Trojan Win32/Alureon.BT

#0
06.12.2009, 22:37
Moderator

Beiträge: 5694
#16 Tool-Bereinigung mit OTM

Wir werden nun die CleanUp!-Funktion von OTM nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
• Bitte lade Dir (falls noch nicht vorhanden) OTM von OldTimer herunter.
Speichere es auf Deinem Desktop.
• Doppelklick auf OTM.exe um das Programm auszuführen.
Vista-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
• Klicke auf den Button "CleanUp!"
• OTM fragt eventuell nach einem Neustart.
Sollte es dies tun, so lasse dies bitte zu.
Anmerkung: Nach dem Neustart werden OTM und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

>>>
Windows Update

Dein Windows und der Internet-Explorer sind nicht auf dem neuesten Stand. Besuche die Windows-Update Seite und lasse alle wichtigen Updates installieren, die Dir über die benutzerdefinierte Suche angeboten werden.

Auch wenn Du den Internet Explorer nicht als Hauptbrowser nutzt, empfehle ich Dir, den Internet Explorer 8 zu installieren. Browser sicher konfigurieren: IE 6 - IE 7.


>>>
Kommen noch Meldungen?
Seitenanfang Seitenende
06.12.2009, 23:11
Member

Themenstarter

Beiträge: 56
#17 Werd ich machen!

Danke! ;)

Eine Frage noch u den USP Sticks.... ich habe nochmehr als diese 4,muß bzw. sollte ich diese auch
mitdiesem Programm bereinigen. was ich auch am Rechner hatte perUSP meine Camera,diese auch!?
Desinfizierung/Absicherung externer Medien

Dieses Combofix verschwindet dann auch mit OTM?


Viele Grüße
Elke
Seitenanfang Seitenende
06.12.2009, 23:23
Moderator

Beiträge: 5694
#18 Wichtig ist, dass du die Autorun funktion vorher deaktivierst. Damit wird verhindert, dass sich Virenprogramme welche als .exe oder .vbs auf dem Stick befinden nicht ausführbar sind.
Anleitung:
http://www.drwindows.de/windows-vista-allgemein/2624-autorun-u-autoplay-ausschalten.html

Danach scanne die Sticks mit Flashdesinfector ;) sowie führe bei angeschlossenen Sticks noch einige Onlinescans aus:
http://www.hijackthis-forum.de/allgemeines/25893-kostenlose-online-scanner.html

Cams musst du nicht. Nur USB STICKS oder externe Festplatten.

Ja Combofix wird dadurch entfernt ;)
Seitenanfang Seitenende
06.12.2009, 23:34
Member

Themenstarter

Beiträge: 56
#19 Danke Dir!!!!

Aus Beherzigung dieser Punkte:

Zitat

1. Regel: ruuuuuuuhig bleiben und tiiiiiiiief durch die Nase atmen
2. Regel: die größte Fehlerquelle des PC sitzt meist 30cm vor dem Bildschirm
mache ich das allerdings dann morgen!;)

Viele Grüße
Chris/Elke
Seitenanfang Seitenende
13.12.2009, 21:27
Moderator

Beiträge: 5694
#20 Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung, wenn ja welche? Wenn ich innerhalb von fünf Tagen keine Rückmeldung von Dir erhalte, gehe ich davon aus, dass Du nicht mehr weitermachen möchtest und werde diesen Thread kommentarlos schließen, damit Kapazitäten für andere wartende User frei werden.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.
Seitenanfang Seitenende
14.12.2009, 19:52
Member

Themenstarter

Beiträge: 56
#21 Hallo Swiss,

nein, ich konnten och nicht alles fertig machen.
OTM habe ich gemacht und Flash-desinfektor und Malwarbytes sind geblieben aber ich denke die dürfen auf dem Rechner sein!?
InternetBrowser hab ich aktualisiert, Windows abdates muß ich noch machen.
Die Online scannes hab ich nicht hinbekommen .....

War jetzt auch ein paarTage nicht zu hause und einige Turbulensen privater Natur um die Ohren .... ich denke ab Freutag kann ich mich in Ruhe weiter an die Sache machen.

Ich versuche dann die Onlinescannesund poste diese hier, wenn es wieder nicht klappt frag ich hier noch mal was ich falsch mache.
Auf alle Fällemelde ich mich!
Viele grüßeund vielen Dank,
chris/elke
Seitenanfang Seitenende
14.12.2009, 21:16
Moderator

Beiträge: 5694
#22 Ok ;) Ja Malwarebytes kannst Du behalten. Musst es jedoch vor dem Gebrauch jeweils updaten.
Seitenanfang Seitenende
20.12.2009, 01:13
Member

Themenstarter

Beiträge: 56
#23 Hallo,

vielen dankkf für die Geduld. ;)

Den Internetexplower 9 und die Updates habe ich geladen und einen Onlinescane mit Kaperstky gemacht. Gruß Chris! ;)
hier das Ergebnis:

ich sehe, das txt ist nicht gespeichert obwohl ich es gemacht habe *m* ....
muß ich den scan nochmal wiederholen oder kann ich das wo finden?
Seitenanfang Seitenende
20.12.2009, 02:19
Member

Themenstarter

Beiträge: 56
#24 habe nochmal versucht aber bin mittendrin angestürzt (beim 1.scan waren 2 Meldungen).

nun habe ich mit bitdefender gescannt:
PS: ich kann den Bitdefender nicht deinstalieren????? kommt imer deinstalation fehlgeschalgen ....

*BitDefender Online Scanner*


BitDefender Online Scanner



Bericht erstellt am: Sun, Dec 20, 2009 - 02:01:01



Zu prüfender Pfad: C:\Users\hetkala;C:\Users\Public;C:\Users\hetkala\Desktop\SlySoft.AnyDVD.v4.1.0.1.Cracked-SND.[www.extreme-torrent.dl.am];C:\Users\hetkala\Desktop\SopCast.zip;C:\Users\hetkala\Desktop\StreamTorrentSetup.zip;C:\Users\hetkala\Desktop\Valencia -Genua Uefa 1.10.09;





Statistik

Zeit


00:02:06

Dateien


8101

Ordner


1950

Boot-Sektoren


0

Archive


58

Komprimierte Dateien


1072







Ergebnisse

Erkannte Viren


1

Infizierte Dateien


1

verdächtige Dateien


0

Warnungen


0

Desinfiziert


0

Gelöscht


1







Engine-Info

Virensignaturen


4750996

Engine info


AVCORE v2.1 Windows/i386 11.0.0.33 (Nov 24 2009)

Prüf-Plugins


17

Archiv-Plugins


44

Extraktions-Plugins


8

E-Mail-Plugins


6

System-Plugins


4







Prüfeinstellungen

Primäre Aktion


Desinfizieren

Sekundäre Aktion


L�schen

Heuristik


Ja

Warnungen aktivieren


Ja

Zu prüfende Erweiterungen


exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Auszuschließende Erweiterungen




E-Mails prüfen


Ja

Archive prüfen


Ja

Komprimierte Dateien prüfen


Ja

Dateien prüfen


Ja

Boot-Sektoren prüfen


Ja








Geprüfte Dateien


Status

C:\Users\hetkala\Downloads\veetle-0.9.6.exe


Infiziert: Trojan.Generic.1022521

C:\Users\hetkala\Downloads\veetle-0.9.6.exe


Gel�scht
Dieser Beitrag wurde am 20.12.2009 um 02:31 Uhr von Christin777 editiert.
Seitenanfang Seitenende
20.12.2009, 12:17
Member

Themenstarter

Beiträge: 56
#25 Hallo,
inzwischen habe ich den onlinscann mit kaspersky wiederholen können.
Für mich sieht es aus, als ob auf den stiks immer noch etwas drauf ist ... *m*
(das waren die beiden wo nach meinem urlaub antivir angeschlagen hatte....)

viele Grüße
Chris/Elke

hier der scan:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Sunday, December 20, 2009
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Sunday, December 20, 2009 03:30:10
Records in database: 3391275
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Objects scanned: 136923
Threats found: 1
Infected objects found: 2
Suspicious objects found: 0
Scan duration: 02:10:04


File name / Threat / Threats count
E:\voglix.exe Infected: Worm.Win32.VBNA.fcm 1
F:\voglix.exe Infected: Worm.Win32.VBNA.fcm 1

Selected area has been scanned.
Seitenanfang Seitenende
20.12.2009, 13:49
Moderator

Beiträge: 5694
#26 Na dann machen wir uns nochmals an die Arbeit ;)

>>>
Systemscan mit OTL
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
>Doppelklick auf die OTL.exe -->Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
>Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
>Unter Extra Registry, wähle bitte Use SafeList
>Klicke nun auf Run Scan links oben
>Wenn der Scan beendet wurde werden 2 Logfiles erstellt
>Poste die Logfiles in Code-Tags hier in den Thread.

