| |
| |||||||
Log-Analyse und Auswertung: Firewall Fehler 0x8007042cWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
17.02.2014, 19:27
| #1 |
| |  Firewall Fehler 0x8007042c Hallo, komme nicht mehr in die Firewall, kann nichts ändern kommt direkt Fehlermeldung "Einige Einstellungen können von Windows-Firewall nicht geändert werden 0x8007042c" Hab es gemerkt weil ich nicht in Steam-Shop kam und später dann in Origin. OTL Report hab ich gemacht: OTL logfile created on: 17.02.2014 19:12:50 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = G:\ Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 50,99% Memory free 6,99 Gb Paging File | 4,95 Gb Available in Paging File | 70,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,79 Gb Total Space | 154,75 Gb Free Space | 66,48% Space Free | Partition Type: NTFS Drive E: | 24,41 Gb Total Space | 6,25 Gb Free Space | 25,61% Space Free | Partition Type: NTFS Drive F: | 48,83 Gb Total Space | 40,81 Gb Free Space | 83,58% Space Free | Partition Type: NTFS Drive G: | 48,83 Gb Total Space | 21,61 Gb Free Space | 44,26% Space Free | Partition Type: NTFS Drive H: | 48,83 Gb Total Space | 4,08 Gb Free Space | 8,36% Space Free | Partition Type: NTFS Drive I: | 48,83 Gb Total Space | 21,01 Gb Free Space | 43,02% Space Free | Partition Type: NTFS Drive J: | 61,98 Gb Total Space | 20,41 Gb Free Space | 32,92% Space Free | Partition Type: NTFS Drive K: | 48,83 Gb Total Space | 27,53 Gb Free Space | 56,37% Space Free | Partition Type: NTFS Drive L: | 48,83 Gb Total Space | 9,06 Gb Free Space | 18,56% Space Free | Partition Type: NTFS Drive M: | 86,40 Gb Total Space | 9,85 Gb Free Space | 11,40% Space Free | Partition Type: NTFS Drive N: | 100,00 Mb Total Space | 29,61 Mb Free Space | 29,61% Space Free | Partition Type: NTFS Computer Name: FRANK-NEU-PC | User Name: Frank-Neu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014.02.17 19:12:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\OTL.exe PRC - [2014.02.04 14:56:52 | 003,813,712 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2014.02.04 14:56:50 | 001,677,648 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe PRC - [2014.02.04 10:37:28 | 000,375,056 | ---- | M] (LogMeIn, Inc.) -- C:\Programme\LogMeIn Hamachi\LMIGuardianSvc.exe PRC - [2013.12.19 18:36:18 | 000,839,560 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe PRC - [2013.12.18 18:23:21 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2013.12.18 18:22:46 | 000,684,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.12.09 14:38:12 | 001,174,152 | ---- | M] (WiseCleaner.com) -- C:\Programme\Wise\Wise Care 365\WiseTray.exe PRC - [2013.11.22 17:30:45 | 000,806,096 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe PRC - [2013.10.10 15:30:09 | 000,194,224 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office 15\root\office15\ONENOTEM.EXE PRC - [2013.10.04 17:48:41 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\RealPlayer\Update\realsched.exe PRC - [2013.09.06 17:32:36 | 001,320,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office 15\ClientX86\integratedoffice.exe PRC - [2013.08.30 23:58:20 | 000,480,256 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2013.08.30 23:57:40 | 000,209,408 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2013.08.14 14:19:22 | 000,039,056 | ---- | M] () -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2013.07.26 13:43:52 | 000,844,656 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2013.07.26 13:43:46 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe PRC - [2013.07.26 13:43:44 | 001,564,016 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe PRC - [2013.06.13 13:46:40 | 000,815,992 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe PRC - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.04.18 09:10:38 | 000,578,560 | ---- | M] (Samsung Electronics) -- C:\Programme\Samsung\Kies\KiesAirMessage.exe PRC - [2013.03.14 19:57:32 | 000,373,760 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe PRC - [2013.02.21 18:48:08 | 000,393,216 | ---- | M] (Box, Inc.) -- C:\Programme\Box Sync\BoxSyncHelper.exe PRC - [2013.02.21 18:48:06 | 007,969,792 | ---- | M] (Box, Inc.) -- C:\Programme\Box Sync\BoxSync.exe PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012.08.01 20:35:00 | 008,068,944 | ---- | M] (ASCOMP Software GmbH) -- C:\Programme\ASCOMP Software\BackUp Maker\bkmaker.exe PRC - [2012.06.20 12:18:08 | 001,568,976 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe PRC - [2012.03.02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\AllShare\AllShareDMS\AllShareDMS.exe PRC - [2012.03.01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\AllShare\AllShareAgent.exe PRC - [2011.09.15 12:06:04 | 000,088,576 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2011.08.01 15:56:42 | 001,821,576 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe PRC - [2011.08.01 15:56:42 | 000,412,552 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\dpupdchk.exe PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.07.27 14:46:08 | 000,316,208 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe PRC - [2010.07.27 14:46:08 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009.10.16 16:45:40 | 005,031,336 | ---- | M] (GMX GmbH) -- C:\Programme\GMX\GMX MultiMessenger\MESSENGR.EXE PRC - [2009.10.05 19:01:30 | 000,151,552 | ---- | M] () -- C:\Programme\Marvell\raid\svc\mvraidsvc.exe PRC - [2009.10.05 12:06:46 | 000,036,864 | ---- | M] () -- C:\Programme\MagicTune Premium\GammaTray.exe PRC - [2009.09.25 15:59:18 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009.09.23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.08.04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe PRC - [2009.08.04 17:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCU.exe PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE PRC - [2009.05.28 17:54:32 | 001,501,064 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliType Pro\itype.exe PRC - [2009.04.09 01:38:52 | 000,024,635 | ---- | M] (Apache Software Foundation) -- C:\Programme\Marvell\raid\Apache2\bin\httpd.exe PRC - [2007.04.09 12:32:32 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CtHelper.exe PRC - [2007.01.05 17:12:58 | 000,258,048 | ---- | M] (SONIX) -- C:\Windows\tsnp2std.exe PRC - [2006.09.15 13:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\Windows\vsnp2std.exe PRC - [2005.08.11 16:30:30 | 000,618,496 | ---- | M] (Macrovision Corporation) -- C:\Programme\Common Files\InstallShield\UpdateService\agent.exe ========== Modules (No Company