| |
| |||||||
Log-Analyse und Auswertung: zip. Anhang geöffnet TR/Matsnu.EB.101Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
10.02.2013, 21:48
| #1 |
 |  zip. Anhang geöffnet TR/Matsnu.EB.101 Hallo zusammen. Zuerst einmal,schön das es euch gibt :-) Weiss nämlich nicht mehr weiter. Nun hat es uns auch erwischt :-(. Wir haben gestern eine Mahnung per Email bekommen,das wir noch einen offenen Betrag zu begleichen haben.Die Rechnung war als zip. Datei im Anhang-Dummerweise wurde dieser Anhang geöffnet :-( kurze zeit später verschob mein Virenprogramm,Avira Antivir Free,den Trojaner TR/Matsnu.EB.101 aus: Quelle:C:\Users\Giz\AppData\Local\Temp\Temp1_06.02.2013 Bestelldaten Ihrer Mahnung.zip\Lieferschein Ihrer Bestellung 06.02.2013.zip und eine 2.Datei ADWARE/Yontoo.E.1 aus: Quelle:C:\Users\Giz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\74XZETTC\yontoosetup[1].ex in die Quarantäne. Seit dem habe ich ständige Systemabstürze mit einem blauem Desktop und Fehlermeldungen. Die Checkliste der verschiedenen Scans habe ich soweit durchgeführt: defogger_disable by jpshortstuff (23.02.10.1) Log created at 20:07 on 10/02/2013 (Giz) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- OTL Extras logfile created on: 2/10/2013 8:37:40 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Giz\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.75 Gb Total Physical Memory | 1.19 Gb Available Physical Memory | 67.87% Memory free 3.50 Gb Paging File | 2.01 Gb Available in Paging File | 57.54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 100.00 Gb Total Space | 47.59 Gb Free Space | 47.59% Space Free | Partition Type: NTFS Drive D: | 122.87 Gb Total Space | 33.16 Gb Free Space | 26.99% Space Free | Partition Type: NTFS Computer Name: GIZ-PC | User Name: Giz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3532530151-904022732-2976600449-1001\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML.BU4WFSV3H6M4JN7DPOWR2R76ZA] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "AutoUpdateDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{8038CD96-F38A-42A8-A370-4E42AF1E366A}" = rport=41952 | protocol=6 | dir=out | name=tversity | "{845F9CEE-4551-4AE9-8FE4-D014A8329EDA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FDEACF16-C4BB-4D55-A49C-DEF5FD6163D6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{013B7906-1556-42A2-9789-AC8F6FB43829}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{40171638-2984-40DF-AF7C-11C690596551}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4E140000-4765-49F7-8D58-149272800738}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{6F070512-CC6F-4A8E-AFF2-D3D5321E3953}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{6F1176AD-B032-4807-B786-6C8A34EE3EB8}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{79535E6A-67D8-4C6F-8CEB-9CC7D0DDA663}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | "{7AF5B2B2-2327-4ABA-88E4-370BD5BAEF11}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{7C756BE0-D1FB-479C-B19E-7C6190FBA177}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{9273E720-55AD-498F-A3AD-C81F302465A8}" = dir=in | app=c:\program files\samsung\allshare\allsharedms\allsharedms.exe | "{99E1D3F2-7150-4894-A146-792135081D3A}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | "{A41C7F57-E1BC-4D63-9B00-6F8514C99032}" = dir=in | app=c:\program files\samsung\allshare\allshareagent.exe | "{CB4C30CC-7049-4B53-8977-2B76D0EAA1BD}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{CF2D152F-40F5-45DC-BC58-32585F6FBB18}" = dir=in | app=c:\program files\itunes\itunes.exe | "{F1D1D4A8-FB93-40C5-B2AF-BA09D8306046}" = dir=in | app=c:\program files\samsung\allshare\allshare.exe | "{FB390B75-572E-461B-918F-3DF12F267439}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FDF3CF8C-2BC5-43CC-8971-589CE9A4A551}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "TCP Query User{4270A8FF-B743-4189-9E88-71BD716494AA}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{97ACA1ED-66A7-4F34-8EDE-80FD08A32581}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe | "TCP Query User{992EB7FA-9F01-431A-81F3-1143BC07BA23}C:\program files\atube catcher\yct.exe" = protocol=6 | dir=in | app=c:\program files\atube catcher\yct.exe | "UDP Query User{3CE67A4C-D7DE-4958-95ED-4EA42BEB794A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{9F104F62-6F82-4322-A82D-383A63AFD7E0}C:\program files\atube catcher\yct.exe" = protocol=17 | dir=in | app=c:\program files\atube catcher\yct.exe | "UDP Query User{A34832E1-3369-444F-93E0-21129F273176}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect "{177586E7-E42E-4F38-83D1-D15B4AF5B714}" = Delta Chrome Toolbar "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{21275B6A-333E-3EF6-E68D-B5F5B4B1F6BB}" = Catalyst Control Center InstallProxy "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program "{2AD3FCB8-B812-1A51-D45F-0A71277347E6}" = CCC Help Finnish "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2BB57D38-931A-02AB-7C19-B039C87156BA}" = CCC Help Hungarian "{2D1A4418-8BC0-3805-7DD2-4993394000AE}" = CCC Help Danish "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver "{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012 "{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3F2A0484-F9B4-AC18-1580-73A6DBD526D3}" = Catalyst Control Center Localization All "{40FDA966-C08D-93FC-5B62-87B0305989D5}" = CCC Help Polish "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4F5B18A3-E921-4FFE-BEF4-ACBB98964FC2}" = AMD USB Filter Driver "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{51D1EA4C-3EC5-4A29-8BB6-CC7D447CCFD0}" = CCC Help Japanese "{5425B69E-410D-FF8E-6382-53914B29DB34}" = CCC Help French "{5592F5BF-0A6D-77BE-31D9-A212800C153C}" = CCC Help German "{5785EE0B-DA31-82C5-345A-6AC0721A5445}" = CCC Help Thai "{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC "{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7 "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{60D157A6-087B-ABE4-0B5D-69DCB6ADB4B2}" = CCC Help English "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR "{67BCBB5E-9534-81D4-A489-47D8A3BE22BF}" = CCC Help Spanish "{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes "{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer "{708FB213-9CA6-6865-BCEA-6A50206BC17E}" = CCC Help Portuguese "{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service "{759688C0-D976-D3A6-0FF5-CB0EA763B217}" = CCC Help