x00003ad8.
Error - 02.01.2011 05:00:05 | Computer Name = DAMIAN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
Modul lmpgspl.ax, Version 3.5.0.64, Fehleradresse 0x00003ad8.
Error - 03.01.2011 06:18:23 | Computer Name = DAMIAN | Source = ESENT | ID = 490
Description = svchost (1176) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 03.01.2011 06:18:23 | Computer Name = DAMIAN | Source = ESENT | ID = 439
Description = Catalog Database (1176) Die Shadowkopfzeile für Datei C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
konnte nicht geschrieben werden. Fehler -1032.
Error - 03.01.2011 06:18:27 | Computer Name = DAMIAN | Source = ESENT | ID = 473
Description = Catalog Database (1176) Datenbank C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
wurde teilweise getrennt. Fehler -1032 beim Aktualisieren der Datenbankkopfzeilen.
Error - 04.01.2011 08:28:09 | Computer Name = DAMIAN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ipodservice.exe, Version 10.0.0.68, fehlgeschlagenes
Modul ntdll.dll, Version 5.1.2600.5755, Fehleradresse 0x0001b21a.
[ System Events ]
Error - 21.12.2010 08:37:14 | Computer Name = DAMIAN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Icatch(IV) Video Camera Device" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 21.12.2010 08:37:14 | Computer Name = DAMIAN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nero BackItUp Scheduler 4.0" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 21.12.2010 08:37:14 | Computer Name = DAMIAN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "SSHNAS" wurde mit folgendem Fehler beendet: %%126
Error - 21.12.2010 08:38:16 | Computer Name = DAMIAN | Source = WMPNetworkSvc | ID = 866287
Description = Dienst "WMPNetworkSvc" konnte nicht gestartet werden, da eine Gruppenrichtlinie
Windows Media Player davon abhält, Mediendateien mit anderen Geräten gemeinsam
zu nutzen.
Error - 22.12.2010 06:51:22 | Computer Name = DAMIAN | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst TrueVector
Internet Monitor.
Error - 22.12.2010 06:51:22 | Computer Name = DAMIAN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TrueVector Internet Monitor" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 22.12.2010 06:51:22 | Computer Name = DAMIAN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Icatch(IV) Video Camera Device" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 22.12.2010 06:51:22 | Computer Name = DAMIAN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nero BackItUp Scheduler 4.0" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 22.12.2010 06:51:22 | Computer Name = DAMIAN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "SSHNAS" wurde mit folgendem Fehler beendet: %%126
Error - 22.12.2010 06:52:56 | Computer Name = DAMIAN | Source = WMPNetworkSvc | ID = 866287
Description = Dienst "WMPNetworkSvc" konnte nicht gestartet werden, da eine Gruppenrichtlinie
Windows Media Player davon abhält, Mediendateien mit anderen Geräten gemeinsam
zu nutzen.
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.01.2011 13:29:03 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Dami\Internet Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 958,00 Mb Total Physical Memory | 211,00 Mb Available Physical Memory | 22,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 51,19 Gb Total Space | 10,37 Gb Free Space | 20,26% Space Free | Partition Type: NTFS Drive D: | 18,61 Gb Total Space | 15,40 Gb Free Space | 82,74% Space Free | Partition Type: NTFS Drive E: | 15,26 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: DAMIAN | User Name: Damian1996 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dami\Internet\OTL.exe (OldTimer Tools) PRC - C:\Programme\Opera\opera.exe (Opera Software) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Dami\Internet\TrueTransparency141\TrueTransparency\TrueTransparency.exe () PRC - C:\Programme\Gemeinsame Dateien\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe (Sony Ericsson Mobile Communications) PRC - C:\Programme\Gemeinsame Dateien\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe (Sony Ericsson Mobile Communications) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) PRC - C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) PRC - C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies) PRC - C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () PRC - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Gdi++\gditray.exe (2ch) PRC - C:\Programme\RocketDock\RocketDock.exe () PRC - C:\Programme\Gemeinsame Dateien\Portrait Displays\Shared\DTSRVC.exe () PRC - C:\WINDOWS\system32\UAService7.exe () PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.) PRC - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe () PRC - C:\Dami\Internet\tclocklight-040702-3\tclock.exe (Kazubon) PRC - C:\WINDOWS\system32\TaskSwitch.exe () ========== Modules (SafeList) ========== MOD - C:\Dami\Internet\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) MOD - C:\Dami\Internet\TrueTransparency141\TrueTransparency\TrueTransparencyHook.dll () MOD - C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (Check Point Software Technologies) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll (Microsoft Corporation) MOD - C:\Programme\Stardock\Object Desktop\DeskScapes\DesktopControlPanel.dll (Stardock) MOD - C:\Gdi++\gdi++.dll (2ch) MOD - C:\Gdi++\detoured.dll (Microsoft Corporation) MOD - C:\Gdi++\freetype.dll () MOD - C:\Programme\RocketDock\RocketDock.dll () ========== Win32 Services (SafeList) ========== SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe File not found SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (nosGetPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.) SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation) SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) SRV - (EmmaDevMgmtSvc) -- C:\Programme\Gemeinsame Dateien\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe (Sony Ericsson Mobile Communications) SRV - (EmmaUpdMgmtSvc) -- C:\Programme\Gemeinsame Dateien\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe (Sony Ericsson Mobile Communications) SRV - (vsmon) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SRV - (IswSvc) -- C:\Programme\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies) SRV - (sdAuxService) -- C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools) SRV - (sdCoreService) -- C:\Programme\Spyware Doctor\pctsSvc.exe (PC Tools) SRV - (OMSI download service) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () SRV - (ACDaemon) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (DTSRVC) -- C:\Programme\Gemeinsame Dateien\Portrait Displays\Shared\DTSRVC.exe () SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\WINDOWS\system32\UAService7.exe () SRV - (BlueSoleil Hid Service) -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe () SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) ========== Driver Services (SafeList) ========== DRV - (VMnetAdapter) -- C:\WINDOWS\System32\DRIVERS\vmnetadapter.sys File not found DRV - (Tosrfusb) -- C:\WINDOWS\System32\DRIVERS\tosrfusb.sys File not found DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found DRV - (btkrnl) -- C:\WINDOWS\System32\DRIVERS\btkrnl.sys File not found DRV - (BTCOMBUS) -- C:\WINDOWS\System32\Drivers\btcombus.sys File not found DRV - (BTCOM) -- C:\WINDOWS\System32\DRIVERS\btcomport.sys File not found DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (VBoxDrv) -- C:\WINDOWS\system32\drivers\VBoxDrv.sys (Oracle Corporation) DRV - (VBoxUSBMon) -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys (Oracle Corporation) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (dtscsi) -- C:\WINDOWS\System32\Drivers\dtscsi.sys () DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (btnetBUs) -- C:\WINDOWS\system32\drivers\btnetBus.sys () DRV - (IvtBtBUs) -- C:\WINDOWS\system32\drivers\IvtBtBus.sys (IVT Corporation.) DRV - (BtHidBus) -- C:\WINDOWS\System32\Drivers\BtHidBus.sys (IVT Corporation.) DRV - (NCHSSVAD) SoundTap Recorder (32 Bit) -- C:\WINDOWS\system32\drivers\nchssvad.sys (NCH Swift Sound) DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD) DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies) DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools) DRV - (VClone) -- C:\WINDOWS\system32\drivers\VClone.sys (Elaborate Bytes AG) DRV - (adfs) -- C:\WINDOWS\System32\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (StarPortLite) StarPort Storage Controller (Lite) -- C:\WINDOWS\system32\drivers\StarPortLite.sys (Rocket Division Software) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (VCSVADHWSer) Avnex Virtual Audio Device (WDM) -- C:\WINDOWS\system32\drivers\vcsvad.sys (Avnex) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (VL807) -- C:\WINDOWS\system32\drivers\VL807.sys () DRV - (GWHid) -- C:\WINDOWS\system32\drivers\GWHid.sys (Microsoft Corporation) DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation) DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM) -- C:\WINDOWS\system32\drivers\s3017unic.sys (MCCI Corporation) DRV - (s3017obex) -- C:\WINDOWS\system32\drivers\s3017obex.sys (MCCI Corporation) DRV - (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s3017mgmt.sys (MCCI Corporation) DRV - (s3017nd5) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS) -- C:\WINDOWS\system32\drivers\s3017nd5.sys (MCCI Corporation) DRV - (s3017mdm) -- C:\WINDOWS\system32\drivers\s3017mdm.sys (MCCI Corporation) DRV - (s3017mdfl) -- C:\WINDOWS\system32\drivers\s3017mdfl.sys (MCCI Corporation) DRV - (s3017bus) Sony Ericsson Device 3017 driver (WDM) -- C:\WINDOWS\system32\drivers\s3017bus.sys (MCCI Corporation) DRV - (ACEDRV07) -- C:\WINDOWS\system32\drivers\ACEDRV07.sys (Protect Software GmbH) DRV - (scramby_out) -- C:\WINDOWS\system32\drivers\scramby_out.sys (RapidSolution Software AG) DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.) DRV - (FTSER2K) -- C:\WINDOWS\system32\drivers\ftser2k.sys (FTDI Ltd.) DRV - (pdiddcci) -- C:\WINDOWS\system32\drivers\pdiddcci.sys (Portrait Displays, Inc.) DRV - (scramby) -- C:\WINDOWS\system32\drivers\scramby.sys (RapidSolution Software AG) DRV - (PdiPorts) -- C:\WINDOWS\system32\drivers\PdiPorts.sys (Portrait Displays, Inc.) DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.) DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation) DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices) DRV - (DumaNT) -- C:\WINDOWS\System32\drivers\dumant.sys (Windows (R) 2000 DDK provider) DRV - (wsppkt) -- C:\WINDOWS\system32\drivers\wsp_pkt.sys (SingleClick Systems) DRV - (hnmwrlspkt) -- C:\WINDOWS\system32\drivers\hnm_wrls_pkt.sys (SingleClick Systems) DRV - (Packet) -- C:\WINDOWS\system32\drivers\packet.sys (SingleClick Systems) DRV - (DSproct) -- C:\Programme\Dell Support\GTAction\triggers\DSproct.sys (GTek Technologies Ltd.) DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions) DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions) DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions) DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions) DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions) DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions) DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions) DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions) DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions) DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions) DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Sonic Solutions) DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology) DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology) DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation) DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation) DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology) DRV - (VHidMinidrv) -- C:\WINDOWS\system32\drivers\VHIDMini.sys (IVT Corporation) DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys () DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys (IVT Corporation) DRV - (BT) -- C:\WINDOWS\system32\drivers\BtNetDrv.sys (IVT Corporation) DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation) DRV - (BTNetFilter) -- C:\WINDOWS\system32\drivers\BTNetFilter.sys () DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation) DRV - (actser) -- C:\WINDOWS\system32\drivers\actser.sys (Siemens AG) DRV - (Ca533av) Icatch(IV) -- C:\WINDOWS\system32\drivers\Ca533av.sys (Digital Camera) DRV - (USBCamera) Icatch(IV) -- C:\WINDOWS\system32\drivers\Bulk533.sys (USB BULK) DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=66016 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=3070115 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=3070115 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/home IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://go.web.de/tab2 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = go.web.de/tab2 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..extensions.enabledItems: support@wolfram.com:3.1.2 FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.53.4 FF - prefs.js..extensions.enabledItems: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:0.1 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.6 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: info@djzig.com:1.2.3 FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20101009 FF - prefs.js..extensions.enabledItems: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}:0.7.2 FF - prefs.js..keyword.URL: "hxxp://utils.babylon.com/abt/index.php?url=" FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.19 14:59:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Programme\CheckPoint\ZAForceField\TrustChecker [2010.11.13 17:30:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.12.18 16:35:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.12.13 19:26:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.11\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2011.01.01 15:24:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.11\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2010.09.15 12:24:49 | 000,000,000 | ---D | M] [2010.05.18 12:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Extensions [2010.01.12 