| |
| |||||||
Log-Analyse und Auswertung: RunDll : install_0_msi.exe wurde nicht gefunden, trojaner?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.09.2012, 10:19
| #16 |
 |  RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Hallo OTL Fix hat nun funktioniert: Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_USERS\S-1-5-21-3824828935-2654943386-2761245426-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-3824828935-2654943386-2761245426-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{64D0FFC8-C37A-48E4-A128-9E38886E4E5A} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64D0FFC8-C37A-48E4-A128-9E38886E4E5A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3824828935-2654943386-2761245426-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
File C:\Windows\System32\oobe\info\HKCU.vbs not found.
Registry key HKEY_USERS\S-1-5-21-3824828935-2654943386-2761245426-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
File move failed. C:\Windows\System32\mctadmin.exe scheduled to be moved on reboot.
Registry key HKEY_USERS\S-1-5-21-3824828935-2654943386-2761245426-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
File C:\Windows\Web\Wallpaper\MEDION\start.vbs not found.
Registry value HKEY_USERS\S-1-5-21-3824828935-2654943386-2761245426-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-21-3824828935-2654943386-2761245426-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\LogonHoursAction not found.
Registry value HKEY_USERS\S-1-5-21-3824828935-2654943386-2761245426-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DontDisplayLogonHoursWarnings not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
Unable to delete ADS C:\Users\Public\Documents\desktop.ini:gs5sys .
Unable to delete ADS C:\ProgramData:gs5sys .
Unable to delete ADS C:\Users\Erwin\Documents\desktop.ini:gs5sys .
Unable to delete ADS C:\Users\Erwin\Desktop\desktop.ini:gs5sys .
========== FILES ==========
File\Folder C:\Users\Erwin\Desktop\*.pad not found.
File\Folder C:\ProgramData\*.pad not found.
C:\Windows\System32\mmf.sys moved successfully.
C:\Windows\mmfs.dll moved successfully.
C:\Windows\Runservice.exe moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Erwin\Desktop\cmd.bat deleted successfully.
C:\Users\Erwin\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Erwin
->Temp folder emptied: 908312671 bytes
->Temporary Internet Files folder emptied: 853122448 bytes
->Java cache emptied: 57884627 bytes
->FireFox cache emptied: 1155679781 bytes
->Flash cache emptied: 2595 bytes
User: Gast
->Temp folder emptied: 50533 bytes
->Temporary Internet Files folder emptied: 38228693 bytes
->Flash cache emptied: 9197 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 1139200 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5117483509 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 7.755,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.66.0 log created on 09282012_110947
Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\mctadmin.exe scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
28.09.2012, 14:06
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
29.09.2012, 16:16
| #18 |
| | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Hallo
__________________Hier das log: Code:
ATTFilter 17:10:29.0053 2552 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:10:29.0069 2552 ============================================================
17:10:29.0069 2552 Current date / time: 2012/09/29 17:10:29.0069
17:10:29.0069 2552 SystemInfo:
17:10:29.0069 2552
17:10:29.0069 2552 OS Version: 6.1.7601 ServicePack: 1.0
17:10:29.0069 2552 Product type: Workstation
17:10:29.0069 2552 ComputerName: ERWIN-PC
17:10:29.0069 2552 UserName: Erwin
17:10:29.0069 2552 Windows directory: C:\Windows
17:10:29.0069 2552 System windows directory: C:\Windows
17:10:29.0069 2552 Processor architecture: Intel x86
17:10:29.0069 2552 Number of processors: 4
17:10:29.0069 2552 Page size: 0x1000
17:10:29.0069 2552 Boot type: Normal boot
17:10:29.0069 2552 ============================================================
17:10:30.0161 2552 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:10:30.0192 2552 ============================================================
17:10:30.0192 2552 \Device\Harddisk0\DR0:
17:10:30.0192 2552 MBR partitions:
17:10:30.0192 2552 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:10:30.0192 2552 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x71CD3000
17:10:30.0192 2552 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x71D05800, BlocksNum 0x2800000
17:10:30.0192 2552 ============================================================
17:10:30.0301 2552 C: <-> \Device\Harddisk0\DR0\Partition2
17:10:34.0419 2552 D: <-> \Device\Harddisk0\DR0\Partition3
17:10:34.0419 2552 ============================================================
17:10:34.0419 2552 Initialize success
17:10:34.0419 2552 ============================================================
17:11:33.0216 0460 ============================================================
17:11:33.0216 0460 Scan started
17:11:33.0216 0460 Mode: Manual; SigCheck; TDLFS;
17:11:33.0216 0460 ============================================================
17:11:47.0272 0460 ================ Scan system memory ========================
17:11:47.0272 0460 System memory - ok
17:11:47.0272 0460 ================ Scan services =============================
17:11:48.0925 0460 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:11:49.0268 0460 1394ohci - ok
17:11:49.0409 0460 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:11:49.0456 0460 ACPI - ok
17:11:49.0580 0460 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:11:50.0048 0460 AcpiPmi - ok
17:11:50.0345 0460 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:11:50.0532 0460 AdobeFlashPlayerUpdateSvc - ok
17:11:50.0766 0460 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:11:50.0828 0460 adp94xx - ok
17:11:50.0984 0460 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:11:51.0031 0460 adpahci - ok
17:11:51.0156 0460 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:11:51.0234 0460 adpu320 - ok
17:11:51.0328 0460 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:11:51.0421 0460 AeLookupSvc - ok
17:11:51.0546 0460 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
17:11:51.0655 0460 AFD - ok
17:11:51.0796 0460 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:11:51.0858 0460 agp440 - ok
17:11:51.0983 0460 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:11:52.0014 0460 aic78xx - ok
17:11:52.0123 0460 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
17:11:52.0295 0460 ALG - ok
17:11:52.0388 0460 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
17:11:52.0498 0460 aliide - ok
17:11:52.0591 0460 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:11:52.0638 0460 amdagp - ok
17:11:52.0716 0460 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
17:11:52.0747 0460 amdide - ok
17:11:52.0841 0460 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:11:52.0966 0460 AmdK8 - ok
17:11:53.0137 0460 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:11:53.0200 0460 AmdPPM - ok
17:11:53.0278 0460 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:11:53.0309 0460 amdsata - ok
17:11:53.0418 0460 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:11:53.0496 0460 amdsbs - ok
17:11:53.0621 0460 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:11:53.0636 0460 amdxata - ok
17:11:53.0761 0460 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
17:11:53.0870 0460 androidusb - ok
17:11:53.0964 0460 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
17:11:54.0557 0460 AppID - ok
17:11:54.0666 0460 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:11:54.0744 0460 AppIDSvc - ok
17:11:54.0884 0460 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
17:11:54.0947 0460 Appinfo - ok
17:11:55.0056 0460 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:11:55.0150 0460 arc - ok
17:11:55.0196 0460 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:11:55.0243 0460 arcsas - ok
17:11:55.0321 0460 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:11:56.0663 0460 AsyncMac - ok
17:11:56.0912 0460 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
17:11:57.0100 0460 atapi - ok
17:11:57.0318 0460 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:11:57.0396 0460 AudioEndpointBuilder - ok
17:11:57.0396 0460 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:11:57.0443 0460 Audiosrv - ok
17:11:57.0848 0460 [ 780AC17E6C1B5A35AB5A2BA58212EA55 ] AVKProxy C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
17:11:57.0895 0460 AVKProxy - ok
17:11:58.0192 0460 [ EB024C7DFCFBC24117BABD07B4020D81 ] AVKService C:\Program Files\G Data\TotalCare\AVK\AVKService.exe
17:11:58.0207 0460 AVKService - ok
17:11:58.0472 0460 [ 360E4F34D4FD87A432639A48054954EA ] AVKWCtl C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe
17:11:58.0519 0460 AVKWCtl - ok
17:11:58.0675 0460 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:11:59.0096 0460 AxInstSV - ok
17:11:59.0237 0460 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:11:59.0346 0460 b06bdrv - ok
17:11:59.0549 0460 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:11:59.0580 0460 b57nd60x - ok
17:11:59.0689 0460 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
17:11:59.0783 0460 BDESVC - ok
17:11:59.0861 0460 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
17:11:59.0939 0460 Beep - ok
17:12:00.0064 0460 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
17:12:00.0157 0460 BFE - ok
17:12:00.0422 0460 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
17:12:00.0532 0460 BITS - ok
17:12:00.0625 0460 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:12:00.0688 0460 blbdrive - ok
17:12:00.0766 0460 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:12:00.0844 0460 bowser - ok
17:12:00.0890 0460 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:12:01.0031 0460 BrFiltLo - ok
17:12:01.0109 0460 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:12:01.0202 0460 BrFiltUp - ok
17:12:01.0374 0460 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
17:12:01.0483 0460 Browser - ok
17:12:01.0577 0460 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:12:01.0811 0460 Brserid - ok
17:12:01.0920 0460 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:12:01.0982 0460 BrSerWdm - ok
17:12:02.0045 0460 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:12:02.0123 0460 BrUsbMdm - ok
17:12:02.0185 0460 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:12:02.0232 0460 BrUsbSer - ok
17:12:02.0294 0460 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:12:02.0388 0460 BTHMODEM - ok
17:12:02.0482 0460 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
17:12:02.0575 0460 bthserv - ok
17:12:02.0622 0460 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:12:02.0716 0460 cdfs - ok
17:12:02.0809 0460 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:12:02.0981 0460 cdrom - ok
17:12:03.0090 0460 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
17:12:03.0152 0460 CertPropSvc - ok
17:12:03.0246 0460 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:12:03.0293 0460 circlass - ok
17:12:03.0371 0460 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
17:12:03.0402 0460 CLFS - ok
17:12:03.0652 0460 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:12:03.0683 0460 clr_optimization_v2.0.50727_32 - ok
17:12:04.0166 0460 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:12:04.0338 0460 clr_optimization_v4.0.30319_32 - ok
17:12:04.0369 0460 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:12:04.0416 0460 CmBatt - ok
17:12:04.0463 0460 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:12:04.0494 0460 cmdide - ok
17:12:04.0588 0460 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
17:12:04.0619 0460 CNG - ok
17:12:04.0650 0460 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:12:04.0666 0460 Compbatt - ok
17:12:04.0790 0460 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:12:04.0837 0460 CompositeBus - ok
17:12:04.0900 0460 COMSysApp - ok
17:12:04.0931 0460 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:12:04.0962 0460 crcdisk - ok
17:12:05.0056 0460 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:12:05.0134 0460 CryptSvc - ok
17:12:05.0258 0460 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:12:05.0336 0460 DcomLaunch - ok
17:12:05.0492 0460 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
17:12:05.0570 0460 defragsvc - ok
17:12:05.0680 0460 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:12:05.0789 0460 DfsC - ok
17:12:05.0914 0460 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:12:06.0054 0460 Dhcp - ok
17:12:06.0101 0460 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
17:12:06.0163 0460 discache - ok
17:12:06.0288 0460 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:12:06.0304 0460 Disk - ok
17:12:06.0382 0460 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:12:06.0475 0460 Dnscache - ok
17:12:06.0569 0460 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
17:12:06.0647 0460 dot3svc - ok
17:12:06.0772 0460 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
17:12:06.0943 0460 DPS - ok
17:12:07.0037 0460 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:12:07.0084 0460 drmkaud - ok
17:12:07.0411 0460 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:12:07.0458 0460 DXGKrnl - ok
17:12:07.0520 0460 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
17:12:07.0598 0460 EapHost - ok
17:12:08.0082 0460 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:12:08.0238 0460 ebdrv - ok
17:12:08.0316 0460 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
17:12:08.0378 0460 EFS - ok
