| |
| |||||||
Log-Analyse und Auswertung: Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + VerbindungsabbrWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
27.03.2010, 11:29
| #1 |
 |  Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Guten Morgen Trojaner-Board Gemeinde, ich habe seit ca. 5 Tagen ein Problem. Mein Computer brauch mehrere Startversuche und bleibt meist bein Windoof laden hängen. (Vista 32 Bit) Ist der Computer erst einmal an, so dauert es 2 Minuten bis aber auch einen Tag, ibs er wieder Abstürzt. Einmal erhielt ich eine Fehlermeldung das irgendwas mit dem Explorer.exe nicht stimmt. Ich wollte sie screenen und aufschreiben, aber der PC startete sich von selber neu. Ich habe erstmal auf ein Hardwareproblem getippt und mal nachgesehen. Es scheint alles in Ordnung zu sein und Staub war auch nicht viel da, da ich den Computer regelmäßig reinige. Ich habe mein PC in ein anderes Gehäuse eingebaut, da ich so ein Lüfter mehr habe (Temperatur ist jetzt ok) und seitdem erkennt der PC meine Kamera nicht mehr (Firmware lädt. eig. automatisch). Desweiteren habe ich oft Verbindungsabbrüche mit meiner W-Lan Antenne. Verbinde ich mich erneut mit dem Netzwerk, ist die VErbindung sofort wieder da. Ich würde mich über Hilfe von Euch sehr freuen =) Hier mein Log, falss Ihr mehr braucht, sagt mir bescheid. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:27:45, on 27.03.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Secunia\PSI\psi.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\ICQ6.5\ICQ.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myfastwebsearch.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O1 - Hosts: ::1 localhost O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: TBSB07741 - {9D78BE3F-575E-499E-9812-25F531816459} - C:\Program Files\IEToolbar\My Fast Web Search\tbcore3.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: My Fast Web Search - {F9C1FF30-602C-49A5-8DB2-E2510CC4BFB0} - C:\Program Files\IEToolbar\My Fast Web Search\tbcore3.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8823FE5F-DF9A-477C-A1B4-AD91E97D6C11}: NameServer = 192.168.178.1 O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files\avmwlanstick\WlanNetService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate1ca185e26a95199) (gupdate1ca185e26a95199) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 6323 bytes Gruß Shadow
__________________ Credo in Deum, Patrem omnipotentem, Creatorem caeli et terrae. |
|
28.03.2010, 19:50
| #2 | |
| |  Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Alle Progs mit Rechtsklick "Als Administrator starten" ausführen.
__________________1. http://www.trojaner-board.de/51187-a...i-malware.html 2. http://www.trojaner-board.de/74908-a...t-scanner.html 3. Hol dir OTL hxxp://oldtimer.geekstogo.com/OTL.exe Starte OTL Kopiere unten in das Skript-Feld rein: Zitat:
Schließe alle anderen Programme. Klicke auf Quick Scan. Poste die beiden Logs - OTL.txt und Extras.txt Geändert von Sion (28.03.2010 um 20:40 Uhr) |
|
29.03.2010, 21:27
| #3 |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Hallo, Danke für Deine Antwort.
__________________Mein MBAM Scan ist gestern nach 45 Minuten abgebrochen, bis dahin kein Fund. GMER beim 1 mal Abgestürzt. 2. Versuch = Bluescreen. Logs: OTL OTL logfile created on: 29.03.2010 22:15:15 - Run 1 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Besitzer\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 74,00% Memory free 7,00 Gb Paging File | 7,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): c:\pagefile.sys 4500 9000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 298,09 Gb Total Space | 122,71 Gb Free Space | 41,17% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 6,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BESITZER-PC Current User Name: Besitzer Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010.03.18 16:41:17 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe PRC - [2010.03.16 16:36:29 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.12.23 16:57:18 | 000,093,320 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe PRC - [2009.05.07 02:01:00 | 000,368,640 | R--- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\WLanNetService.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe ========== Modules (SafeList) ========== MOD - [2010.03.18 16:41:17 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe MOD - [2009.12.23 17:11:18 | 000,015,056 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\SiteAdvisor\sahook.dll MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.03.26 17:53:57 | 000,332,720 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.03.16 16:36:29 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009.12.23 16:57:18 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service) SRV - [2009.10.23 01:46:00 | 003,447,032 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009.09.23 17:36:06 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009.05.07 02:01:00 | 000,368,640 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myfastwebsearch.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.9 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100211.5 FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1 FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028 FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - prefs.js..network.proxy.backup.ftp: "196.12.184.190" FF - prefs.js..network.proxy.backup.ftp_port: 3128 FF - prefs.js..network.proxy.backup.gopher: "196.12.184.190" FF - prefs.js..network.proxy.backup.gopher_port: 3128 FF - prefs.js..network.proxy.backup.socks: "196.12.184.190" FF - prefs.js..network.proxy.backup.socks_port: 3128 FF - prefs.js..network.proxy.backup.ssl: "196.12.184.190" FF - prefs.js..network.proxy.backup.ssl_port: 3128 FF - prefs.js..network.proxy.ftp: "196.12.184.190" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.gopher: "196.12.184.190" FF - prefs.js..network.proxy.gopher_port: 3128 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "196.12.184.190" FF - prefs.js..network.proxy.socks_port: 3128 FF - prefs.js..network.proxy.ssl: "196.12.184.190" FF - prefs.js..network.proxy.ssl_port: 3128 FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010.02.18 19:24:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.23 16:19:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.23 16:19:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.03.17 22:14:17 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.02.08 15:59:20 | 000,000,000 | ---D | M] [2009.07.22 16:56:44 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\mozilla\Extensions [2010.03.29 21:35:54 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions [2009.07.23 12:19:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.01.28 16:10:30 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2009.11.05 09:11:25 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2010.03.20 16:05:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.01.09 19:08:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.03.27 16:44:37 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010.02.12 20:44:45 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010.01.22 