>>>
Download RootRepeal zum Desktop Doppelklicke die RootRepeal.exe, um den Scanner zu starten. Klicke den Knopf Scan klicke OK Mache einen Haken bei den folgenden Element File und klicke Ok. Files Im Anschluss wirst Du gefragt, welche Laufwerke gescannt werden sollen. Wähle C:\ und klicke wieder Ok. Der Suchlauf beginnt automatisch, es wird eine Weile dauern, bitte Geduld. Wenn der Suchlauf beendet ist, klicke auf Save Report. Speichere das Logfile als RootRepeal.txt auf dem Desktop. Kopiere den Inhalt hier in den Thread.
Seitenanfang Seitenende
20.12.2009, 14:04
Member

Themenstarter

Beiträge: 56
#27 hallo ;)

ich habe auch nochmal mit bitfender gescannt (hatte beim ersten scnn keine stiks drann) nun mit den besagten Stiks .......
danach habe ich die sticks nochmal mit kapersky gescannt (nur sticks) und es war nichts mehr angezeigt.
Ach ja, das OTL mit Sticks oder ohne?


BitDefender Online Scanner - Echtzeit-Virenmeldung

Erstellt am: Sun, Dec 20, 2009 - 13:37:04

Prüf-Info


Geprüfte Dateien


86383

Infizierte Dateien

2


Erkannte Viren

Trojan.VB.Chinky.E


2


Diese Zusammenfassung des Prüfvorgangs wird vom BitDefender Virus Labor dazu verwendet detaillierte Berichte über die weltweite Aktivität von Viren zu erstellen.

1. No viruses were found on your computer
66294 analysiert, 2 Bedrohung(en) gefunden, 2 Bedrohung(en) behoben


---------------------
Seitenanfang Seitenende
20.12.2009, 14:52
Member

Themenstarter

Beiträge: 56
#28 OTL

Code

 OTL Extras logfile created on: 20.12.2009 14:38:23 - Run 1
OTL by OldTimer - Version 3.1.19.0     Folder = C:\Users\hetkala\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 219,72 Gb Total Space | 142,19 Gb Free Space | 64,71% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3,74 Gb Total Space | 0,69 Gb Free Space | 18,37% Space Free | Partition Type: FAT32
Drive F: | 3,74 Gb Total Space | 2,06 Gb Free Space | 55,23% Space Free | Partition Type: FAT32
Drive G: | 7,47 Gb Total Space | 0,02 Gb Free Space | 0,23% Space Free | Partition Type: FAT32
Drive H: | 7,45 Gb Total Space | 0,30 Gb Free Space | 3,97% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded

Computer Name: HETKALA-PC
Current User Name: hetkala
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-66912665-3097568841-381030272-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7289BBAB-77A6-4325-800A-FE0F27304D60}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{EDD6E2D6-1DC8-480D-A898-FBAD8366D17A}" = lport=2869 | protocol=6 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{9D1A2A3A-32F1-4DAA-99EF-95B8E52EF5EF}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{A5A977C1-4A51-45AB-8BC7-BE9F3C015D78}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B5D78216-D74D-4463-86CE-2502240B5D99}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{CD860FF3-010F-4299-9939-993ED7B395E9}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"TCP Query User{12887C1A-B6BF-43ED-8426-13BD58575214}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{2DE6729D-97C2-438D-9B7C-4390D5863505}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{374E52FB-71C9-4658-8516-7F9AB4289D11}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{5214D1A6-704C-4646-940F-5D6C346D4E90}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{677D0FDA-541F-4E87-87C6-093961111BCB}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{680EE949-0438-44FD-8037-B55E8A5DF612}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{9283F2CE-7BDC-4B5D-87CA-C505F90E3BDF}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{BDDB32F4-6DF6-4B2E-B0F9-5CBFF89A9B76}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{1DA757E4-E65D-4748-9F1F-BF42EAE7B72C}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{24FF4458-0685-4290-A95A-40F8E9FC7775}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4891216B-FBEB-4662-94CE-7F23B32540CE}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{799C45F5-ADC5-4F52-BC90-FE75A3CB1F41}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{A25822AB-0B1D-4248-A262-8E6124F50516}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{B61F6F56-31DE-49D8-94EA-7DEC074BB13D}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{DEFC8C26-1AFD-4533-B244-9E4883E2C6D8}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{F33669D1-EA91-4805-8EEA-404D701C4A14}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{148862A6-9C69-2393-EB30-69EE0F776022}" = ccc-utility
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{207E428F-E854-6C6F-A767-3EBC20129217}" = Catalyst Control Center Localization German
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{349E05FB-F468-B594-1DC9-2CC336145510}" = Catalyst Control Center Graphics Full New
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4C09737A-845A-B2FA-39C9-2B303950CF6D}" = Catalyst Control Center Graphics Light
"{4DFBB005-695B-3853-4FD4-C5C1D4EDAB0D}" = Catalyst Control Center Graphics Previews Vista
"{50D69C54-6963-49A6-B762-A9FF8F56AF0F}" = Brockhaus multimedial 2008
"{54971F17-9D16-4D43-95D6-3A86E3D20EDB}" = Office-Bibliothek 4.1
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5B73A65F-746A-4D50-B694-BA6A8DF6BC76}" = AveoCap
"{5F6A846C-1CBA-407F-839C-DC0204547F13}" = EuroRoute 2008
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6041D07D-CBC6-4119-8C35-D95B77AD5FBA}" = InternetExplorer-WEB.DE-Addon
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{67569FA7-9EAC-C6ED-0586-035BBEE0D1ED}" = CCC Help German
"{74EB7345-BB71-BDC7-AF94-DF1BEC29E35E}" = Skins
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{8FDA7BA1-BE06-640C-B9FC-3E0EFDCE0370}" = ATI Catalyst Install Manager
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2289997-10A3-48F2-AA03-99180D761661}" = Protector Suite QL 5.6
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1031-7B44-A70900000002}" = Adobe Reader 7.0.9 - Deutsch
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CA948D73-575A-8B81-05A6-C31FDBD6116E}" = ccc-core-static
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D8D22773-14BF-4178-A683-3DBA515C2A26}" = WISO Mein Geld 2008 Professional
"{D915113C-DD62-3E51-AFE8-434739D2338C}" = Catalyst Control Center Core Implementation
"{E0091C29-DEE8-4B24-BF65-8C35B5940D77}" = Letstrade
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E417A5F1-2406-4D4C-98C3-FC84D59A1031}" = Nero 8 Essentials
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FCC8AD-0F88-4D77-8530-0FBB088485F1}" = WEB.DE Update
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FBF0A119-0D56-A6AB-6D55-9B41279F8CE5}" = Catalyst Control Center Graphics Full Existing
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"DasTelefonbuch Deutschland" = DasTelefonbuch Deutschland
"DivX Codec" = DivX Codec
"GOM Player" = GOM Player
"HijackThis" = HijackThis 2.0.2
"InternetExplorer-WEB.DE-Addon" = InternetExplorer-WEB.DE-Addon
"LIDL Fotoservice_is1" = LIDL Fotoservice
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.15)" = Mozilla Firefox (3.0.15)
"RealPlayer 12.0" = RealPlayer
"SopCast" = SopCast 3.0.3
"StreamTorrent 1.0" = Stream Torrent 1.0
"TV Player" = Veetle TV Player 0.9.6
"TVAfaDrv" = MSI DVB-T USB BDA Driver
"Veetle TV Player" = Veetle TV Player 0.9.6
"VLC media player" = VideoLAN VLC media player 0.8.6i
"WEB.DE Update" = WEB.DE Update
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"XnView_is1" = XnView 1.93.6

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-66912665-3097568841-381030272-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 11.09.2009 06:32:21 | Computer Name = hetkala-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 11.09.2009 06:32:21 | Computer Name = hetkala-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 11.09.2009 11:55:18 | Computer Name = hetkala-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 11.09.2009 11:55:18 | Computer Name = hetkala-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 11.09.2009 14:25:28 | Computer Name = hetkala-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 11.09.2009 14:25:28 | Computer Name = hetkala-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 11.09.2009 16:24:34 | Computer Name = hetkala-PC | Source = EventSystem | ID = 4621
Description =

Error - 12.09.2009 02:02:04 | Computer Name = hetkala-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12.09.2009 02:02:04 | Computer Name = hetkala-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 12.09.2009 04:50:08 | Computer Name = hetkala-PC | Source = EventSystem | ID = 4621
Description =

[ Media Center Events ]
Error - 25.11.2008 01:17:22 | Computer Name = hetkala-PC | Source = Recording | ID = 19
Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 11/25/2008 06:17:22
automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen.

[ System Events ]
Error - 19.12.2009 07:34:06 | Computer Name = hetkala-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 19.12.2009 13:54:14 | Computer Name = hetkala-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 19.12.2009 um 12:57:06 unerwartet heruntergefahren.

Error - 19.12.2009 13:54:26 | Computer Name = hetkala-PC | Source = HTTP | ID = 15016
Description =

Error - 19.12.2009 13:55:02 | Computer Name = hetkala-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 19.12.2009 20:40:49 | Computer Name = hetkala-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 20.12.2009 um 01:38:33 unerwartet heruntergefahren.