17:12:08.0706 0460 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:12:08.0924 0460 ehRecvr - ok
17:12:08.0971 0460 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
17:12:09.0096 0460 ehSched - ok
17:12:09.0330 0460 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:12:09.0361 0460 elxstor - ok
17:12:09.0533 0460 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:12:09.0595 0460 ErrDev - ok
17:12:09.0720 0460 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
17:12:09.0798 0460 EventSystem - ok
17:12:09.0814 0460 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
17:12:09.0876 0460 exfat - ok
17:12:10.0032 0460 Fabs - ok
17:12:10.0126 0460 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:12:10.0204 0460 fastfat - ok
17:12:10.0391 0460 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
17:12:10.0484 0460 Fax - ok
17:12:10.0578 0460 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:12:10.0640 0460 fdc - ok
17:12:10.0703 0460 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
17:12:10.0734 0460 fdPHost - ok
17:12:10.0781 0460 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
17:12:10.0874 0460 FDResPub - ok
17:12:10.0968 0460 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:12:10.0999 0460 FileInfo - ok
17:12:11.0030 0460 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:12:11.0108 0460 Filetrace - ok
17:12:11.0904 0460 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
17:12:12.0029 0460 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
17:12:12.0029 0460 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
17:12:12.0091 0460 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:12:12.0138 0460 flpydisk - ok
17:12:12.0200 0460 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:12:12.0232 0460 FltMgr - ok
17:12:12.0481 0460 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
17:12:12.0544 0460 FontCache - ok
17:12:12.0684 0460 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:12:12.0700 0460 FontCache3.0.0.0 - ok
17:12:12.0731 0460 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:12:12.0746 0460 FsDepends - ok
17:12:12.0793 0460 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:12:12.0824 0460 Fs_Rec - ok
17:12:12.0902 0460 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:12:12.0934 0460 fvevol - ok
17:12:13.0308 0460 [ 58C2B23086286EDDBC7028C2D33B5651 ] G Data Backup Service C:\Program Files\G Data\TotalCare\AVKBackup\AVKBackupService.exe
17:12:13.0402 0460 G Data Backup Service - ok
17:12:13.0651 0460 [ 4F8209CC63DD74768074E180DCD93C70 ] G Data Tuner Service C:\Program Files\G Data\TotalCare\AVKTuner\AVKTunerService.exe
17:12:13.0698 0460 G Data Tuner Service - ok
17:12:13.0807 0460 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:12:13.0838 0460 gagp30kx - ok
17:12:13.0963 0460 [ D54A94BB49EC52A930EB39A3EB4F43C6 ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
17:12:13.0979 0460 GDBehave - ok
17:12:14.0478 0460 [ 476B1500901D17A357E3EA691087D26E ] GDFwSvc C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe
17:12:14.0525 0460 GDFwSvc - ok
17:12:14.0603 0460 [ 76E409E9264E6732359F89FBCAC098A7 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
17:12:14.0618 0460 GDMnIcpt - ok
17:12:14.0681 0460 [ 9C6E7F164CB5A8B968258EEF110DBB1E ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
17:12:14.0712 0460 GDPkIcpt - ok
17:12:14.0930 0460 [ D31F31342349964E245EAAC1BDC5F6A6 ] GDScan C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe
17:12:14.0946 0460 GDScan - ok
17:12:15.0086 0460 [ DF12E76844F20E6537991E127F1202F4 ] gdwfpcd C:\Windows\system32\DRIVERS\gdwfpcd32.sys
17:12:15.0118 0460 gdwfpcd - ok
17:12:15.0336 0460 [ 5DC17164F66380CBFEFD895C18467773 ] GearAspiWDM C:\Windows\system32\drivers\GEARAspiWDM.sys
17:12:15.0352 0460 GearAspiWDM - ok
17:12:15.0523 0460 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
17:12:15.0601 0460 gpsvc - ok
17:12:15.0757 0460 [ 0AC851CDCBA2D19AC13C3975EDFCA777 ] GRD C:\Windows\system32\drivers\GRD.sys
17:12:15.0773 0460 GRD - ok
17:12:15.0929 0460 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:12:15.0960 0460 gupdate - ok
17:12:15.0991 0460 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:12:16.0022 0460 gupdatem - ok
17:12:16.0163 0460 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:12:16.0194 0460 gusvc - ok
17:12:16.0241 0460 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:12:16.0334 0460 hcw85cir - ok
17:12:16.0568 0460 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:12:16.0646 0460 HdAudAddService - ok
17:12:16.0709 0460 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:12:16.0756 0460 HDAudBus - ok
17:12:16.0818 0460 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:12:16.0865 0460 HidBatt - ok
17:12:16.0896 0460 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:12:16.0943 0460 HidBth - ok
17:12:16.0990 0460 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:12:17.0052 0460 HidIr - ok
17:12:17.0099 0460 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
17:12:17.0161 0460 hidserv - ok
17:12:17.0286 0460 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:12:17.0348 0460 HidUsb - ok
17:12:17.0426 0460 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:12:17.0489 0460 hkmsvc - ok
17:12:17.0567 0460 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:12:17.0660 0460 HomeGroupListener - ok
17:12:17.0754 0460 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:12:17.0848 0460 HomeGroupProvider - ok
17:12:17.0957 0460 [ 17BF8A644D80DAF08E28556DCB80BEA2 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
17:12:17.0972 0460 HookCentre - ok
17:12:18.0035 0460 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:12:18.0066 0460 HpSAMD - ok
17:12:18.0238 0460 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:12:18.0284 0460 HTTP - ok
17:12:18.0362 0460 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:12:18.0394 0460 hwpolicy - ok
17:12:18.0456 0460 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:12:18.0487 0460 i8042prt - ok
17:12:18.0706 0460 [ D5EDB998656E6ECF1A17C78DAB019A3C ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:12:18.0737 0460 iaStor - ok
17:12:18.0862 0460 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:12:18.0893 0460 IAStorDataMgrSvc - ok
17:12:18.0971 0460 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:12:19.0002 0460 iaStorV - ok
17:12:19.0267 0460 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:12:19.0408 0460 idsvc - ok
17:12:19.0470 0460 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:12:19.0501 0460 iirsp - ok
17:12:19.0688 0460 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
17:12:19.0751 0460 IKEEXT - ok
17:12:20.0359 0460 [ 3914EA9111DBEFFAF1C68200817768AD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:12:20.0453 0460 IntcAzAudAddService - ok
17:12:20.0531 0460 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
17:12:20.0562 0460 intelide - ok
17:12:20.0702 0460 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:12:20.0749 0460 intelppm - ok
17:12:20.0796 0460 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:12:20.0890 0460 IPBusEnum - ok
17:12:20.0952 0460 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:12:21.0092 0460 IpFilterDriver - ok
17:12:21.0295 0460 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:12:21.0342 0460 iphlpsvc - ok
17:12:21.0389 0460 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:12:21.0451 0460 IPMIDRV - ok
17:12:21.0545 0460 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:12:21.0638 0460 IPNAT - ok
17:12:21.0779 0460 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:12:22.0325 0460 IRENUM - ok
17:12:22.0434 0460 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:12:22.0465 0460 isapnp - ok
17:12:22.0496 0460 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:12:22.0528 0460 iScsiPrt - ok
17:12:22.0637 0460 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:12:22.0652 0460 kbdclass - ok
17:12:22.0730 0460 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:12:22.0840 0460 kbdhid - ok
17:12:22.0871 0460 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
17:12:22.0902 0460 KeyIso - ok
17:12:22.0980 0460 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:12:22.0996 0460 KSecDD - ok
17:12:23.0058 0460 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:12:23.0089 0460 KSecPkg - ok
17:12:23.0292 0460 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
17:12:23.0370 0460 KtmRm - ok
17:12:23.0479 0460 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
17:12:23.0526 0460 LanmanServer - ok
17:12:23.0573 0460 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:12:23.0635 0460 LanmanWorkstation - ok
17:12:23.0791 0460 LicCtrlService - ok
17:12:23.0900 0460 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:12:23.0978 0460 lltdio - ok
17:12:24.0088 0460 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:12:24.0150 0460 lltdsvc - ok
17:12:24.0259 0460 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
17:12:24.0322 0460 lmhosts - ok
17:12:24.0478 0460 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:12:24.0509 0460 LSI_FC - ok
17:12:24.0556 0460 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:12:24.0571 0460 LSI_SAS - ok
17:12:24.0634 0460 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:12:24.0665 0460 LSI_SAS2 - ok
17:12:24.0743 0460 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:12:24.0758 0460 LSI_SCSI - ok
17:12:24.0852 0460 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
17:12:24.0899 0460 luafv - ok
17:12:24.0961 0460 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:12:24.0992 0460 Mcx2Svc - ok
17:12:25.0008 0460 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:12:25.0024 0460 megasas - ok
17:12:25.0117 0460 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:12:25.0148 0460 MegaSR - ok
17:12:25.0414 0460 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
17:12:25.0429 0460 Microsoft Office Groove Audit Service - ok
17:12:25.0476 0460 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
17:12:25.0538 0460 MMCSS - ok
17:12:25.0601 0460 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
17:12:25.0648 0460 Modem - ok
17:12:25.0741 0460 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:12:25.0788 0460 monitor - ok
17:12:25.0850 0460 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:12:25.0882 0460 mouclass - ok
17:12:26.0022 0460 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:12:26.0069 0460 mouhid - ok
17:12:26.0100 0460 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:12:26.0131 0460 mountmgr - ok
17:12:26.0318 0460 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:12:26.0334 0460 MozillaMaintenance - ok
17:12:26.0506 0460 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
17:12:26.0521 0460 mpio - ok
17:12:26.0568 0460 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:12:26.0630 0460 mpsdrv - ok
17:12:26.0818 0460 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:12:26.0896 0460 MpsSvc - ok
17:12:26.0974 0460 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:12:27.0005 0460 MRxDAV - ok
17:12:27.0083 0460 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:12:27.0161 0460 mrxsmb - ok
17:12:27.0239 0460 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:12:27.0286 0460 mrxsmb10 - ok
17:12:27.0317 0460 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:12:27.0379 0460 mrxsmb20 - ok
17:12:27.0426 0460 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
17:12:27.0457 0460 msahci - ok
17:12:27.0504 0460 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:12:27.0535 0460 msdsm - ok
17:12:27.0551 0460 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
17:12:27.0598 0460 MSDTC - ok
17:12:27.0738 0460 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:12:27.0800 0460 Msfs - ok
17:12:27.0832 0460 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:12:27.0878 0460 mshidkmdf - ok
17:12:27.0925 0460 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:12:27.0941 0460 msisadrv - ok
17:12:28.0003 0460 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:12:28.0066 0460 MSiSCSI - ok
17:12:28.0066 0460 msiserver - ok
17:12:28.0144 0460 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:12:28.0206 0460 MSKSSRV - ok
17:12:28.0300 0460 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:12:28.0362 0460 MSPCLOCK - ok
17:12:28.0393 0460 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:12:28.0440 0460 MSPQM - ok
17:12:28.0471 0460 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:12:28.0502 0460 MsRPC - ok
17:12:28.0534 0460 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:12:28.0565 0460 mssmbios - ok
17:12:28.0612 0460 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:12:28.0658 0460 MSTEE - ok
17:12:28.0705 0460 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:12:28.0752 0460 MTConfig - ok
17:12:28.0783 0460 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
17:12:28.0814 0460 Mup - ok
17:12:28.0908 0460 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
17:12:28.0955 0460 napagent - ok
17:12:29.0033 0460 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:12:29.0064 0460 NativeWifiP - ok
17:12:29.0189 0460 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:12:29.0220 0460 NDIS - ok
17:12:29.0282 0460 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:12:29.0345 0460 NdisCap - ok
17:12:29.0407 0460 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:12:29.0470 0460 NdisTapi - ok
17:12:29.0532 0460 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:12:29.0626 0460 Ndisuio - ok
17:12:29.0704 0460 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:12:29.0766 0460 NdisWan - ok
17:12:29.0828 0460 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:12:29.0891 0460 NDProxy - ok