23:36:33 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2009.10.24 21:36:01 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb} [2009.10.07 14:31:45 | 000,002,255 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\FireFox\Profiles\m4wyro04.default\searchplugins\askcom.xml [2010.03.22 19:30:47 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2009.11.24 18:00:42 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.01.15 13:10:57 | 000,000,831 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 http:\\www.pornomovies.com O1 - Hosts: 127.0.0.1 http:\\www.redtube.com O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (TBSB07741 Class) - {9D78BE3F-575E-499E-9812-25F531816459} - C:\Programme\IEToolbar\My Fast Web Search\tbcore3.dll () O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (My Fast Web Search) - {F9C1FF30-602C-49A5-8DB2-E2510CC4BFB0} - C:\Programme\IEToolbar\My Fast Web Search\tbcore3.dll () O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (My Fast Web Search) - {F9C1FF30-602C-49A5-8DB2-E2510CC4BFB0} - C:\Programme\IEToolbar\My Fast Web Search\tbcore3.dll () O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab (Windows Live OneCare safety scanner control) O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008.03.06 20:00:54 | 000,131,720 | R--- | M] (InstallShield Software Corporation) - E:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2008.02.22 17:08:27 | 000,058,601 | R--- | M] () - E:\autorun.ico -- [ UDF ] O32 - AutoRun File - [2008.02.22 17:08:27 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2008.02.22 17:08:44 | 000,000,382 | R--- | M] () - E:\autorun.ini -- [ UDF ] O33 - MountPoints2\{70932568-7536-11de-872c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{70932568-7536-11de-872c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2008.03.06 20:00:54 | 000,131,720 | R--- | M] (InstallShield Software Corporation) O33 - MountPoints2\{70932569-7536-11de-872c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{70932569-7536-11de-872c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- File not found O33 - MountPoints2\{b12a612d-c65d-11de-bfb7-0019dbc0752f}\Shell - "" = AutoRun O33 - MountPoints2\{b12a612d-c65d-11de-bfb7-0019dbc0752f}\Shell\AutoRun\command - "" = J:\pushinst.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2008.01.21 04:34:27 | 000,000,000 | ---D | M] NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found OTL cannot create restorepoints on Vista OSs! ========== Files/Folders - Created Within 14 Days ========== [2010.03.29 22:14:32 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe [2010.03.26 20:58:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.03.26 15:12:20 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Desktop\Zu bearbeitende Bilder [2010.03.24 22:45:04 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Avira [2010.03.24 22:44:11 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys [2010.03.24 22:44:11 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys [2010.03.23 17:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser [2010.03.23 17:32:07 | 000,000,000 | ---D | C] -- C:\Programme\Canon [2010.03.22 19:36:48 | 000,000,000 | ---D | C] -- C:\Programme\JRE [2010.03.22 19:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.03.22 19:30:56 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java [2010.03.22 19:28:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun [2010.03.22 17:57:22 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\ZoomBrowser EX [2010.03.22 17:37:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Canon [2010.03.20 22:15:28 | 000,000,000 | ---D | C] -- C:\Programme\Screaming Bee [2010.03.20 22:15:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee [2010.03.20 21:53:48 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Screaming Bee [2010.03.19 14:37:53 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Documents\Fakten gegen die ZJ ========== Files - Modified Within 14 Days ========== [2010.03.29 22:15:19 | 005,505,024 | -HS- | M] () -- C:\Users\Besitzer\ntuser.dat [2010.03.29 22:12:54 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.03.29 22:12:47 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.03.29 22:12:47 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.03.29 22:12:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.03.29 22:12:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.03.29 22:12:36 | 253,884,738 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010.03.29 22:07:21 | 000,293,376 | ---- | M] () -- C:\Users\Besitzer\Desktop\45v1pf2y.exe [2010.03.29 22:00:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.03.29 21:28:31 | 001,418,806 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.03.29 21:28:31 | 000,618,204 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.03.29 21:28:31 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.03.29 21:28:31 | 000,122,636 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.03.29 21:28:31 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.03.29 00:51:16 | 000,524,288 | -HS- | M] () -- C:\Users\Besitzer\ntuser.dat{d96f4d9e-f20d-11de-9a3b-001f3f0951b3}.TMContainer00000000000000000001.regtrans-ms [2010.03.29 00:51:16 | 000,065,536 | -HS- | M] () -- C:\Users\Besitzer\ntuser.dat{d96f4d9e-f20d-11de-9a3b-001f3f0951b3}.TM.blf [2010.03.29 00:51:13 | 003,551,708 | -H-- | M] () -- C:\Users\Besitzer\AppData\Local\IconCache.db [2010.03.28 12:15:16 | 002,195,032 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.03.28 01:24:51 | 000,058,432 | ---- | M] () -- C:\Users\Besitzer\AppData\Local\GDIPFONTCACHEV1.DAT [2010.03.26 18:46:52 | 000,007,196 | ---- | M] () -- C:\Users\Besitzer\.recently-used.xbel [2010.03.26 14:37:57 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\Defraggler Volume C Task.job [2010.03.23 20:13:28 | 008,051,266 | ---- | M] () -- C:\Users\Besitzer\Desktop\MVI_1226.AVI [2010.03.23 17:32:20 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk [2010.03.22 17:57:13 | 000,015,360 | ---- | M] () -- C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.03.18 16:41:17 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe [2010.03.17 18:09:06 | 000,131,137 | ---- | M] () -- C:\Users\Besitzer\Documents\RE1012356155.pdf [2010.03.16 19:52:23 | 000,015,718 | ---- | M] () -- C:\Users\Besitzer\Documents\Unbenannt1.pdf ========== Files Created - No Company Name ========== [2010.03.29 22:12:36 | 253,884,738 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010.03.29 22:07:22 | 000,293,376 | ---- | C] () -- C:\Users\Besitzer\Desktop\45v1pf2y.exe [2010.03.27 17:31:25 | 000,031,188 | ---- | C] () -- C:\Users\Besitzer\Desktop\EISREGEN.TTF [2010.03.26 18:46:52 | 000,007,196 | ---- | C] () -- C:\Users\Besitzer\.recently-used.xbel [2010.03.23 20:13:26 | 008,051,266 | ---- | C] () -- C:\Users\Besitzer\Desktop\MVI_1226.AVI [2010.03.23 17:32:20 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk [2010.03.17 18:09:05 | 000,131,137 | ---- | C] () -- C:\Users\Besitzer\Documents\RE1012356155.pdf [2010.03.16 19:52:22 | 000,015,718 | ---- | C] () -- C:\Users\Besitzer\Documents\Unbenannt1.pdf [2009.11.25 22:01:04 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll [2009.09.20 12:22:54 