17:54:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2009.12.30 16:49:12 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Extensions\IMVUClientXUL@imvu.com [2010.05.18 12:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Extensions\mozswing@mozswing.org [2011.01.03 15:09:20 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions [2011.01.01 13:33:28 | 000,000,000 | ---D | M] (MacOSX Theme) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9} [2010.12.05 17:07:35 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2009.12.13 17:53:48 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}(2) [2010.04.28 14:15:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.12.05 17:07:41 | 000,000,000 | ---D | M] (Flashblock) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2009.12.03 13:38:25 | 000,000,000 | ---D | M] (Flashblock) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(2) [2010.12.05 17:07:40 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.04.22 14:46:44 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2010.12.05 17:07:29 | 000,000,000 | ---D | M] (LavaFox V1) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions\info@djzig.com [2010.01.31 11:34:38 | 000,000,000 | ---D | M] ("NASA Boom") -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions\nasaboom@brandthunder.com [2010.10.12 14:49:54 | 000,000,000 | ---D | M] (NASA Night Launch) -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions\nasanightlaunch@example.com [2010.01.29 14:16:29 | 000,000,000 | ---D | M] ("Wolfram Toolbar") -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\extensions\support@wolfram.com [2009.10.22 18:20:38 | 000,002,279 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\searchplugins\ask.xml [2010.02.09 18:06:42 | 000,002,163 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\searchplugins\bing.xml [2010.12.02 16:34:44 | 000,000,873 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\searchplugins\conduit.xml [2010.08.08 09:48:41 | 000,002,397 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\searchplugins\GoogleFeed.xml [2009.10.22 18:20:39 | 000,000,573 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Mozilla\Firefox\Profiles\e37zw3yn.default\searchplugins\yahoo.xml [2011.01.03 15:12:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.12.09 15:28:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010.03.19 14:59:11 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2010.11.13 17:30:47 | 000,000,000 | ---D | M] (ZoneAlarm Toolbar) -- C:\PROGRAMME\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2010.12.09 15:28:31 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010.08.08 10:09:50 | 000,000,000 | ---D | M] (Search Settings Plugin) -- C:\PROGRAMME\SEARCH SETTINGS\FF [2010.12.09 15:28:31 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.04.19 15:24:07 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2010.09.25 17:40:50 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.12.16 13:59:47 | 000,002,191 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml [2010.09.25 17:40:50 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.25 17:40:50 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.25 17:40:50 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.25 17:40:50 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.10 15:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (VMN Toolbar Astro Gemini) - {A057A204-BACC-4D26-8287-79A187E26987} - C:\Programme\vmntoolbar\vmntoolbar.dll (Visicom Media Inc. ) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\BAE\BAE.dll (Dell Inc.) O2 - BHO: (WEB.DE Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\WINDOWS\system32\ieconfig_1und1.dll (mquadr.at softwareengineering und consulting gmbh) O3 - HKLM\..\Toolbar: (no name) - {9E709AEF-74F7-4DA3-A7FC-F3E2D5A8D793} - No CLSID value found. O3 - HKLM\..\Toolbar: (VMN Toolbar Astro Gemini) - {A057A204-BACC-4D26-8287-79A187E26987} - C:\Programme\vmntoolbar\vmntoolbar.dll (Visicom Media Inc. ) O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9E709AEF-74F7-4DA3-A7FC-F3E2D5A8D793} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe () O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISW] C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [RocketDock] C:\Programme\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [TrueTransparency] C:\Dami\Internet\TrueTransparency141\TrueTransparency\TrueTransparency.