17:12:30.0031 0460 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:12:30.0094 0460 NetBIOS - ok
17:12:30.0156 0460 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:12:30.0234 0460 NetBT - ok
17:12:30.0250 0460 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
17:12:30.0281 0460 Netlogon - ok
17:12:30.0390 0460 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
17:12:30.0484 0460 Netman - ok
17:12:30.0593 0460 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
17:12:30.0655 0460 netprofm - ok
17:12:30.0718 0460 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:12:30.0749 0460 NetTcpPortSharing - ok
17:12:30.0842 0460 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:12:30.0874 0460 nfrd960 - ok
17:12:30.0952 0460 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:12:31.0030 0460 NlaSvc - ok
17:12:31.0154 0460 [ C82F4CC10AD315B6D6BCB14D0A7CAD66 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
17:12:31.0342 0460 nmwcd - ok
17:12:31.0482 0460 [ 025C54F9F8C8BC1894EA38529C742C54 ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
17:12:31.0856 0460 nmwcdc - ok
17:12:31.0919 0460 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:12:31.0997 0460 Npfs - ok
17:12:32.0044 0460 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
17:12:32.0090 0460 nsi - ok
17:12:32.0106 0460 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:12:32.0184 0460 nsiproxy - ok
17:12:32.0449 0460 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:12:32.0496 0460 Ntfs - ok
17:12:32.0558 0460 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
17:12:32.0636 0460 Null - ok
17:12:35.0382 0460 [ F452E6AD3EDA2852F44BE492E283C40F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:12:35.0663 0460 nvlddmkm - ok
17:12:35.0741 0460 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:12:35.0772 0460 nvraid - ok
17:12:35.0897 0460 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:12:35.0928 0460 nvstor - ok
17:12:36.0115 0460 [ 70145ADE9EFE2CE296DD5FC761B4969B ] nvsvc C:\Windows\system32\nvvsvc.exe
17:12:36.0162 0460 nvsvc - ok
17:12:36.0802 0460 [ D3ACC38A963B71BD4D2DFDC1050219B9 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:12:36.0895 0460 nvUpdatusService - ok
17:12:37.0082 0460 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:12:37.0098 0460 nv_agp - ok
17:12:37.0316 0460 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:12:37.0348 0460 odserv - ok
17:12:37.0426 0460 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:12:37.0488 0460 ohci1394 - ok
17:12:37.0691 0460 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:12:37.0706 0460 ose - ok
17:12:37.0878 0460 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:12:37.0956 0460 p2pimsvc - ok
17:12:38.0128 0460 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
17:12:38.0159 0460 p2psvc - ok
17:12:38.0206 0460 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:12:38.0252 0460 Parport - ok
17:12:38.0284 0460 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:12:38.0315 0460 partmgr - ok
17:12:38.0362 0460 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:12:38.0393 0460 Parvdm - ok
17:12:38.0440 0460 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:12:38.0471 0460 PcaSvc - ok
17:12:38.0564 0460 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
17:12:38.0596 0460 pci - ok
17:12:38.0705 0460 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
17:12:38.0720 0460 pciide - ok
17:12:38.0892 0460 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:12:38.0908 0460 pcmcia - ok
17:12:39.0001 0460 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
17:12:39.0017 0460 pcw - ok
17:12:39.0188 0460 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:12:39.0235 0460 PEAUTH - ok
17:12:39.0719 0460 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
17:12:39.0812 0460 pla - ok
17:12:39.0859 0460 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:12:39.0937 0460 PlugPlay - ok
17:12:40.0015 0460 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:12:40.0062 0460 PNRPAutoReg - ok
17:12:40.0124 0460 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:12:40.0156 0460 PNRPsvc - ok
17:12:40.0265 0460 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:12:40.0296 0460 PolicyAgent - ok
17:12:40.0390 0460 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
17:12:40.0421 0460 Power - ok
17:12:40.0499 0460 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:12:40.0561 0460 PptpMiniport - ok
17:12:40.0717 0460 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:12:40.0764 0460 Processor - ok
17:12:40.0920 0460 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
17:12:41.0014 0460 ProfSvc - ok
17:12:41.0060 0460 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:12:41.0092 0460 ProtectedStorage - ok
17:12:41.0170 0460 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
17:12:41.0201 0460 ProtexisLicensing - ok
17:12:41.0341 0460 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:12:41.0419 0460 Psched - ok
17:12:41.0856 0460 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:12:41.0903 0460 ql2300 - ok
17:12:41.0981 0460 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:12:42.0012 0460 ql40xx - ok
17:12:42.0121 0460 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
17:12:42.0230 0460 QWAVE - ok
17:12:42.0293 0460 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:12:42.0324 0460 QWAVEdrv - ok
17:12:42.0355 0460 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:12:42.0449 0460 RasAcd - ok
17:12:42.0574 0460 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:12:42.0636 0460 RasAgileVpn - ok
17:12:42.0714 0460 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
17:12:42.0761 0460 RasAuto - ok
17:12:42.0823 0460 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:12:42.0948 0460 Rasl2tp - ok
17:12:42.0979 0460 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
17:12:43.0057 0460 RasMan - ok
17:12:43.0088 0460 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:12:43.0151 0460 RasPppoe - ok
17:12:43.0229 0460 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:12:43.0307 0460 RasSstp - ok
17:12:43.0385 0460 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:12:43.0494 0460 rdbss - ok
17:12:43.0557 0460 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:12:43.0666 0460 rdpbus - ok
17:12:43.0728 0460 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:12:43.0837 0460 RDPCDD - ok
17:12:43.0900 0460 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:12:43.0962 0460 RDPENCDD - ok
17:12:44.0009 0460 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:12:44.0040 0460 RDPREFMP - ok
17:12:44.0165 0460 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:12:44.0212 0460 RDPWD - ok
17:12:44.0305 0460 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:12:44.0337 0460 rdyboost - ok
17:12:44.0415 0460 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
17:12:44.0493 0460 RemoteAccess - ok
17:12:44.0539 0460 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:12:44.0602 0460 RemoteRegistry - ok
17:12:44.0633 0460 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:12:44.0695 0460 RpcEptMapper - ok
17:12:44.0805 0460 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
17:12:44.0883 0460 RpcLocator - ok
17:12:45.0039 0460 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
17:12:45.0070 0460 RpcSs - ok
17:12:45.0179 0460 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:12:45.0257 0460 rspndr - ok
17:12:45.0429 0460 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
17:12:45.0460 0460 RTL8167 - ok
17:12:45.0725 0460 [ 9CE8DEFFAFFCCBF473015D76AE8EE514 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
17:12:45.0756 0460 RTL8192su - ok
17:12:45.0850 0460 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
17:12:45.0881 0460 SamSs - ok
17:12:45.0975 0460 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:12:45.0990 0460 sbp2port - ok
17:12:46.0037 0460 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:12:46.0068 0460 SCardSvr - ok
17:12:46.0131 0460 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:12:46.0271 0460 scfilter - ok
17:12:46.0536 0460 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
17:12:46.0614 0460 Schedule - ok
17:12:46.0645 0460 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:12:46.0692 0460 SCPolicySvc - ok
17:12:46.0755 0460 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:12:46.0848 0460 SDRSVC - ok
17:12:46.0926 0460 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
17:12:46.0989 0460 seclogon - ok
17:12:47.0020 0460 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
17:12:47.0098 0460 SENS - ok
17:12:47.0145 0460 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:12:47.0223 0460 SensrSvc - ok
17:12:47.0332 0460 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:12:47.0425 0460 Serenum - ok
17:12:47.0457 0460 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:12:47.0519 0460 Serial - ok
17:12:47.0581 0460 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:12:47.0597 0460 sermouse - ok
17:12:47.0675 0460 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
17:12:47.0737 0460 SessionEnv - ok
17:12:47.0800 0460 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:12:47.0862 0460 sffdisk - ok
17:12:47.0925 0460 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:12:47.0956 0460 sffp_mmc - ok
17:12:48.0065 0460 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:12:48.0096 0460 sffp_sd - ok
17:12:48.0190 0460 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:12:48.0315 0460 sfloppy - ok
17:12:48.0424 0460 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:12:48.0486 0460 SharedAccess - ok
17:12:48.0595 0460 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:12:48.0658 0460 ShellHWDetection - ok
17:12:48.0767 0460 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:12:48.0798 0460 sisagp - ok
17:12:48.0829 0460 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:12:48.0861 0460 SiSRaid2 - ok
17:12:48.0923 0460 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:12:48.0954 0460 SiSRaid4 - ok
17:12:49.0063 0460 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:12:49.0110 0460 Smb - ok
17:12:49.0204 0460 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:12:49.0235 0460 SNMPTRAP - ok
17:12:49.0251 0460 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
17:12:49.0282 0460 spldr - ok
17:12:49.0391 0460 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
17:12:49.0485 0460 Spooler - ok
17:12:50.0046 0460 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
17:12:50.0171 0460 sppsvc - ok
17:12:50.0265 0460 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:12:50.0327 0460 sppuinotify - ok
17:12:50.0452 0460 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:12:50.0561 0460 srv - ok
17:12:50.0717 0460 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:12:50.0795 0460 srv2 - ok
17:12:50.0826 0460 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:12:50.0889 0460 srvnet - ok
17:12:50.0998 0460 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
17:12:51.0091 0460 ssadbus - ok
17:12:51.0169 0460 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
17:12:51.0232 0460 ssadmdfl - ok
17:12:51.0435 0460 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
17:12:51.0466 0460 ssadmdm - ok
17:12:51.0544 0460 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
17:12:51.0622 0460 ssadserd - ok
17:12:51.0715 0460 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:12:51.0793 0460 SSDPSRV - ok
17:12:51.0981 0460 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:12:52.0059 0460 SstpSvc - ok
17:12:52.0324 0460 [ 8544A200C40447E465F06E58687428BB ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:12:52.0355 0460 Stereo Service - ok
17:12:52.0417 0460 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:12:52.0433 0460 stexstor - ok
17:12:52.0511 0460 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
17:12:52.0589 0460 StiSvc - ok
17:12:52.0651 0460 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
17:12:52.0683 0460 swenum - ok
17:12:52.0823 0460 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
17:12:52.0870 0460 swprv - ok
17:12:53.0197 0460 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
17:12:53.0260 0460 SysMain - ok
17:12:53.0322 0460 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:12:53.0400 0460 TabletInputService - ok
17:12:53.0509 0460 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
17:12:53.0556 0460 TapiSrv - ok
17:12:53.0587 0460 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
17:12:53.0650 0460 TBS - ok
17:12:54.0165 0460 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:12:54.0336 0460 Tcpip - ok
17:12:54.0383 0460 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:12:54.0430 0460 TCPIP6 - ok
17:12:54.0555 0460 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:12:54.0633 0460 tcpipreg - ok
17:12:54.0711 0460 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:12:54.0804 0460 TDPIPE - ok
17:12:54.0867 0460 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:12:54.0929 0460 TDTCP - ok
17:12:55.0007 0460 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:12:55.0069 0460 tdx - ok
17:12:55.0194 0460 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:12:55.0210 0460 TermDD - ok
17:12:55.0319 0460 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
17:12:55.0397 0460 TermService - ok
17:12:55.0491 0460 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
17:12:55.0537 0460 Themes - ok
17:12:55.0584 0460 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
17:12:55.0615 0460 THREADORDER - ok
17:12:55.0662 0460 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
17:12:55.0740 0460 TrkWks - ok