Error - 19.12.2009 20:40:59 | Computer Name = hetkala-PC | Source = HTTP | ID = 15016
Description =

Error - 19.12.2009 20:42:38 | Computer Name = hetkala-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 19.12.2009 23:36:50 | Computer Name = hetkala-PC | Source = DCOM | ID = 10010
Description =

Error - 20.12.2009 03:53:55 | Computer Name = hetkala-PC | Source = HTTP | ID = 15016
Description =

Error - 20.12.2009 03:55:26 | Computer Name = hetkala-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >




Code

OTL logfile created on: 20.12.2009 14:38:22 - Run 1
OTL by OldTimer - Version 3.1.19.0     Folder = C:\Users\hetkala\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 219,72 Gb Total Space | 142,19 Gb Free Space | 64,71% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3,74 Gb Total Space | 0,69 Gb Free Space | 18,37% Space Free | Partition Type: FAT32
Drive F: | 3,74 Gb Total Space | 2,06 Gb Free Space | 55,23% Space Free | Partition Type: FAT32
Drive G: | 7,47 Gb Total Space | 0,02 Gb Free Space | 0,23% Space Free | Partition Type: FAT32
Drive H: | 7,45 Gb Total Space | 0,30 Gb Free Space | 3,97% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded

Computer Name: HETKALA-PC
Current User Name: hetkala
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\hetkala\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Windows\System32\ieconfig_1und1_svc.exe (mquadr.at softwareengineering und consulting gmbh)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\WEB.DE\LiveUpdate\m2LUTray.exe ()
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\System32\mobsync.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG)
PRC - C:\Programme\System Control Manager\MGSysCtrl.exe (MSI)
PRC - C:\Programme\System Control Manager\edd.exe ()
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Protector Suite QL\upeksvr.exe (UPEK Inc.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - C:\Users\hetkala\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - (serviceIEConfig) -- C:\Windows\System32\ieconfig_1und1_svc.exe (mquadr.at softwareengineering und consulting gmbh)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Ati External Event Utility) -- C:\Windows\System32\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (NMIndexingService) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (Nero BackItUp Scheduler 3) -- C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NishService) -- C:\Programme\System Control Manager\edd.exe ()
SRV - (TOSHIBA Bluetooth Service) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
SRV - (ehstart) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (AF15BDA) -- C:\Windows\System32\drivers\AF15BDA.sys (AfaTech                  )
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (TcUsb) -- C:\Windows\System32\drivers\tcusb.sys (UPEK Inc.)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (MGHwCtrl) -- C:\Windows\System32\drivers\MGHwCtrl.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm60x32.sys (NVIDIA Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-66912665-3097568841-381030272-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.web.de/home
IE - HKU\S-1-5-21-66912665-3097568841-381030272-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://go.web.de/tab2 [binary data]
IE - HKU\S-1-5-21-66912665-3097568841-381030272-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-66912665-3097568841-381030272-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.web.de [binary data]
IE - HKU\S-1-5-21-66912665-3097568841-381030272-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.1und1.de/links/home
IE - HKU\S-1-5-21-66912665-3097568841-381030272-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-66912665-3097568841-381030272-1001\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-66912665-3097568841-381030272-1001\S-1-5-21-66912665-3097568841-381030272-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.12.13 17:41:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.12.13 17:41:35 | 00,000,000 | ---D | M]