Czech "{75E9CAA3-B336-439D-85FB-7C7B2ACA1A16}" = LivCam "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{80198D8E-F593-17D6-26E7-DC4B66BABECD}" = Catalyst Control Center Graphics Light "{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7 "{81601299-AD02-403C-9A47-93C509FE2EC2}" = Catalyst Control Center - Branding "{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver "{859D40CF-8491-44AD-8FA8-7389CB418C64}" = 32 Bit HP CIO Components Installer "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{88632316-2F9C-7FAB-E867-C4DFBF79A84E}" = Catalyst Control Center Graphics Previews Vista "{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8B209A17-940A-D283-8F37-4D5276879CFF}" = CCC Help Korean "{8C2690CF-5B74-4F93-8139-7B5644CD6A3B}" = MobileMe Control Panel "{8CBBD910-23F3-D39C-8B38-2AEDD6C366F5}" = ccc-core-static "{8D1D606A-EF54-ADEE-13EF-4B77CBE389F0}" = Catalyst Control Center Graphics Full Existing "{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{95120000-003F-0407-0000-0000000FF1CE}" = Microsoft Office Excel Viewer "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver "{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3 "{AB629EB8-ABB4-F0EF-3C00-CF9B48C283DC}" = Catalyst Control Center Graphics Full New "{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.3 MUI "{AEB7003F-AE66-23F2-20A2-F758446BE167}" = CCC Help Norwegian "{BB761E7E-2635-4E12-A7E8-7431BE178953}" = Chrome toolbar by SweetPacks "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{CC45D760-77CC-2B22-F691-3AC97C4BF788}" = CCC Help Greek "{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00 "{CD185B84-7A26-5EEF-2F05-0CEA3463E557}" = Catalyst Control Center Core Implementation "{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE) "{D1F43BEE-D0A4-400B-EFA4-134EC78C81F4}" = CCC Help Turkish "{D7C66DC3-B601-E9F2-4157-D47E687C4539}" = CCC Help Dutch "{D84424BF-5F86-D649-14F3-A8AEB768A5F7}" = CCC Help Russian "{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E2E28E25-79C1-5108-F7F4-EF42AE64711D}" = CCC Help Swedish "{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel "{E6C93A10-25F6-CEC8-8B11-AAC52F4E67A1}" = ATI Catalyst Install Manager "{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1 "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1D4A558-9D51-6ABF-7CA3-0EE1DB2ED48F}" = CCC Help Chinese Standard "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{FA8D70EF-1D0D-C0FD-B0D8-9610D5381930}" = CCC Help Italian "{FB8113BC-BB40-DEF0-C734-36697D1774C2}" = ccc-utility "{FFA6BAD0-1B3D-E4B0-95FC-FBFABDCABEF5}" = CCC Help Chinese Traditional "ACRYSH6_is1" = ArchiCrypt Shredder Version 6.0.9.5654 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "aTube Catcher" = aTube Catcher "Avira AntiVir Desktop" = Avira Free Antivirus "AviSynth" = AviSynth 2.5 "B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403) "B5C82F3814F82FB37F1513B3185399BD88892B08" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) "BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) "delta" = Delta toolbar "DivX Setup.divx.com" = DivX-Setup "FMCODEC" = FM Screen Capture Codec (Remove Only) "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00 "InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01 "Picasa 3" = Picasa 3 "PriceGong" = PriceGong 2.6.7 "Software Informer_is1" = Software Informer 1.0 BETA "SynTPDeinstKey" = Synaptics Pointing Device Driver "TuneUp Utilities 2012" = TuneUp Utilities 2012 "VLC media player" = VLC media player 1.0.5 "WinLiveSuite_Wave3" = Windows Live Essentials "WinPcapInst" = WinPcap 4.1.2 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3532530151-904022732-2976600449-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Google Chrome" = Google Chrome "Sweet Home 3D" = Sweet Home 3D ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 1/27/2013 2:26:10 PM | Computer Name = Giz-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 6614 Error - 1/27/2013 2:26:12 PM | Computer Name = Giz-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 1/27/2013 2:26:12 PM | Computer Name = Giz-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 8065 Error - 1/27/2013 2:26:12 PM | Computer Name = Giz-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 8065 Error - 1/27/2013 2:26:13 PM | Computer Name = Giz-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 1/27/2013 2:26:13 PM | Computer Name = Giz-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 9703 Error - 1/27/2013 2:26:13 PM | Computer Name = Giz-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 9703 Error - 1/27/2013 2:26:16 PM | Computer Name = Giz-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 1/27/2013 2:26:16 PM | Computer Name = Giz-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 12636 Error - 1/27/2013 2:26:16 PM | Computer Name = Giz-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 12636 Error - 1/27/2013 4:26:03 PM | Computer Name = Giz-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second [ System Events ] Error - 2/10/2013 11:48:01 AM | Computer Name = Giz-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 2/10/2013 11:48:01 AM | Computer Name = Giz-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 2/10/2013 11:48:01 AM | Computer Name = Giz-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 2/10/2013 11:48:01 AM | Computer Name = Giz-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 2/10/2013 11:48:01 AM | Computer Name = Giz-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 2/10/2013 11:49:44 AM | Computer Name = Giz-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 2/10/2013 11:52:06 AM | Computer Name = Giz-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 2/10/2013 12:03:21 PM | Computer Name = Giz-PC | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 2/10/2013 12:05:01 PM | Computer Name = Giz-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error - 2/10/2013 2:42:52 PM | Computer Name = Giz-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht. < End of report > OTL logfile created on: 2/10/2013 8:37:40 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Giz\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.75 Gb Total Physical Memory | 1.19 Gb Available Physical Memory | 67.87% Memory free 3.50 Gb Paging File | 2.01 Gb Available in Paging File | 57.54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 100.00 Gb Total Space | 47.59 Gb Free Space | 47.59% Space