Name) ========== MOD - [2013.10.24 08:10:00 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\d187afdee972b70222b76bd6aed1f742\PresentationFramework-SystemXml.ni.dll MOD - [2013.10.24 08:08:41 | 017,278,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\d84a0adfe1c567c9382cd5805cb80fec\Kies.Theme.ni.dll MOD - [2013.10.24 08:08:31 | 000,233,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\0862fface7acde298f9f3629e9e43ae2\ASF_cSharpAPI.ni.dll MOD - [2013.10.24 08:08:31 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\a6dc7ab3eebd67c42fa084a889cd5edd\Kies.Common.AllShare.ni.dll MOD - [2013.10.24 08:08:12 | 002,171,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common23b84511#\e0a942c70aa4b85b14aa485dd0a1d66a\Kies.Common.Multimedia.ni.dll MOD - [2013.10.24 08:08:10 | 000,183,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\ecf1a5eb4510bb03526d6dcb900cfb84\Kies.Common.DeviceServiceLib.Interface.ni.dll MOD - [2013.10.24 08:08:02 | 000,304,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\40865d9071a498bceccb34c90ebb165e\Kies.Common.Util.ni.dll MOD - [2013.10.24 08:08:01 | 001,644,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\d9e6215b672fdd2dec87b9ef9b1e38fe\Kies.Locale.ni.dll MOD - [2013.10.24 08:08:01 | 000,081,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\18f3acb184d091fc1ddc90d9cb869fb5\Kies.MVVM.ni.dll MOD - [2013.10.24 08:08:00 | 001,769,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\1a9c6610aff7223987c4f4ac7e359aa2\Kies.UI.ni.dll MOD - [2013.10.24 08:07:58 | 002,117,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\6bc8d4344520750c2e8667559846d0a6\Kies.ni.exe MOD - [2013.10.24 08:07:58 | 001,239,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0488a8dc4be41cb5320139cc1fa11448\Kies.Interface.ni.dll MOD - [2013.10.24 08:07:46 | 000,229,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ResourceMan446ca0e5#\53dbedcbabaec8ae1de945ae14de1a23\ResourceManagement.Foundation.Implementation.ni.d ll MOD - [2013.10.24 08:07:45 | 000,313,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MOM.Implementation\04f1dd4f1313f87f7e061b88b923a0c3\MOM.Implementation.ni.dll MOD - [2013.10.24 08:07:45 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MOM\4b2ff8a6aca4291cb8dac57a8905e4da\MOM.ni.exe MOD - [2013.10.24 08:07:44 | 000,222,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundat03490438#\d3c40a63e13b5a601bac7bf7a2b036ba\LOG.Foundation.Implementation.ni.dll MOD - [2013.10.24 08:07:39 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0812\f8e223ea1f4e11532a2af762f0ee9e51\DEM.Graphics.I0812.ni.dll MOD - [2013.10.24 08:07:39 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0805\d953c79bb70ef062bd0d73f28c24745e\DEM.Graphics.I0805.ni.dll MOD - [2013.10.24 08:07:38 | 000,049,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundat60cdf5df#\4f3c664f4b796254fe1c3bfbb7d590ef\CLI.Foundation.XManifest.ni.dll MOD - [2013.10.24 08:07:37 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone26c9c557#\d3e593c8be86dd260fc8bed9503b882b\CLI.Component.Systemtray.ni.dll MOD - [2013.10.24 08:07:36 | 000,204,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.73911eb5#\e4ee019b676ae1cdb1f97a49526209e8\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll MOD - [2013.10.24 08:07:35 | 000,187,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone6692ca50#\6be96472e26449daa9cec780c1078eda\CLI.Component.Runtime.ni.dll MOD - [2013.10.24 08:07:35 | 000,095,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ATICCCom\07f5da2b82b9b29021f56deca6d1fcc2\ATICCCom.ni.dll MOD - [2013.10.24 08:07:35 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componeb4d0485c#\376586f748cf5808b1f8dab7a5eb850b\CLI.Component.Runtime.Extension.EEU.ni.dll MOD - [2013.10.24 08:07:32 | 000,146,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone29e547cc#\348e22b1011249f688e3e1fa2e21e919\CLI.Component.Dashboard.ProfileManager2.ni.dll MOD - [2013.10.24 08:07:31 | 000,754,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone6bf88b08#\e0e274ed6e17f8495d12302743e44278\CLI.Component.Dashboard.ni.dll MOD - [2013.10.24 08:07:29 | 000,756,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Combine7332395e#\6277ae5a21b58b32026f5f67716ea1c1\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll MOD - [2013.10.24 08:07:29 | 000,038,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.382a3def#\4a340552dd5feddae3a936399464507c\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll MOD - [2013.10.24 08:07:29 | 000,015,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0703\e07cfac2df008ec1f31494cc79a7e171\DEM.Graphics.I0703.ni.dll MOD - [2013.10.24 08:07:28 | 002,275,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Combine0616f305#\866e63679808634e8552968fc46e15f5\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll MOD - [2013.10.24 08:07:24 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Pdb36d56e#\c7adbc97b391ea54b9ec4396e1d13af2\CLI.Caste.Platform.Runtime.ni.dll MOD - [2013.10.24 08:07:23 | 000,039,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.H18c99613#\94d6603fa88562930ab404844b796df2\CLI.Caste.HydraVision.Runtime.ni.dll MOD - [2013.10.24 08:07:23 | 000,026,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Pac40511b#\e60283c43f563635c2e377623019f2a4\CLI.Caste.Platform.Shared.ni.dll MOD - [2013.10.24 08:07:23 | 000,026,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.H92ba4e46#\f4a3646dc1d959a6a8f942c2878ad2e6\CLI.Caste.HydraVision.Shared.ni.dll MOD - [2013.10.24 08:07:23 | 000,023,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Pfeefa2b6#\3aab05e723fd16f980abb5bd8fe56e8b\CLI.Caste.Platform.Dashboard.ni.dll MOD - [2013.10.24 08:07:21 | 000,027,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I1010\60a10be47e72ebfdaad0df579daa9201\DEM.Graphics.I1010.ni.dll MOD - [2013.10.24 08:07:21 | 000,025,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Hbb906c0b#\81dcb4c761fc4b9f417ca6c07647aed5\CLI.Caste.HydraVision.Dashboard.ni.dll MOD - [2013.10.24 08:07:21 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0906\da12daa6b665dd4d177ffa139be2fe88\DEM.Graphics.I0906.ni.dll MOD - [2013.10.24 08:07:20 | 002,169,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.G962aa464#\9a41eb41d1161937846e6c87faf4f84d\CLI.Caste.Graphics.Runtime.ni.dll MOD - [2013.10.24 08:07:18 | 000,236,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.F36b07a2b#\d33e2e93f29a7209a4414c0d5adfa6cc\CLI.Caste.Fuel.Runtime.ni.dll MOD - [2013.10.24 08:07:18 | 000,033,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Fuel.Foundation\6b7ce766bb8706a55ec88c13bd59a2b6\Fuel.Foundation.ni.dll