[2009.02.23 17:03:08 | 00,000,000 | ---D | M] -- C:\Users\hetkala\AppData\Roaming\mozilla\Extensions
[2009.12.20 02:21:13 | 00,000,000 | ---D | M] -- C:\Users\hetkala\AppData\Roaming\mozilla\Firefox\Profiles\7ydblw2j.default\extensions
[2009.12.16 20:46:05 | 00,000,950 | ---- | M] () -- C:\Users\hetkala\AppData\Roaming\Mozilla\FireFox\Profiles\7ydblw2j.default\searchplugins\icqplugin-1.xml
[2009.11.07 05:36:03 | 00,000,950 | ---- | M] () -- C:\Users\hetkala\AppData\Roaming\Mozilla\FireFox\Profiles\7ydblw2j.default\searchplugins\icqplugin-2.xml
[2009.11.07 10:29:53 | 00,000,950 | ---- | M] () -- C:\Users\hetkala\AppData\Roaming\Mozilla\FireFox\Profiles\7ydblw2j.default\searchplugins\icqplugin-3.xml
[2009.11.05 22:28:06 | 00,000,944 | ---- | M] () -- C:\Users\hetkala\AppData\Roaming\Mozilla\FireFox\Profiles\7ydblw2j.default\searchplugins\icqplugin.xml
[2009.08.01 20:45:18 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.08.01 20:45:18 | 00,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.11.06 22:21:51 | 00,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.11.06 22:21:51 | 00,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.11.06 22:21:51 | 00,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009.11.06 22:21:51 | 00,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009.11.06 22:21:51 | 00,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (WEB.DE Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\System32\ieconfig_1und1.dll (mquadr.at softwareengineering und consulting gmbh)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MGSysCtrl] C:\Programme\System Control Manager\MGSysCtrl.exe (MSI)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WEB.DE Update] C:\Programme\WEB.DE\LiveUpdate\m2LUTray.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-66912665-3097568841-381030272-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-66912665-3097568841-381030272-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF  [binary data]
O7 - HKU\S-1-5-21-66912665-3097568841-381030272-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-66912665-3097568841-381030272-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-66912665-3097568841-381030272-1001_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Programme\WordPerfect Office X3\Programs\WPLauncher.hta ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1223491706892&h=09133b27264467fa31a009569c861571/&filename=jinstall-6u7-windows-i586-jc.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.12.05 17:38:55 | 00,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.12.05 18:16:46 | 00,000,000 | RHSD | M] - F:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009.12.05 18:16:46 | 00,000,000 | RHSD | M] - G:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009.12.05 18:16:46 | 00,000,000 | RHSD | M] - H:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009.12.20 14:10:59 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\hetkala\Desktop\OTL.exe
[2009.12.20 09:16:12 | 00,000,000 | ---D | C] -- C:\Windows\Sun
[2009.12.19 12:26:05 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009.12.19 12:22:07 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2009.12.19 12:22:06 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2009.12.18 20:17:14 | 00,000,000 | ---D | C] -- C:\Users\hetkala\Tracing
[2009.12.18 20:15:06 | 00,000,000 | ---D | C] -- C:\Programme\Microsoft
[2009.12.18 20:14:50 | 00,000,000 | ---D | C] -- C:\Programme\Windows Live SkyDrive
[2009.12.18 20:12:11 | 00,000,000 | ---D | C] -- C:\Programme\Common Files\Windows Live
[2009.12.13 17:41:49 | 00,000,000 | ---D | C] -- C:\Users\hetkala\AppData\Local\Real
[2009.12.09 22:42:16 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009.12.09 22:42:10 | 00,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2009.12.09 22:42:10 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2009.12.09 17:38:57 | 00,000,000 | ---D | C] -- C:\ProgramData\Real
[2009.12.08 21:56:17 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009.12.08 21:56:16 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009.12.08 21:56:16 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009.12.08 21:56:16 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009.12.08 21:56:16 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009.12.08 21:56:15 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009.12.08 21:56:15 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009.12.08 21:56:14 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009.12.08 21:56:14 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009.12.08 21:56:14 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009.12.08 21:56:13 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009.12.08 21:56:13 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009.12.08 21:56:13 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009.12.08 21:56:13 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009.12.08 21:55:04 | 00,000,000 | -H-D | C] -- C:\ProgramData\{C4673A56-EF7C-40A4-9249-68BD43C997F7}
[2009.12.08 21:55:04 | 00,000,000 | ---D | C] -- C:\Programme\WEB.DE
[2009.12.08 21:54:49 | 00,000,000 | -H-D | C] -- C:\ProgramData\{ACD22DA6-75BE-4B73-8FEE-D4717AEBEFA5}
[2009.12.08 21:54:36 | 00,000,000 | ---D | C] -- C:\ProgramData\IEConfiguration1und1
[2009.12.08 21:54:32 | 01,214,352 | ---- | C] (mquadr.at softwareengineering und consulting gmbh) -- C:\Windows\System32\ieconfig_1und1_svc.exe
[2009.12.08 21:54:32 | 01,046,920 | ---- | C] (mquadr.at softwareengineering und consulting gmbh) -- C:\Windows\System32\ieconfig_1und1.dll
[2009.12.08 21:54:28 | 00,000,000 | ---D | C] -- C:\Users\hetkala\AppData\Local\PackageAware
[2009.12.08 21:54:23 | 00,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2009.12.08 21:49:59 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2009.12.08 21:49:59 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2009.12.08 21:49:59 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2009.12.08 21:49:59 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2009.12.08 21:49:58 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2009.12.08 21:49:58 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2009.12.08 21:49:58 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2009.12.08 21:49:58 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2009.12.08 21:49:58 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2009.12.08 21:49:58 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2009.12.08 21:49:57 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009.12.08 21:49:57 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009.12.08 21:49:57 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2009.12.08 21:49:57 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2009.12.08 21:49:57 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2009.12.08 21:49:57 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2009.12.08 21:49:56 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009.12.08 21:49:56 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2009.12.08 21:49:56 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2009.12.08 21:49:56 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2009.12.08 21:49:55 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009.12.08 21:49:55 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2009.12.08 21:49:54 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2009.12.08 21:49:54 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2009.12.08 21:49:54 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2009.12.08 21:49:54 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2009.12.08 21:49:54 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2009.12.08 21:49:54 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2009.12.08 21:46:20 | 25,822,128 | ---- | C] (Microsoft Corporation) -- C:\Users\hetkala\Desktop\IE8-Setup-Full-32.exe
[2009.12.06 15:12:08 | 00,000,000 | ---D | C] -- C:\Users\hetkala\AppData\Roaming\SUPERAntiSpyware.com
[2009.12.06 15:12:08 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009.12.05 19:06:32 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2009.12.05 19:06:28 | 00,000,000 | ---D | C] -- C:\Windows\temp
[2009.12.05 19:06:28 | 00,000,000 | ---D | C] -- C:\Users\hetkala\AppData\Local\temp
[2009.12.05 18:42:10 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009.12.05 17:38:55 | 00,000,000 | R--D | C] -- C:\autorun.inf
[2009.12.05 14:43:54 | 00,000,000 | ---D | C] -- C:\Programme\trend micro
[2009.12.05 11:10:50 | 00,000,000 | ---D | C] -- C:\Users\hetkala\AppData\Roaming\Malwarebytes
[2009.12.05 11:10:45 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009.12.05 11:10:43 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009.12.05 11:10:43 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009.12.05 11:10:42 | 00,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2009.12.05 11:08:29 | 04,844,296 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\hetkala\Desktop\mbam-setup.exe
[2009.12.04 17:37:58 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009.12.04 17:37:58 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009.12.04 17:37:54 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009.12.04 17:37:53 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009.12.04 17:37:53 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009.12.04 17:37:53 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009.12.04 17:37:53 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2009.12.04 17:33:31 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2009.12.04 17:33:31 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2009.11.24 20:22:41 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2009.12.20 14:42:48 | 03,407,872 | ---- | M] () -- C:\Users\hetkala\ntuser.dat
[2009.12.20 14:30:11 | 01,408,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2009.12.20 14:30:11 | 00,831,902 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009.12.20 14:30:11 | 00,379,612 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2009.12.20 14:30:11 | 00,336,182 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009.12.20 14:30:11 | 00,004,926 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009.12.20 14:11:03 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\hetkala\Desktop\OTL.exe
[2009.12.20 14:00:29 | 00,000,952 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2009.12.20 14:00:00 | 00,000,504 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2009.12.20 13:41:55 | 00,015,150 | ---- | M] () -- C:\Users\hetkala\Desktop\BitDefender Online Scanner - Echtzeit-VirenmeldungErstellt am.wpd
[2009.12.20 13:34:59 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2009.12.20 12:53:55 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009.12.20 12:53:55 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009.12.20 09:12:38 | 00,097,792 | ---- | M] () -- C:\Users\hetkala\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.20 08:53:57 | 00,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2009.12.20 08:53:55 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.12.20 08:53:51 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.12.20 08:53:46 | 21,468,20096 | -HS- | M] () -- C:\hiberfil.sys
[2009.12.20 04:36:55 | 00,524,288 | -HS- | M] () -- C:\Users\hetkala\ntuser.dat{69c19357-9325-11de-b5fe-a2f80e2e2fff}.TMContainer00000000000000000001.regtrans-ms
[2009.12.20 04:36:55 | 00,065,536 | -HS- | M] () -- C:\Users\hetkala\ntuser.dat{69c19357-9325-11de-b5fe-a2f80e2e2fff}.TM.blf
[2009.12.20 04:36:31 | 03,077,487 | -H-- | M] () -- C:\Users\hetkala\AppData\Local\IconCache.db
[2009.12.19 12:32:48 | 00,269,168 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.12.18 20:15:43 | 00,000,761 | ---- | M] () -- C:\Users\hetkala\Documents\Meine freigegebenen Ordner.lnk
[2009.12.13 17:41:27 | 00,000,905 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2009.12.13 17:41:17 | 00,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2009.12.13 17:40:57 | 00,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2009.12.13 17:40:57 | 00,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2009.12.13 17:40:34 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2009.12.08 21:54:48 | 00,001,940 | ---- | M] () -- C:\Users\Public\Desktop\Kostenlose Movie-FLAT aktivieren!.lnk
[2009.12.08 21:54:48 | 00,001,390 | ---- | M] () -- C:\Users\Public\Desktop\amazon.de Shop.lnk
[2009.12.08 21:54:48 | 00,001,384 | ---- | M] () -- C:\Users\Public\Desktop\Kostenloser Firefox 3.5.lnk
[2009.12.08 21:54:32 | 01,214,352 | ---- | M] (mquadr.at softwareengineering und consulting gmbh) -- C:\Windows\System32\ieconfig_1und1_svc.exe
[2009.12.08 21:54:32 | 01,046,920 | ---- | M] (mquadr.at softwareengineering und consulting gmbh) -- C:\Windows\System32\ieconfig_1und1.dll
[2009.12.08 21:46:23 | 25,822,128 | ---- | M] (Microsoft Corporation) -- C:\Users\hetkala\Desktop\IE8-Setup-Full-32.exe
[2009.12.08 20:58:34 | 00,067,640 | ---- | M] () -- C:\Users\hetkala\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.12.07 23:52:36 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2009.12.06 12:55:43 | 00,036,835 | ---- | M] () -- C:\Users\hetkala\Desktop\Bitte vor der folgenden Aktion wieder tempor.wpd
[2009.12.05 19:02:25 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2009.12.05 17:36:38 | 00,132,597 | ---- | M] () -- C:\Users\hetkala\Desktop\Flash_Disinfector.exe
[2009.12.05 11:37:46 | 26,229,0204 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009.12.05 11:10:48 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.12.05 11:08:44 | 04,844,296 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\hetkala\Desktop\mbam-setup.exe
[2009.12.04 14:39:41 | 00,055,606 | ---- | M] () -- C:\Users\hetkala\Desktop\teilnahmebedingungen.pdf
[2009.12.03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009.12.03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009.11.29 23:59:09 | 00,020,949 | ---- | M] () -- C:\Users\hetkala\Documents\28.11
[2009.11.21 21:53:55 | 00,039,079 | ---- | M] () -- C:\Users\hetkala\Documents\Hi Keiko.wpd
[2009.11.21 10:44:24 | 00,070,468 | ---- | M] () -- C:\Users\hetkala\Documents\23.11.09 keiko.wpd
[2009.11.21 07:35:38 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009.11.21 07:35:38 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009.11.21 07:34:58 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009.11.21 07:34:52 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009.11.21 07:34:39 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009.11.21 07:34:39 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009.11.21 07:34:39 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009.11.21 07:34:38 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009.11.21 07:34:38 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009.11.21 07:34:33 | 00,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009.11.21 05:59:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009.11.21 05:59:52 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009.11.21 05:59:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009.11.21 05:58:54 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009.11.21 04:21:16 | 00,057,667 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2009.12.20 13:41:55 | 00,015,150 | ---- | C] () -- C:\Users\hetkala\Desktop\BitDefender Online Scanner - Echtzeit-VirenmeldungErstellt am.wpd
[2009.12.13 17:41:27 | 00,000,905 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2009.12.08 21:56:14 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2009.12.08 21:54:48 | 00,001,940 | ---- | C] () -- C:\Users\Public\Desktop\Kostenlose Movie-FLAT aktivieren!.lnk
[2009.12.08 21:54:48 | 00,001,390 | ---- | C] () -- C:\Users\Public\Desktop\amazon.de Shop.lnk
[2009.12.08 21:54:48 | 00,001,384 | ---- | C] () -- C:\Users\Public\Desktop\Kostenloser Firefox 3.5.lnk
[2009.12.06 12:55:43 | 00,036,835 | ---- | C] () -- C:\Users\hetkala\Desktop\Bitte vor der folgenden Aktion wieder tempor.wpd
[2009.12.05 19:06:32 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.12.05 18:42:16 | 00,260,608 | ---- | C] () -- C:\Windows\PEV.exe
[2009.12.05 18:42:16 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2009.12.05 17:36:37 | 00,132,597 | ---- | C] () -- C:\Users\hetkala\Desktop\Flash_Disinfector.exe
[2009.12.05 11:30:25 | 26,229,0204 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2009.12.05 11:10:48 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.12.04 14:39:41 | 00,055,606 | ---- | C] () -- C:\Users\hetkala\Desktop\teilnahmebedingungen.pdf
[2009.12.02 19:42:48 | 21,468,20096 | -HS- | C] () -- C:\hiberfil.sys
[2009.11.29 23:59:09 | 00,020,949 | ---- | C] () -- C:\Users\hetkala\Documents\28.11
[2009.11.21 16:28:15 | 00,039,079 | ---- | C] () -- C:\Users\hetkala\Documents\Hi Keiko.wpd
[2009.11.21 10:44:24 | 00,070,468 | ---- | C] () -- C:\Users\hetkala\Documents\23.11.09 keiko.wpd
[2009.01.05 15:44:10 | 00,000,483 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2008.07.13 10:27:06 | 00,097,792 | ---- | C] () -- C:\Users\hetkala\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.07.12 21:21:27 | 00,000,952 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007.12.18 14:18:41 | 00,110,592 | ---- | C] () -- C:\Windows\System32\MGHwCtrl.dll
[2007.12.18 14:18:41 | 00,032,768 | ---- | C] () -- C:\Windows\System32\MGFPCtrl.dll
[2007.12.14 11:49:49 | 00,000,381 | ---- | C] () -- C:\Windows\WISO.INI
[2007.12.13 18:40:40 | 00,028,672 | ---- | C] () -- C:\Windows\System32\MFC_InstDrvDLL.dll
[2007.12.13 18:26:20 | 00,001,438 | ---- | C] () -- C:\Windows\TVAfaDrv.ini
[2007.12.13 18:23:23 | 00,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2007.12.13 17:24:57 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007.12.13 17:17:49 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.12.13 13:56:57 | 00,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2007.06.21 10:49:24 | 00,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.07.22 21:30:18 | 00,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
< End of report >
Seitenanfang Seitenende
20.12.2009, 15:16
Member