17:12:55.0881 0460 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:12:55.0943 0460 TrustedInstaller - ok
17:12:55.0990 0460 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:12:56.0037 0460 tssecsrv - ok
17:12:56.0115 0460 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:12:56.0161 0460 TsUsbFlt - ok
17:12:56.0302 0460 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:12:56.0349 0460 tunnel - ok
17:12:56.0411 0460 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:12:56.0427 0460 uagp35 - ok
17:12:56.0473 0460 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:12:56.0551 0460 udfs - ok
17:12:56.0598 0460 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:12:56.0645 0460 UI0Detect - ok
17:12:56.0754 0460 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:12:56.0770 0460 uliagpkx - ok
17:12:56.0895 0460 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
17:12:56.0941 0460 umbus - ok
17:12:56.0973 0460 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:12:57.0019 0460 UmPass - ok
17:12:57.0113 0460 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
17:12:57.0160 0460 upnphost - ok
17:12:57.0285 0460 [ BB16932A4189E82D6C455042C11849B6 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
17:12:57.0331 0460 upperdev - ok
17:12:57.0441 0460 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:12:57.0487 0460 usbaudio - ok
17:12:57.0565 0460 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:12:57.0581 0460 usbccgp - ok
17:12:57.0659 0460 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:12:57.0721 0460 usbcir - ok
17:12:57.0877 0460 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:12:57.0987 0460 usbehci - ok
17:12:58.0065 0460 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:12:58.0096 0460 usbhub - ok
17:12:58.0221 0460 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:12:58.0283 0460 usbohci - ok
17:12:58.0345 0460 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:12:58.0377 0460 usbprint - ok
17:12:58.0501 0460 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
17:12:58.0611 0460 usbser - ok
17:12:58.0673 0460 [ E748D50B3B2EC7F40A2BA67FB094CF01 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
17:12:58.0704 0460 UsbserFilt - ok
17:12:58.0751 0460 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:12:58.0798 0460 USBSTOR - ok
17:12:58.0876 0460 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:12:58.0891 0460 usbuhci - ok
17:12:59.0063 0460 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
17:12:59.0172 0460 usb_rndisx - ok
17:12:59.0250 0460 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
17:12:59.0328 0460 UxSms - ok
17:12:59.0375 0460 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
17:12:59.0391 0460 VaultSvc - ok
17:12:59.0484 0460 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:12:59.0515 0460 vdrvroot - ok
17:12:59.0609 0460 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
17:12:59.0687 0460 vds - ok
17:12:59.0859 0460 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:12:59.0890 0460 vga - ok
17:12:59.0921 0460 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:12:59.0968 0460 VgaSave - ok
17:13:00.0015 0460 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:13:00.0046 0460 vhdmp - ok
17:13:00.0249 0460 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:13:00.0280 0460 viaagp - ok
17:13:00.0342 0460 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:13:00.0405 0460 ViaC7 - ok
17:13:00.0451 0460 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
17:13:00.0483 0460 viaide - ok
17:13:00.0514 0460 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:13:00.0545 0460 volmgr - ok
17:13:00.0623 0460 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:13:00.0654 0460 volmgrx - ok
17:13:00.0717 0460 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:13:00.0748 0460 volsnap - ok
17:13:00.0888 0460 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:13:00.0919 0460 vsmraid - ok
17:13:01.0013 0460 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
17:13:01.0075 0460 VSS - ok
17:13:01.0153 0460 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:13:01.0216 0460 vwifibus - ok
17:13:01.0341 0460 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:13:01.0372 0460 vwififlt - ok
17:13:01.0497 0460 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
17:13:01.0559 0460 W32Time - ok
17:13:01.0637 0460 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:13:01.0668 0460 WacomPen - ok
17:13:01.0746 0460 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:13:01.0824 0460 WANARP - ok
17:13:01.0824 0460 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:13:01.0871 0460 Wanarpv6 - ok
17:13:02.0245 0460 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:13:02.0292 0460 WatAdminSvc - ok
17:13:02.0526 0460 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
17:13:02.0635 0460 wbengine - ok
17:13:02.0729 0460 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:13:02.0791 0460 WbioSrvc - ok
17:13:02.0869 0460 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:13:02.0916 0460 wcncsvc - ok
17:13:02.0963 0460 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:13:03.0041 0460 WcsPlugInService - ok
17:13:03.0088 0460 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:13:03.0119 0460 Wd - ok
17:13:03.0228 0460 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:13:03.0259 0460 Wdf01000 - ok
17:13:03.0275 0460 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:13:03.0946 0460 WdiServiceHost - ok
17:13:03.0993 0460 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:13:04.0024 0460 WdiSystemHost - ok
17:13:04.0117 0460 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
17:13:04.0149 0460 WebClient - ok
17:13:04.0227 0460 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:13:04.0273 0460 Wecsvc - ok
17:13:04.0305 0460 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:13:04.0398 0460 wercplsupport - ok
17:13:04.0507 0460 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
17:13:04.0539 0460 WerSvc - ok
17:13:04.0617 0460 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:13:04.0648 0460 WfpLwf - ok
17:13:04.0710 0460 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:13:04.0741 0460 WIMMount - ok
17:13:05.0007 0460 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:13:05.0100 0460 WinDefend - ok
17:13:05.0116 0460 WinHttpAutoProxySvc - ok
17:13:05.0553 0460 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:13:05.0615 0460 Winmgmt - ok
17:13:05.0849 0460 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
17:13:05.0943 0460 WinRM - ok
17:13:06.0161 0460 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:13:06.0192 0460 WinUsb - ok
17:13:06.0395 0460 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:13:06.0457 0460 Wlansvc - ok
17:13:07.0003 0460 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:13:07.0081 0460 wlidsvc - ok
17:13:07.0175 0460 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:13:07.0237 0460 WmiAcpi - ok
17:13:07.0315 0460 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:13:07.0393 0460 wmiApSrv - ok
17:13:07.0690 0460 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:13:07.0768 0460 WMPNetworkSvc - ok
17:13:07.0799 0460 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:13:07.0877 0460 WPCSvc - ok
17:13:07.0955 0460 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:13:08.0017 0460 WPDBusEnum - ok
17:13:08.0049 0460 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:13:08.0127 0460 ws2ifsl - ok
17:13:08.0173 0460 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
17:13:08.0220 0460 wscsvc - ok
17:13:08.0220 0460 WSearch - ok
17:13:08.0641 0460 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
17:13:08.0751 0460 wuauserv - ok
17:13:08.0782 0460 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:13:08.0829 0460 WudfPf - ok
17:13:08.0875 0460 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:13:08.0922 0460 WUDFRd - ok
17:13:08.0985 0460 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:13:09.0016 0460 wudfsvc - ok
17:13:09.0156 0460 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:13:09.0250 0460 WwanSvc - ok
17:13:09.0343 0460 ================ Scan global ===============================
17:13:09.0406 0460 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:13:09.0468 0460 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
17:13:09.0484 0460 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
17:13:09.0531 0460 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:13:09.0655 0460 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:13:09.0671 0460 [Global] - ok
17:13:09.0671 0460 ================ Scan MBR ==================================
17:13:09.0671 0460 [ C79B30CB8852157F6F908E4698CFE0D0 ] \Device\Harddisk0\DR0
17:13:33.0867 0460 \Device\Harddisk0\DR0 - ok
17:13:33.0867 0460 ================ Scan VBR ==================================
17:13:33.0929 0460 [ C181F62E462C1A17140ADEE143CB221F ] \Device\Harddisk0\DR0\Partition1
17:13:33.0929 0460 \Device\Harddisk0\DR0\Partition1 - ok
17:13:33.0945 0460 [ 2694545670979449267456C24073222A ] \Device\Harddisk0\DR0\Partition2
17:13:33.0945 0460 \Device\Harddisk0\DR0\Partition2 - ok
17:13:33.0991 0460 [ 7C2D3EE2251E2DC9A7A223B94A914617 ] \Device\Harddisk0\DR0\Partition3
17:13:34.0007 0460 \Device\Harddisk0\DR0\Partition3 - ok
17:13:34.0007 0460 ============================================================
17:13:34.0007 0460 Scan finished
17:13:34.0007 0460 ============================================================
17:13:34.0007 5776 Detected object count: 1
17:13:34.0007 5776 Actual detected object count: 1
17:13:46.0066 5776 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:46.0066 5776 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
01.10.2012, 11:53
| #19 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.10.2012, 17:52
| #20 |
| | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Hallo Code:
ATTFilter ComboFix 12-10-04.02 - Erwin 04.10.2012 18:26:42.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.3063.1899 [GMT 2:00]
ausgeführt von:: c:\users\Erwin\Desktop\ComboFix.exe
AV: G Data TotalCare 2010 *Disabled/Outdated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}
FW: G Data Personal Firewall *Disabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\A1
c:\program files\A1\A1 Breitband\A1Breitband.chm
c:\program files\A1\A1 Breitband\A1Breitband.elf
c:\program files\A1\A1 Breitband\A1Breitband.exe
c:\program files\A1\A1 Breitband\Browser\FF_Setup.exe
c:\program files\A1\A1 Breitband\inifiles.dat
c:\program files\A1\A1 Breitband\ipworks6.dll
c:\program files\A1\A1 Breitband\M2Updater.exe
c:\program files\A1\A1 Breitband\Setup\Setup_A1Dashboard.exe
c:\program files\A1\A1 Medienmanager\.install4j\_shfoldr.dll
c:\program files\A1\A1 Medienmanager\.install4j\autoUninstall.0
c:\program files\A1\A1 Medienmanager\.install4j\files.log
c:\program files\A1\A1 Medienmanager\.install4j\i4j_extf_0_122u9h2.utf8
c:\program files\A1\A1 Medienmanager\.install4j\i4j_extf_1_122u9h2_1xk51ge.png
c:\program files\A1\A1 Medienmanager\.install4j\i4j_extf_2_122u9h2_p66n5m.png
c:\program files\A1\A1 Medienmanager\.install4j\i4j_extf_3_122u9h2_7xxq2k.ico
c:\program files\A1\A1 Medienmanager\.install4j\i4j_extf_4_122u9h2_uh25dh.png
c:\program files\A1\A1 Medienmanager\.install4j\i4j_extf_5_122u9h2_ztjxja.png
c:\program files\A1\A1 Medienmanager\.install4j\i4jdel.exe
c:\program files\A1\A1 Medienmanager\.install4j\i4jinst.dll
c:\program files\A1\A1 Medienmanager\.install4j\i4jparams.conf
c:\program files\A1\A1 Medienmanager\.install4j\i4jruntime.jar
c:\program files\A1\A1 Medienmanager\.install4j\inst_jre.cfg
c:\program files\A1\A1 Medienmanager\.install4j\install.prop
c:\program files\A1\A1 Medienmanager\.install4j\installation.log
c:\program files\A1\A1 Medienmanager\.install4j\MessagesDefault
c:\program files\A1\A1 Medienmanager\.install4j\pref_jre.cfg
c:\program files\A1\A1 Medienmanager\.install4j\response.varfile
c:\program files\A1\A1 Medienmanager\.install4j\unicows.dll
c:\program files\A1\A1 Medienmanager\.install4j\updater.exe
c:\program files\A1\A1 Medienmanager\.install4j\user.jar
c:\program files\A1\A1 Medienmanager\jre\bin\awt.dll
c:\program files\A1\A1 Medienmanager\jre\bin\axbridge.dll
c:\program files\A1\A1 Medienmanager\jre\bin\client\classes.jsa
c:\program files\A1\A1 Medienmanager\jre\bin\client\jvm.dll
c:\program files\A1\A1 Medienmanager\jre\bin\client\Xusage.txt
c:\program files\A1\A1 Medienmanager\jre\bin\cmm.dll
c:\program files\A1\A1 Medienmanager\jre\bin\dcpr.dll
c:\program files\A1\A1 Medienmanager\jre\bin\deploy.dll
c:\program files\A1\A1 Medienmanager\jre\bin\deployJava1.dll
c:\program files\A1\A1 Medienmanager\jre\bin\dt_shmem.dll
c:\program files\A1\A1 Medienmanager\jre\bin\dt_socket.dll
c:\program files\A1\A1 Medienmanager\jre\bin\eula.dll
c:\program files\A1\A1 Medienmanager\jre\bin\fontmanager.dll
c:\program files\A1\A1 Medienmanager\jre\bin\hpi.dll
c:\program files\A1\A1 Medienmanager\jre\bin\hprof.dll
c:\program files\A1\A1 Medienmanager\jre\bin\instrument.dll
c:\program files\A1\A1 Medienmanager\jre\bin\ioser12.dll
c:\program files\A1\A1 Medienmanager\jre\bin\j2pcsc.dll
c:\program files\A1\A1 Medienmanager\jre\bin\j2pkcs11.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jaas_nt.dll
c:\program files\A1\A1 Medienmanager\jre\bin\java-rmi.exe
c:\program files\A1\A1 Medienmanager\jre\bin\java.dll
c:\program files\A1\A1 Medienmanager\jre\bin\java.exe
c:\program files\A1\A1 Medienmanager\jre\bin\java_crw_demo.dll
c:\program files\A1\A1 Medienmanager\jre\bin\javacpl.exe
c:\program files\A1\A1 Medienmanager\jre\bin\javaw.exe
c:\program files\A1\A1 Medienmanager\jre\bin\jawt.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jbroker.exe
