Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 27.03.2010, 11:29   #1
Shadow09
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Icon34

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Guten Morgen Trojaner-Board Gemeinde,
ich habe seit ca. 5 Tagen ein Problem.

Mein Computer brauch mehrere Startversuche und bleibt meist bein Windoof laden hängen. (Vista 32 Bit)
Ist der Computer erst einmal an, so dauert es 2 Minuten bis aber auch einen Tag, ibs er wieder Abstürzt.

Einmal erhielt ich eine Fehlermeldung das irgendwas mit dem Explorer.exe nicht stimmt.
Ich wollte sie screenen und aufschreiben, aber der PC startete sich von selber neu.

Ich habe erstmal auf ein Hardwareproblem getippt und mal nachgesehen.
Es scheint alles in Ordnung zu sein und Staub war auch nicht viel da, da ich den Computer regelmäßig reinige.

Ich habe mein PC in ein anderes Gehäuse eingebaut, da ich so ein Lüfter mehr habe (Temperatur ist jetzt ok) und seitdem erkennt der PC meine Kamera nicht mehr (Firmware lädt. eig. automatisch).

Desweiteren habe ich oft Verbindungsabbrüche mit meiner W-Lan Antenne.
Verbinde ich mich erneut mit dem Netzwerk, ist die VErbindung sofort wieder da.



Ich würde mich über Hilfe von Euch sehr freuen =)

Hier mein Log, falss Ihr mehr braucht, sagt mir bescheid.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:27:45, on 27.03.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myfastwebsearch.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: TBSB07741 - {9D78BE3F-575E-499E-9812-25F531816459} - C:\Program Files\IEToolbar\My Fast Web Search\tbcore3.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: My Fast Web Search - {F9C1FF30-602C-49A5-8DB2-E2510CC4BFB0} - C:\Program Files\IEToolbar\My Fast Web Search\tbcore3.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8823FE5F-DF9A-477C-A1B4-AD91E97D6C11}: NameServer = 192.168.178.1
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files\avmwlanstick\WlanNetService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1ca185e26a95199) (gupdate1ca185e26a95199) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 6323 bytes



Gruß
Shadow
__________________
Credo in Deum, Patrem omnipotentem,
Creatorem caeli et terrae.

Alt 28.03.2010, 20:50   #2
Sion
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Alle Progs mit Rechtsklick "Als Administrator starten" ausführen.

1. http://www.trojaner-board.de/51187-a...i-malware.html

2. http://www.trojaner-board.de/74908-a...t-scanner.html

3. Hol dir OTL hxxp://oldtimer.geekstogo.com/OTL.exe
Starte OTL
Kopiere unten in das Skript-Feld rein:

Zitat:
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav

Schließe alle anderen Programme.
Klicke auf Quick Scan.
Poste die beiden Logs - OTL.txt und Extras.txt
__________________


Geändert von Sion (28.03.2010 um 21:40 Uhr)

Alt 29.03.2010, 22:27   #3
Shadow09
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Hallo, Danke für Deine Antwort.

Mein MBAM Scan ist gestern nach 45 Minuten abgebrochen, bis dahin kein Fund.

GMER beim 1 mal Abgestürzt.
2. Versuch = Bluescreen.


Logs:

OTL

OTL logfile created on: 29.03.2010 22:15:15 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Besitzer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 74,00% Memory free
7,00 Gb Paging File | 7,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): c:\pagefile.sys 4500 9000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 122,71 Gb Free Space | 41,17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 6,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BESITZER-PC
Current User Name: Besitzer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010.03.18 16:41:17 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
PRC - [2010.03.16 16:36:29 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.12.23 16:57:18 | 000,093,320 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009.05.07 02:01:00 | 000,368,640 | R--- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\WLanNetService.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe


========== Modules (SafeList) ==========

MOD - [2010.03.18 16:41:17 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
MOD - [2009.12.23 17:11:18 | 000,015,056 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\SiteAdvisor\sahook.dll
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.03.26 17:53:57 | 000,332,720 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.03.16 16:36:29 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.12.23 16:57:18 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009.10.23 01:46:00 | 003,447,032 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.09.23 17:36:06 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009.05.07 02:01:00 | 000,368,640 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myfastwebsearch.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.9
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100211.5
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..network.proxy.backup.ftp: "196.12.184.190"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.gopher: "196.12.184.190"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "196.12.184.190"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "196.12.184.190"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "196.12.184.190"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "196.12.184.190"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "196.12.184.190"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "196.12.184.190"
FF - prefs.js..network.proxy.ssl_port: 3128


FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010.02.18 19:24:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.23 16:19:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.23 16:19:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.03.17 22:14:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.02.08 15:59:20 | 000,000,000 | ---D | M]

[2009.07.22 16:56:44 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\mozilla\Extensions
[2010.03.29 21:35:54 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions
[2009.07.23 12:19:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.28 16:10:30 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2009.11.05 09:11:25 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010.03.20 16:05:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.01.09 19:08:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.27 16:44:37 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.02.12 20:44:45 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.01.22 23:36:33 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2009.10.24 21:36:01 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\m4wyro04.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009.10.07 14:31:45 | 000,002,255 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\FireFox\Profiles\m4wyro04.default\searchplugins\askcom.xml
[2010.03.22 19:30:47 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.11.24 18:00:42 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010.01.15 13:10:57 | 000,000,831 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 http:\\www.pornomovies.com
O1 - Hosts: 127.0.0.1 http:\\www.redtube.com
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (TBSB07741 Class) - {9D78BE3F-575E-499E-9812-25F531816459} - C:\Programme\IEToolbar\My Fast Web Search\tbcore3.dll ()
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (My Fast Web Search) - {F9C1FF30-602C-49A5-8DB2-E2510CC4BFB0} - C:\Programme\IEToolbar\My Fast Web Search\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (My Fast Web Search) - {F9C1FF30-602C-49A5-8DB2-E2510CC4BFB0} - C:\Programme\IEToolbar\My Fast Web Search\tbcore3.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.03.06 20:00:54 | 000,131,720 | R--- | M] (InstallShield Software Corporation) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.02.22 17:08:27 | 000,058,601 | R--- | M] () - E:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2008.02.22 17:08:27 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008.02.22 17:08:44 | 000,000,382 | R--- | M] () - E:\autorun.ini -- [ UDF ]
O33 - MountPoints2\{70932568-7536-11de-872c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{70932568-7536-11de-872c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2008.03.06 20:00:54 | 000,131,720 | R--- | M] (InstallShield Software Corporation)
O33 - MountPoints2\{70932569-7536-11de-872c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{70932569-7536-11de-872c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\{b12a612d-c65d-11de-bfb7-0019dbc0752f}\Shell - "" = AutoRun
O33 - MountPoints2\{b12a612d-c65d-11de-bfb7-0019dbc0752f}\Shell\AutoRun\command - "" = J:\pushinst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008.01.21 04:34:27 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 14 Days ==========