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2009.09.20 12:03:02 | 000,000,025 | ---- | C] () -- C:\Windows\CDESX100DEFGIPS.ini [2009.09.15 20:12:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.08.04 20:16:15 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll [2009.08.04 20:16:15 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll [2009.08.04 19:55:45 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll [2009.08.01 12:48:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.07.24 16:49:35 | 000,015,360 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.07.20 16:14:04 | 000,000,680 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\d3d9caps.dat [2009.03.02 12:33:32 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009.03.02 12:33:32 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [1997.06.14 11:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll [1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== LOP Check ========== [2009.08.28 15:20:49 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Acreon [2009.08.03 17:29:40 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Auslogics [2009.09.20 16:56:54 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\EPSON [2009.07.23 14:33:58 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Foxit [2010.02.24 16:24:19 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Foxit Software [2009.10.31 23:44:25 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\FRITZ! [2010.03.26 16:05:32 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\gtk-2.0 [2010.03.29 21:16:27 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\ICQ [2009.10.01 11:38:30 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\JonDo [2010.03.11 15:02:50 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Lingo4u [2009.08.29 11:24:29 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\MobMapUpdater [2009.09.19 18:23:56 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\OpenOffice.org [2009.08.10 15:58:37 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\ProtectDisc [2009.11.01 15:11:07 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\RapidSolution [2010.03.20 22:15:51 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Screaming Bee [2010.03.15 14:13:14 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Sierra [2009.11.01 17:03:59 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\soul.im [2009.12.04 22:04:34 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\TeamViewer [2009.11.30 14:57:43 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\The Creative Assembly [2009.07.22 17:58:58 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Thunderbird [2009.10.24 21:15:03 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\TuneUp Software [2009.12.24 21:25:43 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Ubisoft [2009.10.07 14:17:26 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\uTorrent [2009.09.08 19:19:09 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Webocton - Scriptly [2010.02.12 20:30:04 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\WinBatch [2009.10.14 17:07:21 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\yess [2010.03.26 14:37:57 | 000,000,296 | ---- | M] () -- C:\Windows\Tasks\Defraggler Volume C Task.job [2010.03.29 00:51:19 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTORV.SYS > [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVRAID.SYS > [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV ========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\Besitzer\Desktop\Wie komme ich zu Gott _.mp4:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\Besitzer\Desktop\Der Herr ist mein Hirte.mp4:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\Besitzer\Desktop\clip0006.avi:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\Besitzer\Desktop\18_11_24.mp3:TOC.WMV @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:13199560 < End of report > Extras OTL Extras logfile created on: 29.03.2010 22:15:15 - Run 1 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Besitzer\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 74,00% Memory free 7,00 Gb Paging File | 7,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): c:\pagefile.sys 4500 9000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 298,09 Gb Total Space | 122,71 Gb Free Space | 41,17% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 6,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BESITZER-PC Current User Name: Besitzer Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "AntiVirusDisableNotify" = 0 "AntiSpyWareDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiSpywareOverride" = 1 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{019536EE-9FE0-46E5-A368-8DE8974899D3}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | "{34BD1A7D-DB10-4A55-ACAD-0675BD7C108F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{38AAE49E-B637-4ED4-9E2B-62AFCAFD225B}" = lport=2869 | protocol=6 | dir=in | app=system | "{5C9D2704-DF8E-4888-B863-F3EC88011D7C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{663F4982-1FF8-4788-B053-4CE3FEA9A5F0}" = lport=2869 | protocol=6 | dir=in | app=system | "{92200657-9903-4B45-B248-44522DB6B617}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 | "{AE06B0B5-53A6-4F1E-80DA-97C010F3143E}" = rport=10243 | protocol=6 | dir=out | app=system | "{BEA229DB-592D-4287-8BF3-77500143E825}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CBBDA1B4-8602-430E-B66D-7EB4AE3A49B7}" = lport=10243 | protocol=6 | dir=in | app=system | "{E2AC38E6-D9C3-4234-943D-5966D7E8794A}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 | "{EA12C70F-EF2B-4D85-9A60-34D513D312CA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EC1EB7A7-8C71-418C-9C81-0BB23C5F07A2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F6D5613C-E395-438F-8431-65CE71ABD841}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{FA27C0A4-6B92-447D-B758-FDED595813FE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0A70FBC9-07D3-40AA-9D69-28CB8BF510BE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\empire total war demo\empire.exe | "{0D825B98-3D4E-448C-8D24-FE3ACBC326E4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{1114FB7A-D985-427E-946B-DB2E7DE3BB24}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe | "{154AD7B5-51D4-4A42-9ABC-13E1B374EECB}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe | "{1C4AD399-216C-431C-8D65-1ECD3E2976FB}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.2.9901-to-3.1.3.9947-dede-downloader.exe | "{1E1861AB-F6B9-4330-812B-875B10566ABC}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | "{278C6FA5-046D-4C7A-9222-9A2FE0067F1F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{27F536E5-44CF-4B33-AC05-32195D5FDCC2}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{28586E62-813B-47E7-8A04-A10ABB89BB10}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{374DA039-A244-4B81-A64B-AAB939FB18DA}" = protocol=6 | dir=out | app=system | "{3B6B7790-ED94-48F7-9AD8-C8C459C1CC48}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{4CEEAE2C-6744-4D5A-AEFA-A27A58201813}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9835-to-3.1.2.9901-dede-downloader.exe | "{50F58F57-4C5E-4354-9E20-1173B39CBFFD}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{72E79AD9-3674-4746-88AD-6614144276E9}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{746F393F-FAB1-4703-9449-AF2D025ACFF2}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe | "{770E074A-5E74-49AE-BC17-A0E628E3E6A6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{7D2AAD74-33CB-496D-AA77-E8F4F37145C7}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{7D4CC5E3-70A7-4187-9431-AAFBCC301510}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{897D64E1-3E6B-45DC-87E1-AFE49F84F121}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe | "{8CD95178-0066-4EA9-A27B-FFD2D13C9DDF}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9835-to-3.1.2.9901-dede-downloader.exe | "{9193B962-C7DC-44FE-8B90-72C152060650}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe | "{95E54934-EFC6-4542-92D8-8A00B00221E4}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe | "{95E94576-7224-49A8-9A34-13F15C8358C1}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{966E3382-A6DA-41F5-A23A-331741D56421}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{9A6A3AC0-9A17-4BE5-AEA5-0FE86656B32C}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe | "{9CD18C93-ABDD-47B3-9AB8-8B7FAB7D13B7}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{A23B60F2-52D4-4206-B043-71A3075C07D7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{A5456FCF-4EC4-4350-B232-0F74354AD02F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A6C605A1-FEE4-48D4-9DB2-365C393A4CAD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A8527E32-C688-49E2-B12B-2A8FB672253A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AE21134A-C24E-407A-A5A6-8FC7A478F552}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe | "{B15D2D14-2B49-47DB-AC05-3A234784569B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{BB09B41C-4802-4952-A676-8A65B3641B5E}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.2.9901-to-3.1.3.9947-dede-downloader.exe | "{BC335100-901E-4773-B760-001A85DEA432}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe | "{BDBBCB87-602A-4858-9292-C5E566A47026}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\empire total war demo\empire.exe | "{C4295AD8-BD78-4BAD-BEED-F0E0D9D8F19F}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{CE24776D-99F1-4D56-BC05-5486B4AE5504}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{D1708CCC-53B0-4ECF-BAC6-33713C2AD943}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{DC4C0AD6-A55C-4168-880E-3EB54AB0FDD0}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{DFBD3D7F-3D77-45B3-8D63-1A0EFEEE73DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E05CDD6A-3F8B-4444-A987-16E2ACDEAA87}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{E2B7845D-750C-441C-A426-3F7EEA717F09}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe | "{E3028352-189A-4A65-990E-BC65C622C537}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{ED4FE2BC-3526-4D63-A877-12C846728CFB}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{EEC08776-5E9D-4C8A-8D86-064F2CC1B92F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F21C274D-C55E-4195-B549-AEE1B3947707}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{F7AD4BE7-32E0-48C6-AEC6-89D6D0BD9548}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FE753672-0E95-4858-A510-DB12C4816C40}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe | "TCP Query User{0092FC75-BEFA-4CE6-82F0-64A7C207ECDD}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe | "TCP Query User{11E9A9C8-2091-4A1D-A4F6-7BA48C4E2AA6}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{14EA83D7-DCE4-4EA3-9041-ABA59A5DE8F9}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | "TCP Query User{1E74C85D-8197-4D20-86BA-C997C1FA186E}C:\program files\novo's easy wow server\0.3.0\mangosd.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\mangosd.exe | "TCP Query User{28513CA9-A937-4B17-96E9-A9EAA932A5D1}C:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe | "TCP Query User{28C65A57-98E0-4A90-A0E6-C0EEAE51B6EE}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe | "TCP Query User{2FAA5C0E-EAED-467C-9959-5A3A4F2980B1}C:\program files\novo's easy wow server\0.3.0\realmd.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\realmd.exe | "TCP Query User{3C4A55D1-3BB7-4714-9866-00BEECEF7A31}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "TCP Query User{3F60A434-FA3B-40C3-9F9B-79A88C2E1777}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{5590795C-4C7D-4994-8B3F-5A9CB5127EA0}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "TCP Query User{55990D61-4E47-4B78-9438-AFE86350C8A1}C:\program files\novo's easy wow server\0.3.0\udrive\usr\local\mysql\bin\mysqld-opt.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\udrive\usr\local\mysql\bin\mysqld-opt.exe | "TCP Query User{58EBA9B3-E207-4806-9F35-7AE0D3DC1917}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | "TCP Query User{5C546FBF-D2EA-4EFA-AB1E-CAF071C8F775}C:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe | "TCP Query User{60430898-F7C6-44BA-8067-7B690CC4099E}C:\program files\novo's easy wow server\0.3.0\udrive\usr\local\apache2\bin\apache_16.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\udrive\usr\local\apache2\bin\apache_16.exe | "TCP Query User{629230A5-9095-473C-A60A-CD73E31A6A02}C:\program files\novo's easy wow server\0.3.1\udrive\usr\local\mysql\bin\mysqld-opt.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.1\udrive\usr\local\mysql\bin\mysqld-opt.exe | "TCP Query User{6B6D2963-9602-41F1-9F9C-2E2DBC135368}C:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe | "TCP Query User{721ECF7B-1AA1-433C-B089-6F7DB180840E}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe | "TCP Query User{79D44A09-9714-4131-9499-E961B4D7CD5A}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "TCP Query User{89070295-617C-412A-9951-65D55E775E9B}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "TCP Query User{9DA3A857-2CA4-4BFC-B07D-45410481ABA1}C:\users\besitzer\desktop\matrixmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\besitzer\desktop\matrixmt2\mc.exe | "TCP Query User{C6C4A7A9-8BB7-40B7-BCFF-8885D4F1D905}C:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe | "TCP Query User{C710B17B-38C5-48D0-94C6-D4048E9CFFC5}C:\program files\sierra\empire earth ii\ee2.exe" = protocol=6 | dir=in | app=c:\program files\sierra\empire earth ii\ee2.exe | "TCP Query User{C793034C-7183-4989-960F-0279E271FF16}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{D481CD59-AE3B-4A73-99E2-9406C2CE993C}C:\program files\novo's easy wow server\0.3.1\trinityrealm.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.1\trinityrealm.exe | "TCP Query User{D6D569BD-93EC-4FD4-8896-5CDB7AE6E5F9}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe | "TCP Query User{E6257D8F-DECD-46F4-998F-18C58F77AC49}C:\program files\the creative assembly\rome - total war\rometw.exe" = protocol=6 | dir=in | app=c:\program files\the creative assembly\rome - total war\rometw.exe | "TCP Query User{E7DCD365-54DC-4F09-A9EC-4CD6C63413A1}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | "TCP Query User{ED4B0896-9CD3-426B-A041-8A9C514F30AB}C:\program files\novo's easy wow server\0.3.1\udrive\usr\local\apache2\bin\apache_16.