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Dokumente und Einstellungen\Damian1996\Startmenü\Programme\IMVU\Run IMVU.lnk File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Programme\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Programme\Stardock\Object Desktop\DeskScapes\deskscapes.dll (Stardock Corporation) O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - Stardock Vista ControlPanel Extension - C:\Programme\Stardock\Object Desktop\DeskScapes\DesktopControlPanel.dll (Stardock) O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - StardockDreamController - C:\Programme\Stardock\Object Desktop\DeskScapes\DreamControl.dll (Stardock) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Damian1996\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Damian1996\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.08.20 01:58:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.06.02 15:40:38 | 000,002,244 | ---- | M] () - C:\autorun.PNF -- [ NTFS ] O32 - AutoRun File - [2002.07.30 18:19:58 | 000,000,048 | R--- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{3269c34c-66c4-11dc-8d4c-00188b8b721c}\Shell - "" = AutoRun O33 - MountPoints2\{3269c34c-66c4-11dc-8d4c-00188b8b721c}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{3269c34c-66c4-11dc-8d4c-00188b8b721c}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found O33 - MountPoints2\{c44a0bd4-a711-11db-8c45-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{c44a0bd4-a711-11db-8c45-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{c44a0bd4-a711-11db-8c45-806d6172696f}\Shell\AutoRun\command - "" = E:\DVDMenu.exe -- [2005.06.09 12:12:42 | 002,157,404 | R--- | M] (Macromedia, Inc.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.01.04 12:28:39 | 000,000,000 | ---D | C] -- C:\Gdi++ [2011.01.03 17:45:35 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Damian1996\Recent [2011.01.03 13:37:46 | 000,000,000 | ---D | C] -- C:\Programme\FaJo [2011.01.02 16:17:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Malwarebytes [2011.01.02 16:17:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.01.02 16:17:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2011.01.02 16:17:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2011.01.02 16:17:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011.01.02 16:17:30 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.01.02 10:20:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AnvSoft [2011.01.02 10:19:41 | 000,000,000 | ---D | C] -- C:\Programme\AnvSoft [2010.12.31 16:21:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Eigene Dateien\Stack-Docklet [2010.12.31 16:21:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Eigene Dateien\SAFARI [2010.12.31 16:21:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Eigene Dateien\My-Computer-Icons [2010.12.31 16:21:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Eigene Dateien\FIREFOX-Part-1 [2010.12.31 16:03:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\RocketDock [2010.12.28 13:55:36 | 000,000,000 | ---D | C] -- C:\NVIDIA\Dokumente und Einstellungen\Programme\Pcsx2 [2010.12.28 13:11:08 | 000,000,000 | ---D | C] -- C:\Programme\Safari [2010.12.28 13:10:40 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2010.12.27 17:52:03 | 000,000,000 | ---D | C] -- C:\Programme\Finderbar 1.5 [2010.12.26 14:36:36 | 000,000,000 | --SD | C] -- C:\NVIDIA\Dokumente und Einstellungen\Programme\Verknüpfung mit CCleaner [2010.12.26 12:33:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\pcwSIcons [2010.12.26 12:33:12 | 000,000,000 | ---D | C] -- C:\Programme\PC-WELT [2010.12.25 11:52:50 | 000,000,000 | ---D | C] -- C:\Programme\RocketDock [2010.12.25 11:51:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Desktop\VIDEO [2010.12.25 11:51:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Desktop\FOTO [2010.12.24 13:44:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\IcoFX [2010.12.24 13:44:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\IcoFX 1.6 [2010.12.24 13:44:03 | 000,000,000 | ---D | C] -- C:\Programme\IcoFX 1.6 [2010.12.23 20:21:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Eigene Dateien\Any Video Converter Professional [2010.12.22 16:22:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\.VirtualBox [2010.12.22 16:22:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Oracle VM VirtualBox [2010.12.22 16:22:36 | 000,143,248 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\VBoxDrv.sys [2010.12.22 16:22:29 | 000,041,936 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\drivers\VBoxUSBMon.sys [2010.12.22 11:55:39 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype [2010.12.22 11:55:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype [2010.12.19 16:58:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\Bitstream [2010.12.19 14:15:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\ViGlance [2010.12.19 14:12:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\vlc [2010.12.18 16:29:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Eigene