[2010.03.29 22:14:32 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2010.03.26 20:58:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.03.26 15:12:20 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Desktop\Zu bearbeitende Bilder
[2010.03.24 22:45:04 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Avira
[2010.03.24 22:44:11 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.03.24 22:44:11 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.03.23 17:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser
[2010.03.23 17:32:07 | 000,000,000 | ---D | C] -- C:\Programme\Canon
[2010.03.22 19:36:48 | 000,000,000 | ---D | C] -- C:\Programme\JRE
[2010.03.22 19:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.03.22 19:30:56 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2010.03.22 19:28:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun
[2010.03.22 17:57:22 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\ZoomBrowser EX
[2010.03.22 17:37:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Canon
[2010.03.20 22:15:28 | 000,000,000 | ---D | C] -- C:\Programme\Screaming Bee
[2010.03.20 22:15:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee
[2010.03.20 21:53:48 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Screaming Bee
[2010.03.19 14:37:53 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Documents\Fakten gegen die ZJ

========== Files - Modified Within 14 Days ==========

[2010.03.29 22:15:19 | 005,505,024 | -HS- | M] () -- C:\Users\Besitzer\ntuser.dat
[2010.03.29 22:12:54 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.29 22:12:47 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.29 22:12:47 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.29 22:12:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.03.29 22:12:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.03.29 22:12:36 | 253,884,738 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.03.29 22:07:21 | 000,293,376 | ---- | M] () -- C:\Users\Besitzer\Desktop\45v1pf2y.exe
[2010.03.29 22:00:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.03.29 21:28:31 | 001,418,806 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.03.29 21:28:31 | 000,618,204 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.03.29 21:28:31 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.03.29 21:28:31 | 000,122,636 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.03.29 21:28:31 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.03.29 00:51:16 | 000,524,288 | -HS- | M] () -- C:\Users\Besitzer\ntuser.dat{d96f4d9e-f20d-11de-9a3b-001f3f0951b3}.TMContainer00000000000000000001.regtrans-ms
[2010.03.29 00:51:16 | 000,065,536 | -HS- | M] () -- C:\Users\Besitzer\ntuser.dat{d96f4d9e-f20d-11de-9a3b-001f3f0951b3}.TM.blf
[2010.03.29 00:51:13 | 003,551,708 | -H-- | M] () -- C:\Users\Besitzer\AppData\Local\IconCache.db
[2010.03.28 12:15:16 | 002,195,032 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.03.28 01:24:51 | 000,058,432 | ---- | M] () -- C:\Users\Besitzer\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.03.26 18:46:52 | 000,007,196 | ---- | M] () -- C:\Users\Besitzer\.recently-used.xbel
[2010.03.26 14:37:57 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\Defraggler Volume C Task.job
[2010.03.23 20:13:28 | 008,051,266 | ---- | M] () -- C:\Users\Besitzer\Desktop\MVI_1226.AVI
[2010.03.23 17:32:20 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2010.03.22 17:57:13 | 000,015,360 | ---- | M] () -- C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.18 16:41:17 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2010.03.17 18:09:06 | 000,131,137 | ---- | M] () -- C:\Users\Besitzer\Documents\RE1012356155.pdf
[2010.03.16 19:52:23 | 000,015,718 | ---- | M] () -- C:\Users\Besitzer\Documents\Unbenannt1.pdf