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.1\udrive\usr\local\apache2\bin\apache_16.exe | "UDP Query User{04B76F57-8EBE-4E88-837A-10EF5AF99D14}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{0A1E5179-BDFB-4D66-B769-E3D7874226D9}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe | "UDP Query User{177E00D4-E9D5-4702-80C6-5E831CB7D329}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | "UDP Query User{28229B72-370D-449A-A33E-EDF1E63F294A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{41A74182-ADAD-492A-A10F-413EA9DA1F64}C:\program files\novo's easy wow server\0.3.1\udrive\usr\local\apache2\bin\apache_16.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.1\udrive\usr\local\apache2\bin\apache_16.exe | "UDP Query User{42A8596A-916E-44EB-83E3-7840B9BBAA98}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe | "UDP Query User{4F1F7218-B5ED-4ADF-942D-01838DE2E9B0}C:\program files\novo's easy wow server\0.3.0\mangosd.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\mangosd.exe | "UDP Query User{521A2842-CEC8-4333-990D-E63EB3FD89A7}C:\program files\novo's easy wow server\0.3.0\udrive\usr\local\apache2\bin\apache_16.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\udrive\usr\local\apache2\bin\apache_16.exe | "UDP Query User{5561311E-01ED-46B7-8E9B-08B615E5B4D4}C:\program files\novo's easy wow server\0.3.0\udrive\usr\local\mysql\bin\mysqld-opt.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\udrive\usr\local\mysql\bin\mysqld-opt.exe | "UDP Query User{5A08AD79-5AB5-4EC6-ADCF-33E2345A857E}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{5E903A93-2E98-4764-8A83-3A3C071CECD5}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "UDP Query User{6E7FE1A8-535B-42C9-B1A7-689A499EEF8C}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | "UDP Query User{6EB33D87-D1A1-4A16-9A1C-15D8A93F44C7}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe | "UDP Query User{6EDC8592-DBD4-4F65-8211-DCDC0FFB7AC7}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{6EF2E5E3-DCE0-44C0-9766-F90A302A8CD2}C:\program files\novo's easy wow server\0.3.0\realmd.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\realmd.exe | "UDP Query User{83A51247-2B1F-42B1-AE0B-69D895C1817E}C:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe | "UDP Query User{864BEEB6-3C15-4064-9374-74A1501689E7}C:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe | "UDP Query User{8A881899-A786-4897-B528-3F5023E016D2}C:\program files\sierra\empire earth ii\ee2.exe" = protocol=17 | dir=in | app=c:\program files\sierra\empire earth ii\ee2.exe | "UDP Query User{9E037ED8-5A21-47D3-9EE1-9B7BA5860BE9}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{9E2AF4D2-87B1-49E5-B695-7F49A330B61D}C:\program files\novo's easy wow server\0.3.1\trinityrealm.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.1\trinityrealm.exe | "UDP Query User{A425D641-0674-4D82-8F5E-30372A8D661D}C:\program files\the creative assembly\rome - total war\rometw.exe" = protocol=17 | dir=in | app=c:\program files\the creative assembly\rome - total war\rometw.exe | "UDP Query User{BDFDCEEB-85ED-4397-8C1E-DCCC6A4D027B}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | "UDP Query User{C9A2DD96-B9D1-4009-A7C7-4AEA4BE5EDCE}C:\program files\novo's easy wow server\0.3.1\udrive\usr\local\mysql\bin\mysqld-opt.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.1\udrive\usr\local\mysql\bin\mysqld-opt.exe | "UDP Query User{CA05E7E6-27F0-481D-BB69-DC62CE35EA25}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | "UDP Query User{D8E5A200-2B8B-4297-9F98-B00CC572C43B}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe | "UDP Query User{E63BC156-1CE5-4FFB-94C5-29D63FDE0C53}C:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe | "UDP Query User{F3FDB560-B031-4685-BB31-F61E4A0B5107}C:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe | "UDP Query User{F658B192-5950-4348-BA2D-B619085E8220}C:\users\besitzer\desktop\matrixmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\besitzer\desktop\matrixmt2\mc.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM) "{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM) "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{0A902DF4-B767-49DB-98D3-D413E6F1E703}" = World of Subways Vol.2 "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2 "{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18 "{29C042AB-059B-414C-840E-94775E3F24A8}" = Personality Voices "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}" = Rome - Total War - Gold Edition "{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth "{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{59A614F6-27DE-4F65-A173-554A26DA2DEE}" = Female Voice Pack "{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.2 "{5F7E148E-08DD-42F7-AEB4-569F21E25F3A}" = MAGIX Music Editor 3 Free "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack "{A401975C-C1C5-4ECB-BC18-BFD9F8F401B7}" = Paint.NET v3.5.3 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3 "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D1F6BB2F-E9A4-4233-BA03-BB62E8AED82A}" = Star Wars Jedi Knight Jedi Academy Demo "{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 "{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2 "{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F1191B7E-84BF-4325-9FFD-80BD8996ED4B}" = MorphVOX Junior "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "7-Zip" = 7-Zip 4.65 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Age of Empires 2.0" = Microsoft Age of Empires II "Audacity_is1" = Audacity 1.2.6 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AVMWLANCLI" = AVM FRITZ!WLAN "CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX "CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX "Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX "Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX "CCleaner" = CCleaner "Cheat Engine 5.5_is1" = Cheat Engine 5.5 "CrystalDiskInfo_is1" = CrystalDiskInfo 2.7.4 "Defraggler" = Defraggler "Drakensang_is1" = Drakensang "EADM" = EA Download Manager "EPSON Scanner" = EPSON Scan "EPSON Stylus SX100_TX100 Benutzerhandbuch" = EPSON Stylus SX100_TX100 Handbuch "EPSON SX100 Series" = Druckerdeinstallation für EPSON SX100 Series "Foxit Creator" = Foxit Creator "Foxit PDF Editor" = Foxit PDF Editor "Foxit Reader" = Foxit Reader "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2 "Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2 "Game Cam XPress" = Game Cam XPress 2.5.0 "HijackThis" = HijackThis 2.0.2 "HyperCam 2" = HyperCam 2 "Icy Tower v1.4_is1" = Icy Tower v1.4 "IncrediMail" = IncrediMail "LingoPad_is1" = LingoPad 2.5.1 (Build 325) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MobMap_is1" = MobMap 3.43 "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX "Mozilla Firefox (3.6.2pre)" = Mozilla Firefox (3.6.2pre) "Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24) "Music_Editor_3_silver" = MAGIX Music Editor 3 Free "NVIDIA Drivers" = NVIDIA Drivers "PhotoScape" = PhotoScape "PhotoStitch" = Canon Utilities PhotoStitch "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX "RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX "Secunia PSI" = Secunia PSI "Steam App 10620" = Empire: Total War Demo "Steam App 211" = Source SDK "Steam App 340" = Half-Life 2: Lost Coast "SystemRequirementsLab" = System Requirements Lab "TBSB07741.TBSB07741Toolbar" = My Fast Web Search "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TUGZip_is1" = TUGZip 3.5 "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.0.2 "Warcraft III" = Warcraft III "Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.2 "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "WinGimp-2.0_is1" = GIMP 2.6.8 "WinLiveSuite_Wave3" = Windows Live Essentials "Wisdom-soft AutoScreenRecorder 3.0 Free" = Wisdom-soft AutoScreenRecorder 3.0 Free "World of Warcraft" = World of Warcraft "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 27.03.2010 06:35:41 | Computer Name = Besitzer-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung firefox.exe, Version 1.9.2.3727, Zeitstempel 0x4b9fb052, fehlerhaftes Modul FOXITR~1.OCX, Version 1.0.0.1, Zeitstempel 0x495057f6, Ausnahmecode 0xc0000005, Fehleroffset 0x00002c8e, Prozess-ID 0xf14, Anwendungsstartzeit 01cacd9649222fd6. Error - 27.03.2010 07:03:29 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10 Description = Error - 27.03.2010 10:27:17 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10 Description = Error - 28.03.2010 06:15:14 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10 Description = Error - 28.03.2010 06:23:30 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10 Description = Error - 28.03.2010 09:08:41 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10 Description = Error - 28.03.2010 09:55:08 | Computer Name = Besitzer-PC | Source = Application Hang | ID = 1002 Description = Programm soffice.bin, Version 3.2.9476.500 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: 13ec Anfangszeit: 01cace7d9b4373ff Zeitpunkt der Beendigung: 5 Error - 29.03.2010 06:58:52 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10 Description = Error - 29.03.2010 08:08:00 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10 Description = Error - 29.03.2010 15:14:45 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 29.03.2010 15:22:14 | Computer Name = Besitzer-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 29.03.2010 um 21:18:12 unerwartet heruntergefahren. Error - 29.03.2010 15:21:40 | Computer Name = Besitzer-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden. Error - 29.03.2010 15:21:41 | Computer Name = Besitzer-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden. Error - 29.03.2010 15:21:43 | Computer Name = Besitzer-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden. Error - 29.03.2010 15:22:27 | Computer Name = Besitzer-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden. Error - 29.03.2010 15:22:48 | Computer Name = Besitzer-PC | Source = Service Control Manager | ID = 7000 Description = Error - 29.03.2010 15:25:45 | Computer Name = Besitzer-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden. Error - 29.03.2010 15:25:46 | Computer Name = Besitzer-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden. Error - 29.03.2010 16:12:41 | Computer Name = Besitzer-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 29.03.2010 um 22:11:38 unerwartet heruntergefahren. Error - 29.03.2010 16:13:26 | Computer Name = Besitzer-PC | Source = Service Control Manager | ID = 7000 Description = < End of report > Hab Dank Gruß Kevin
__________________ |
|
29.03.2010, 22:00
| #4 |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr 1. Versuche einen Quick-Scan mit Malwarebytes. 2. Hol dir RootRepeal . Starte RootRepeal. Beende alle anderen Programme, schalte AV-Wächter ab. Gehe auf Report. Klicke auf Scan. Setze alle Häkchen. Bestätige mit OK. Poste das Log. |
|
29.03.2010, 22:19
| #5 |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Danke =) Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Datenbank Version: 3930 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18882 29.03.2010 23:18:26 mbam-log-2010-03-29 (23-18-26).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 100999 Laufzeit: 4 Minute(n), 0 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Und das andere mach ich wenn Du nichts dagegen hast morgen. Gruß
__________________ Credo in Deum, Patrem omnipotentem, Creatorem caeli et terrae. |
|
30.03.2010, 00:45
| #6 |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Log: ROOTREPEAL (c) AD, 2007-2009 ================================================== Scan Start Time: 2010/03/30 01:30 Program Version: Version 1.3.5.0 Windows Version: Windows Vista SP2 ================================================== Drivers ------------------- Name: dump_atapi.sys Image Path: C:\Windows\System32\Drivers\dump_atapi.sys Address: 0x8F92A000 Size: 32768 File Visible: No Signed: - Status: - Name: dump_dumpata.sys Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys Address: 0x8F91F000 Size: 45056 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\Windows\system32\drivers\rootrepeal.sys Address: 0x9BD66000 Size: 49152 File Visible: No Signed: - Status: - Hidden/Locked Files ------------------- Path: C:\System Volume Information\{00c93a28-3743-11df-a31c-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{15d6fb27-3415-11df-a2a7-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{15d6fb2c-3415-11df-a2a7-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{15d6fb35-3415-11df-a2a7-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{15d6fb39-3415-11df-a2a7-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{1dfa360f-3906-11df-8c7d-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{1dfa3613-3906-11df-8c7d-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{1dfa3616-3906-11df-8c7d-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{a34eb507-35ab-11df-80fb-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{a34eb50b-35ab-11df-80fb-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{a34eb527-35ab-11df-80fb-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{a34eb637-35ab-11df-80fb-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{a7ff3b6c-39ac-11df-a58f-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{c62ced6d-350d-11df-907e-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{f369de26-34f7-11df-b7ba-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{f369de2e-34f7-11df-b7ba-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{15d6fb30-3415-11df-a2a7-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{a34eb52b-35ab-11df-80fb-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\Windows\Media\WINDOW~1.WAV Status: Locked to the Windows API! Path: C:\Windows\Media\WINDOW~2.WAV Status: Locked to the Windows API! Path: C:\Windows\Media\WINDOW~4.WAV Status: Locked to the Windows API! Path: C:\Program Files\Windows Media Player\Network Sharing\RENDER~1.XML Status: Locked to the Windows API! Path: C:\Windows\Microsoft.NET\Framework\NETFXS~1.HKF Status: Locked to the Windows API! Path: C:\Windows\PLA\System\System Diagnostics.xml:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} Status: Visible to the Windows API, but not on disk. Path: C:\Windows\System32\wbem\PRINTF~1.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_5d1777c2e857a23b.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4ddfc6cd11929a02.