Dateien\naturalsoft [2010.12.16 19:07:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Lokale Einstellungen\Anwendungsdaten\IVONA_INST [2010.12.16 14:36:33 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\L&H [2010.12.16 14:34:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Eigene Dateien\My Library [2010.12.16 14:17:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\BabylonToolbar [2010.12.15 13:59:16 | 000,036,864 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbsys.dll [2010.12.09 15:32:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Damian1996\.android [2010.12.09 15:29:12 | 000,000,000 | ---D | C] -- C:\Programme\Sun [2010.12.09 15:28:45 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.12.09 15:28:45 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.12.09 15:28:45 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.12.09 15:28:45 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.12.07 18:29:42 | 000,131,584 | ---- | C] (DATA BECKER) -- C:\WINDOWS\DBReg.exe [2010.12.07 18:29:41 | 000,626,688 | ---- | C] (DATA BECKER) -- C:\WINDOWS\DBREG.dll [2010.03.05 13:21:54 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpe9.dll [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.01.04 11:45:20 | 000,201,798 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011.01.04 11:45:12 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1209834656-3436556958-302111128-1005.job [2011.01.04 11:45:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1209834656-3436556958-302111128-1005.job [2011.01.04 11:43:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.01.04 11:43:45 | 1005,047,808 | -HS- | M] () -- C:\hiberfil.sys [2011.01.03 10:54:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.01.02 16:17:37 | 000,000,774 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.01.02 13:08:19 | 000,000,798 | ---- | M] () -- C:\NVIDIA\Dokumente und Einstellungen\Programme\Autostart\Verknüpfung mit tclock.lnk [2011.01.02 10:21:53 | 000,083,968 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.02 10:20:07 | 000,000,795 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Desktop\Any Video Converter.lnk [2011.01.01 14:12:11 | 000,023,089 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Desktop\corel.jpg [2010.12.31 16:09:23 | 000,000,190 | ---- | M] () -- C:\WINDOWS\QTW.INI [2010.12.31 14:17:32 | 000,002,163 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Safari.lnk [2010.12.31 11:34:31 | 001,738,939 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Eigene Dateien\We-Travel Voice-German.rar [2010.12.30 13:40:14 | 000,002,121 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Desktop\iTunes.lnk [2010.12.28 13:11:55 | 000,066,200 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat [2010.12.27 19:22:50 | 002,175,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.12.27 17:52:06 | 000,039,424 | ---- | M] (NirSoft) -- C:\WINDOWS\zipinst.exe [2010.12.26 12:33:43 | 000,000,526 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\pcwSIcon.ini [2010.12.23 10:41:10 | 000,000,355 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Desktop\Eigene Dateien.lnk [2010.12.23 10:26:06 | 000,002,241 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Desktop\Skype.lnk [2010.12.22 17:23:45 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.12.18 14:24:57 | 000,000,572 | ---- | M] () -- C:\Dokumente und Einstellungen\Damian1996\Desktop\Opera.lnk [2010.12.15 14:06:27 | 000,002,560 | ---- | M] () -- C:\WINDOWS\_MSRSTRT.EXE [2010.12.15 14:00:16 | 003,932,214 | ---- | M] () -- C:\WINDOWS\Xbox360-Full.bmp [2010.12.09 15:28:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.12.09 15:28:30 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.12.09 15:28:30 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.12.09 15:28:30 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.12.09 15:28:30 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010.12.07 18:31:03 | 000,004,096 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\000001B1.LCS [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.01.02 16:17:37 | 000,000,774 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.01.02 13:08:19 | 000,000,798 | ---- | C] () -- C:\NVIDIA\Dokumente und Einstellungen\Programme\Autostart\Verknüpfung mit tclock.lnk [2011.01.02 10:20:07 | 000,000,795 | ---- | C] () -- C:\Dokumente und Einstellungen\Damian1996\Desktop\Any Video Converter.lnk [2011.01.01 14:12:08 | 000,023,089 | ---- | C] () -- C:\Dokumente und Einstellungen\Damian1996\Desktop\corel.jpg [2010.12.31 11:34:22 | 001,738,939 | ---- | C] () -- C:\Dokumente und Einstellungen\Damian1996\Eigene Dateien\We-Travel Voice-German.rar [2010.12.28 13:11:18 | 000,002,163 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Safari.lnk [2010.12.26 12:33:41 | 000,000,526 | ---- | C] () -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\pcwSIcon.ini [2010.12.23 10:41:10 | 000,000,355 | ---- | C] () -- C:\Dokumente und Einstellungen\Damian1996\Desktop\Eigene Dateien.lnk [2010.12.22 14:48:13 | 000,002,241 | ---- | C] () -- C:\Dokumente und Einstellungen\Damian1996\Desktop\Skype.lnk [2010.12.19 14:35:31 | 000,198,424 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2010.12.15 14:06:27 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE [2010.12.15 14:00:16 | 003,932,214 | ---- | C] () -- C:\WINDOWS\Xbox360-Full.bmp [2010.12.07 18:30:11 | 000,004,096 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\000001B1.LCS [2010.12.07 18:29:42 | 000,016,070 | ---- | C] () -- C:\WINDOWS\German2.ini [2010.10.04 16:19:32 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys [2010.09.21 14:54:04 | 000,020,102 | ---- | C] () -- C:\Programme\Readme.txt [2010.09.21 14:54:04 | 000,010,960 | ---- | C] () -- C:\Programme\EULA.txt [2010.09.21 14:54:04 | 000,000,343 | ---- | C] () -- C:\Programme\INSTALL.LOG [2010.09.08 15:38:06 | 000,327,168 | ---- | C] () -- C:\WINDOWS\System32\cutil32.dll [2010.08.08 09:48:26 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010.07.07 15:53:46 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010.07.07 15:53:46 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010.06.23 17:19:57 | 002,139,642 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1209834656-3436556958-302111128-1005-0.dat [2010.06.23 17:19:43 | 000,360,746 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2010.05.18 11:23:55 | 000,000,095 | ---- | C] () -- C:\WINDOWS\BsMobileModel.ini [2010.04.06 17:33:10 | 000,025,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys [2010.03.02 16:25:55 | 000,000,089 | ---- | C] () -- C:\WINDOWS\BBW_INFO.INI [2010.03.02 16:25:18 | 000,000,032 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0bbf802ced70c09f0e4ff793cf9334c6_Damian1996 [2010.01.23 12:16:58 | 000,000,098 | ---- | C] () -- C:\WINDOWS\telephon.ini [2010.01.09 14:17:17 | 000,000,158 | ---- | C] () -- C:\WINDOWS\TSDataEx.ini [2009.11.13 16:18:40 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Caligari.ini [2009.11.13 14:28:01 | 000,001,888 | ---- | C] () -- C:\WINDOWS\CA533A.INI [2009.11.13 14:28:01 | 000,001,325 | ---- | C] () -- C:\WINDOWS\Remove.ini [2009.10.02 14:33:41 | 000,143,872 | ---- | C] () -- C:\WINDOWS\System32\swscale-0.dll [2009.10.02 14:33:41 | 000,143,872 | ---- | C] () -- C:\WINDOWS\System32\swscale.dll [2009.10.02 14:33:40 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\sdl.dll [2009.10.02 14:33:40 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\postproc-51.dll [2009.10.02 14:33:40 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\postproc.dll [2009.10.02 14:33:39 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll [2009.10.02 14:33:38 | 000,458,752 | ---- | C] () -- C:\WINDOWS\System32\avformat.dll [2009.10.02 14:33:38 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2009.10.02 14:33:38 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\avutil-49.dll [2009.10.02 14:33:38 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\avutil.dll [2009.10.02 14:33:37 | 006,902,272 | ---- | C] () -- C:\WINDOWS\System32\avcodec-51.dll [2009.10.02 14:33:37 | 006,902,272 | ---- | C] () -- C:\WINDOWS\System32\avcodec.dll [2009.10.02 14:33:37 | 000,458,752 | ---- | C] () -- C:\WINDOWS\System32\avformat-51.dll [2009.09.19 17:05:22 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI [2009.09.05 19:05:28 | 000,000,190 | ---- | C] () -- C:\WINDOWS\QTW.INI [2009.09.01 17:31:57 | 000,373,248 | ---- | C] () -- C:\WINDOWS\EyeCand3.INI [2009.07.18 11:06:57 | 000,001,752 | ---- | C] () -- C:\WINDOWS\orchplus.ini [2008.12.19 11:50:28 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2008.12.19 11:50:28 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2008.12.19 11:50:28 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2008.12.19 11:47:47 | 000,000,303 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2008.12.15 16:43:54 | 000,061,800 | ---- | C] () -- C:\WINDOWS\System32\Hidhlp.dll [2008.12.15 16:43:54 | 000,053,608 | ---- | C] () -- C:\WINDOWS\System32\iFT7195.dll [2008.12.15 16:43:54 | 000,024,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\VL807.sys [2008.04.22 16:33:37 | 000,000,209 | ---- | C] () -- C:\WINDOWS\disneysy.ini [2007.12.22 12:22:38 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\fsgscom.dll [2007.11.19 14:40:30 | 000,000,461 | ---- | C] () -- C:\WINDOWS\EAGRAPH.INI [2007.08.21 18:56:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AAeditor.INI [2007.08.14 12:45:44 | 000,000,167 | ---- | C] () -- C:\WINDOWS\homeDVD-Fotos3_5.INI [2007.08.14 12:17:05 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2007.08.14 12:13:13 | 000,000,085 | ---- | C] () -- C:\WINDOWS\magix.ini [2007.08.14 12:13:11 | 000,001,104 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2007.06.26 17:09:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI [2007.05.27 14:52:19 | 000,001,288 | ---- | C] () -- C:\WINDOWS\disney.ini [2007.03.11 17:54:44 | 000,003,002 | ---- | C] () -- C:\WINDOWS\Wickie.ini [2007.02.13 17:27:11 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll [2007.02.11 16:00:24 | 000,440,320 | -HS- | C] () -- C:\Programme\ehthumbs.db [2007.02.10 14:56:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CorelDrw110.INI [2007.02.06 18:38:20 | 000,000,251 | ---- | C] () -- C:\Programme\wt3d.ini [2007.01.21 09:57:17 | 000,000,189 | ---- | C] () -- C:\WINDOWS\iPlayer.INI [2007.01.21 08:28:49 | 000,000,196 | ---- | C] () -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\G-Force Prefs (WindowsMediaPlayer).txt [2007.01.20 15:35:29 | 000,000,427 | ---- | C] () -- C:\WINDOWS\capture.ini [2007.01.20 12:25:55 | 000,001,686 | ---- | C] () -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\wklnhst.dat [2007.01.19 16:26:30 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Damian1996\Anwendungsdaten\dvd.bmk [2007.01.19 14:56:47 | 000,083,968 | ---- | C] () -- C:\Dokumente und Einstellungen\Damian1996\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.01.18 19:08:24 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2007.01.18 17:57:26 | 000,005,018 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2007.01.18 17:57:26 | 000,000,168 | RHS- | C] () -- C:\WINDOWS\System32\F3CC90BAD6.sys [2007.01.18 17:41:47 | 000,000,143 | ---- | C] () -- C:\Dokumente und Einstellungen\Damian1996\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2007.01.15 21:00:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2007.01.15 20:57:19 | 000,000,855 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini [2007.01.15 20:57:05 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll [2007.01.15 20:51:45 | 000,000,452 | ---- | C] () -- C:\WINDOWS\wininit.ini [2007.01.15 20:29:17 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007.01.15 20:29:17 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007.01.15 20:29:17 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007.01.15 20:29:16 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007.01.15 20:29:16 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2007.01.15 20:29:16 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006.06.01 16:47:40 | 000,368,640 | ---- | C] () -- C:\WINDOWS\System32\nvimage.dll [2006.06.01 16:47:40 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\stereoi.dll [2005.11.10 02:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005.08.31 23:49:54 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\NBAsm.dll [2005.08.20 01:52:54 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2005.08.20 01:49:05 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005.08.20 01:34:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\NSREG.DLL [2005.08.20 01:33:55 | 001,868,868 | ---- | C] () -- C:\WINDOWS\System32\RSA32_16.DLL [2005.08.05 15:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005.04.30 13:50:20 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys [2004.12.16 15:32:54 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys [2004.10.07 10:50:50 | 000,072,704 | ---- | C] () -- C:\WINDOWS\System32\nbzlib.dll [2002.07.26 13:38:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\buchcd.ini [1998.10.11 00:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 133 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:2FA2FC79 @Alternate Data Stream - 129 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:C176AF6C @Alternate Data Stream - 118 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:661DFA1C @Alternate Data Stream - 112 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 < End of report > |
|
05.01.2011, 13:07
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wo Problem mit explorer.exe verbunden mit Active Desktop-Problem Lösung! Ich meinte das Log von MBAM! Alle davon!
__________________ --> Problem mit explorer.exe verbunden mit Active Desktop-Problem |
|
| Themen zu Problem mit explorer.exe verbunden mit Active Desktop-Problem |
| active desktop, antivir, antivir guard, avira, bho, bonjour, checkpoint, datei, desktop, error, explorer.exe, festplatte, helper, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, logfile, media center, mozilla, mozilla thunderbird, object, plug-in, problem, security, software, spigot, spyware, system, vista, windows, windows internet, windows xp |
Linear-Darstellung