Themenstarter

Beiträge: 56
#29 ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2009/12/20 15:15
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP1
==================================================

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: C:\System Volume Information\{bc4260c0-e0f1-11de-bff8-84f9458ae3dd}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{c63d2c14-e433-11de-9cfc-c6fdc2d90497}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{c63d2c3c-e433-11de-9cfc-c6fdc2d90497}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{c63d2c5a-e433-11de-9cfc-c6fdc2d90497}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{dbd38bb9-e0e5-11de-aebe-ba22dad6f448}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{e4d554bb-e107-11de-a50b-c680e7c10505}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{f489d719-e0d4-11de-aad3-e04e4b6fcd07}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{f489d720-e0d4-11de-aad3-b11f587d8233}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{f8380b3c-e240-11de-9c45-e0e4a6821ed1}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{FF334~1
Status: Locked to the Windows API!

Path: C:\System Volume Information\{dbd38bc0-e0e5-11de-aebe-ba22dad6f448}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{0ac7f5f6-ec8a-11de-aa5d-b6948dc17b41}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{0ac7f5fc-ec8a-11de-aa5d-b6948dc17b41}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{1b0cae17-e5be-11de-99c0-c1b9f89a0607}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{1fc59137-e0e4-11de-b0d6-b81dd9446846}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{1fc5913c-e0e4-11de-b0d6-b81dd9446846}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{4b176d75-ebd1-11de-85e4-bd1ab7c8e008}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{52bbc876-e805-11de-8b60-e8a60b861487}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{5f8e77b4-e0e8-11de-99b3-a97db5102700}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{5f8e77bb-e0e8-11de-99b3-be2467bab9d7}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{5f8e77c2-e0e8-11de-99b3-f861457b3c97}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{69d01195-e41f-11de-aed1-8e696f08a60c}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{75374196-e4e0-11de-ace0-c08a72ba7b40}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{893f1414-e16b-11de-b420-ed05420dc36a}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{9dc05603-df87-11de-8c8f-c14e564c9518}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{9ef70ed2-defe-11de-b655-d45ce5383f0b}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\Windows\System32\GATHER~1.VBS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_81c25f21d3d46d84.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8dd7dea5d5a7a18a.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f0efb442f8a0f46c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8a14c0566bec5b24.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_a6dea5dc0ea08098.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_7ab8cc63a6e4c2a3.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_9193a620671dde41.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4ddfc6cd11929a02.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_a6e4a7980e9b18a2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_7dd1e0ebd6590e0b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_abac38a907ee8801.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9848.0_none_b7e811287b298060.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9849.0_none_a6e7a8e20e9863b4.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_45e008191e507087.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_5c4003bc63e949f6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_7658964504b9f3b6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.1.0.0_none_6c030d6fdc86522c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9818.0_none_b7e811947b297f6d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_58b19c2866332652.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_58843c41d2730d3f.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_8e053e8c6967ba9d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9849.0_none_b7e911727b2899b7.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.1.microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_8b7b15c031cda6db.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_b7e610287b2b4ea5.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_54c11df268b7c6d9.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9848.0_none_a6e6a8980e994a5d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_818f59bf601aa775.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6000.16716_de-de_25025fdedb611a73\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6000.20876_de-de_0e3abadaf5031283\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6001.18106_de-de_24dd5b5cdbb30d73\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6001.22221_de-de_0e122718f5582002\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_d9f4bc64420b8d63\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_da-dk_772e9c8b38518962\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_de-de_745a31c73a27ddfc\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_el-gr_1cf05f5a293d468a\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_en-us_1d4b07c02905e9c1\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_es-es_1d1664a4292cdb66\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_fi-fi_bc3169511e46cd90\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_hu-hu_073e5aeb005ec0e4\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_it-it_a9f5d0e9f330d746\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_ja-jp_4c1b4ff6e64be921\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_ko-kr_ef852cabd8bcb037\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_nb-no_d817ade0b0e1dbf3\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_nl-nl_d656f91eb20de5c8\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_pl-pl_1c9353a09730537c\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_pt-pt_1fc90db09529573c\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_ru-ru_666c1f747a0ae568\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_sv-se_026709e97133efc3\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_tr-tr_ab7454305feff1b4\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_zh-cn_7cd1722e1027c3d3\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_zh-hk_7b7c6abc11033663\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_zh-tw_80cdaf840d98a043\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_7388dcab642949ec\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_de-de_0dee520e5c459a85\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_el-gr_b6847fa14b5b0313\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_en-us_b6df28074b23a64a\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_es-es_b6aa84eb4b4a97ef\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_fi-fi_55c5899840648a19\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_5961faea3e1cae51\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_hu-hu_a0d27b32227c7d6d\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_ja-jp_e5af703e0869a5aa\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_ko-kr_89194cf2fada6cc0\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_nb-no_71abce27d2ff987c\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_nl-nl_6feb1965d42ba251\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_pl-pl_b62773e7b94e1005\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_pt-br_b87b5e8bb7d7a3e9\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_pt-pt_b95d2df7b74713c5\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_pt-br_1ee73e4495b9e760\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_sv-se_9bfb2a309351ac4c\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_tr-tr_45087477820dae3d\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_zh-cn_166592753245805c\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_zh-hk_15108b033320f2ec\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_zh-tw_1a61cfcb2fb65ccc\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_598a353c315310f3\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_de-de_f3efaa9f296f618c\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_el-gr_9c85d8321884ca1a\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_en-us_9ce08098184d6d51\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_es-es_9cabdd7c18745ef6\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_fi-fi_3bc6e2290d8e5120\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_3f63537b0b467558\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_hu-hu_86d3d3c2efa64474\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_ja-jp_cbb0c8ced5936cb1\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_ko-kr_6f1aa583c80433c7\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_nb-no_57ad26b8a0295f83\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_nl-nl_55ec71f6a1556958\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_pl-pl_9c28cc788677d70c\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_pt-br_9e7cb71c85016af0\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_pt-pt_9f5e86888470dacc\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_sv-se_81fc82c1607b7353\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_tr-tr_2b09cd084f377544\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_zh-cn_fc66eb05ff6f4763\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_zh-hk_fb11e394004ab9f3\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_zh-tw_0063285bfce023d3\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_it-it_298b49c1e2785ad6\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_ru-ru_e601984c695268f8\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_da-dk_10c2bcd25a6f45eb\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-d..files-x64.resources_31bf3856ad364e35_6.0.6000.16386_da-dk_f6c4156327990cf2\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..ager-pcat.resources_31bf3856ad364e35_6.0.6000.16386_fr-fr_bfcddaa31bfef1c8\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_msbuild_b03f5f7f11d50a3a_6.0.6000.16720_none_81591d45b0e55432\MSBUIL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_msbuild_b03f5f7f11d50a3a_6.0.6000.20883_none_6a9133e9ca879925\MSBUIL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_msbuild_b03f5f7f11d50a3a_6.0.6001.18000_none_8133189db1382d8a\MSBUIL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_msbuild_b03f5f7f11d50a3a_6.0.6001.18111_none_813401fbb13760d3\MSBUIL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_msbuild_b03f5f7f11d50a3a_6.0.6001.22230_none_6a687297cadcd9e6\MSBUIL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6000.16720_none_7c654fdc62654993\ASPNET~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6000.20883_none_659d66807c078e86\ASPNET~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6001.18111_none_7c40349262b75634\ASPNET~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6001.22230_none_6574a52e7c5ccf47\ASPNET~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\APPCON~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\APPSET~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\DEBUGA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\DEFINE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\EDITAP~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\SMTPSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\APPCON~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\APPSET~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\DEBUGA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\DEFINE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\EDITAP~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\SMTPSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\APPCON~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\APPSET~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\DEBUGA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\DEFINE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\EDITAP~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\SMTPSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\APPCON~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\APPSET~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\DEBUGA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\DEFINE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\EDITAP~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\SMTPSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.16720_none_4ef4fbb8699d6b09\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.16720_none_4ef4fbb8699d6b09\DEFINE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.16720_none_4ef4fbb8699d6b09\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.20883_none_382d125c833faffc\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.20883_none_382d125c833faffc\DEFINE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.20883_none_382d125c833faffc\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.18111_none_4ecfe06e69ef77aa\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