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.4053_none_6b86c0e9b0196766.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_9193a620671dde41.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_5c4003bc63e949f6.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_81c25f21d3d46d84.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.4053_none_3b0e32bdc9afe437.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_a6e4a7980e9b18a2.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_abac38a907ee8801.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\amd64_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_a9427d6be424cb66.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.218_none_34f1b3a4277681aa.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_818f59bf601aa775.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_8e053e8c6967ba9d.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_49ef489714173a89.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.218_none_305648582a59709f.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f0efb442f8a0f46c.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_516e2e610f48bda6.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_b7e10f227b2fceff.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.218_none_d550bc90635d0454.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.218_none_f2f2113121ea24bc.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_5ce47260749ddc2c.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.218_none_2dd4f36ae006adb1.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.218_none_6518d0f68959e152.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_7dd1e0ebd6590e0b.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.4148_none_80b7c8a91e9dd16a.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\amd64_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.4148_none_390a91d20a21a864.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_7ab8cc63a6e4c2a3.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\amd64_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_acd0e4ffe1daef0a.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.218_none_d51db72defa33e45.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.218_none_d1603e5a65e1a4db.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9818.0_none_b7e811947b297f6d.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_08e3747fa83e48bc.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4db266e67dd280ef.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f47e1bd6f6571810.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0e9108e3b72e14d4.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.218_none_362b6ef026a377ee.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8a14c0566bec5b24.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_a6dfa6920e9f98fc.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_5926f98ceadc42c2.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_a6dea5dc0ea08098.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_ecff360cfb2594f3.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f0bcaee084e72e5d.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.4.1.microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_8b7b15c031cda6db.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_bdf22a22ab9e15d5.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_b7e610287b2b4ea5.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.218_none_d8df2424611327f8.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8dd7dea5d5a7a18a.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\amd64_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.4148_none_c6e3d20ca2b1ebce.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\RENDER~1.XML Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18289_none_0b1c4a254f52777a\RENDER~1.XML Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18330_none_0b49590d4f3204dd\RENDER~1.XML Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\RENDER~1.XML Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22470_none_0ba7b6286870146b\RENDER~1.XML Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22520_none_0bddc7aa684785dd\RENDER~1.XML Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18005_none_0d553c2b4c3b84e1\RENDER~1.XML Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18065_none_0d145ca34c6c2c87\RENDER~1.XML Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6001.18226_none_2b9dff39db71a7a1\PRINTF~1.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6001.22389_none_2be9bd5af4bd3b16\PRINTF~1.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6002.18005_none_2d991295d888a8b3\PRINTF~1.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6002.18060_none_2d53319bd8bdd1a6\PRINTF~1.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6002.22164_none_2de0cf8ef1d7d6cc\PRINTF~1.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} Status: Visible to the Windows API, but not on disk. Path: C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} Status: Visible to the Windows API, but not on disk. Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBADM~2.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBADM~3.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBADM~4.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBB00~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBADM~2.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBADM~3.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBADM~4.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBB00~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBADM~2.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBADM~3.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBADM~4.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBB00~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\CHOOSE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\MANAGE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\MANAGE~2.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\PROVID~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\CHOOSE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\MANAGE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\MANAGE~2.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\PROVID~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\CHOOSE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\MANAGE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\MANAGE~2.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\PROVID~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\CHOOSE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\MANAGE~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\MANAGE~2.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\PROVID~1.RES Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBADM~2.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBADM~3.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBADM~4.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBB00~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-data_perf_ini_b03f5f7f11d50a3a_6.0.6000.16386_none_c219d23425a42dd7\_DATAP~4.