c:\program files\A1\A1 Medienmanager\jre\bin\JdbcOdbc.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jdwp.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jkernel.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jli.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jp2iexp.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jp2launcher.exe
c:\program files\A1\A1 Medienmanager\jre\bin\jp2native.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jp2ssv.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jpeg.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jpicom.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jpiexp.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jpinscp.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jpioji.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jpishare.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jqs.exe
c:\program files\A1\A1 Medienmanager\jre\bin\jqsnotify.exe
c:\program files\A1\A1 Medienmanager\jre\bin\jsound.dll
c:\program files\A1\A1 Medienmanager\jre\bin\jsoundds.dll
c:\program files\A1\A1 Medienmanager\jre\bin\keytool.exe
c:\program files\A1\A1 Medienmanager\jre\bin\kinit.exe
c:\program files\A1\A1 Medienmanager\jre\bin\klist.exe
c:\program files\A1\A1 Medienmanager\jre\bin\ktab.exe
c:\program files\A1\A1 Medienmanager\jre\bin\management.dll
c:\program files\A1\A1 Medienmanager\jre\bin\mlib_image.dll
c:\program files\A1\A1 Medienmanager\jre\bin\msvcr71.dll
c:\program files\A1\A1 Medienmanager\jre\bin\msvcrt.dll
c:\program files\A1\A1 Medienmanager\jre\bin\net.dll
c:\program files\A1\A1 Medienmanager\jre\bin\new_plugin\msvcr71.dll
c:\program files\A1\A1 Medienmanager\jre\bin\new_plugin\npjp2.dll
c:\program files\A1\A1 Medienmanager\jre\bin\nio.dll
c:\program files\A1\A1 Medienmanager\jre\bin\npdeployJava1.dll
c:\program files\A1\A1 Medienmanager\jre\bin\npjpi160_25.dll
c:\program files\A1\A1 Medienmanager\jre\bin\npoji610.dll
c:\program files\A1\A1 Medienmanager\jre\bin\npt.dll
c:\program files\A1\A1 Medienmanager\jre\bin\orbd.exe
c:\program files\A1\A1 Medienmanager\jre\bin\pack200.exe
c:\program files\A1\A1 Medienmanager\jre\bin\policytool.exe
c:\program files\A1\A1 Medienmanager\jre\bin\regutils.dll
c:\program files\A1\A1 Medienmanager\jre\bin\rmi.dll
c:\program files\A1\A1 Medienmanager\jre\bin\rmid.exe
c:\program files\A1\A1 Medienmanager\jre\bin\rmiregistry.exe
c:\program files\A1\A1 Medienmanager\jre\bin\servertool.exe
c:\program files\A1\A1 Medienmanager\jre\bin\splashscreen.dll
c:\program files\A1\A1 Medienmanager\jre\bin\ssv.dll
c:\program files\A1\A1 Medienmanager\jre\bin\ssvagent.exe
c:\program files\A1\A1 Medienmanager\jre\bin\sunmscapi.dll
c:\program files\A1\A1 Medienmanager\jre\bin\tnameserv.exe
c:\program files\A1\A1 Medienmanager\jre\bin\unicows.dll
c:\program files\A1\A1 Medienmanager\jre\bin\unpack.dll
c:\program files\A1\A1 Medienmanager\jre\bin\unpack200.exe
c:\program files\A1\A1 Medienmanager\jre\bin\verify.dll
c:\program files\A1\A1 Medienmanager\jre\bin\w2k_lsa_auth.dll
c:\program files\A1\A1 Medienmanager\jre\bin\wsdetect.dll
c:\program files\A1\A1 Medienmanager\jre\bin\zip.dll
c:\program files\A1\A1 Medienmanager\jre\COPYRIGHT
c:\program files\A1\A1 Medienmanager\jre\lib\calendars.properties
c:\program files\A1\A1 Medienmanager\jre\lib\charsets.jar
c:\program files\A1\A1 Medienmanager\jre\lib\classlist
c:\program files\A1\A1 Medienmanager\jre\lib\cmm\CIEXYZ.pf
c:\program files\A1\A1 Medienmanager\jre\lib\cmm\GRAY.pf
c:\program files\A1\A1 Medienmanager\jre\lib\cmm\LINEAR_RGB.pf
c:\program files\A1\A1 Medienmanager\jre\lib\cmm\PYCC.pf
c:\program files\A1\A1 Medienmanager\jre\lib\cmm\sRGB.pf
c:\program files\A1\A1 Medienmanager\jre\lib\content-types.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy.jar
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\ffjcext.zip
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\jqs\ff\chrome.manifest
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\jqs\ff\chrome\content\overlay.js
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\jqs\ff\chrome\content\overlay.xul
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\jqs\ff\install.rdf
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\jqs\ie\jqs_plugin.dll
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\jqs\jqs.conf
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\jqs\jqsmessages.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\lzma.dll
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\messages.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\messages_de.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\messages_es.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\messages_fr.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\messages_it.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\messages_ja.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\messages_ko.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\messages_pt_BR.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\messages_sv.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\messages_zh_CN.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\messages_zh_HK.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\messages_zh_TW.properties
c:\program files\A1\A1 Medienmanager\jre\lib\deploy\splash.gif
c:\program files\A1\A1 Medienmanager\jre\lib\ext\dnsns.jar
c:\program files\A1\A1 Medienmanager\jre\lib\ext\localedata.jar
c:\program files\A1\A1 Medienmanager\jre\lib\ext\meta-index
c:\program files\A1\A1 Medienmanager\jre\lib\ext\sunjce_provider.jar
c:\program files\A1\A1 Medienmanager\jre\lib\ext\sunmscapi.jar
c:\program files\A1\A1 Medienmanager\jre\lib\ext\sunpkcs11.jar
c:\program files\A1\A1 Medienmanager\jre\lib\flavormap.properties
c:\program files\A1\A1 Medienmanager\jre\lib\fontconfig.98.bfc
c:\program files\A1\A1 Medienmanager\jre\lib\fontconfig.98.properties.src
c:\program files\A1\A1 Medienmanager\jre\lib\fontconfig.bfc
c:\program files\A1\A1 Medienmanager\jre\lib\fontconfig.properties.src
c:\program files\A1\A1 Medienmanager\jre\lib\fonts\LucidaBrightDemiBold.ttf
c:\program files\A1\A1 Medienmanager\jre\lib\fonts\LucidaBrightDemiItalic.ttf
c:\program files\A1\A1 Medienmanager\jre\lib\fonts\LucidaBrightItalic.ttf
c:\program files\A1\A1 Medienmanager\jre\lib\fonts\LucidaBrightRegular.ttf
c:\program files\A1\A1 Medienmanager\jre\lib\fonts\LucidaSansDemiBold.ttf
c:\program files\A1\A1 Medienmanager\jre\lib\fonts\LucidaSansRegular.ttf
c:\program files\A1\A1 Medienmanager\jre\lib\fonts\LucidaTypewriterBold.ttf
c:\program files\A1\A1 Medienmanager\jre\lib\fonts\LucidaTypewriterRegular.ttf
c:\program files\A1\A1 Medienmanager\jre\lib\i386\jvm.cfg
c:\program files\A1\A1 Medienmanager\jre\lib\im\indicim.jar
c:\program files\A1\A1 Medienmanager\jre\lib\im\thaiim.jar
c:\program files\A1\A1 Medienmanager\jre\lib\images\cursors\cursors.properties
c:\program files\A1\A1 Medienmanager\jre\lib\images\cursors\invalid32x32.gif
c:\program files\A1\A1 Medienmanager\jre\lib\images\cursors\win32_CopyDrop32x32.gif
c:\program files\A1\A1 Medienmanager\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif
c:\program files\A1\A1 Medienmanager\jre\lib\images\cursors\win32_LinkDrop32x32.gif
c:\program files\A1\A1 Medienmanager\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif
c:\program files\A1\A1 Medienmanager\jre\lib\images\cursors\win32_MoveDrop32x32.gif
c:\program files\A1\A1 Medienmanager\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif
c:\program files\A1\A1 Medienmanager\jre\lib\jce.jar
c:\program files\A1\A1 Medienmanager\jre\lib\jsse.jar
c:\program files\A1\A1 Medienmanager\jre\lib\jvm.hprof.txt
c:\program files\A1\A1 Medienmanager\jre\lib\logging.properties
c:\program files\A1\A1 Medienmanager\jre\lib\management-agent.jar
c:\program files\A1\A1 Medienmanager\jre\lib\management\jmxremote.access
c:\program files\A1\A1 Medienmanager\jre\lib\management\jmxremote.password.template
c:\program files\A1\A1 Medienmanager\jre\lib\management\management.properties
c:\program files\A1\A1 Medienmanager\jre\lib\management\snmp.acl.template
c:\program files\A1\A1 Medienmanager\jre\lib\meta-index
c:\program files\A1\A1 Medienmanager\jre\lib\net.properties
c:\program files\A1\A1 Medienmanager\jre\lib\plugin.jar
c:\program files\A1\A1 Medienmanager\jre\lib\psfont.properties.ja
c:\program files\A1\A1 Medienmanager\jre\lib\psfontj2d.properties
c:\program files\A1\A1 Medienmanager\jre\lib\resources.jar
c:\program files\A1\A1 Medienmanager\jre\lib\rt.jar
c:\program files\A1\A1 Medienmanager\jre\lib\security\blacklist
c:\program files\A1\A1 Medienmanager\jre\lib\security\cacerts
c:\program files\A1\A1 Medienmanager\jre\lib\security\java.policy
c:\program files\A1\A1 Medienmanager\jre\lib\security\java.security
c:\program files\A1\A1 Medienmanager\jre\lib\security\javaws.policy
c:\program files\A1\A1 Medienmanager\jre\lib\security\local_policy.jar
c:\program files\A1\A1 Medienmanager\jre\lib\security\trusted.libraries
c:\program files\A1\A1 Medienmanager\jre\lib\security\US_export_policy.jar
c:\program files\A1\A1 Medienmanager\jre\lib\servicetag\jdk_header.png
c:\program files\A1\A1 Medienmanager\jre\lib\servicetag\registration.xml
c:\program files\A1\A1 Medienmanager\jre\lib\sound.properties
c:\program files\A1\A1 Medienmanager\jre\lib\tzmappings
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Abidjan
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Accra
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Addis_Ababa
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Algiers
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Asmara
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Bamako
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Bangui
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Banjul
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Bissau
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Blantyre
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Brazzaville
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Bujumbura
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Cairo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Casablanca
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Ceuta
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Conakry
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Dakar
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Dar_es_Salaam
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Djibouti
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Douala
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\El_Aaiun
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Freetown
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Gaborone
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Harare
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Johannesburg
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Kampala
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Khartoum
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Kigali
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Kinshasa
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Lagos
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Libreville
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Lome
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Luanda
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Lubumbashi
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Lusaka
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Malabo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Maputo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Maseru
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Mbabane
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Mogadishu
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Monrovia
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Nairobi
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Ndjamena
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Niamey
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Nouakchott
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Ouagadougou
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Porto-Novo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Sao_Tome
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Tripoli
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Tunis
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Africa\Windhoek
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Adak
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Anchorage
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Anguilla
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Antigua
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Araguaina
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Argentina\Buenos_Aires
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Argentina\Catamarca
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Argentina\Cordoba
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Argentina\Jujuy
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Argentina\La_Rioja
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Argentina\Mendoza
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Argentina\Rio_Gallegos
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Argentina\Salta
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Argentina\San_Juan
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Argentina\San_Luis
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Argentina\Tucuman
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Argentina\Ushuaia
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Aruba
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Asuncion