Free | Partition Type: NTFS Drive D: | 122.87 Gb Total Space | 33.16 Gb Free Space | 26.99% Space Free | Partition Type: NTFS Computer Name: GIZ-PC | User Name: Giz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/02/10 20:02:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Giz\Desktop\OTL.exe PRC - [2013/02/10 05:07:10 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2013/02/10 05:06:50 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2013/02/10 05:06:46 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2013/02/10 05:06:45 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2013/01/20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Giz\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013/01/16 17:27:06 | 002,550,224 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012/08/15 18:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe PRC - [2012/08/07 15:10:02 | 000,013,824 | ---- | M] (Smartbar) -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.exe PRC - [2012/05/29 14:50:04 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe PRC - [2012/05/15 12:54:52 | 000,181,824 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt) -- C:\Program Files\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector32.exe PRC - [2012/04/17 14:05:00 | 000,651,264 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe PRC - [2012/03/23 13:25:24 | 000,087,040 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2012/03/02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe PRC - [2012/03/01 22:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\AllShare\AllShareAgent.exe PRC - [2011/12/14 12:23:34 | 001,212,224 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2011/12/14 12:23:32 | 001,514,304 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/10/26 23:30:00 | 000,413,688 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe PRC - [2009/10/17 06:43:28 | 001,021,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe PRC - [2009/09/11 20:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe PRC - [2009/08/28 00:38:28 | 000,803,304 | ---- | M] () -- C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe PRC - [2009/08/19 02:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe PRC - [2009/08/05 04:45:12 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009/08/05 04:44:44 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2009/07/20 10:47:14 | 000,083,240 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe ========== Modules (No Company Name) ========== MOD - [2013/01/17 19:43:05 | 001,840,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\aa0c82eddc6cc12961a92835f777dcc0\System.Web.Services.ni.dll MOD - [2013/01/17 19:43:02 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll MOD - [2013/01/17 19:42:49 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll MOD - [2013/01/17 19:42:48 | 000,628,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll MOD - [2013/01/17 19:42:47 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll MOD - [2013/01/17 19:42:45 | 006,610,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\bd5f32f9081b6307cadda7422145553e\System.Data.ni.dll MOD - [2013/01/17 19:41:59 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll MOD - [2013/01/17 19:41:46 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013/01/17 19:41:10 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013/01/17 19:41:03 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab2d590a7a1566fe78e3275a90a30ceb\System.Configuration.ni.dll MOD - [2013/01/17 19:41:01 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013/01/17 19:40:51 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2013/01/16 17:27:06 | 002,550,224 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe MOD - [2013/01/16 17:26:01 | 002,212,304 | ---- | M] () -- c:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll MOD - [2012/09/07 14:19:56 | 000,904,704 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll MOD - [2012/08/07 15:11:00 | 000,041,472 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll MOD - [2012/08/07 15:11:00 | 000,028,672 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll MOD - [2012/08/07 15:10:58 | 000,062,464 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll MOD - [2012/08/07 15:10:58 | 000,012,288 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll MOD - [2012/08/07 15:10:58 | 000,010,240 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll MOD - [2012/08/07 15:10:58 | 000,009,728 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll MOD - [2012/08/07 15:10:58 | 000,007,168 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll MOD - [2012/08/07 15:10:00 | 000,025,088 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll MOD - [2012/08/07 15:09:56 | 000,028,672 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll MOD - [2012/08/07 15:09:40 | 001,267,712 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll MOD - [2012/08/07 15:09:32 | 000,007,168 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll MOD - [2012/08/07 15:09:28 | 000,559,616 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll MOD - [2012/08/07 15:09:16 | 000,073,216 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll MOD - [2012/08/07 15:09:12 | 000,040,960 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll MOD - [2012/08/07 15:09:12 | 000,018,944 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll MOD - [2012/08/07 15:09:12 | 000,013,312 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll MOD - [2012/08/07 15:09:06 | 000,074,752 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll MOD - [2012/08/07 15:09:06 | 000,040,960 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\MACTrackBarLib.dll MOD - [2012/08/07 15:09:06 | 000,006,656 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll MOD - [2012/08/07 15:09:06 | 000,006,144 | ---- | M] () -- C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll MOD - [2012/04/17 14:05:00 | 001,515,520 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll MOD - [2012/04/17 14:05:00 | 000,651,264 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe MOD - [2012/04/17 14:05:00 | 000,559,244 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll MOD - [2012/04/17 14:05:00 | 000,516,599 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll MOD - [2012/04/17 14:05:00 | 000,389,120 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\HtcDetect.dll