========== Files Created - No Company Name ==========

[2010.03.29 22:12:36 | 253,884,738 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.03.29 22:07:22 | 000,293,376 | ---- | C] () -- C:\Users\Besitzer\Desktop\45v1pf2y.exe
[2010.03.27 17:31:25 | 000,031,188 | ---- | C] () -- C:\Users\Besitzer\Desktop\EISREGEN.TTF
[2010.03.26 18:46:52 | 000,007,196 | ---- | C] () -- C:\Users\Besitzer\.recently-used.xbel
[2010.03.23 20:13:26 | 008,051,266 | ---- | C] () -- C:\Users\Besitzer\Desktop\MVI_1226.AVI
[2010.03.23 17:32:20 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk
[2010.03.17 18:09:05 | 000,131,137 | ---- | C] () -- C:\Users\Besitzer\Documents\RE1012356155.pdf
[2010.03.16 19:52:22 | 000,015,718 | ---- | C] () -- C:\Users\Besitzer\Documents\Unbenannt1.pdf
[2009.11.25 22:01:04 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009.09.20 12:22:54 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009.09.20 12:03:02 | 000,000,025 | ---- | C] () -- C:\Windows\CDESX100DEFGIPS.ini
[2009.09.15 20:12:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.04 20:16:15 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2009.08.04 20:16:15 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2009.08.04 19:55:45 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
[2009.08.01 12:48:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.07.24 16:49:35 | 000,015,360 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.20 16:14:04 | 000,000,680 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\d3d9caps.dat
[2009.03.02 12:33:32 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.03.02 12:33:32 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1997.06.14 11:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2009.08.28 15:20:49 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Acreon
[2009.08.03 17:29:40 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Auslogics
[2009.09.20 16:56:54 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\EPSON
[2009.07.23 14:33:58 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Foxit
[2010.02.24 16:24:19 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Foxit Software
[2009.10.31 23:44:25 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\FRITZ!
[2010.03.26 16:05:32 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\gtk-2.0
[2010.03.29 21:16:27 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\ICQ
[2009.10.01 11:38:30 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\JonDo
[2010.03.11 15:02:50 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Lingo4u
[2009.08.29 11:24:29 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\MobMapUpdater
[2009.09.19 18:23:56 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\OpenOffice.org
[2009.08.10 15:58:37 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\ProtectDisc
[2009.11.01 15:11:07 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\RapidSolution
[2010.03.20 22:15:51 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Screaming Bee
[2010.03.15 14:13:14 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Sierra
[2009.11.01 17:03:59 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\soul.im
[2009.12.04 22:04:34 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\TeamViewer
[2009.11.30 14:57:43 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\The Creative Assembly
[2009.07.22 17:58:58 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Thunderbird
[2009.10.24 21:15:03 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\TuneUp Software
[2009.12.24 21:25:43 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Ubisoft
[2009.10.07 14:17:26 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\uTorrent
[2009.09.08 19:19:09 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\Webocton - Scriptly
[2010.02.12 20:30:04 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\WinBatch
[2009.10.14 17:07:21 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\yess
[2010.03.26 14:37:57 | 000,000,296 | ---- | M] () -- C:\Windows\Tasks\Defraggler Volume C Task.job
[2010.03.29 00:51:19 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Besitzer\Desktop\Wie komme ich zu Gott _.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Besitzer\Desktop\Der Herr ist mein Hirte.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Besitzer\Desktop\clip0006.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Besitzer\Desktop\18_11_24.mp3:TOC.WMV
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:13199560
< End of report >