MOD - [2013.10.24 08:07:17 | 000,047,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.A4.Runtime\884ffb8435d3675960a71ca0f1ef4b52\CLI.Caste.A4.Runtime.ni.dll MOD - [2013.10.24 08:07:17 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Ff3085433#\6e183d7294a3f6bb4fd80524633a7b82\CLI.Caste.Fuel.Dashboard.ni.dll MOD - [2013.10.24 08:07:17 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Af820fedc#\0df7c0cc3aea440b5905c55ed27ed03f\CLI.Caste.A4.Dashboard.ni.dll MOD - [2013.10.24 08:07:13 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.3a6f1658#\14abe740dd4392edb705bd137e71370d\CLI.Aspect.TransCode.Graphics.Shared.ni.dll MOD - [2013.10.24 08:07:13 | 000,041,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.ef3eaa4d#\b8cc3a710e977fe46f5884ffdd5b1a6c\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll MOD - [2013.10.24 08:07:12 | 000,068,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.4bbb0755#\d5c24a6649a3ff5215943f8bb7f388d2\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll MOD - [2013.10.24 08:07:10 | 003,162,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.e9fd7406#\dc73214066350b91342859c1db18c153\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll MOD - [2013.10.24 08:07:10 | 000,566,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.8d333b6b#\cf10330515c6aa70c6702d0b1e7860df\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll MOD - [2013.10.24 08:07:04 | 000,249,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.c7aaa0f8#\5001c4d8bfa471c7e35224a5570c7502\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll MOD - [2013.10.24 08:07:04 | 000,217,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.87ad5c75#\9b4035bc8a4f166b4541ffeb2ed540af\CLI.Aspect.OverDrive5.Graphics.Dashboard.ni.dll MOD - [2013.10.24 08:07:01 | 000,513,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.846fa813#\26ae5bf511d84e488881704b46355332\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll MOD - [2013.10.24 08:07:00 | 000,211,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.e8635fc7#\c8dd0190a6daf25dbc91a6d8a9bb6277\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll MOD - [2013.10.24 08:06:56 | 000,062,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0709\735d5d1db238d7a857f523f3d196bd0e\DEM.Graphics.I0709.ni.dll MOD - [2013.10.24 08:06:56 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.G60338cc0#\faf68d835ddbaa7ca1f73d7311696197\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll MOD - [2013.10.24 08:06:54 | 000,060,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.b0a7c1fb#\f39be425f7322bfe33ee6bd318485f9e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni. dll MOD - [2013.10.24 08:06:53 | 000,242,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.9b707b25#\dc92012563ea207c779546887d97a14d\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll MOD - [2013.10.24 08:06:53 | 000,071,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.ae5e117c#\a93363715c21f8e72976b2a5d442fbef\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll MOD - [2013.10.24 08:06:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0804\926d99fc63d74e2f53d4aa1aa5068940\DEM.Graphics.I0804.ni.dll MOD - [2013.10.24 08:06:53 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0912\df950665b867f82cf11f5958aaa3fdb1\DEM.Graphics.I0912.ni.dll MOD - [2013.10.24 08:06:53 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0706\679c4ceffb61b1b3023e218952821602\DEM.Graphics.I0706.ni.dll MOD - [2013.10.24 08:06:53 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0712\f295fcac75951d11752c8976e6c7c86d\DEM.Graphics.I0712.ni.dll MOD - [2013.10.24 08:06:52 | 000,194,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.eda8935e#\a6dced10c81e9a4156f5e3e3ebd70f8c\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll MOD - [2013.10.24 08:06:51 | 001,585,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.aa59351a#\56b3fb7d93718b85c39372d3040c5fb4\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shar ed.ni.dll MOD - [2013.10.24 08:06:51 | 000,650,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.e6d9f3a8#\5b90e4f8198e920ef13fca93324c89ab\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll MOD - [2013.10.24 08:06:49 | 000,438,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.8e996306#\6b27fbd69649249b3ce5d9559d93d246\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll MOD - [2013.10.24 08:06:49 | 000,017,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.c854b457#\9da8d90d39dbeffa7bd1c433618f5c56\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll MOD - [2013.10.24 08:06:47 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.F24de14fe#\e617ed6d70be01199a84a64d28248387\CLI.Caste.Fuel.Shared.ni.dll MOD - [2013.10.24 08:06:46 | 000,165,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.4542c692#\ac594b22e0d2b1a9c644de9ee3867cc4\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll MOD - [2013.10.24 08:06:46 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.a0ae52bc#\f291646fe59dfe692375bf37e91f3f34\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll MOD - [2013.10.24 08:06:46 | 000,024,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.37d3d968#\304519bf19d2b3e55e1ed362ee2b29aa\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll MOD - [2013.10.24 08:06:45 | 000,384,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Gee7d2dbc#\69ed79c6c6faee76658af616d4f941e3\CLI.Caste.Graphics.Dashboard.ni.dll MOD - [2013.10.24 08:06:45 | 000,360,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.acb9d930#\24b336811f71088923e5b7afcd3f08f5\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll MOD - [2013.10.24 08:06:44 | 001,446,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.Gd9d9b43b#\0c822a1509fea72d955725357a6cf8ee\CLI.Caste.Graphics.Dashboard.Shared.ni.dll MOD - [2013.10.24 08:06:44 | 000,228,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.7ec2db45#\5db23e34e6115577978ee304d47c7279\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll MOD - [2013.10.24 08:06:44 | 000,099,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.3399d0ec#\69b7305d89ca5190e55ba9d743a13bbe\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll MOD - [2013.10.24 08:06:43 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Aspect.ec8786e5#\217c64ce81696227710ffe248f185dec\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll MOD - [2013.10.24 08:06:42 | 000,125,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone59f353b4#\6da546343406b63fe30835d1b3ea322d\CLI.Component.Runtime.Shared.Private.ni.dll