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.18111_none_94e532e5da90ed5b\CREATE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.18111_none_94e532e5da90ed5b\MANAGE~1.ASP Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-installutil_exe_config_rtm_31bf3856ad364e35_6.0.6001.18111_none_c4d43609b70547f3\INSTAL~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-netfxsbs12_hkf_31bf3856ad364e35_6.0.6000.20883_none_0c16103ffd9c63ac\NETFXS~1.HKF Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-redist_config_files_b03f5f7f11d50a3a_6.0.6001.22230_none_645e0f97e8c4eeea\IEEXEC~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_policy.1.2.microsof..op.security.azroles_31bf3856ad364e35_6.0.6000.16386_none_ea83414c2e75b887\Microsoft.Interop.Security.AzRole s.config Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.0.6000.16708_none_4180b46a5c473b6d\_SMSVC~1.H Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.0.6000.20864_none_41c5708575991d81\_SMSVC~1.H Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.0.6001.18096_none_4303a14a59b89802\_SMSVC~1.H Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.0.6001.22208_none_43f08fdb728b6c28\_SMSVC~1.H Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.0.6000.16708_none_325856a50f01ab0d\_SMSVC~1.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.0.6000.20864_none_329d12c028538d21\_SMSVC~1.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.0.6001.18096_none_33db43850c7307a2\_SMSVC~1.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.0.6001.22208_none_34c832162545dbc8\_SMSVC~1.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.18096_none_ca623c938da19f1b\_SERVI~1.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.18096_none_ca623c938da19f1b\_SERVI~2.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.22208_none_cb4f2b24a6747341\_SERVI~1.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.22208_none_cb4f2b24a6747341\_SERVI~2.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6002.18005_none_cca9032f8a7fd6e4\_SERVI~1.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6002.18005_none_cca9032f8a7fd6e4\_SERVI~2.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_reg_31bf3856ad364e35_6.0.6000.16708_none_c4f661e592b1c88e\_SERVI~1.REG Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_reg_31bf3856ad364e35_6.0.6000.20864_none_c53b1e00ac03aaa2\_SERVI~1.REG Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_reg_31bf3856ad364e35_6.0.6001.18096_none_c6794ec590232523\_SERVI~1.REG Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_reg_31bf3856ad364e35_6.0.6001.22208_none_c7663d56a8f5f949\_SERVI~1.REG Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_vrg_31bf3856ad364e35_6.0.6000.16708_none_cab9e41b8efd69ed\_SERVI~1.VRG Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_vrg_31bf3856ad364e35_6.0.6000.20864_none_cafea036a84f4c01\_SERVI~1.VRG Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_vrg_31bf3856ad364e35_6.0.6001.18096_none_cc3cd0fb8c6ec682\_SERVI~1.VRG Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_ini_31bf3856ad364e35_6.0.6001.18096_none_7a48b2508cf758de\_SERVI~1.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_ini_31bf3856ad364e35_6.0.6001.18096_none_7a48b2508cf758de\_SERVI~2.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_ini_31bf3856ad364e35_6.0.6001.22208_none_7b35a0e1a5ca2d04\_SERVI~1.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_ini_31bf3856ad364e35_6.0.6001.22208_none_7b35a0e1a5ca2d04\_SERVI~2.INI Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_reg_31bf3856ad364e35_6.0.6000.16708_none_74dcd7a292078251\_SERVI~1.REG Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_reg_31bf3856ad364e35_6.0.6000.20864_none_752193bdab596465\_SERVI~1.REG Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_reg_31bf3856ad364e35_6.0.6001.18096_none_765fc4828f78dee6\_SERVI~1.REG Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_reg_31bf3856ad364e35_6.0.6001.22208_none_774cb313a84bb30c\_SERVI~1.REG Status: Locked to the Windows APIProcesses ------------------- Path: System PID: 4 Status: Locked to the Windows API! Path: C:\Windows\System32\audiodg.exe PID: 1212 Status: Locked to the Windows API! ==EOF==
__________________ --> Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr |
|
30.03.2010, 13:01
| #7 |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Sieh im Task-Manager nach, ob irgendein Prozess eine hohe CPU-Auslastung verursacht. |
|
30.03.2010, 13:04
| #8 |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Hab ich Dir als Screen beigefügt. Noch nichts zu sehen?
__________________ Credo in Deum, Patrem omnipotentem, Creatorem caeli et terrae. |
|
30.03.2010, 13:16
| #9 | |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + VerbindungsabbrZitat:
1. Hol dir AVZ Entpacke und starte AVZ. Führe einen Update durch (Button auf der rechten Seite unten ("Database Update") - dann auf Start). Nach dem Update: Setze oben links ein Häkchen beim Laufwerk C: Wechesle zu "File Types" und wähle All Files. Wechsele zu "Search Parameters", setze zusätzlich ein Häkchen bei Block User-Mode Rootkits und Block Kernel-Mode Rootkits Schließe alle anderen Programme. Klicke auf Start, der Scan wird eine Weile in Anspruch nehmen. Speichere nach dem Scan das Log mit dem Button unten rechts "Save Log" und poste es. Der Scan dauert, ist also etwas Geduld gefragt. |
|
30.03.2010, 13:20
| #10 |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Dann wollen wir mal hoffen, dass mein PC nicht wieder abschmiert. Nochmal Danke 
__________________ Credo in Deum, Patrem omnipotentem, Creatorem caeli et terrae. |
|
30.03.2010, 15:41
| #11 |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Bin mal eben mit dem Laptop on. Da steht verbleibende Zeit über 90 Stunden oO? Soll das so sein? Weil dafür reicht meine Geduld nicht =D Gruß
__________________ Credo in Deum, Patrem omnipotentem, Creatorem caeli et terrae. Geändert von Shadow09 (30.03.2010 um 16:20 Uhr) |
|
30.03.2010, 18:47
| #12 |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Sorry für 3 Fach Post, kann mich aber nicht editieren. Als ich merke das mein PC rumgespackt ist, habe ich schnell das Log gespeichert. Sofort danach abgeschmiert *puh* Ich hoffe man sieht schon da was drauf. Log: http://www.loaditup.de/479173.html
__________________ Credo in Deum, Patrem omnipotentem, Creatorem caeli et terrae. |
|
30.03.2010, 19:28
| #13 |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Machen wir es anders. Erstell dir eine Dr.Web LiveCD. Boote von der CD (Default Start) und scanne damit alle Laufwerke. |
|
30.03.2010, 20:12
| #14 |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Kann ich die CD einfach mit Windoof auf die CD ziehen wenn sie entpackt ist? Gruß
__________________ Credo in Deum, Patrem omnipotentem, Creatorem caeli et terrae. |
|
30.03.2010, 20:29
| #15 |
| | Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr Du musst die ISO-Datei brennen. |
|
| Themen zu Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr |
| 32 bit, antivir, antivir guard, avg, avira, bho, computer, desktop, fehlermeldung, firefox, gupdate, helper, hijack, hijackthis, internet, internet explorer, mein log, mozilla, netzwerk, plug-in, rundll, siteadvisor, software, stick, system, trojaner-board, vista, vista 32, vista 32 bit, von selber, windows, wlan |
Linear-Darstellung