.18111_none_4ecfe06e69ef77aa\DEFINE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.18111_none_4ecfe06e69ef77aa\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.22230_none_3804510a8394f0bd\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.22230_none_3804510a8394f0bd\DEFINE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.22230_none_3804510a8394f0bd\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4cb2b120b7498755\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4cb2b120b7498755\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6000.20883_none_35eac7c4d0ebcc48\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6000.20883_none_35eac7c4d0ebcc48\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4c8d95d6b79b93f6\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4c8d95d6b79b93f6\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6001.22230_none_35c20672d1410d09\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6001.22230_none_35c20672d1410d09\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.16720_none_7325c867d7281910\CHOOSE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.16720_none_7325c867d7281910\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.16720_none_7325c867d7281910\MANAGE~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.20883_none_5c5ddf0bf0ca5e03\CHOOSE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.20883_none_5c5ddf0bf0ca5e03\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.20883_none_5c5ddf0bf0ca5e03\MANAGE~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.18111_none_7300ad1dd77a25b1\CHOOSE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.18111_none_7300ad1dd77a25b1\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.18111_none_7300ad1dd77a25b1\MANAGE~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.22230_none_5c351db9f11f9ec4\CHOOSE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.22230_none_5c351db9f11f9ec4\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.22230_none_5c351db9f11f9ec4\MANAGE~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\CHOOSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\MANAGE~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\PROVID~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\CHOOSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\MANAGE~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\PROVID~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\CHOOSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\MANAGE~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\PROVID~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_users_res_b03f5f7f11d50a3a_6.0.6000.16720_none_b103fb905f6db0d9\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_users_res_b03f5f7f11d50a3a_6.0.6000.20883_none_9a3c1234790ff5cc\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_users_res_b03f5f7f11d50a3a_6.0.6001.18111_none_b0dee0465fbfbd7a\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_users_res_b03f5f7f11d50a3a_6.0.6001.22230_none_9a1350e27965368d\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WIZARD~2.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WIZARD~3.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WIZARD~4.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WI1344~1.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WI5BF5~1.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WIZARD~2.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WIZARD~3.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WIZARD~4.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WI1344~1.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WI5BF5~1.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WIZARD~2.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WIZARD~3.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WIZARD~4.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WI1344~1.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WI5BF5~1.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webmintrust_config_b03f5f7f11d50a3a_6.0.6000.16720_none_e2c358ab062e054b\WEB_MI~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webmintrust_config_b03f5f7f11d50a3a_6.0.6000.20883_none_cbfb6f4f1fd04a3e\WEB_MI~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webmintrust_config_b03f5f7f11d50a3a_6.0.6001.18111_none_e29e3d61068011ec\WEB_MI~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webmintrust_config_b03f5f7f11d50a3a_6.0.6001.22230_none_cbd2adfd20258aff\WEB_MI~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_core_schema__b03f5f7f11d50a3a_6.0.6000.16720_none_b462fc0cbe880bcb\MICROS~1.XSD
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_core_schema__b03f5f7f11d50a3a_6.0.6000.20883_none_9d9b12b0d82a50be\MICROS~1.XSD
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_core_schema__b03f5f7f11d50a3a_6.0.6001.18111_none_b43de0c2beda186c\MICROS~1.XSD
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-msbuild_core_schema__b03f5f7f11d50a3a_6.0.6001.22230_none_9d72515ed87f917f\MICROS~1.XSD
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\CHOOSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\MANAGE~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\PROVID~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6001.18111_none_87ae800b19ca9087\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6001.18111_none_87ae800b19ca9087\MANAGE~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WIZARD~2.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WIZARD~3.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WIZARD~4.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WI1344~1.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WI5BF5~1.ASC
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6000.16708_none_c8df4fb390304286\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6000.20864_none_c9240bcea982249a\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.18096_none_ca623c938da19f1b\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_ini_31bf3856ad364e35_6.0.6001.22208_none_cb4f2b24a6747341\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_policy.1.2.microsof..op.security.azroles_31bf3856ad364e35_6.0.6000.16386_none_ea83414c2e75b887\Microsoft.Interop.Security.AzRoles.config
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-ado_net_diag_b03f5f7f11d50a3a_6.0.6000.16720_none_6d811f76e797ee4e\ADONET~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-ado_net_diag_b03f5f7f11d50a3a_6.0.6000.20883_none_56b9361b013a3341\ADONET~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-ado_net_diag_b03f5f7f11d50a3a_6.0.6001.18000_none_6d5b1acee7eac7a6\ADONET~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-ado_net_diag_b03f5f7f11d50a3a_6.0.6001.18111_none_6d5c042ce7e9faef\ADONET~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-ado_net_diag_b03f5f7f11d50a3a_6.0.6001.22230_none_569074c9018f7402\ADONET~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_mscorlib.resources_b77a5c561934e089_6.0.6000.16720_de-de_65722c179a7be658\MSCORL~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_mscorlib.resources_b77a5c561934e089_6.0.6000.20883_de-de_4eaa42bbb41e2b4b\MSCORL~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_mscorlib.resources_b77a5c561934e089_6.0.6001.18111_de-de_654d10cd9acdf2f9\MSCORL~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.web.resources_b03f5f7f11d50a3a_6.0.6000.20883_de-de_3c0118029467d8fb\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.web.resources_b03f5f7f11d50a3a_6.0.6001.18111_de-de_52a3e6147b17a0a9\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.web.resources_b03f5f7f11d50a3a_6.0.6001.22230_de-de_3bd856b094bd19bc\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_it-it_4389f131154e93cf\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-b..nment-pxe.resources_31bf3856ad364e35_6.0.6000.16386_ru-ru_00003fbb9c28a1f1\BOOTMG~1.MUI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-dv_aspnetmmc_chm_res_b03f5f7f11d50a3a_6.0.6000.16720_none_f49cbb9015dc43b3\DV_ASP~1.CHM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-dv_aspnetmmc_chm_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ddd4d2342f7e88a6\DV_ASP~1.CHM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-dv_aspnetmmc_chm_res_b03f5f7f11d50a3a_6.0.6001.18111_none_f477a046162e5054\DV_ASP~1.CHM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-dv_aspnetmmc_chm_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ddac10e22fd3c967\DV_ASP~1.CHM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webmedtrust_config_b03f5f7f11d50a3a_6.0.6000.16720_none_2c88b9b71ca44e71\WEB_ME~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webmedtrust_config_b03f5f7f11d50a3a_6.0.6000.20883_none_15c0d05b36469364\WEB_ME~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webmedtrust_config_b03f5f7f11d50a3a_6.0.6001.18111_none_2c639e6d1cf65b12\WEB_ME~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webmedtrust_config_b03f5f7f11d50a3a_6.0.6001.22230_none_15980f09369bd425\WEB_ME~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6001.22230_none_70e2f0a73370099a\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6001.22230_none_70e2f0a73370099a\MANAGE~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_security_b03f5f7f11d50a3a_6.0.6000.16720_none_62b207ce0c996d96\SETUPA~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_security_b03f5f7f11d50a3a_6.0.6000.20883_none_4bea1e72263bb289\SETUPA~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_security_b03f5f7f11d50a3a_6.0.6001.18111_none_628cec840ceb7a37\SETUPA~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_security_b03f5f7f11d50a3a_6.0.6001.22230_none_4bc15d202690f34a\SETUPA~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_secur_res_b03f5f7f11d50a3a_6.0.6000.16720_none_c39efe8a3f927437\SETUPA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_secur_res_b03f5f7f11d50a3a_6.0.6000.20883_none_acd7152e5934b92a\SETUPA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_secur_res_b03f5f7f11d50a3a_6.0.6001.18111_none_c379e3403fe480d8\SETUPA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_secur_res_b03f5f7f11d50a3a_6.0.6001.22230_none_acae53dc5989f9eb\SETUPA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e101494a280d4e0b\NAVIGA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e101494a280d4e0b\WEBADM~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e101494a280d4e0b\WEBADM~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e101494a280d4e0b\WEBADM~3.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e101494a280d4e0b\WEBADM~4.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e101494a280d4e0b\WED669~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ca395fee41af92fe\NAVIGA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ca395fee41af92fe\WEBADM~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ca395fee41af92fe\WEBADM~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ca395fee41af92fe\WEBADM~3.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ca395fee41af92fe\WEBADM~4.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ca395fee41af92fe\WED669~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e0dc2e00285f5aac\NAVIGA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e0dc2e00285f5aac\WEBADM~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e0dc2e00285f5aac\WEBADM~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e0dc2e00285f5aac\WEBADM~3.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e0dc2e00285f5aac\WEBADM~4.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e0dc2e00285f5aac\WED669~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ca109e9c4204d3bf\NAVIGA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ca109e9c4204d3bf\WEBADM~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ca109e9c4204d3bf\WEBADM~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ca109e9c4204d3bf\WEBADM~3.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ca109e9c4204d3bf\WEBADM~4.