MOD - [2012/04/17 14:05:00 | 000,172,032 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll MOD - [2012/04/17 14:05:00 | 000,151,552 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll MOD - [2012/04/17 14:05:00 | 000,103,936 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll MOD - [2012/04/17 14:05:00 | 000,094,208 | ---- | M] () -- C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll MOD - [2010/11/13 01:02:22 | 000,434,176 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2010/11/13 01:02:21 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/11/05 02:59:41 | 000,212,992 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010/01/14 13:16:06 | 001,736,704 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3503.38390__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dl l MOD - [2010/01/14 13:16:06 | 000,491,520 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3503.38457__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2010/01/14 13:16:06 | 000,339,968 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3503.38372__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2010/01/14 13:16:06 | 000,331,776 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3503.38426__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2010/01/14 13:16:06 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3503.38391__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2010/01/14 13:16:06 | 000,118,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3503.38457__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard. dll MOD - [2010/01/14 13:16:06 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3503.38426__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2010/01/14 13:16:06 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3503.38439__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2010/01/14 13:16:06 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3503.38381__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2010/01/14 13:16:06 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3503.38421__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2010/01/14 13:16:06 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3503.38426__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2010/01/14 13:16:06 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3503.38458__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2010/01/14 13:16:06 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3503.38457__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2010/01/14 13:16:06 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3503.38386__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2010/01/14 13:16:06 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3503.38413__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l MOD - [2010/01/14 13:16:06 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3503.38381__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll MOD - [2010/01/14 13:16:05 | 000,950,272 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3503.38482__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dash board.dll MOD - [2010/01/14 13:16:05 | 000,782,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3503.38415__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2010/01/14 13:16:05 | 000,573,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3503.38392__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll MOD - [2010/01/14 13:16:05 | 000,409,600 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3503.38434__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2010/01/14 13:16:05 | 000,393,216 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3503.38414__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2010/01/14 13:16:05 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3503.38420__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2010/01/14 13:16:05 | 000,307,200 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3503.38396__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2010/01/14 13:16:05 | 000,270,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2010/01/14 13:16:05 | 000,196,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3503.38391__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2010/01/14 13:16:05 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3503.38419__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll MOD - [2010/01/14 13:16:05 | 000,081,920 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3503.38414__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2010/01/14 13:16:05 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3503.38413__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2010/01/14 13:16:05 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3503.38395__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll MOD - [2010/01/14 13:16:05 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3503.38414__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2010/01/14 13:16:05 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3503.38419__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll MOD - [2010/01/14 13:16:05 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3503.38420__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2010/01/14 13:16:05 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3496.39091__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2010/01/14 13:16:05 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3496.39089__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2010/01/14 13:16:05 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3496.39100__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2010/01/14 13:16:05 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3496.39127__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2010/01/14 13:16:05 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3496.39125__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2010/01/14 13:16:05 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3496.39099__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2010/01/14 13:16:05 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3496.39125__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2010/01/14 13:16:05 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2010/01/14 13:16:04 | 000,098,304 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3496.39091__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2010/01/14 