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Atikokan
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Bahia
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Bahia_Banderas
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Barbados
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Belem
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Belize
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Blanc-Sablon
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Boa_Vista
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Bogota
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Boise
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Cambridge_Bay
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Campo_Grande
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Cancun
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Caracas
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Cayenne
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Cayman
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Chicago
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Chihuahua
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Costa_Rica
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Cuiaba
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Curacao
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Danmarkshavn
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Dawson
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Dawson_Creek
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Denver
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Detroit
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Dominica
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Edmonton
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Eirunepe
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\El_Salvador
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Fortaleza
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Glace_Bay
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Godthab
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Goose_Bay
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Grand_Turk
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Grenada
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Guadeloupe
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Guatemala
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Guayaquil
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Guyana
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Halifax
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Havana
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Hermosillo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Indiana\Indianapolis
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Indiana\Knox
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Indiana\Marengo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Indiana\Petersburg
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Indiana\Tell_City
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Indiana\Vevay
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Indiana\Vincennes
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Indiana\Winamac
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Inuvik
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Iqaluit
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Jamaica
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Juneau
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Kentucky\Louisville
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Kentucky\Monticello
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\La_Paz
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Lima
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Los_Angeles
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Maceio
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Managua
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Manaus
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Martinique
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Matamoros
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Mazatlan
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Menominee
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Merida
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Mexico_City
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Miquelon
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Moncton
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Monterrey
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Montevideo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Montreal
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Montserrat
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Nassau
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\New_York
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Nipigon
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Nome
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Noronha
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\North_Dakota\Beulah
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\North_Dakota\Center
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\North_Dakota\New_Salem
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Ojinaga
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Panama
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Pangnirtung
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Paramaribo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Phoenix
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Port-au-Prince
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Port_of_Spain
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Porto_Velho
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Puerto_Rico
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Rainy_River
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Rankin_Inlet
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Recife
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Regina
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Resolute
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Rio_Branco
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Santa_Isabel
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Santarem
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Santiago
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Santo_Domingo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Sao_Paulo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Scoresbysund
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\St_Johns
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\St_Kitts
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\St_Lucia
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\St_Thomas
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\St_Vincent
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Swift_Current
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Tegucigalpa
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Thule
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Thunder_Bay
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Tijuana
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Toronto
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Tortola
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Vancouver
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Whitehorse
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Winnipeg
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Yakutat
c:\program files\A1\A1 Medienmanager\jre\lib\zi\America\Yellowknife
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Antarctica\Casey
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Antarctica\Davis
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Antarctica\DumontDUrville
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Antarctica\Macquarie
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Antarctica\Mawson
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Antarctica\McMurdo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Antarctica\Palmer
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Antarctica\Rothera
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Antarctica\Syowa
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Antarctica\Vostok
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Aden
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Almaty
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Amman
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Anadyr
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Aqtau
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Aqtobe
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Ashgabat
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Baghdad
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Bahrain
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Baku
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Bangkok
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Beirut
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Bishkek
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Brunei
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Choibalsan
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Chongqing
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Colombo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Damascus
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Dhaka
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Dili
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Dubai
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Dushanbe
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Gaza
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Harbin
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Ho_Chi_Minh
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Hong_Kong
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Hovd
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Irkutsk
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Jakarta
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Jayapura
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Jerusalem
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Kabul
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Kamchatka
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Karachi
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Kashgar
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Kathmandu
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Kolkata
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Krasnoyarsk
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Kuala_Lumpur
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Kuching
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Kuwait
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Macau
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Magadan
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Makassar
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Manila
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Muscat
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Nicosia
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Novokuznetsk
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Novosibirsk
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Omsk
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Oral
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Phnom_Penh
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Pontianak
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Pyongyang
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Qatar
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Qyzylorda
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Rangoon
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Riyadh
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Riyadh87
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Riyadh88
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Riyadh89
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Sakhalin
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Samarkand
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Seoul
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Shanghai
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Singapore
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Taipei
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Tashkent
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Tbilisi
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Tehran
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Thimphu
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Tokyo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Ulaanbaatar
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Urumqi
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Vientiane
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Vladivostok
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Yakutsk
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Yekaterinburg
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Asia\Yerevan
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Atlantic\Azores
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Atlantic\Bermuda
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Atlantic\Canary
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Atlantic\Cape_Verde
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Atlantic\Faroe
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Atlantic\Madeira
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Atlantic\Reykjavik
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Atlantic\South_Georgia