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ca109e9c4204d3bf\WED669~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6000.16720_none_950a4e2fda3ee0ba\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6000.16720_none_950a4e2fda3ee0ba\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6000.20883_none_7e4264d3f3e125ad\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6000.20883_none_7e4264d3f3e125ad\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.18111_none_94e532e5da90ed5b\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.18111_none_94e532e5da90ed5b\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.22230_none_7e19a381f436666e\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.22230_none_7e19a381f436666e\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallpersistsql_b03f5f7f11d50a3a_6.0.6000.16720_none_de8fef9cea4fec76\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-installutil_exe_config_rtm_31bf3856ad364e35_6.0.6000.16720_none_c2e2272db9e7b99c\INSTAL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-installutil_exe_config_rtm_31bf3856ad364e35_6.0.6000.20883_none_c32de54ed3334d11\INSTAL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-installutil_exe_config_rtm_31bf3856ad364e35_6.0.6001.18111_none_c4d43609b70547f3\INSTAL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-installutil_exe_config_rtm_31bf3856ad364e35_6.0.6001.22230_none_c54732b2d0340648\INSTAL~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-csc_exe_config_b03f5f7f11d50a3a_6.0.6000.16720_none_879a188098bde787\CSCEXE~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-csc_exe_config_b03f5f7f11d50a3a_6.0.6000.20883_none_70d22f24b2602c7a\CSCEXE~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-csc_exe_config_b03f5f7f11d50a3a_6.0.6001.18111_none_8774fd36990ff428\CSCEXE~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-csc_exe_config_b03f5f7f11d50a3a_6.0.6001.22230_none_70a96dd2b2b56d3b\CSCEXE~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-config_files_.._gacutil_exe_config_31bf3856ad364e35_6.0.6000.16720_none_9b01a5fdd9371aff\GACUTI~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-config_files_.._gacutil_exe_config_31bf3856ad364e35_6.0.6000.20883_none_9b4d641ef282ae74\GACUTI~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-config_files_.._gacutil_exe_config_31bf3856ad364e35_6.0.6001.18111_none_9cf3b4d9d654a956\GACUTI~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-config_files_.._gacutil_exe_config_31bf3856ad364e35_6.0.6001.22230_none_9d66b182ef8367ab\GACUTI~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.16720_none_a5a88a6ce272adc8\CONFIR~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.16720_none_a5a88a6ce272adc8\WIZARD~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.16720_none_a5a88a6ce272adc8\WIZARD~3.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.16720_none_a5a88a6ce272adc8\WIZARD~4.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.16720_none_a5a88a6ce272adc8\WI7FD4~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.16720_none_a5a88a6ce272adc8\WI49C3~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.16720_none_a5a88a6ce272adc8\WI2CD7~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.16720_none_a5a88a6ce272adc8\WI3A48~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.20883_none_8ee0a110fc14f2bb\CONFIR~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.20883_none_8ee0a110fc14f2bb\WIZARD~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.20883_none_8ee0a110fc14f2bb\WIZARD~3.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.20883_none_8ee0a110fc14f2bb\WIZARD~4.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.20883_none_8ee0a110fc14f2bb\WI7FD4~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.20883_none_8ee0a110fc14f2bb\WI49C3~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.20883_none_8ee0a110fc14f2bb\WI2CD7~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6000.20883_none_8ee0a110fc14f2bb\WI3A48~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.18111_none_a5836f22e2c4ba69\CONFIR~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.18111_none_a5836f22e2c4ba69\WIZARD~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.18111_none_a5836f22e2c4ba69\WIZARD~3.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.18111_none_a5836f22e2c4ba69\WIZARD~4.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.18111_none_a5836f22e2c4ba69\WI7FD4~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.18111_none_a5836f22e2c4ba69\WI49C3~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.18111_none_a5836f22e2c4ba69\WI2CD7~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.18111_none_a5836f22e2c4ba69\WI3A48~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.22230_none_8eb7dfbefc6a337c\CONFIR~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.22230_none_8eb7dfbefc6a337c\WIZARD~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.22230_none_8eb7dfbefc6a337c\WIZARD~3.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.22230_none_8eb7dfbefc6a337c\WIZARD~4.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.22230_none_8eb7dfbefc6a337c\WI7FD4~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.22230_none_8eb7dfbefc6a337c\WI49C3~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.22230_none_8eb7dfbefc6a337c\WI2CD7~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_res_b03f5f7f11d50a3a_6.0.6001.22230_none_8eb7dfbefc6a337c\WI3A48~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webevent_sqlprov_b03f5f7f11d50a3a_6.0.6000.16720_none_a35a3f7808e4975c\INSTAL~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webevent_sqlprov_b03f5f7f11d50a3a_6.0.6000.16720_none_a35a3f7808e4975c\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webevent_sqlprov_b03f5f7f11d50a3a_6.0.6000.20883_none_8c92561c2286dc4f\INSTAL~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webevent_sqlprov_b03f5f7f11d50a3a_6.0.6000.20883_none_8c92561c2286dc4f\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webevent_sqlprov_b03f5f7f11d50a3a_6.0.6001.18111_none_a335242e0936a3fd\INSTAL~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webevent_sqlprov_b03f5f7f11d50a3a_6.0.6001.18111_none_a335242e0936a3fd\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webevent_sqlprov_b03f5f7f11d50a3a_6.0.6001.22230_none_8c6994ca22dc1d10\INSTAL~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webevent_sqlprov_b03f5f7f11d50a3a_6.0.6001.22230_none_8c6994ca22dc1d10\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6000.16720_none_fc112931b73e055f\APPCON~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6000.16720_none_fc112931b73e055f\GLOBAL~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6000.20883_none_e5493fd5d0e04a52\APPCON~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6000.20883_none_e5493fd5d0e04a52\GLOBAL~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6001.18111_none_fbec0de7b7901200\APPCON~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6001.18111_none_fbec0de7b7901200\GLOBAL~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6001.22230_none_e5207e83d1358b13\APPCON~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6001.22230_none_e5207e83d1358b13\GLOBAL~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_b03f5f7f11d50a3a_6.0.6000.16720_none_75ed8ff3a0e5994f\MANAGE~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_b03f5f7f11d50a3a_6.0.6000.20883_none_5f25a697ba87de42\MANAGE~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_b03f5f7f11d50a3a_6.0.6001.18111_none_75c874a9a137a5f0\MANAGE~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_b03f5f7f11d50a3a_6.0.6001.22230_none_5efce545badd1f03\MANAGE~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6000.16720_none_87d39b55197883e6\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6000.16720_none_87d39b55197883e6\MANAGE~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6000.20883_none_710bb1f9331ac8d9\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6000.20883_none_710bb1f9331ac8d9\MANAGE~2.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_common_sql_b03f5f7f11d50a3a_6.0.6000.16720_none_0ea9296b9063c95e\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_common_sql_b03f5f7f11d50a3a_6.0.6000.20883_none_f7e1400faa060e51\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_common_sql_b03f5f7f11d50a3a_6.0.6001.18000_none_0e8324c390b6a2b6\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_common_sql_b03f5f7f11d50a3a_6.0.6001.18111_none_0e840e2190b5d5ff\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_common_sql_b03f5f7f11d50a3a_6.0.6001.22230_none_f7b87ebdaa5b4f12\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6001.22230_none_31df6e1f02164f7f\INSTAL~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6001.22230_none_31df6e1f02164f7f\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_pg_persnlization_sql_b03f5f7f11d50a3a_6.0.6000.16720_none_b898612ecd927be5\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_pg_persnlization_sql_b03f5f7f11d50a3a_6.0.6000.20883_none_a1d077d2e734c0d8\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_pg_persnlization_sql_b03f5f7f11d50a3a_6.0.6001.18111_none_b87345e4cde48886\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_pg_persnlization_sql_b03f5f7f11d50a3a_6.0.6001.22230_none_a1a7b680e78a0199\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.data.oracleclient.resources_b77a5c561934e089_6.0.6000.16720_de-de_31f680b8c05a2ee1\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallpersistsql_b03f5f7f11d50a3a_6.0.6001.18111_none_de6ad452eaa1f917\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallpersistsql_b03f5f7f11d50a3a_6.0.6001.22230_none_c79f44ef0447722a\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6000.16720_none_04c87b54ba4ac535\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6000.20883_none_ee0091f8d3ed0a28\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6001.18111_none_04a3600aba9cd1d6\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6001.22230_none_edd7d0a6d4424ae9\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6001.18111_none_48aafd82e870d66c\INSTAL~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6001.18111_none_48aafd82e870d66c\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallpersistsql_b03f5f7f11d50a3a_6.0.6000.20883_none_c7c8064103f23169\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6000.16720_none_48d018cce81ec9cb\INSTAL~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6000.16720_none_48d018cce81ec9cb\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6000.20883_none_32082f7101c10ebe\INSTAL~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_personalization_sql_b03f5f7f11d50a3a_6.0.6000.20883_none_32082f7101c10ebe\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_mof_b03f5f7f11d50a3a_6.0.6000.16720_none_a54ef540d05f91fc\ASPNET~1.UNI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_mof_b03f5f7f11d50a3a_6.0.6000.20883_none_8e870be4ea01d6ef\ASPNET~1.UNI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_mof_b03f5f7f11d50a3a_6.0.6001.18111_none_a529d9f6d0b19e9d\ASPNET~1.UNI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_mof_b03f5f7f11d50a3a_6.0.6001.22230_none_8e5e4a92ea5717b0\ASPNET~1.UNI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.web.resources_b03f5f7f11d50a3a_6.0.6000.16720_de-de_52c9015e7ac59408\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_tx_bridge_perf_c_ini_31bf3856ad364e35_6.0.6000.16708_none_7ea10e5931166775\_TRANS~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_tx_bridge_perf_c_ini_31bf3856ad364e35_6.0.6000.20864_none_7ee5ca744a684989\_TRANS~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_tx_bridge_perf_c_ini_31bf3856ad364e35_6.0.6001.18096_none_8023fb392e87c40a\_TRANS~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_tx_bridge_perf_c_ini_31bf3856ad364e35_6.0.6001.22208_none_8110e9ca475a9830\_TRANS~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6000.16708_none_c1843fad322b4004\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6000.20864_none_c1c8fbc84b7d2218\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6001.18096_none_c3072c8d2f9c9c99\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_op_perf_c_ini_31bf3856ad364e35_6.0.6001.22208_none_c3f41b1e486f70bf\_SERVI~1.INI
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_mscorlib.resources_b77a5c561934e089_6.0.6001.22230_de-de_4e818169b4736c0c\MSCORL~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.xml.resources_b77a5c561934e089_6.0.6000.16720_de-de_4a901ef6016a21fb\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.xml.resources_b77a5c561934e089_6.0.6000.20883_de-de_33c8359a1b0c66ee\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.xml.resources_b77a5c561934e089_6.0.6001.18111_de-de_4a6b03ac01bc2e9c\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.xml.resources_b77a5c561934e089_6.0.6001.22230_de-de_339f74481b61a7af\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.data.oracleclient.resources_b77a5c561934e089_6.0.6000.20883_de-de_1b2e975cd9fc73d4\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.data.oracleclient.resources_b77a5c561934e089_6.0.6001.18111_de-de_31d1656ec0ac3b82\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\msil_system.data.oracleclient.resources_b77a5c561934e089_6.0.6001.22230_de-de_1b05d60ada51b495\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\GATHER~1.VBS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\RULESS~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\WIRELE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\GATHER~1.VBS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\RULESS~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\WIRELE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\GATHER~1.VBS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\RULESS~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\WIRELE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\GATHER~1.VBS
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\RULESS~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\WIRELE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\PLA\Rules\RULESS~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\PLA\System\WIRELE~1.XML
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\ADONET~1.MOF
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\ASPNET~1.UNI
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\DV_ASP~1.CHM
Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: c:\users\hetkala\appdata\local\temp\~df27bd.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\users\hetkala\appdata\local\temp\~df632a.tmp
Status: Allocation size mismatch (API: 32768, Raw: 0)