13:16:04 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3496.39088__90ba9c70f846762e\CLI.Foundation.dll MOD - [2010/01/14 13:16:04 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3496.39109__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2010/01/14 13:16:04 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3496.39108__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2010/01/14 13:16:04 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3496.39106__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2010/01/14 13:16:04 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3496.39105__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2010/01/14 13:16:04 | 000,049,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3496.39105__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2010/01/14 13:16:04 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2010/01/14 13:16:04 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3496.39122__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2010/01/14 13:16:04 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3496.39108__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2010/01/14 13:16:04 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3496.39086__90ba9c70f846762e\LOG.Foundation.dll MOD - [2010/01/14 13:16:04 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3496.39096__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2010/01/14 13:16:04 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3496.39087__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2010/01/14 13:16:04 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3496.39157__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2010/01/14 13:16:04 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3496.39121__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2010/01/14 13:16:04 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3496.39104__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l MOD - [2010/01/14 13:16:04 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3496.39101__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2010/01/14 13:16:04 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3496.39099__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2010/01/14 13:16:04 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3496.39091__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2010/01/14 13:16:04 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3496.39107__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l MOD - [2010/01/14 13:16:04 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3496.39092__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2010/01/14 13:16:04 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3496.39089__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2010/01/14 13:16:04 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3496.39102__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l MOD - [2010/01/14 13:16:04 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3496.39098__90ba9c70f846762e\APM.Foundation.dll MOD - [2010/01/14 13:16:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3496.39098__90ba9c70f846762e\MOM.Foundation.dll MOD - [2010/01/14 13:16:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2010/01/14 13:16:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3496.39122__90ba9c70f846762e\DEM.Graphics.dll MOD - [2010/01/14 13:16:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2010/01/14 13:16:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3496.39090__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2010/01/14 13:16:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3496.39104__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2010/01/14 13:16:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3496.39101__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2010/01/14 13:16:04 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3496.39090__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2010/01/14 13:16:03 | 000,651,264 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3503.38481__90ba9c70f846762e\ResourceManagement.Foundation.Implementatio n.dll MOD - [2010/01/14 13:16:03 | 000,106,496 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3503.38452__90ba9c70f846762e\MOM.Implementation.dll MOD - [2010/01/14 13:16:03 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3503.38451__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2010/01/14 13:16:03 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3503.38463__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2010/01/14 13:16:03 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3496.39089__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2010/01/14 13:16:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3496.39090__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2010/01/14 13:16:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3496.39098__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2010/01/14 13:16:03 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3503.38368__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2010/01/14 13:16:02 | 001,212,416 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3503.38377__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2010/01/14 13:16:02 | 000,552,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3503.38447__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2010/01/14 13:16:02 | 000,405,504 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3503.38385__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2010/01/14 13:16:02 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3503.38370__90ba9c70f846762e\APM.Server.dll MOD - [2010/01/14 13:16:02 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3503.38372__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2010/01/14 13:16:02 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3503.38371__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2010/01/14 13:16:02 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3496.39100__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2010/01/14 13:16:02 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3503.38369__90ba9c70f846762e\AEM.Server.dll MOD - [2010/01/14 13:16:02 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3496.39088__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2010/01/14 