MOD - [2013.10.24 08:06:42 | 000,038,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.A4.Shared\6ba11ef4888818677f6439a10e79271e\CLI.Caste.A4.Shared.ni.dll MOD - [2013.10.24 08:06:41 | 001,944,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Wfbf9373c#\5815b76400543f89b21aad067b74ae0f\Microsoft.WindowsAPICodePack.Shell.ni.dll MOD - [2013.10.24 08:06:40 | 000,269,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.W8090224c#\8ec4fd9f78a31ff080a8a067a2510c50\Microsoft.WindowsAPICodePack.ni.dll MOD - [2013.10.24 08:06:39 | 000,748,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundatd3771151#\27566d47e44bf21745825fc7b4749c31\CLI.Foundation.Client.ni.dll MOD - [2013.10.24 08:06:39 | 000,257,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\c5a824b183c687586e362140690996a8\WindowsFormsIntegration.ni.dll MOD - [2013.10.24 08:06:38 | 000,071,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componef4cf054f#\dd0183cd0f683fda9b826fd4ccda1db1\CLI.Component.Dashboard.Shared.ni.dll MOD - [2013.10.24 08:06:38 | 000,023,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ResourceManf163905a#\4dd06e4ed3a354d46da121d6dbf03334\ResourceManagement.Foundation.Private.ni.dll MOD - [2013.10.24 08:06:38 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componef1fd67b2#\f53d8afb99e81318db0da00396f2101f\CLI.Component.Client.Shared.ni.dll MOD - [2013.10.24 08:06:37 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone168638d1#\7edfee88002bf09f70ea78fa106e4f97\CLI.Component.Client.Shared.Private.ni.dll MOD - [2013.10.24 08:06:32 | 001,565,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Componec89c3bec#\5533b2e71170d35b2d2cce10a100f075\CLI.Component.Dashboard.Shared.Private.ni.dll MOD - [2013.10.24 08:06:30 | 000,153,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CCC.Implementation\78d6a7c3e11f4445edb6aa204ff98290\CCC.Implementation.ni.dll MOD - [2013.10.24 08:06:30 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundatcaafa75b#\b1131a45bb6b351c45eaaca4749752a0\LOG.Foundation.Implementation.Private.ni.dll MOD - [2013.10.24 08:06:30 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MOM.Foundation\68f20f6c735eb6a48ac5677dadc7a616\MOM.Foundation.ni.dll MOD - [2013.10.24 08:06:29 | 001,753,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Caste.G60a7b4d1#\1a9f7fa2d570683c98517e8d5875fdc2\CLI.Caste.Graphics.Shared.ni.dll MOD - [2013.10.24 08:06:29 | 000,018,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CCC\10eb5851d900eb3d636a9e9f16308961\CCC.ni.exe MOD - [2013.10.24 08:06:27 | 000,868,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Localizatio01dbc1c0#\4c26e421f3802eafc532c0d987b04024\Localization.Foundation.Private.ni.dll MOD - [2013.10.24 08:06:27 | 000,205,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\APM.Server\399eb76eaf290de7105c228baa63431c\APM.Server.ni.dll MOD - [2013.10.24 08:06:27 | 000,075,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundat3d5d3945#\b58e162fa88bb704d28645b39b55148e\CLI.Foundation.Private.ni.dll MOD - [2013.10.24 08:06:26 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\APM.Foundation\51f80f68c4a8eae6be58b13b2e5f45fb\APM.Foundation.ni.dll MOD - [2013.10.24 08:06:25 | 000,242,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundation\a02754de44ab6bafa509267cf2dc26ed\CLI.Foundation.ni.dll MOD - [2013.10.24 08:06:25 | 000,197,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Server\7d79389fecf672c9c5cd347494d95860\AEM.Server.ni.dll MOD - [2013.10.24 08:06:25 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Compone1b4a8c97#\50ef9388c6c9456c09284447854ca3c7\CLI.Component.Runtime.Shared.ni.dll MOD - [2013.10.24 08:06:25 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.4adf1574#\021a34eb1da124147c36bfb92cc16560\AEM.Plugin.Audio.Shared.ni.dll MOD - [2013.10.24 08:06:24 | 000,222,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.5d945b6b#\2de401558d337f82ccc957b5fcd2c87d\AEM.Plugin.Source.Kit.Server.ni.dll MOD - [2013.10.24 08:06:24 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CLI.Foundat619559bd#\71745af0acd729ad7251ac5b86a09774\CLI.Foundation.CoreAudioAPI.ni.dll MOD - [2013.10.24 08:06:24 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.674d2b8a#\6fa49ffd061a6b6187e32eb917e2f3d8\AEM.Plugin.WinMessages.Shared.ni.dll MOD - [2013.10.24 08:06:23 | 000,091,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics.I0601\0078e80749f7db16cd6891c4d37bc188\DEM.Graphics.I0601.ni.dll MOD - [2013.10.24 08:06:23 | 000,021,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Foundation\78fde966036e6177c48e7d4e9eecc54b\DEM.Foundation.ni.dll MOD - [2013.10.24 08:06:23 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DEM.Graphics\a1a0cfc9a4f25fb0e40efcbbb764948f\DEM.Graphics.ni.dll MOD - [2013.10.24 08:06:22 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Server.Shared\079f5e9a968e4dea5878ba44e154fdd0\AEM.Server.Shared.ni.dll MOD - [2013.10.24 08:06:21 | 000,015,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.2b6a6775#\d1ef0b8a86f7e10719e70f7dcefb3643\AEM.Plugin.Hotkeys.Shared.ni.dll MOD - [2013.10.24 08:06:21 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.0a1309f7#\831c3dc8a4a792fbcfe0e5538bbc7e5e\AEM.Plugin.EEU.Shared.ni.dll MOD - [2013.10.24 08:06:21 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.88aba5d2#\1a5b6fcc43211caebd4aae424c346b7e\AEM.Plugin.REG.Shared.ni.dll MOD - [2013.10.24 08:06:21 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Plugin.GD.Shared\1b945bea8e82a7c1d1c3d605be3e6498\AEM.Plugin.GD.Shared.ni.dll MOD - [2013.10.24 08:06:20 | 000,615,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ADL.Foundation\05f61dd4a0654e2a27caf183b5f10109\ADL.Foundation.ni.dll MOD - [2013.10.24 08:06:20 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\NEWAEM.Foundation\6a2553ea7b1e2baff524d607876b19ad\NEWAEM.Foundation.ni.dll MOD - [2013.10.24 08:06:20 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AEM.Actions5dc83b46#\49e33ea95a45cd965975ca7ad3ff7832\AEM.Actions.CCAA.Shared.ni.dll MOD - [2013.10.24 08:06:19 | 000,115,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundat5023f8e7#\7c33bf1753524846b52af28e177f7f38\LOG.Foundation.Private.ni.dll MOD - [2013.10.24 08:06:19 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\LOG.Foundation\a96e456f5b6b61eb2c7bb66466f7be0c\LOG.Foundation.ni.dll MOD - [2013.10.24 08:06:18 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\A4.Foundation\c68f5db7b219fb0e637257b058d2a1f1\A4.Foundation.ni.dll MOD - [2013.10.23 14:53:27 