Extras
OTL Extras logfile created on: 29.03.2010 22:15:15 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Besitzer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 74,00% Memory free
7,00 Gb Paging File | 7,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): c:\pagefile.sys 4500 9000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 122,71 Gb Free Space | 41,17% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 6,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BESITZER-PC
Current User Name: Besitzer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"AntiSpyWareDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{019536EE-9FE0-46E5-A368-8DE8974899D3}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{34BD1A7D-DB10-4A55-ACAD-0675BD7C108F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38AAE49E-B637-4ED4-9E2B-62AFCAFD225B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5C9D2704-DF8E-4888-B863-F3EC88011D7C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{663F4982-1FF8-4788-B053-4CE3FEA9A5F0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{92200657-9903-4B45-B248-44522DB6B617}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 |
"{AE06B0B5-53A6-4F1E-80DA-97C010F3143E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BEA229DB-592D-4287-8BF3-77500143E825}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CBBDA1B4-8602-430E-B66D-7EB4AE3A49B7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E2AC38E6-D9C3-4234-943D-5966D7E8794A}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 |
"{EA12C70F-EF2B-4D85-9A60-34D513D312CA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EC1EB7A7-8C71-418C-9C81-0BB23C5F07A2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F6D5613C-E395-438F-8431-65CE71ABD841}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FA27C0A4-6B92-447D-B758-FDED595813FE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A70FBC9-07D3-40AA-9D69-28CB8BF510BE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\empire total war demo\empire.exe |
"{0D825B98-3D4E-448C-8D24-FE3ACBC326E4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1114FB7A-D985-427E-946B-DB2E7DE3BB24}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{154AD7B5-51D4-4A42-9ABC-13E1B374EECB}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{1C4AD399-216C-431C-8D65-1ECD3E2976FB}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.2.9901-to-3.1.3.9947-dede-downloader.exe |
"{1E1861AB-F6B9-4330-812B-875B10566ABC}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{278C6FA5-046D-4C7A-9222-9A2FE0067F1F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{27F536E5-44CF-4B33-AC05-32195D5FDCC2}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{28586E62-813B-47E7-8A04-A10ABB89BB10}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{374DA039-A244-4B81-A64B-AAB939FB18DA}" = protocol=6 | dir=out | app=system |
"{3B6B7790-ED94-48F7-9AD8-C8C459C1CC48}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{4CEEAE2C-6744-4D5A-AEFA-A27A58201813}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9835-to-3.1.2.9901-dede-downloader.exe |
"{50F58F57-4C5E-4354-9E20-1173B39CBFFD}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{72E79AD9-3674-4746-88AD-6614144276E9}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{746F393F-FAB1-4703-9449-AF2D025ACFF2}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{770E074A-5E74-49AE-BC17-A0E628E3E6A6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7D2AAD74-33CB-496D-AA77-E8F4F37145C7}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7D4CC5E3-70A7-4187-9431-AAFBCC301510}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{897D64E1-3E6B-45DC-87E1-AFE49F84F121}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{8CD95178-0066-4EA9-A27B-FFD2D13C9DDF}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.1.9835-to-3.1.2.9901-dede-downloader.exe |
"{9193B962-C7DC-44FE-8B90-72C152060650}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{95E54934-EFC6-4542-92D8-8A00B00221E4}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-dede-downloader.exe |
"{95E94576-7224-49A8-9A34-13F15C8358C1}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{966E3382-A6DA-41F5-A23A-331741D56421}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{9A6A3AC0-9A17-4BE5-AEA5-0FE86656B32C}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{9CD18C93-ABDD-47B3-9AB8-8B7FAB7D13B7}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A23B60F2-52D4-4206-B043-71A3075C07D7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A5456FCF-4EC4-4350-B232-0F74354AD02F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A6C605A1-FEE4-48D4-9DB2-365C393A4CAD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A8527E32-C688-49E2-B12B-2A8FB672253A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AE21134A-C24E-407A-A5A6-8FC7A478F552}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{B15D2D14-2B49-47DB-AC05-3A234784569B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB09B41C-4802-4952-A676-8A65B3641B5E}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.2.9901-to-3.1.3.9947-dede-downloader.exe |
"{BC335100-901E-4773-B760-001A85DEA432}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{BDBBCB87-602A-4858-9292-C5E566A47026}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\empire total war demo\empire.exe |
"{C4295AD8-BD78-4BAD-BEED-F0E0D9D8F19F}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{CE24776D-99F1-4D56-BC05-5486B4AE5504}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{D1708CCC-53B0-4ECF-BAC6-33713C2AD943}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DC4C0AD6-A55C-4168-880E-3EB54AB0FDD0}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{DFBD3D7F-3D77-45B3-8D63-1A0EFEEE73DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E05CDD6A-3F8B-4444-A987-16E2ACDEAA87}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{E2B7845D-750C-441C-A426-3F7EEA717F09}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{E3028352-189A-4A65-990E-BC65C622C537}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{ED4FE2BC-3526-4D63-A877-12C846728CFB}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{EEC08776-5E9D-4C8A-8D86-064F2CC1B92F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F21C274D-C55E-4195-B549-AEE1B3947707}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{F7AD4BE7-32E0-48C6-AEC6-89D6D0BD9548}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FE753672-0E95-4858-A510-DB12C4816C40}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe |
"TCP Query User{0092FC75-BEFA-4CE6-82F0-64A7C207ECDD}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
"TCP Query User{11E9A9C8-2091-4A1D-A4F6-7BA48C4E2AA6}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{14EA83D7-DCE4-4EA3-9041-ABA59A5DE8F9}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{1E74C85D-8197-4D20-86BA-C997C1FA186E}C:\program files\novo's easy wow server\0.3.0\mangosd.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\mangosd.exe |
"TCP Query User{28513CA9-A937-4B17-96E9-A9EAA932A5D1}C:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe |
"TCP Query User{28C65A57-98E0-4A90-A0E6-C0EEAE51B6EE}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{2FAA5C0E-EAED-467C-9959-5A3A4F2980B1}C:\program files\novo's easy wow server\0.3.0\realmd.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\realmd.exe |
"TCP Query User{3C4A55D1-3BB7-4714-9866-00BEECEF7A31}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"TCP Query User{3F60A434-FA3B-40C3-9F9B-79A88C2E1777}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{5590795C-4C7D-4994-8B3F-5A9CB5127EA0}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{55990D61-4E47-4B78-9438-AFE86350C8A1}C:\program files\novo's easy wow server\0.3.0\udrive\usr\local\mysql\bin\mysqld-opt.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\udrive\usr\local\mysql\bin\mysqld-opt.exe |
"TCP Query User{58EBA9B3-E207-4806-9F35-7AE0D3DC1917}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{5C546FBF-D2EA-4EFA-AB1E-CAF071C8F775}C:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe |
"TCP Query User{60430898-F7C6-44BA-8067-7B690CC4099E}C:\program files\novo's easy wow server\0.3.0\udrive\usr\local\apache2\bin\apache_16.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\udrive\usr\local\apache2\bin\apache_16.exe |
"TCP Query User{629230A5-9095-473C-A60A-CD73E31A6A02}C:\program files\novo's easy wow server\0.3.1\udrive\usr\local\mysql\bin\mysqld-opt.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.1\udrive\usr\local\mysql\bin\mysqld-opt.exe |
"TCP Query User{6B6D2963-9602-41F1-9F9C-2E2DBC135368}C:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe |
"TCP Query User{721ECF7B-1AA1-433C-B089-6F7DB180840E}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
"TCP Query User{79D44A09-9714-4131-9499-E961B4D7CD5A}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{89070295-617C-412A-9951-65D55E775E9B}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{9DA3A857-2CA4-4BFC-B07D-45410481ABA1}C:\users\besitzer\desktop\matrixmt2\mc.exe" = protocol=6 | dir=in | app=c:\users\besitzer\desktop\matrixmt2\mc.exe |
"TCP Query User{C6C4A7A9-8BB7-40B7-BCFF-8885D4F1D905}C:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe |
"TCP Query User{C710B17B-38C5-48D0-94C6-D4048E9CFFC5}C:\program files\sierra\empire earth ii\ee2.exe" = protocol=6 | dir=in | app=c:\program files\sierra\empire earth ii\ee2.exe |
"TCP Query User{C793034C-7183-4989-960F-0279E271FF16}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{D481CD59-AE3B-4A73-99E2-9406C2CE993C}C:\program files\novo's easy wow server\0.3.1\trinityrealm.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.1\trinityrealm.exe |
"TCP Query User{D6D569BD-93EC-4FD4-8896-5CDB7AE6E5F9}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{E6257D8F-DECD-46F4-998F-18C58F77AC49}C:\program files\the creative assembly\rome - total war\rometw.exe" = protocol=6 | dir=in | app=c:\program files\the creative assembly\rome - total war\rometw.exe |
"TCP Query User{E7DCD365-54DC-4F09-A9EC-4CD6C63413A1}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{ED4B0896-9CD3-426B-A041-8A9C514F30AB}C:\program files\novo's easy wow server\0.3.1\udrive\usr\local\apache2\bin\apache_16.exe" = protocol=6 | dir=in | app=c:\program files\novo's easy wow server\0.3.1\udrive\usr\local\apache2\bin\apache_16.exe |
"UDP Query User{04B76F57-8EBE-4E88-837A-10EF5AF99D14}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{0A1E5179-BDFB-4D66-B769-E3D7874226D9}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
"UDP Query User{177E00D4-E9D5-4702-80C6-5E831CB7D329}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{28229B72-370D-449A-A33E-EDF1E63F294A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{41A74182-ADAD-492A-A10F-413EA9DA1F64}C:\program files\novo's easy wow server\0.3.1\udrive\usr\local\apache2\bin\apache_16.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.1\udrive\usr\local\apache2\bin\apache_16.exe |
"UDP Query User{42A8596A-916E-44EB-83E3-7840B9BBAA98}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{4F1F7218-B5ED-4ADF-942D-01838DE2E9B0}C:\program files\novo's easy wow server\0.3.0\mangosd.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\mangosd.exe |
"UDP Query User{521A2842-CEC8-4333-990D-E63EB3FD89A7}C:\program files\novo's easy wow server\0.3.0\udrive\usr\local\apache2\bin\apache_16.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\udrive\usr\local\apache2\bin\apache_16.exe |
"UDP Query User{5561311E-01ED-46B7-8E9B-08B615E5B4D4}C:\program files\novo's easy wow server\0.3.0\udrive\usr\local\mysql\bin\mysqld-opt.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\udrive\usr\local\mysql\bin\mysqld-opt.exe |
"UDP Query User{5A08AD79-5AB5-4EC6-ADCF-33E2345A857E}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{5E903A93-2E98-4764-8A83-3A3C071CECD5}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{6E7FE1A8-535B-42C9-B1A7-689A499EEF8C}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{6EB33D87-D1A1-4A16-9A1C-15D8A93F44C7}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
"UDP Query User{6EDC8592-DBD4-4F65-8211-DCDC0FFB7AC7}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{6EF2E5E3-DCE0-44C0-9766-F90A302A8CD2}C:\program files\novo's easy wow server\0.3.0\realmd.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.0\realmd.exe |
"UDP Query User{83A51247-2B1F-42B1-AE0B-69D895C1817E}C:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe |
"UDP Query User{864BEEB6-3C15-4064-9374-74A1501689E7}C:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe |
"UDP Query User{8A881899-A786-4897-B528-3F5023E016D2}C:\program files\sierra\empire earth ii\ee2.exe" = protocol=17 | dir=in | app=c:\program files\sierra\empire earth ii\ee2.exe |
"UDP Query User{9E037ED8-5A21-47D3-9EE1-9B7BA5860BE9}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{9E2AF4D2-87B1-49E5-B695-7F49A330B61D}C:\program files\novo's easy wow server\0.3.1\trinityrealm.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.1\trinityrealm.exe |
"UDP Query User{A425D641-0674-4D82-8F5E-30372A8D661D}C:\program files\the creative assembly\rome - total war\rometw.exe" = protocol=17 | dir=in | app=c:\program files\the creative assembly\rome - total war\rometw.exe |
"UDP Query User{BDFDCEEB-85ED-4397-8C1E-DCCC6A4D027B}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{C9A2DD96-B9D1-4009-A7C7-4AEA4BE5EDCE}C:\program files\novo's easy wow server\0.3.1\udrive\usr\local\mysql\bin\mysqld-opt.exe" = protocol=17 | dir=in | app=c:\program files\novo's easy wow server\0.3.1\udrive\usr\local\mysql\bin\mysqld-opt.exe |
"UDP Query User{CA05E7E6-27F0-481D-BB69-DC62CE35EA25}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{D8E5A200-2B8B-4297-9F98-B00CC572C43B}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{E63BC156-1CE5-4FFB-94C5-29D63FDE0C53}C:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\shedow09\counter-strike source\hl2.exe |
"UDP Query User{F3FDB560-B031-4685-BB31-F61E4A0B5107}C:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\shedow09\half-life 2 deathmatch\hl2.exe |
"UDP Query User{F658B192-5950-4348-BA2D-B619085E8220}C:\users\besitzer\desktop\matrixmt2\mc.exe" = protocol=17 | dir=in | app=c:\users\besitzer\desktop\matrixmt2\mc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A902DF4-B767-49DB-98D3-D413E6F1E703}" = World of Subways Vol.2
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{29C042AB-059B-414C-840E-94775E3F24A8}" = Personality Voices
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}" = Rome - Total War - Gold Edition
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59A614F6-27DE-4F65-A173-554A26DA2DEE}" = Female Voice Pack
"{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.2
"{5F7E148E-08DD-42F7-AEB4-569F21E25F3A}" = MAGIX Music Editor 3 Free
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack
"{A401975C-C1C5-4ECB-BC18-BFD9F8F401B7}" = Paint.NET v3.5.3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1F6BB2F-E9A4-4233-BA03-BB62E8AED82A}" = Star Wars Jedi Knight Jedi Academy Demo
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1191B7E-84BF-4325-9FFD-80BD8996ED4B}" = MorphVOX Junior
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires 2.0" = Microsoft Age of Empires II
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"CrystalDiskInfo_is1" = CrystalDiskInfo 2.7.4
"Defraggler" = Defraggler
"Drakensang_is1" = Drakensang
"EADM" = EA Download Manager
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 Benutzerhandbuch" = EPSON Stylus SX100_TX100 Handbuch
"EPSON SX100 Series" = Druckerdeinstallation für EPSON SX100 Series
"Foxit Creator" = Foxit Creator
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Game Cam XPress" = Game Cam XPress 2.5.0
"HijackThis" = HijackThis 2.0.2
"HyperCam 2" = HyperCam 2
"Icy Tower v1.4_is1" = Icy Tower v1.4
"IncrediMail" = IncrediMail
"LingoPad_is1" = LingoPad 2.5.1 (Build 325)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MobMap_is1" = MobMap 3.43
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.2pre)" = Mozilla Firefox (3.6.2pre)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"Music_Editor_3_silver" = MAGIX Music Editor 3 Free
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoScape" = PhotoScape
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Secunia PSI" = Secunia PSI
"Steam App 10620" = Empire: Total War Demo
"Steam App 211" = Source SDK
"Steam App 340" = Half-Life 2: Lost Coast
"SystemRequirementsLab" = System Requirements Lab
"TBSB07741.TBSB07741Toolbar" = My Fast Web Search
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TUGZip_is1" = TUGZip 3.5
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.2
"Warcraft III" = Warcraft III
"Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.2
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wisdom-soft AutoScreenRecorder 3.0 Free" = Wisdom-soft AutoScreenRecorder 3.0 Free
"World of Warcraft" = World of Warcraft
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.03.2010 06:35:41 | Computer Name = Besitzer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung firefox.exe, Version 1.9.2.3727, Zeitstempel
0x4b9fb052, fehlerhaftes Modul FOXITR~1.OCX, Version 1.0.0.1, Zeitstempel 0x495057f6,
Ausnahmecode 0xc0000005, Fehleroffset 0x00002c8e, Prozess-ID 0xf14, Anwendungsstartzeit
01cacd9649222fd6.