13:16:02 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3496.39092__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2010/01/14 13:16:02 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2010/01/14 13:16:02 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3496.39099__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2010/01/14 13:16:02 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3496.39097__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2010/01/14 13:16:02 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3496.39110__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2010/01/14 13:16:02 | 000,019,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3503.38452__90ba9c70f846762e\CCC.Implementation.dll MOD - [2009/06/10 22:23:19 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2008/10/24 20:29:16 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ========== Services (SafeList) ========== SRV - [2013/02/10 13:00:10 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/02/10 05:07:10 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013/02/10 05:06:46 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013/01/16 17:27:06 | 002,550,224 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect) SRV - [2012/05/15 12:54:52 | 000,181,824 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt) [Auto | Running] -- C:\Program Files\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector32.exe -- (ArchiCrypt Sichere Loeschzonen) SRV - [2012/03/23 13:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2012/03/02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0) SRV - [2012/03/02 16:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer) SRV - [2011/12/14 12:23:32 | 001,514,304 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010/06/25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2009/08/19 02:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService) SRV - [2009/08/05 04:44:44 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/02/05 10:11:18 | 000,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV) SRV - [2007/02/05 10:11:16 | 000,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service) SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV) SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\btwrchid.sys -- (btwrchid) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwl2cap.sys -- (btwl2cap) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\btwavdt.sys -- (btwavdt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio) DRV - [2013/02/10 05:07:20 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2013/02/10 05:07:20 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013/02/10 05:07:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2013/02/10 05:07:19 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/12/12 19:31:38 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/06/25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2010/06/23 09:24:58 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot) DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009/10/26 22:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32) DRV - [2009/10/06 11:34:00 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO) DRV - [2009/10/05 18:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/10/02 06:33:24 | 000,862,208 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se) DRV - [2009/08/05 05:22:18 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009/07/27 08:06:45 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) DRV - [2009/07/20 10:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/01 05:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt) DRV - [2009/06/05 12:53:42 | 000,027,320 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2009/05/05 15:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=52366ec60000000000001c4bd660b0f8 IE - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com IE - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data] IE - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=52366ec60000000000001c4bd660b0f8 IE - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=52366ec60000000000001c4bd660b0f8 IE - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=T8&apn_dtid=YYYYYYYYDE&apn_uid=06cd9f6f-ddcb-44d5-9f0c-a2e1d1e0dd78&apn_sauid=E218CB8E-98FB-41FC-923F-DC23035217A2& IE - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Giz\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Giz\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/15 20:24:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/15 20:24:47 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.6.7\FF [2012/09/07 14:21:14 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013/02/10 07:24:03 | 000,000,000 | ---D | M] [2013/02/10 07:21:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Giz\AppData\Roaming\mozilla\firefox\Profiles\extensions [2012/12/13 21:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\Giz\AppData\Roaming\mozilla\firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2011/10/14 09:59:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2010/05/13 16:03:36 | 000,000,000 | ---D | M] (Recorder Toolbar) -- C:\Program Files\mozilla firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2010/05/13 09:26:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/26 10:51:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/10/19 10:15:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/02/07 16:14:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/03/18 11:28:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011/10/07 10:22:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/06/08 14:17:19 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml ========== Chrome ========== CHR - homepage: hxxp://google.de/ CHR - default_search_provider: Delta Search (Enabled) CHR - default_search_provider: search_url = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=52366ec60000000000001c4bd660b0f8 CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://google.de/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Giz\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Giz\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Giz\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll CHR - plugin: Logitech Device Detection (Enabled) = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\npLogitechDeviceDetection.