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\5e398839c6c34ac39e3c79494554258e\PresentationFramework.ni.dll MOD - [2013.10.23 14:53:27 | 013,320,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\51c959815de499d10456ec684abf02bf\System.Web.ni.dll MOD - [2013.10.23 14:53:24 | 000,220,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\9ebb29485ad98aa062204cf08fc89167\System.ServiceProcess.ni.dll MOD - [2013.10.23 14:53:21 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c5db04fde4893300ff28045ce4f7567d\System.Windows.Forms.ni.dll MOD - [2013.10.23 14:53:21 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f4fff5d6e716c439b944025d3994170d\System.Xaml.ni.dll MOD - [2013.10.23 14:53:20 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\5b44a8db5b70143f27fb695b5f72930d\System.Runtime.Remoting.ni.dll MOD - [2013.10.23 14:53:17 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\489734eaabeb7c2b90923a1c0ae9431f\PresentationCore.ni.dll MOD - [2013.10.23 14:53:15 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cceaf9d7891fc325a90473aa9a661661\System.Drawing.ni.dll MOD - [2013.10.23 14:53:12 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\82d58d49946f82eb56bae40f3b097784\System.Xml.ni.dll MOD - [2013.10.23 14:53:12 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\d913e7d0b1d32187e0c234f8a1a581fc\System.Core.ni.dll MOD - [2013.10.23 14:53:10 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\18e76c3868d682a7c065bccd142eeec1\WindowsBase.ni.dll MOD - [2013.10.23 14:53:09 | 000,462,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7dd4cd3e4768d2aa55af60c838790088\PresentationFramework.Aero.ni.dll MOD - [2013.10.23 14:53:08 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ac79b74f022d9a096de2b884f4249543\System.ni.dll MOD - [2013.10.23 14:53:08 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\edb27e2c25837f79902054965d6813cd\System.Configuration.ni.dll MOD - [2013.10.23 14:53:03 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll MOD - [2013.10.13 13:24:50 | 000,250,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\BoxUtils\e3d05a9d212cb0965955b1cb0e8a38b2\BoxUtils.ni.dll MOD - [2013.10.13 13:21:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll MOD - [2013.10.13 13:21:19 | 000,688,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\65fa27da96ef57affcac61ac16c111e0\System.Security.ni.dll MOD - [2013.10.13 13:21:04 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll MOD - [2013.10.10 15:29:38 | 000,359,592 | ---- | M] () -- C:\Programme\Microsoft Office 15\root\office15\c2r32.dll MOD - [2013.10.10 15:29:38 | 000,316,584 | ---- | M] () -- C:\Programme\Microsoft Office 15\root\office15\appvisvstream32.dll MOD - [2013.09.14 12:11:23 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll MOD - [2013.09.14 12:11:16 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll MOD - [2013.08.15 02:32:49 | 000,445,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\BoxSyncHelper\31b19f375716857e2b0a3ab9644bb141\BoxSyncHelper.ni.exe MOD - [2013.08.15 02:32:48 | 001,762,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\47d7e030219367d8ca265eb7af3e2f72\Newtonsoft.Json.Net20.ni.dll MOD - [2013.08.15 02:32:46 | 000,055,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ZetaLongPaths\d896df1672470b2c7fef039f6c25cc00\ZetaLongPaths.ni.dll MOD - [2013.08.15 02:32:45 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll MOD - [2013.08.15 02:32:44 | 000,745,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\AppLimit.NetSparkle#\3e271e9f27339a2537630121882b3edb\AppLimit.NetSparkle.Net40.ni.dll MOD - [2013.08.15 02:32:43 | 008,051,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\BoxSync\09b28dbc5159057b71037b312cce7c60\BoxSync.ni.exe MOD - [2013.08.15 02:29:56 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\3bcb445cac3c184e836364cd265ccf53\System.Configuration.Install.ni.dll MOD - [2013.08.15 02:29:40 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4ada2213cefea889a5ed6e2fb6839b93\System.Transactions.ni.dll MOD - [2013.08.15 02:29:39 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll MOD - [2013.08.15 02:29:11 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll MOD - [2013.08.15 02:28:57 | 002,515,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\a66a651bdb8819723d389121c6f3856b\System.Data.SqlXml.ni.dll MOD - [2013.08.15 02:28:56 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll MOD - [2013.08.15 02:28:51 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll MOD - [2013.08.07 20:25:24 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll MOD - [2013.07.17 14:05:10 | 000,387,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Python.Runtime\12ddb26b53f64d66c5a54adb03877b60\Python.Runtime.ni.dll MOD - [2013.07.14 10:01:42 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\8c20095bd7d46cdfa7933eb258a07daa\Accessibility.ni.dll MOD - [2013.07.14 10:00:51 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll MOD - [2013.01.03 17:12:30 | 000,721,920 | ---- | M] () -- C:\Programme\Box Sync\_ssl.pyd MOD - [2013.01.03 17:12:30 | 000,686,592 | ---- | M] () -- C:\Programme\Box Sync\unicodedata.pyd MOD - [2013.01.03 17:12:30 | 000,337,920 | ---- | M] () -- C:\Programme\Box Sync\sqlite3.dll MOD - [2013.01.03 17:12:30 | 000,285,184 | ---- | M] () -- C:\Programme\Box Sync\_hashlib.pyd MOD - [2013.01.03 17:12:30 | 000,111,616 | ---- | M] () -- C:\Programme\Box Sync\win32file.pyd MOD - [2013.01.03 17:12:30 | 000,110,080 | ---- | M] () -- C:\Programme\Box Sync\pywintypes27.dll MOD - [2013.01.03 17:12:30 | 000,108,544 | ---- | M] () -- C:\Programme\Box Sync\win32security.pyd MOD - [2013.01.03 17:12:30 | 000,103,424 | ---- | M] () -- C:\Programme\Box Sync\pyexpat.pyd MOD - [2013.01.03 17:12:30 | 000,098,816 | ---- | M] () -- C:\Programme\Box Sync\win32api.pyd MOD - [2013.01.03 17:12:30 | 000,074,240 | ---- | M] () -- C:\Programme\Box Sync\_ctypes.pyd MOD - [2013.01.03 17:12:30 | 000,070,656 | ---- | M] () -- C:\Programme\Box Sync\_elementtree.pyd MOD - [2013.01.03 17:12:30 | 000,041,984 | ---- | M] () -- C:\Programme\Box Sync\_sqlite3.pyd MOD - [2013.01.03 17:12:30 | 000,040,960 | ---- | M] () -- C:\Programme\Box Sync\_socket.pyd MOD - [2013.01.03 17:12:30 | 000,029,184 | ---- | M] () -- C:\Programme\Box Sync\_testcapi.pyd MOD - [2013.01.03 17:12:30 | 000,008,192 | ---- | M] () -- C:\Programme\Box Sync\_win32sysloader.pyd MOD - [2011.01.04 21:45:31 | 000,139,776 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2010.11.13 01:02:21 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.11.05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2009.10.05 