Error - 27.03.2010 07:03:29 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =

Error - 27.03.2010 10:27:17 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =

Error - 28.03.2010 06:15:14 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =

Error - 28.03.2010 06:23:30 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =

Error - 28.03.2010 09:08:41 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =

Error - 28.03.2010 09:55:08 | Computer Name = Besitzer-PC | Source = Application Hang | ID = 1002
Description = Programm soffice.bin, Version 3.2.9476.500 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 13ec Anfangszeit: 01cace7d9b4373ff Zeitpunkt
der Beendigung: 5

Error - 29.03.2010 06:58:52 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.03.2010 08:08:00 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.03.2010 15:14:45 | Computer Name = Besitzer-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 29.03.2010 15:22:14 | Computer Name = Besitzer-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 29.03.2010 um 21:18:12 unerwartet heruntergefahren.

Error - 29.03.2010 15:21:40 | Computer Name = Besitzer-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.

Error - 29.03.2010 15:21:41 | Computer Name = Besitzer-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.

Error - 29.03.2010 15:21:43 | Computer Name = Besitzer-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.

Error - 29.03.2010 15:22:27 | Computer Name = Besitzer-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.

Error - 29.03.2010 15:22:48 | Computer Name = Besitzer-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 29.03.2010 15:25:45 | Computer Name = Besitzer-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.

Error - 29.03.2010 15:25:46 | Computer Name = Besitzer-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.

Error - 29.03.2010 16:12:41 | Computer Name = Besitzer-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 29.03.2010 um 22:11:38 unerwartet heruntergefahren.

Error - 29.03.2010 16:13:26 | Computer Name = Besitzer-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >




Hab Dank

Gruß
Kevin
__________________
__________________

Alt 29.03.2010, 23:00   #4
Sion
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



1. Versuche einen Quick-Scan mit Malwarebytes.

2. Hol dir RootRepeal .
Starte RootRepeal.
Beende alle anderen Programme, schalte AV-Wächter ab.
Gehe auf Report.
Klicke auf Scan.
Setze alle Häkchen.
Bestätige mit OK.
Poste das Log.

Alt 29.03.2010, 23:19   #5
Shadow09
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Danke =)

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 3930

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

29.03.2010 23:18:26
mbam-log-2010-03-29 (23-18-26).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 100999
Laufzeit: 4 Minute(n), 0 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)



Und das andere mach ich wenn Du nichts dagegen hast morgen.

Gruß

__________________
Credo in Deum, Patrem omnipotentem,
Creatorem caeli et terrae.

Alt 30.03.2010, 01:45   #6
Shadow09
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Log:

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/03/30 01:30
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\Windows\System32\Drivers\dump_atapi.sys
Address: 0x8F92A000 Size: 32768 File Visible: No Signed: -
Status: -

Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x8F91F000 Size: 45056 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0x9BD66000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\System Volume Information\{00c93a28-3743-11df-a31c-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{15d6fb27-3415-11df-a2a7-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{15d6fb2c-3415-11df-a2a7-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{15d6fb35-3415-11df-a2a7-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{15d6fb39-3415-11df-a2a7-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{1dfa360f-3906-11df-8c7d-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{1dfa3613-3906-11df-8c7d-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{1dfa3616-3906-11df-8c7d-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{a34eb507-35ab-11df-80fb-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{a34eb50b-35ab-11df-80fb-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{a34eb527-35ab-11df-80fb-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{a34eb637-35ab-11df-80fb-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{a7ff3b6c-39ac-11df-a58f-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{c62ced6d-350d-11df-907e-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{f369de26-34f7-11df-b7ba-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{f369de2e-34f7-11df-b7ba-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{15d6fb30-3415-11df-a2a7-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{a34eb52b-35ab-11df-80fb-0019dbc0752f}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\Windows\Media\WINDOW~1.WAV
Status: Locked to the Windows API!

Path: C:\Windows\Media\WINDOW~2.WAV
Status: Locked to the Windows API!

Path: C:\Windows\Media\WINDOW~4.WAV
Status: Locked to the Windows API!

Path: C:\Program Files\Windows Media Player\Network Sharing\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\NETFXS~1.HKF
Status: Locked to the Windows API!

Path: C:\Windows\PLA\System\System Diagnostics.xml:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
Status: Visible to the Windows API, but not on disk.

Path: C:\Windows\System32\wbem\PRINTF~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_5d1777c2e857a23b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4ddfc6cd11929a02.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.4053_none_6b86c0e9b0196766.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_9193a620671dde41.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_5c4003bc63e949f6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_81c25f21d3d46d84.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.4053_none_3b0e32bdc9afe437.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_a6e4a7980e9b18a2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_abac38a907ee8801.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\amd64_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_a9427d6be424cb66.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.218_none_34f1b3a4277681aa.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_818f59bf601aa775.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_8e053e8c6967ba9d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_49ef489714173a89.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.218_none_305648582a59709f.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f0efb442f8a0f46c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_516e2e610f48bda6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_b7e10f227b2fceff.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.218_none_d550bc90635d0454.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.218_none_f2f2113121ea24bc.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_5ce47260749ddc2c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.218_none_2dd4f36ae006adb1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.218_none_6518d0f68959e152.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_7dd1e0ebd6590e0b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.4148_none_80b7c8a91e9dd16a.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\amd64_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.4148_none_390a91d20a21a864.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_7ab8cc63a6e4c2a3.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\amd64_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_acd0e4ffe1daef0a.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.218_none_d51db72defa33e45.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.218_none_d1603e5a65e1a4db.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9818.0_none_b7e811947b297f6d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_08e3747fa83e48bc.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4db266e67dd280ef.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f47e1bd6f6571810.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0e9108e3b72e14d4.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.218_none_362b6ef026a377ee.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8a14c0566bec5b24.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_a6dfa6920e9f98fc.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_5926f98ceadc42c2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_a6dea5dc0ea08098.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_ecff360cfb2594f3.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f0bcaee084e72e5d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.1.microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_8b7b15c031cda6db.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_bdf22a22ab9e15d5.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_b7e610287b2b4ea5.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.218_none_d8df2424611327f8.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8dd7dea5d5a7a18a.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\amd64_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.4148_none_c6e3d20ca2b1ebce.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18289_none_0b1c4a254f52777a\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18330_none_0b49590d4f3204dd\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22470_none_0ba7b6286870146b\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22520_none_0bddc7aa684785dd\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18005_none_0d553c2b4c3b84e1\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18065_none_0d145ca34c6c2c87\RENDER~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6001.18226_none_2b9dff39db71a7a1\PRINTF~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6001.22389_none_2be9bd5af4bd3b16\PRINTF~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6002.18005_none_2d991295d888a8b3\PRINTF~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6002.18060_none_2d53319bd8bdd1a6\PRINTF~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6002.22164_none_2de0cf8ef1d7d6cc\PRINTF~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
Status: Visible to the Windows API, but not on disk.