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Mozilla Plugins\npitunes.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Giz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: Movie2kDownloader = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf\1.0_0\ CHR - Extension: YouTube = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google-Suche = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Logitech-Ger\u00E4teerkennung = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\ CHR - Extension: Delta Toolbar = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\ CHR - Extension: DivX HiQ = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\ CHR - Extension: BrowserProtect = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0\ CHR - Extension: Google Mail = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ CHR - Extension: Movie2kDownloader = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf\1.0_0\ CHR - Extension: YouTube = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google-Suche = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Logitech-Ger\u00E4teerkennung = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\ CHR - Extension: Delta Toolbar = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\ CHR - Extension: DivX HiQ = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\ CHR - Extension: BrowserProtect = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0\ CHR - Extension: Google Mail = C:\Users\Giz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com) O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4 - HKLM..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [LivCam] C:\Program Files\ASUS\LivCam\LivCam.exe (ASUSTek) O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKU\S-1-5-21-3532530151-904022732-2976600449-1001..\Run: [Browser Infrastructure Helper] C:\Users\Giz\AppData\Local\Smartbar\Application\Smartbar.exe (Smartbar) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Giz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Giz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Giz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-3532530151-904022732-2976600449-1001\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{09ABA583-D6D1-4135-BBA0-D6CF7BD51A5D}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A5E5214-9647-4B53-AB4F-8A1DFADE3032}: DhcpNameServer = 192.168.2.1 O20 - AppInit_DLLs: (c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27 - HKLM IFEO\boingo wi-fi.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\boingofinder.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\eeesplendid.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\javaw.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\javaws.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\quickstart.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\sbase.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\scalc.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\sdraw.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\simpress.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\smath.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\soffice.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\swriter.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\udtstart.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\youcam.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{af22b166-d6bf-11df-adb6-e0cb4ea20420}\Shell - "" = AutoRun O33 - MountPoints2\{af22b166-d6bf-11df-adb6-e0cb4ea20420}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Start.hta O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/02/10 20:02:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Giz\Desktop\OTL.exe [2013/02/10 18:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/02/10 18:04:21 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2013/02/10 18:04:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013/02/10 16:28:53 | 000,000,000 | ---D | C] -- C:\Users\Giz\AppData\Local\MigWiz [2013/02/10 11:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap [2013/02/10 11:52:24 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap [2013/02/10 11:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher [2013/02/10 08:37:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013/02/10 07:24:17 | 000,000,000 | ---D | C] -- C:\windows\System32\searchplugins [2013/02/10 07:24:17 | 000,000,000 | ---D | C] -- C:\windows\System32\Extensions [2013/02/10 07:24:15 | 000,000,000 | ---D | C] -- C:\Users\Giz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect [2013/02/10 07:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect [2013/02/10 07:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Delta [2013/02/10 07:23:43 | 000,000,000 | ---D | C] -- C:\Users\Giz\AppData\Roaming\Delta [2013/02/10 07:22:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2013/02/10 07:22:37 | 000,000,000 | ---D | C] -- C:\Users\Giz\AppData\Roaming\Babylon [2013/02/10 07:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2013/02/10 07:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\Movie2KDownloader.com [2013/02/10 07:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\hdvidcodec.com [2013/02/10 05:21:53 | 000,000,000 | ---D | C] -- C:\Users\Giz\AppData\Roaming\Avira [2013/02/10 05:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013/02/10 05:15:44 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys [2013/02/10 05:15:42 | 000,134,336 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avipbb.sys [2013/02/10 05:15:42 | 000,083,944 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avgntflt.sys [2013/02/10 05:15:42 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avkmgr.sys [2013/02/10 05:15:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013/02/10 05:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2013/02/09 14:41:11 | 000,000,000 | ---D | C] -- C:\Users\Giz\AppData\Roaming\Malwarebytes [2013/02/09 14:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/02/09 12:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArchiCrypt [2013/02/09 12:55:15 | 000,000,000 | ---D | C] -- C:\Users\Giz\AppData\Roaming\ACShredder6 [2013/02/09 12:54:49 | 001,629,744 | ---- | C] (Softwareentwicklung Remus - ArchiCrypt) -- C:\windows\System32\Shredder.dll [2013/02/09 12:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\ArchiCrypt [2013/02/09 12:54:20 | 000,000,000 | ---D | C] -- C:\Users\Giz\AppData\Local\Programs ========== Files - Modified Within 30 Days ========== [2013/02/10 20:18:06 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3532530151-904022732-2976600449-1001UA.job [2013/02/10 20:02:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Giz\Desktop\OTL.exe [2013/02/10 20:01:37 | 000,000,000 | ---- | M] () -- C:\Users\Giz\defogger_reenable [2013/02/10 20:00:28 | 000,050,477 | ---- | M] () -- C:\Users\Giz\Desktop\Defogger.exe [2013/02/10 20:00:01 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013/02/10 19:42:58 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013/02/10 18:04:31 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013/02/10 17:12:22 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/02/10 17:12:22 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/02/10 16:47:02 | 245,976,301 | ---- | M] () -- C:\windows\MEMORY.DMP [2013/02/10 08:37:57 | 000,007,597 | ---- | M] () -- C:\Users\Giz\AppData\Local\Resmon.ResmonCfg [2013/02/10 08:18:08 | 000,001,060 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3532530151-904022732-2976600449-1001Core.job [2013/02/10 05:07:20 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avipbb.sys [2013/02/10 05:07:20 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avkmgr.sys [2013/02/10 05:07:20 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys [2013/02/10 05:07:19 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avgntflt.sys [2013/02/09 15:04:10 | 000,001,045 | ---- | M] () -- C:\Users\Giz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013/02/09 15:03:36 | 000,001,009 | ---- | M] () -- C:\Users\Giz\Desktop\Dropbox.lnk [2013/02/09 13:47:26 | 000,033,134 | ---- | M] () -- C:\Users\Giz\AppData\Roaming\UserTile.png [2013/02/04 18:00:24 | 000,654,166 | ---- | M] () -- C:\windows\System32\perfh007.dat [2013/02/04 18:00:24 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat [2013/02/04 18:00:24 | 000,130,006 | ---- | M] () -- C:\windows\System32\perfc007.dat [2013/02/04 18:00:24 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat [2013/02/01 17:52:39 | 000,002,352 | ---- | M] () -- C:\Users\Giz\Desktop\Google Chrome.lnk [2013/01/17 19:29:43 | 000,358,312 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2013/02/10 20:01:37 | 000,000,000 | ---- | C] () -- C:\Users\Giz\defogger_reenable [2013/02/10 20:00:25 | 000,050,477 | ---- | C] () -- C:\Users\Giz\Desktop\Defogger.exe [2013/02/10 18:04:31 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013/02/10 12:15:08 | 000,000,884 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013/02/09 13:47:26 | 000,033,134 | ---- | C] () -- C:\Users\Giz\AppData\Roaming\UserTile.png [2011/05/29 09:37:22 | 000,007,597 | ---- | C] () -- C:\Users\Giz\AppData\Local\Resmon.ResmonCfg [2011/02/27 14:03:31 | 000,532,480 | ---- | C] () -- C:\windows\System32\CddbPlaylist2Sony.dll [2010/07/20 15:58:03 | 000,937,426 | ---- | C] () -- C:\Users\Giz\Schulplan.pdf [2010/07/01 20:05:25 | 000,066,675 | ---- | C] () -- C:\Users\Giz\AppData\Roaming\mdbu.bin [2010/06/17 18:42:28 | 000,003,584 | ---- | C] () -- C:\Users\Giz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/04/13 22:41:29 | 000,001,018 | ---- | C] () -- C:\Users\Giz\AppData\Roaming\wklnhst.dat [2010/01/14 13:45:12 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2010/01/14 15:02:57 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ASUS WebStorage [2010/01/14 15:02:57 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ASUS WebStorage [2013/02/09 13:01:29 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\ACShredder6 [2012/11/06 13:56:29 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\Amazon [2012/03/07 19:49:28 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\Asus [2013/02/10 07:22:37 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\Babylon [2012/04/12 20:19:27 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\cacaoweb [2013/02/10 07:24:18 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\Delta [2013/02/10 17:05:13 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\Dropbox [2010/04/14 09:56:27 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\EeeStorageUploader [2010/06/10 09:45:05 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\Free Download Manager [2010/12/14 14:13:23 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\GHISLER [2012/09/21 12:07:50 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\HTC [2012/09/22 12:50:57 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2011/01/15 20:24:52 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\Local [2011/07/13 13:46:15 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\OpenCandy [2011/09/03 11:56:04 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\OpenOffice.org [2011/12/19 20:29:09 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\PhotoScape [2010/09/26 15:39:50 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\PMS [2012/10/22 15:14:16 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\Samsung [2010/06/07 07:50:32 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\Software Informer [2010/04/14 10:01:27 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\temp [2010/06/08 20:34:06 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\Template [2011/12/20 22:23:32 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\TuneUp Software [2011/10/12 22:21:01 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\UDC Profiles [2010/06/08 14:30:03 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\VoiceCommand [2010/10/25 18:32:01 | 000,000,000 | ---D | M] -- C:\Users\Giz\AppData\Roaming\WinAVI ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:AB689DEA < End of report > Den gmer.exe Scan konnte ich nicht durchführen,da ich während des Scans den besagten Systemabsturz bekomme. Ich hoffe ihr könnt mir da weiterhelfen?! Danke im Voraus! |
| Themen zu zip. Anhang geöffnet TR/Matsnu.EB.101 |
| 32 bit, adware/yontoo.e.1, antivir, avira, checkliste, delta search, delta toolbar, desktop, email, excel, firefox, flash player, free download, google, homepage, install.exe, installation, intranet, javaws.exe, msiexec.exe, object, picasa, plug-in, programm, pup.smspay.pgen, realtek, registry, remote control, security, server, smartbar, software, super, svchost.exe, tarma, tr/matsnu.a.63, tr/matsnu.eb.101, trojaner, windows, wlansvc, zip. anhang |
Baum-Darstellung