12:06:46 | 000,036,864 | ---- | M] () -- C:\Programme\MagicTune Premium\GammaTray.exe MOD - [2009.07.30 18:15:32 | 000,503,202 | ---- | M] () -- C:\Programme\DeviceVM\Browser Configuration Utility\sqlite3.dll MOD - [2009.06.10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- 㩃停潲牧浡䘠汩獥坜獩履楗敳䌠牡㘳尵潂瑯楔敭攮數唀ij [WARNING: ??????????????????????????] -- (楗敳潂瑯獁楳瑳湡t) SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe -- (ADExchange) SRV - [2014.02.04 14:56:50 | 001,677,648 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2014.02.04 10:37:28 | 000,375,056 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Programme\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2013.12.19 18:36:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.12.18 18:23:21 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.12.18 18:22:49 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2013.12.09 14:38:12 | 000,580,232 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Programme\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant) SRV - [2013.12.04 03:51:18 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.11.22 17:30:45 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2013.11.19 15:48:51 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.09.06 17:32:36 | 001,320,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Office 15\ClientX86\integratedoffice.exe -- (OfficeSvc) SRV - [2013.08.30 23:57:40 | 000,209,408 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2013.08.14 14:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.03.26 23:20:00 | 004,846,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2013.03.26 23:20:00 | 000,150,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.03.02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Programme\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0) SRV - [2012.03.02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Programme\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer) SRV - [2011.09.15 12:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010.07.27 14:46:08 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010.01.26 11:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009.10.05 19:01:30 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Programme\Marvell\raid\svc\mvraidsvc.exe -- (Marvell RAID) SRV - [2009.09.23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.08.04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService) SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.04.09 01:38:52 | 000,024,635 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Programme\Marvell\raid\Apache2\bin\httpd.exe -- (MRUWebService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- L:\Ultrastar deluxe\zlportio.sys -- (zlportio) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2013.12.18 18:23:25 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2013.12.18 18:23:25 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013.10.07 12:42:11 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013.08.31 01:09:30 | 010,925,056 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2013.08.31 01:09:30 | 010,925,056 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2013.08.30 23:31:20 | 000,495,104 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2013.08.20 06:02:14 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) DRV - [2013.08.20 06:02:14 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) DRV - [2013.07.05 09:40:32 | 000,078,848 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2013.03.09 11:58:45 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2013.01.08 15:22:10 | 000,091,112 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt - ) [Driver] [Kernel | System | Running] -- C:\Windows\System32\drivers\SleeN18.sys -- (SLEE_18_DRIVER) DRV - [2011.07.22 12:53:58 | 000,015,568 | ---- | M] (SHAPE Services) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\idisplayminiport.sys -- (iDispService) DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.11.13 15:31:02 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaudio.sys -- (avmaudio) DRV - [2010.06.23 09:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot) DRV - [2010.04.08 06:34:18 | 000,051,200 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10) DRV - [2009.12.17 15:02:34 | 000,123,280 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv) DRV - [2009.12.17 15:02:34 | 000,110,096 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2009.12.17 15:02:34 | 000,099,152 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2009.12.17 15:02:34 | 000,041,616 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon) DRV - [2009.11.18 15:02:24 | 000,014,848 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\MTiCtwl.sys -- (MagicTune) DRV - [2009.11.16 17:33:38 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf) DRV - [2009.10.26 15:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32) DRV - [2009.10.09 23:55:54 | 000,020,008 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mv91cons.sys -- (mv91cons) DRV - [2009.09.25 15:57:40 | 000,138,240 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2009.09.25 15:57:36 | 000,056,576 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2009.09.23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2008.08.26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007.04.18 08:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\COMMONFX.DLL -- (COMMONFX.DLL) DRV - [2007.04.12 08:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CT20XUT.DLL -- (CT20XUT.DLL) DRV - [2007.04.12 08:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTHWIUT.DLL -- (CTHWIUT.DLL) DRV - [2007.04.12 08:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEXFIFX.DLL -- (CTEXFIFX.DLL) DRV - [2007.04.12 08:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPSY.DLL -- (CTEDSPSY.DLL) DRV - [2007.04.12 08:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPIO.DLL -- (CTEDSPIO.DLL) DRV - [2007.04.12 08:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPFX.DLL -- (CTEDSPFX.DLL) DRV - [2007.04.12 08:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTERFXFX.DLL -- (CTERFXFX.DLL) DRV - [2007.04.12 08:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEAPSFX.DLL -- (CTEAPSFX.DLL) DRV - [2007.04.12 08:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTSBLFX.DLL -- (CTSBLFX.DLL) DRV - [2007.04.12 08:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTAUDFX.DLL -- (CTAUDFX.DLL) DRV - [2007.04.10 06:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2007.04.10 05:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv) DRV - [2007.04.10 04:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\haP17v2k.sys -- (hap17v2k) DRV - [2007.04.10 04:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\haP16v2k.sys -- (hap16v2k) DRV - [2007.04.10 04:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha10kx2k.sys -- (ha10kx2k) DRV - [2007.04.10 04:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia) DRV - [2007.04.10 04:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k) DRV - [2007.04.10 04:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k) DRV - [2007.04.10 04:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) DRV - [2007.04.10 04:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k) DRV - [2007.04.09 11:38:06 | 012,039,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2sxp.sys -- (SNP2STD) DRV - [2005.02.23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc) DRV - [2004.10.26 09:12:14 | 000,053,632 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Gigusb.sys -- (Gigusb) DRV - [2004.10.26 09:03:52 | 000,008,448 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DectEnum.sys -- (DectEnum) DRV - [2004.10.26 09:02:14 | 000,113,408 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\siellif.sys -- (siellif) DRV - [2004.09.08 16:22:04 | 000,050,759 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IUAPIWDM.sys -- (IUAPIWDM) DRV - [2004.09.08 16:22:02 | 000,263,751 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hrcmpa.sys -- (HRCMPA) DRV - [2003.12.30 23:35:22 | 001,080,832 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hpusbwdm.sys -- (hpusbwdm) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=98604c79-2ecc-45e4-b45f-dbd2447b9c85&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = G:\ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=98604c79-2ecc-45e4-b45f-dbd2447b9c85&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=98604c79-2ecc-45e4-b45f-dbd2447b9c85&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0D F8 81 EC 33 8A CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=98604c79-2ecc-45e4-b45f-dbd2447b9c85&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=98604c79-2ecc-45e4-b45f-dbd2447b9c85&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\..\SearchScopes,DefaultScope = {42A3E501-A159-4ad1-9703-276B8F16F071} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=98604c79-2ecc-45e4-b45f-dbd2447b9c85&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKCU\..\SearchScopes\{40470E27-9A58-4A4C-91E1-6FA550D15244}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=88488c0a-cee7-4886-88ef-d1eab5d08bcc&apn_sauid=BA77B440-B412-4578-A48A-F822348737D6 IE - HKCU\..\SearchScopes\{42A3E501-A159-4ad1-9703-276B8F16F071}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_de IE - HKCU\..\SearchScopes\{6B91AB32-26DF-412f-8F6A-C3DEC8D6D922}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF %3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms} IE - HKCU\..\SearchScopes\{7437B9FF-618B-4D01-A524-3AEED5511198}: "URL" = hxxp://www.winload.de/opensearch/google/ie8/search/?searchTerms={searchTerms}&startPage={startPage?} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.01 12:38:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.01.28 21:42:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013.10.04 17:49:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.10.04 17:49:33 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.01 12:38:38 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{d591241b-9967-418c-9b7d-ee128131d60d}: C:\Program Files\GMX\GMX MultiMessenger\ThunderbirdSyncProxy [2010.01.17 12:44:48 | 000,000,000 | ---D | M] [2013.08.03 14:37:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank-Neu\AppData\Roaming\mozilla\Extensions O1 HOSTS File: ([2010.01.02 16:50:50 | 000,000,998 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 im.adtech.de O1 - Hosts: 127.0.0.1 adserver.adtech.de O1 - Hosts: 127.0.0.1 adtech.de O1 - Hosts: 127.0.0.1 atwola.com O1 - Hosts: 127.0.0.1 adserver.71i.de O1 - Hosts: 127.0.0.1 adicqserver.71i.de O1 - Hosts: 127.0.0.1 71i.de O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCEPServiceManager] C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AllShareAgent] C:\Programme\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [BoxSyncHelper] C:\Program Files\Box Sync\BoxSyncHelper.exe (Box, Inc.) O4 - HKLM..\Run: [CTHelper] C:\Windows\System32\CtHelper.exe (Creative Technology Ltd) O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd) O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [MagicTuneEngine] C:\Programme\MagicTune Premium\MagicTuneEngine.exe () O4 - HKLM..\Run: [MRUTray] C:\Programme\Marvell\raid\tray\MarvellTray.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [tsnp2std] C:\Windows\tsnp2std.exe (SONIX) O4 - HKCU..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKCU..\Run: [GMX_GMX MultiMessenger] C:\Program Files\GMX\GMX MultiMessenger\MESSENGR.EXE (GMX GmbH) O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung) O4 - HKCU..\Run: [OpAgent] "OpAgent.exe" /agent File not found O4 - HKCU..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks) O4 - HKCU..\Run: [Plex Media Server] C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe (Adobe Systems Incorporated) O4 - Startup: C:\Users\Frank-Neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Programme\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\Frank-Neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk = C:\Programme\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Senden an &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\FRITZ!DSL\\sarah.