Path: c:\users\hetkala\appdata\local\temp\~dfb4fb.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.0.6000.16386__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
Status: Locked to the Windows API!

Path: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\SYSTEM~1.DLL
Status: Locked to the Windows API!

Path: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
Status: Locked to the Windows API!

Path: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
Status: Locked to the Windows API!

Path: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
Status: Locked to the Windows API!

Path: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
Status: Locked to the Windows API!

Path: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTkerberos.etl
Status: Locked to the Windows API!

Path: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMsMpPsSession.etl
Status: Locked to the Windows API!

Path: c:\programdata\microsoft\search\data\applications\windows\gatherlogs\systemindex\systemindex.380.gthr
Status: Allocation size mismatch (API: 65536, Raw: 40960)
Seitenanfang Seitenende
20.12.2009, 20:08
Moderator

Beiträge: 5694
#30 Datei-Überprüfung

Folgende Datei/en (siehe Codebox) bei VirusTotal online überprüfen lassen. Dafür musst Du jede Datei einzeln über den Button "Durchsuchen" und "Senden der Datei" nach VirusTotal hochladen und prüfen lassen. Wenn VirusTotal die Datei empfangen hat, wird sie diese mit mehreren Anti-Virus-Scannern prüfen und die Ergebnisse anzeigen. Sollte VirusTotal melden, dass die Datei bereits überpüft wurde, lasse sie trotzdem über den Button "Analysiere die Datei" erneut prüfen.

Zitat

C:\Windows\System32\printfilterpipelinesvc.exe
Wenn das Ergebnis vorliegt, den kleinen Button "Filter" links oberhalb der Ergebnisse drücken, dann das Ergebnis (egal wie es aussieht und dabei auch die Zeilen mit Namen und Größe der Datei, MD5 und SHA1 kopieren) hier posten. Solltest Du die Datei/en nicht finden oder hochladen können, dann teile uns das ebenfalls mit. Solltest Du die Datei/en nicht finden, überprüfe, ob folgende Einstellungen richtig gesetzt sind.

>>>
Schau ob Du folgende Datei auf dem Desktop findest:

teilnahmebedingungen.pdf


Falls ja, dann prüfe diese ebenfalls bei Virustotal.

>>>
Filesharing

Ich poste mal folgenden Hinweis, nicht mit erhobenem Zeigefinger, sondern weil Du Dir dessen vielleicht nicht bewusst bist. Du benutzt P2P-Programme. Wenn Du ein sauberes System bekommen respektive behalten möchtest, solltest Du auf den Download von Software aus solchen Quellen verzichten, denn auch wenn das P2P-Programm selbst "sauber" ist, bewahrt es Dich nicht davor, evtl. schädliche Programme auf Deinen Rechner zu holen.

Du siehst, die Gefahr ist sehr groß, sich über diese Wege zu infizieren. Aus diesem Grund bereinige ich lieber Systeme, die keine solchen Programme installiert haben und bitte Dich daher alle Programme, die in diese Richtung gehen, während unserer Bereinigung komplett und rückstandlos über Systemsteuerung => Software zu deinstallieren

Zitat

uTorrent
streamtorrent 1.0
>>>
Java aktualisieren

Deine Javaversion ist nicht aktuell. Da einige Schädlinge (z. B. Vundo) über Java-Exploits in das System eindringen, deinstalliere zunächst alle vorhandenen Java-Versionen über Systemsteuerung => Software => deinstallieren. Starte den Rechner neu.

Downloade nun die Offline-Version von Java (Java SE Runtime Environment (JRE) 6 Update 17) von SUN. Wenn Du auf Download geklickt hast, erscheint eine Seite, wo Du das Betriebssystem auswählen musst (also Windows) und ein Häkchen bei "I agree" setzen musst. Dann auf den Button "Continue" klicken. Dort die jre-6u17-windows-i586.exe downloaden und anschließend installieren, eventuell angebotene Toolbars nicht mitinstallieren.

>>>
Rootkit-Suche mit Gmer

Was sind Rootkits?

Wichtig: Bei jedem Rootkit-Scans soll/en:

• alle anderen Programme gegen Viren, Spyware, usw. deaktiviert sein,
• keine Verbindung zu einem Netzwerk/Internet bestehen (WLAN nicht vergessen),
nichts am Rechner getan werden,
nach jedem Scan der Rechner neu gestartet werden.
Nicht vergessen, nach dem Rootkit-Scan die Security-Programme wieder einzuschalten!

Lade Dir Gmer von dieser Seite herunter
(auf den Button Download EXE drücken) und das Programm auf dem Desktop speichern.

• Gmer ist geeignet für => NT/W2K/XP/VISTA.
• Alle anderen Programme sollen geschlossen sein.
• Starte gmer.exe (hat einen willkürlichen Programm-Namen).
Vista-User mit Rechtsklick und als Administrator starten.
• Gmer startet automatisch einen ersten Scan.
• Sollte sich ein Fenster mit folgender Warnung öffnen:

Code

WARNING !!!
GMER has found system modification, which might have been caused by ROOTKIT activity.
Do you want to fully scan your system?

• Unbedingt auf "No" klicken,
anschließend über den Copy-Button das bisherige Resultat in die Zwischenablage zu kopieren.
• Füge das Log aus der Zwischenablage mit STRG + V in Deine Antwort in Deinem Thread ein.
.
• Falls das nicht der Fall war, wähle nun den Reiter "Rootkit/Malware",
• Hake an: System, Sections, IAT/EAT, Devices, Modules, Processes, Threads, Libraries, Services, Registry und Files.
Wichtig: "Show all" darf nicht angehakt sein!
• Starte den Scan durch Drücken des Buttons "Scan".
Mache nichts am Computer während der Scan läuft.
• Wenn der Scan fertig ist klicke auf "Copy" um das Log in die Zwischenablage zu kopieren.
Mit "Ok" wird Gmer beendet.
• Füge das Log aus der Zwischenablage in Deine Antwort hier ein (mit STRG + V).

Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

Nun das Logfile in Code-Tags posten.
Seitenanfang Seitenende