Path: C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
Status: Visible to the Windows API, but not on disk.

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBADM~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBADM~3.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBADM~4.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBB00~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBADM~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBADM~3.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBADM~4.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBB00~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBADM~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBADM~3.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBADM~4.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBB00~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\CHOOSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\MANAGE~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\PROVID~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\CHOOSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\MANAGE~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\PROVID~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\CHOOSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\MANAGE~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\PROVID~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\CHOOSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\MANAGE~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\PROVID~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBADM~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBADM~3.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBADM~4.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBB00~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-data_perf_ini_b03f5f7f11d50a3a_6.0.6000.16386_none_c219d23425a42dd7\_DATAP~4.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.18111_none_94e532e5da90ed5b\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.18111_none_94e532e5da90ed5b\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-installutil_exe_config_rtm_31bf3856ad364e35_6.0.6001.18111_none_c4d43609b70547f3\INSTAL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-netfxsbs12_hkf_31bf3856ad364e35_6.0.6000.20883_none_0c16103ffd9c63ac\NETFXS~1.HKF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-redist_config_files_b03f5f7f11d50a3a_6.0.6001.22230_none_645e0f97e8c4eeea\IEEXEC~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_policy.1.2.microsof..op.security.azroles_31bf3856ad364e35_6.0.6000.16386_none_ea83414c2e75b887\Microsoft.Interop.Security.AzRole s.config
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.0.6000.16708_none_4180b46a5c473b6d\_SMSVC~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.0.6000.20864_none_41c5708575991d81\_SMSVC~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.0.6001.18096_none_4303a14a59b89802\_SMSVC~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.0.6001.22208_none_43f08fdb728b6c28\_SMSVC~1.H
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.0.6000.16708_none_325856a50f01ab0d\_SMSVC~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.0.6000.20864_none_329d12c028538d21\_SMSVC~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.0.6001.18096_none_33db43850c7307a2\_SMSVC~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.0.6001.22208_none_34c832162545dbc8\_SMSVC~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.18096_none_ca623c938da19f1b\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.18096_none_ca623c938da19f1b\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.22208_none_cb4f2b24a6747341\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.22208_none_cb4f2b24a6747341\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6002.18005_none_cca9032f8a7fd6e4\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6002.18005_none_cca9032f8a7fd6e4\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_reg_31bf3856ad364e35_6.0.6000.16708_none_c4f661e592b1c88e\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_reg_31bf3856ad364e35_6.0.6000.20864_none_c53b1e00ac03aaa2\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_reg_31bf3856ad364e35_6.0.6001.18096_none_c6794ec590232523\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_reg_31bf3856ad364e35_6.0.6001.22208_none_c7663d56a8f5f949\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_vrg_31bf3856ad364e35_6.0.6000.16708_none_cab9e41b8efd69ed\_SERVI~1.VRG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_vrg_31bf3856ad364e35_6.0.6000.20864_none_cafea036a84f4c01\_SERVI~1.VRG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_vrg_31bf3856ad364e35_6.0.6001.18096_none_cc3cd0fb8c6ec682\_SERVI~1.VRG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_ini_31bf3856ad364e35_6.0.6001.18096_none_7a48b2508cf758de\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_ini_31bf3856ad364e35_6.0.6001.18096_none_7a48b2508cf758de\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_ini_31bf3856ad364e35_6.0.6001.22208_none_7b35a0e1a5ca2d04\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_ini_31bf3856ad364e35_6.0.6001.22208_none_7b35a0e1a5ca2d04\_SERVI~2.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_reg_31bf3856ad364e35_6.0.6000.16708_none_74dcd7a292078251\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_reg_31bf3856ad364e35_6.0.6000.20864_none_752193bdab596465\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_reg_31bf3856ad364e35_6.0.6001.18096_none_765fc4828f78dee6\_SERVI~1.REG
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_svc_perf_reg_31bf3856ad364e35_6.0.6001.22208_none_774cb313a84bb30c\_SERVI~1.REG
Status: Locked to the Windows APIProcesses
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!

Path: C:\Windows\System32\audiodg.exe
PID: 1212 Status: Locked to the Windows API!

==EOF==
__________________
--> Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr

Alt 30.03.2010, 14:01   #7
Sion
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Sieh im Task-Manager nach, ob irgendein Prozess eine hohe CPU-Auslastung verursacht.

Alt 30.03.2010, 14:04   #8
Shadow09
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Hab ich Dir als Screen beigefügt.
Noch nichts zu sehen?
Miniaturansicht angehängter Grafiken
-screen.jpg  
__________________
Credo in Deum, Patrem omnipotentem,
Creatorem caeli et terrae.