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites) O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites) O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class) O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} hxxp://www.lidl-fotos.de/ips-opdata/layout/lidl02/objects/jordan.cab (JordanUploader Class) O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A26FDAB1-792C-4960-9622-566D2A913440}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8CF7285-B65A-455B-9EBA-B83984D82BB3}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005.11.02 18:36:10 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.04.18 14:23:17 | 000,000,305 | ---- | M] () - E:\autorun.inf.vir -- [ NTFS ] O32 - AutoRun File - [2012.10.12 14:34:05 | 000,000,000 | ---D | M] - G:\Autounfall 11.10.2012 -- [ NTFS ] O32 - AutoRun File - [2009.04.18 14:23:17 | 000,000,314 | ---- | M] () - K:\autorun.inf.vir -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014.02.16 14:21:26 | 000,000,000 | ---D | C] -- C:\Users\Frank-Neu\AppData\Roaming\Origin [2014.02.16 14:21:25 | 000,000,000 | ---D | C] -- C:\Users\Frank-Neu\AppData\Local\Origin [2014.02.16 14:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2014.02.16 14:21:07 | 000,000,000 | ---D | C] -- C:\Program Files\Origin Games [2014.02.16 12:29:50 | 000,000,000 | ---D | C] -- C:\Users\Frank-Neu\Desktop\Battlefield 3 (Download) [2014.02.16 12:29:50 | 000,000,000 | ---D | C] -- C:\Users\Frank-Neu\Documents\Amazon Downloader Logs [2012.05.01 10:56:36 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\Comdlg32.ocx [2011.02.01 19:09:14 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Users\Frank-Neu\AppData\Roaming\MinecraftSP.exe [2010.01.12 18:29:46 | 001,646,080 | ---- | C] (Gabest) -- C:\Program Files\MediaPlayerClassic_6.4.9.1.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014.02.17 18:59:42 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014.02.17 18:59:42 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job [2014.02.17 18:58:36 | 000,015,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014.02.17 18:58:36 | 000,015,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014.02.17 18:53:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014.02.17 18:50:38 | 000,260,480 | ---- | M] () -- C:\Windows\za_mv_raid.ev [2014.02.17 18:50:38 | 000,000,096 | ---- | M] () -- C:\Windows\za_mv_seqnum.ev [2014.02.17 18:50:35 | 000,000,008 | ---- | M] () -- C:\Windows\mvraidver.dat [2014.02.17 18:50:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014.02.17 18:49:18 | 2815,025,152 | -HS- | M] () -- C:\hiberfil.sys [2014.02.17 18:48:18 | 000,031,056 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000005-00000000-00000003-00001102-00000004-20021102}.rfx [2014.02.17 18:48:18 | 000,031,056 | ---- | M] () -- C:\Windows\System32\BMXState-{00000005-00000000-00000003-00001102-00000004-20021102}.rfx [2014.02.17 18:48:18 | 000,030,528 | ---- | M] () -- C:\Windows\System32\BMXCtrlState-{00000005-00000000-00000003-00001102-00000004-20021102}.rfx [2014.02.17 18:48:18 | 000,030,528 | ---- | M] () -- C:\Windows\System32\BMXBkpCtrlState-{00000005-00000000-00000003-00001102-00000004-20021102}.rfx [2014.02.17 18:48:18 | 000,011,564 | ---- | M] () -- C:\Windows\System32\DVCState-{00000005-00000000-00000003-00001102-00000004-20021102}.rfx [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.12.26 20:17:01 | 003,826,944 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2013.09.12 15:51:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2013.09.12 15:46:14 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat [2013.09.12 15:46:13 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat [2013.09.12 15:46:13 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2013.08.31 00:47:56 | 000,200,704 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2013.08.31 00:47:50 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe [2013.08.31 00:47:50 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe [2013.08.30 18:53:48 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll [2013.08.27 20:06:16 | 000,233,652 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat [2013.08.27 18:27:56 | 000,082,336 | ---- | C] () -- C:\Windows\System32\ativce02.dat [2013.08.07 18:22:00 | 000,716,208 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2013.08.07 16:12:12 | 000,231,984 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat [2013.06.12 16:17:04 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2013.06.12 16:17:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe [2013.04.18 18:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2013.04.18 18:06:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2013.04.18 18:06:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2013.04.18 18:06:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2013.04.18 18:06:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2013.01.13 18:56:03 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FileOps.exe [2012.08.31 13:51:13 | 000,000,048 | -HS- | C] () -- C:\ProgramData\.zreglib [2012.07.12 14:09:05 | 000,000,051 | ---- | C] () -- C:\ProgramData\pzymgffsvupdled [2012.04.13 10:04:27 | 000,000,021 | ---- | C] () -- C:\Users\Frank-Neu\AppData\Local\mc.pixel.data [2012.03.06 18:03:10 | 000,000,068 | ---- | C] () -- C:\Windows\System32\fs_di002.dll [2012.03.06 18:02:47 | 000,000,097 | ---- | C] () -- C:\Users\Frank-Neu\AppData\Local\fusioncache.dat [2011.12.11 15:01:38 | 000,000,837 | ---- | C] () -- C:\Users\Frank-Neu\.recently-used.xbel [2011.02.01 19:09:14 | 000,290,797 | ---- | C] () -- C:\Users\Frank-Neu\AppData\Roaming\minecraft_name.jar [2011.02.01 19:09:14 | 000,232,501 | ---- | C] () -- C:\Users\Frank-Neu\AppData\Roaming\Minecraft.exe [2011.02.01 19:09:14 | 000,051,765 | ---- | C] () -- C:\Users\Frank-Neu\AppData\Roaming\Minecraft.jar [2011.02.01 19:09:14 | 000,000,133 | ---- | C] () -- C:\Users\Frank-Neu\AppData\Roaming\zan.settings [2011.02.01 19:09:14 | 000,000,008 | ---- | C] () -- C:\Users\Frank-Neu\AppData\Roaming\lastlogin [2010.10.13 21:21:26 | 000,022,328 | ---- | C] () -- C:\Users\Frank-Neu\AppData\Roaming\PnkBstrK.sys [2010.05.26 18:43:11 | 000,004,608 | ---- | C] () -- C:\Users\Frank-Neu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.03.24 20:45:39 | 000,017,408 | ---- | C] () -- C:\Users\Frank-Neu\AppData\Local\WebpageIcons.db [2010.02.16 20:28:26 | 000,003,452 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010.02.16 20:28:26 | 000,000,008 | RHS- | C] () -- C:\ProgramData\7A3F3295D0.sys [2010.01.31 17:21:38 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.01.09 13:44:28 | 000,000,202 | ---- | C] () -- C:\Users\Frank-Neu\AppData\Roaming\default.rss [2003.01.12 06:22:37 | 000,000,000 | -H-- | C] () -- C:\ProgramData\sdpsenv.dat ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] "ThreadingModel" = Both "" = C:\$Recycle.Bin\S-1-5-21-2873831477-3989399723-1635715160-1001\$acddb5e9a5f26ef9fed0faea32a442bd\n. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\$Recycle.Bin\S-1-5-18\$acddb5e9a5f26ef9fed0faea32a442bd\n. "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 240 bytes -> C:\ProgramData\sdpsenv.dat:naughtypirates @Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP  282699C@Alternate Data Stream - 143 bytes -> C:\Users\Frank-Neu\AppData\Roaming\default.rss:OECustomProperty < End of report > |
Baum-Darstellung