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Atlantic\St_Helena
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Atlantic\Stanley
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Australia\Adelaide
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Australia\Brisbane
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Australia\Broken_Hill
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Australia\Currie
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Australia\Darwin
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Australia\Eucla
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Australia\Hobart
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Australia\Lindeman
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Australia\Lord_Howe
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Australia\Melbourne
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Australia\Perth
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Australia\Sydney
c:\program files\A1\A1 Medienmanager\jre\lib\zi\CET
c:\program files\A1\A1 Medienmanager\jre\lib\zi\CST6CDT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\EET
c:\program files\A1\A1 Medienmanager\jre\lib\zi\EST
c:\program files\A1\A1 Medienmanager\jre\lib\zi\EST5EDT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-1
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-10
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-11
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-12
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-13
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-14
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-2
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-3
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-4
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-5
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-6
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-7
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-8
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT-9
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT+1
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT+10
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT+11
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT+12
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT+2
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT+3
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT+4
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT+5
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT+6
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT+7
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT+8
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\GMT+9
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\UCT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Etc\UTC
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Amsterdam
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Andorra
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Athens
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Belgrade
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Berlin
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Brussels
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Bucharest
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Budapest
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Chisinau
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Copenhagen
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Dublin
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Gibraltar
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Helsinki
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Istanbul
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Kaliningrad
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Kiev
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Lisbon
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\London
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Luxembourg
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Madrid
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Malta
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Minsk
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Monaco
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Moscow
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Oslo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Paris
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Prague
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Riga
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Rome
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Samara
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Simferopol
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Sofia
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Stockholm
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Tallinn
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Tirane
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Uzhgorod
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Vaduz
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Vienna
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Vilnius
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Volgograd
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Warsaw
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Zaporozhye
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Europe\Zurich
c:\program files\A1\A1 Medienmanager\jre\lib\zi\GMT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\HST
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Indian\Antananarivo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Indian\Chagos
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Indian\Christmas
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Indian\Cocos
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Indian\Comoro
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Indian\Kerguelen
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Indian\Mahe
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Indian\Maldives
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Indian\Mauritius
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Indian\Mayotte
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Indian\Reunion
c:\program files\A1\A1 Medienmanager\jre\lib\zi\MET
c:\program files\A1\A1 Medienmanager\jre\lib\zi\MST
c:\program files\A1\A1 Medienmanager\jre\lib\zi\MST7MDT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Apia
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Auckland
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Chatham
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Chuuk
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Easter
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Efate
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Enderbury
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Fakaofo
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Fiji
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Funafuti
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Galapagos
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Gambier
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Guadalcanal
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Guam
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Honolulu
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Johnston
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Kiritimati
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Kosrae
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Kwajalein
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Majuro
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Marquesas
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Midway
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Nauru
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Niue
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Norfolk
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Noumea
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Pago_Pago
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Palau
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Pitcairn
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Pohnpei
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Port_Moresby
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Rarotonga
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Saipan
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Tahiti
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Tarawa
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Tongatapu
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Wake
c:\program files\A1\A1 Medienmanager\jre\lib\zi\Pacific\Wallis
c:\program files\A1\A1 Medienmanager\jre\lib\zi\PST8PDT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\AST4
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\AST4ADT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\CST6
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\CST6CDT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\EST5
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\EST5EDT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\HST10
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\MST7
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\MST7MDT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\PST8
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\PST8PDT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\YST9
c:\program files\A1\A1 Medienmanager\jre\lib\zi\SystemV\YST9YDT
c:\program files\A1\A1 Medienmanager\jre\lib\zi\WET
c:\program files\A1\A1 Medienmanager\jre\lib\zi\ZoneInfoMappings
c:\program files\A1\A1 Medienmanager\jre\LICENSE
c:\program files\A1\A1 Medienmanager\jre\LICENSE.txt
c:\program files\A1\A1 Medienmanager\jre\README.txt
c:\program files\A1\A1 Medienmanager\jre\THIRDPARTYLICENSEREADME.txt
c:\program files\A1\A1 Medienmanager\jre\Welcome.html
c:\program files\A1\A1 Medienmanager\lib\antlr-2.7.6.jar
c:\program files\A1\A1 Medienmanager\lib\aopalliance-1.0.jar
c:\program files\A1\A1 Medienmanager\lib\aspectjrt-1.6.2.jar
c:\program files\A1\A1 Medienmanager\lib\commons-beanutils-1.8.3.jar
c:\program files\A1\A1 Medienmanager\lib\commons-codec-1.4.jar
c:\program files\A1\A1 Medienmanager\lib\commons-collections-3.2.1.jar
c:\program files\A1\A1 Medienmanager\lib\commons-httpclient-3.1.jar
c:\program files\A1\A1 Medienmanager\lib\commons-io-1.4.jar
c:\program files\A1\A1 Medienmanager\lib\commons-lang-2.5.jar
c:\program files\A1\A1 Medienmanager\lib\commons-net-2.2.jar
c:\program files\A1\A1 Medienmanager\lib\concurrent-1.3.4.jar
c:\program files\A1\A1 Medienmanager\lib\derby-10.6.2.1.jar
c:\program files\A1\A1 Medienmanager\lib\dom4j-1.6.1.jar
c:\program files\A1\A1 Medienmanager\lib\filters-2.0.235.jar
c:\program files\A1\A1 Medienmanager\lib\geronimo-spec-jta-1.0-M1.jar
c:\program files\A1\A1 Medienmanager\lib\hibernate-commons-annotations-3.2.0.Final.jar
c:\program files\A1\A1 Medienmanager\lib\hibernate-core-3.6.1.Final.jar
c:\program files\A1\A1 Medienmanager\lib\hibernate-jpa-2.0-api-1.0.0.Final.jar
c:\program files\A1\A1 Medienmanager\lib\i4jruntime-4.2.8.jar
c:\program files\A1\A1 Medienmanager\lib\jackrabbit-core-1.1.1.jar
c:\program files\A1\A1 Medienmanager\lib\jackrabbit-jcr-client-1.1.1.jar
c:\program files\A1\A1 Medienmanager\lib\jackrabbit-jcr-commons-1.1.1.jar
c:\program files\A1\A1 Medienmanager\lib\jackrabbit-jcr-webdav-1.1.1.jar
c:\program files\A1\A1 Medienmanager\lib\javahelp-2.0.05.jar
c:\program files\A1\A1 Medienmanager\lib\javassist-3.11.0.GA.jar
c:\program files\A1\A1 Medienmanager\lib\jcl-over-slf4j-1.6.1.jar
c:\program files\A1\A1 Medienmanager\lib\jcr-1.0.jar
c:\program files\A1\A1 Medienmanager\lib\jetty-6.1.26.jar
c:\program files\A1\A1 Medienmanager\lib\jetty-embedded-6.1.26.jar
c:\program files\A1\A1 Medienmanager\lib\jetty-sslengine-6.1.26.jar
c:\program files\A1\A1 Medienmanager\lib\jetty-util-6.1.26.jar
c:\program files\A1\A1 Medienmanager\lib\jna-3.0.9.jar
c:\program files\A1\A1 Medienmanager\lib\jsp-api-2.1.jar
c:\program files\A1\A1 Medienmanager\lib\jta-1.1.jar
c:\program files\A1\A1 Medienmanager\lib\logback-classic-0.9.26.jar
c:\program files\A1\A1 Medienmanager\lib\logback-core-0.9.26.jar
c:\program files\A1\A1 Medienmanager\lib\mediaclient-backup-service-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\mediaclient-commons-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\mediaclient-firewall-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\mediaclient-gui-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\mediaclient-help-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\mediaclient-installer-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\mediaclient-plaf-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\mediaclient-res-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\mediaclient-storage-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\mediaclient-thumbnails-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\mediautil-1.1.0.jar
c:\program files\A1\A1 Medienmanager\lib\meta-data-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\metadata-extractor-2.4.0-beta-1.jar
c:\program files\A1\A1 Medienmanager\lib\playlist-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\quartz-1.6.3.jar
c:\program files\A1\A1 Medienmanager\lib\scenario-1.0.1.jar
c:\program files\A1\A1 Medienmanager\lib\servlet-api-2.5-20081211.jar
c:\program files\A1\A1 Medienmanager\lib\slf4j-api-1.6.1.jar
c:\program files\A1\A1 Medienmanager\lib\spring-aop-3.0.5.RELEASE.jar
c:\program files\A1\A1 Medienmanager\lib\spring-asm-3.0.5.RELEASE.jar