Alt 30.03.2010, 14:16   #9
Sion
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Zitat:
Zitat von Shadow09 Beitrag anzeigen
Noch nichts zu sehen?
Nicht wirklich.

1. Hol dir AVZ
Entpacke und starte AVZ.
Führe einen Update durch (Button auf der rechten Seite unten ("Database Update") - dann auf Start).
Nach dem Update:
Setze oben links ein Häkchen beim Laufwerk C:
Wechesle zu "File Types" und wähle All Files.
Wechsele zu "Search Parameters", setze zusätzlich ein Häkchen bei
Block User-Mode Rootkits und
Block Kernel-Mode Rootkits

Schließe alle anderen Programme.
Klicke auf Start, der Scan wird eine Weile in Anspruch nehmen.
Speichere nach dem Scan das Log mit dem Button unten rechts "Save Log" und poste es.

Der Scan dauert, ist also etwas Geduld gefragt.

Alt 30.03.2010, 14:20   #10
Shadow09
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Dann wollen wir mal hoffen, dass mein PC nicht wieder abschmiert.

Nochmal Danke
__________________
Credo in Deum, Patrem omnipotentem,
Creatorem caeli et terrae.

Alt 30.03.2010, 16:41   #11
Shadow09
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Bin mal eben mit dem Laptop on.

Da steht verbleibende Zeit über 90 Stunden oO?
Soll das so sein? Weil dafür reicht meine Geduld nicht =D

Gruß
__________________
Credo in Deum, Patrem omnipotentem,
Creatorem caeli et terrae.

Geändert von Shadow09 (30.03.2010 um 17:20 Uhr)

Alt 30.03.2010, 19:47   #12
Shadow09
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Sorry für 3 Fach Post, kann mich aber nicht editieren.

Als ich merke das mein PC rumgespackt ist, habe ich schnell das Log gespeichert.
Sofort danach abgeschmiert *puh*

Ich hoffe man sieht schon da was drauf.


Log:
http://www.loaditup.de/479173.html
__________________
Credo in Deum, Patrem omnipotentem,
Creatorem caeli et terrae.

Alt 30.03.2010, 20:28   #13
Sion
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr




Machen wir es anders.
Erstell dir eine Dr.Web LiveCD.
Boote von der CD (Default Start) und scanne damit alle Laufwerke.

Alt 30.03.2010, 21:12   #14
Shadow09
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Kann ich die CD einfach mit Windoof auf die CD ziehen wenn sie entpackt ist?

Gruß
__________________
Credo in Deum, Patrem omnipotentem,
Creatorem caeli et terrae.

Alt 30.03.2010, 21:29   #15
Sion
 
Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Standard

Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr



Du musst die ISO-Datei brennen.

Antwort

Themen zu Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr
32 bit, antivir, antivir guard, avg, avira, bho, computer, desktop, fehlermeldung, firefox, gupdate, helper, hijack, hijackthis, internet, internet explorer, mein log, mozilla, netzwerk, rundll, siteadvisor, software, stick, system, trojaner-board, vista, vista 32, vista 32 bit, von selber, windows, wlan



Ähnliche Themen: Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr


  1. Explorer-Fehlermeldung, Virenscanner fündig
    Plagegeister aller Art und deren Bekämpfung - 23.03.2015 (22)
  2. explorer.exe fehlermeldung
    Plagegeister aller Art und deren Bekämpfung - 29.11.2014 (13)
  3. MS Windows 7 (64-bit SP1): Computerabstürze und Beschädigung der Windows-Firewall
    Log-Analyse und Auswertung - 11.11.2014 (11)
  4. Dubiose Fehlermeldung im Internet Explorer
    Plagegeister aller Art und deren Bekämpfung - 20.02.2014 (11)
  5. Nach Starten des Rechners, Fehlermeldung vom Internet Explorer im Vollbild
    Plagegeister aller Art und deren Bekämpfung - 05.07.2012 (1)
  6. Dauernde Computerabstürze
    Log-Analyse und Auswertung - 16.04.2012 (51)
  7. Explorer funktioniert nicht mehr Fehlermeldung APPCRASH
    Plagegeister aller Art und deren Bekämpfung - 25.01.2011 (3)
  8. IE Explorer öffnet sich + Fehlermeldung
    Log-Analyse und Auswertung - 05.06.2010 (5)
  9. explorer.exe stürtzt ohne Fehlermeldung ab.
    Plagegeister aller Art und deren Bekämpfung - 07.11.2008 (0)
  10. explorer.exe + wtsn32.exe = fehlermeldung
    Log-Analyse und Auswertung - 27.10.2008 (17)
  11. Runtime Error! Program: C:\WINDOWS\explorer.exe & #gen_toolbar# Fehlermeldung
    Log-Analyse und Auswertung - 26.12.2007 (3)
  12. Fehlermeldung Explorer.exe
    Log-Analyse und Auswertung - 02.12.2007 (5)
  13. Fehlermeldung Explorer Mode Name shell32.dll brauche hilfe dringend
    Log-Analyse und Auswertung - 20.01.2007 (1)
  14. Fehlermeldung Internet Explorer
    Alles rund um Windows - 10.01.2007 (1)
  15. Win Explorer Fehlermeldung
    Plagegeister aller Art und deren Bekämpfung - 06.12.2006 (1)
  16. Fehlermeldung: Explorer ...ungültige Seite in Modul unbekannt
    Log-Analyse und Auswertung - 02.12.2005 (2)
  17. Fehlermeldung im Explorer - Trojaner ?
    Plagegeister aller Art und deren Bekämpfung - 14.02.2005 (1)

Zum Thema Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr - Guten Morgen Trojaner-Board Gemeinde, ich habe seit ca. 5 Tagen ein Problem. Mein Computer brauch mehrere Startversuche und bleibt meist bein Windoof laden hängen. (Vista 32 Bit) Ist der Computer - Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr...
Archiv
Du betrachtest: Dauernte Computerabstürze/Startprobleme. Fehlermeldung explorer.exe + Verbindungsabbr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.