c:\program files\A1\A1 Medienmanager\lib\spring-beans-3.0.5.RELEASE.jar
c:\program files\A1\A1 Medienmanager\lib\spring-context-3.0.5.RELEASE.jar
c:\program files\A1\A1 Medienmanager\lib\spring-context-support-3.0.5.RELEASE.jar
c:\program files\A1\A1 Medienmanager\lib\spring-core-3.0.5.RELEASE.jar
c:\program files\A1\A1 Medienmanager\lib\spring-expression-3.0.5.RELEASE.jar
c:\program files\A1\A1 Medienmanager\lib\spring-jdbc-3.0.5.RELEASE.jar
c:\program files\A1\A1 Medienmanager\lib\spring-orm-3.0.5.RELEASE.jar
c:\program files\A1\A1 Medienmanager\lib\spring-security-core-2.0.5.RELEASE.jar
c:\program files\A1\A1 Medienmanager\lib\spring-security-core-tiger-2.0.5.RELEASE.jar
c:\program files\A1\A1 Medienmanager\lib\spring-tx-3.0.5.RELEASE.jar
c:\program files\A1\A1 Medienmanager\lib\swing-worker-1.1.jar
c:\program files\A1\A1 Medienmanager\lib\swingx-1.6.1.jar
c:\program files\A1\A1 Medienmanager\lib\truezip-6.8.2.jar
c:\program files\A1\A1 Medienmanager\lib\upnp-device-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\upnp-mediaserver-1.3.0.jar
c:\program files\A1\A1 Medienmanager\lib\xercesImpl-2.6.2.jar
c:\program files\A1\A1 Medienmanager\lib\xmlParserAPIs-2.0.2.jar
c:\program files\A1\A1 Medienmanager\licenses\apache.txt
c:\program files\A1\A1 Medienmanager\licenses\berkeley.txt
c:\program files\A1\A1 Medienmanager\licenses\bsd.txt
c:\program files\A1\A1 Medienmanager\licenses\gpl.txt
c:\program files\A1\A1 Medienmanager\licenses\lgpl.txt
c:\program files\A1\A1 Medienmanager\licenses\mit.txt
c:\program files\A1\A1 Medienmanager\licenses\opensolaris.txt
c:\program files\A1\A1 Medienmanager\Medienmanager.exe
c:\program files\A1\A1 Medienmanager\native\ffmpeg.exe
c:\program files\A1\A1 Medienmanager\native\Silent_Upgrade_Stone.zip
c:\program files\A1\A1 Medienmanager\native\SystemUtilities.dll
c:\program files\A1\A1 Medienmanager\uninstall.exe
c:\program files\A1\A1 Servicecenter\A1Servicecenter.chm
c:\program files\A1\A1 Servicecenter\A1Servicecenter.exe
c:\program files\A1\A1 Servicecenter\Content\broadband.html
c:\program files\A1\A1 Servicecenter\Content\cd_index.html
c:\program files\A1\A1 Servicecenter\Content\cd_more.html
c:\program files\A1\A1 Servicecenter\Content\fonts\a1ta_medium_web01-webfont.ttf
c:\program files\A1\A1 Servicecenter\Content\fonts\a1ta_regular_web01-webfont.ttf
c:\program files\A1\A1 Servicecenter\Content\img\01a_a1_breitband_200x300.png
c:\program files\A1\A1 Servicecenter\Content\img\01a_weitere_services.png
c:\program files\A1\A1 Servicecenter\Content\img\01a_wlan_einrichten.png
c:\program files\A1\A1 Servicecenter\Content\img\02a_a1_breitband_installieren_200x366.png
c:\program files\A1\A1 Servicecenter\Content\img\02a_modemkonfigurationssoftware.png
c:\program files\A1\A1 Servicecenter\Content\img\02a_modemwechselsoftware.png
c:\program files\A1\A1 Servicecenter\Content\img\02b_breitband_unterwegs.png
c:\program files\A1\A1 Servicecenter\Content\img\02b_breitband_zuhause.png
c:\program files\A1\A1 Servicecenter\Content\img\02b_hinzufuegen.png
c:\program files\A1\A1 Servicecenter\Content\img\02b_installation.png
c:\program files\A1\A1 Servicecenter\Content\img\02b_wiederherstellen.png
c:\program files\A1\A1 Servicecenter\Content\img\03_zusaetzliche_wlan_geraete.png
c:\program files\A1\A1 Servicecenter\Content\img\03_zusaetzliche_wlan_sicherheitseinstellungen.png
c:\program files\A1\A1 Servicecenter\Content\img\1x1_white_15.png
c:\program files\A1\A1 Servicecenter\Content\img\AdobeX_48x48.png
c:\program files\A1\A1 Servicecenter\Content\img\back.gif
c:\program files\A1\A1 Servicecenter\Content\img\bg_box_big.png
c:\program files\A1\A1 Servicecenter\Content\img\bg_box_small.png
c:\program files\A1\A1 Servicecenter\Content\img\bg_overlay.png
c:\program files\A1\A1 Servicecenter\Content\img\box_arrow_down.png
c:\program files\A1\A1 Servicecenter\Content\img\box_arrow_right.png
c:\program files\A1\A1 Servicecenter\Content\img\btn_close.png
c:\program files\A1\A1 Servicecenter\Content\img\FF_48x48.png
c:\program files\A1\A1 Servicecenter\Content\img\footer_trenner.gif
c:\program files\A1\A1 Servicecenter\Content\img\icon_warning.gif
c:\program files\A1\A1 Servicecenter\Content\img\IE_48x48.png
c:\program files\A1\A1 Servicecenter\Content\img\link_active_center.png
c:\program files\A1\A1 Servicecenter\Content\img\link_active_left.png
c:\program files\A1\A1 Servicecenter\Content\img\link_active_right.png
c:\program files\A1\A1 Servicecenter\Content\img\link_arrow.gif
c:\program files\A1\A1 Servicecenter\Content\img\link_arrow_back.gif
c:\program files\A1\A1 Servicecenter\Content\img\link_inactive_center.png
c:\program files\A1\A1 Servicecenter\Content\img\link_inactive_left.png
c:\program files\A1\A1 Servicecenter\Content\img\link_inactive_right.png
c:\program files\A1\A1 Servicecenter\Content\img\loader.gif
c:\program files\A1\A1 Servicecenter\Content\img\logo.jpg
c:\program files\A1\A1 Servicecenter\Content\img\logo_chrome_150.png
c:\program files\A1\A1 Servicecenter\Content\img\logo_chrome_48.png
c:\program files\A1\A1 Servicecenter\Content\img\logo_glas_48.png
c:\program files\A1\A1 Servicecenter\Content\img\logo_kabel_48.png
c:\program files\A1\A1 Servicecenter\Content\img\mm_icon_48x48.png
c:\program files\A1\A1 Servicecenter\Content\img\warning_bl.gif
c:\program files\A1\A1 Servicecenter\Content\img\warning_br.gif
c:\program files\A1\A1 Servicecenter\Content\img\warning_tl.gif
c:\program files\A1\A1 Servicecenter\Content\img\warning_tr.gif
c:\program files\A1\A1 Servicecenter\Content\includes\main.css
c:\program files\A1\A1 Servicecenter\Content\includes\main.js
c:\program files\A1\A1 Servicecenter\Content\index.html
c:\program files\A1\A1 Servicecenter\Content\more.html
c:\program files\A1\A1 Servicecenter\Content\wlan.html
c:\program files\A1\A1 Servicecenter\icudt42.dll
c:\program files\A1\A1 Servicecenter\libcef.dll
c:\program files\A1\A1 Servicecenter\M2Updater.exe
c:\program files\A1\A1 Servicecenter\reqdata.cfg
c:\program files\A1\A1 Servicecenter\Start.exe
c:\program files\A1\A1 Servicecenter\Start.ini
c:\program files\A1\A1 Webassistent\A1Breitband.chm
c:\program files\A1\A1 Webassistent\A1Breitband.exe
c:\program files\A1\A1 Webassistent\A1CMDTool.exe
c:\program files\A1\A1 Webassistent\A1Mailboxen.exe
c:\program files\A1\A1 Webassistent\A1Modemkonfigurator.exe
c:\program files\A1\A1 Webassistent\A1Webassistent.chm
c:\program files\A1\A1 Webassistent\A1Webassistent.exe
c:\program files\A1\A1 Webassistent\A1WLANAssistent.exe
c:\program files\A1\A1 Webassistent\inifiles.dat
c:\program files\A1\A1 Webassistent\ipworks6.dll
c:\program files\A1\A1 Webassistent\KCO.exe
c:\program files\A1\A1 Webassistent\M2Updater.exe
c:\windows\IsUn0407.exe
c:\windows\unin0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-04 bis 2012-10-04 ))))))))))))))))))))))))))))))
.
.
2012-10-04 16:32 . 2012-10-04 16:32 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-10-04 16:32 . 2012-10-04 16:32 -------- d-----w- c:\users\Gast\AppData\Local\temp
2012-10-04 16:32 . 2012-10-04 16:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-29 15:16 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-24 18:28 . 2012-09-24 18:28 -------- d-----w- C:\_OTL
2012-09-12 13:24 . 2012-09-12 13:24 -------- d-----w- c:\users\Erwin\AppData\Roaming\Malwarebytes
2012-09-12 13:14 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 13:14 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 13:14 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 13:14 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 13:14 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 13:14 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 13:14 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\rndismpx.sys
2012-09-12 13:11 . 2012-09-12 13:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-12 13:11 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-23 12:03 . 2012-04-01 08:40 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-23 12:03 . 2011-05-24 10:49 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-18 17:47 . 2012-08-15 19:37 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-29 10:37 . 2012-04-25 10:35 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Erwin\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Erwin\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Erwin\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-09 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GDFirewallTray"="c:\program files\G Data\TotalCare\Firewall\GDFirewallTray.exe" [2009-09-24 1124424]
"G DATA AntiVirus Trayapplication"="c:\program files\G Data\TotalCare\AVKTray\AVKTray.exe" [2009-09-18 924232]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
.
c:\users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Erwin\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-11 19:00 919008 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2009-06-03 19:59 103720 ------w- c:\program files\CyberLink\Power2Go\CLMLSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
2009-10-02 12:26 284696 ----a-w- c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2009-08-04 15:17 7703072 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2012-08-20 12:44 1193176 ----a-w- c:\users\Erwin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-02-09 11:25 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 G Data Tuner Service;G Data Tuner Service;c:\program files\G Data\TotalCare\AVKTuner\AVKTunerService.exe [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [x]
S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\DRIVERS\gdwfpcd32.sys [x]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G DATA\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G Data Scheduler;c:\program files\G Data\TotalCare\AVK\AVKService.exe [x]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files\G Data\TotalCare\AVK\AVKWCtl.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 G Data Backup Service;G Data Backup Service;c:\program files\G Data\TotalCare\AVKBackup\AVKBackupService.exe [x]
S3 GDFwSvc;G Data Personal Firewall;c:\program files\G Data\TotalCare\Firewall\GDFwSvc.exe [x]
S3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [x]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [x]
S3 GDScan;G Data Scanner;c:\program files\Common Files\G DATA\GDScan\GDScan.exe [x]
S3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 12:03]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 21:45]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 21:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.flamesofwar.com/
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Erwin\AppData\Roaming\Mozilla\Firefox\Profiles\ccm3wxbg.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-A1Webassistent - c:\program files\A1\A1 Webassistent\A1Webassistent.exe
AddRemove-8781-9705-0578-2960 - c:\program files\A1\A1 Medienmanager\uninstall.exe
AddRemove-AVS Update Manager_is1 - c:\program files\AVS4YOU\AVSUpdateManager\unins000.exe
AddRemove-AVS4YOU Software Navigator_is1 - c:\program files\AVS4YOU\AVSSoftwareNavigator\unins000.exe
AddRemove-AVS4YOU Video Converter 6_is1 - c:\program files\AVS4YOU\AVSVideoConverter6\unins000.exe
AddRemove-QuickTime 3.0 - c:\windows\unin0407.exe
AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\program files\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4}
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C8PD}_is1 - c:\games\World_of_Tanks_Physics_Preview\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-10-04 18:44:15
ComboFix-quarantined-files.txt 2012-10-04 16:44
.
Vor Suchlauf: 8 Verzeichnis(se), 897.971.871.744 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 897.906.946.048 Bytes frei
.
- - End Of File - - 56DCC1D97D10F8E3AFE44CDAAE762234
*Halb-OT:* Beachte bitte dass ich morgen für 10 Tage schulisch nach England reise und daher keine Anweisungen ausführen kann! hellofan |
|
04.10.2012, 19:32
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Combofix hat dir A1 gelöscht, brauchst du das noch?
__________________ --> RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? |
|
16.10.2012, 14:34
| #22 |
| | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Hallo, bin wieder da (hab nur vergessen gleich hier nachzusehen). In dem A1-Ordner sind vor allem so sachen wie ein völlig lahmes Cloud-programm drinnen. Die hats dazuinstalliert als ich für die breitbandverbindung eine installations-cd ausführte. Da ich aber nach dem ausführen von Combofix immer noch ins Internet kam nehme ich an dass die zum Internetzugriff nötigen Dateien irgendwo anders liegen. Und wenn ich von dem Zeug jemals irgendwas wieder brauche kann ichs ja neu installieren. Daher nicht mehr unbedingt notwendig. hellofan |
|
17.10.2012, 11:48
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.10.2012, 13:13
| #24 | |
| | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Kurze Zwischenfrage dazu bevor ich deine Anweisungen heute Abend wenn ich wieder Zeit habe ausführen kann: Ist das entpacken per IZArc möglich oder muss es unbedingt eines dieser Programme sein? Zitat:
hellofan |
|
17.10.2012, 15:55
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? IZArc kenn ich nicht Wie gessagt verwende 7zip oder WinRAR damit geht es auf jeden Fall
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.10.2012, 21:32
| #26 |
| | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Hallo Hier die Logs: Gmer: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-10-17 20:36:14
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD10 rev.80.0
Running: 7pztdyog.exe; Driver: C:\Users\Erwin\AppData\Local\Temp\pwdoapod.sys
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 834533C9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 8348CD52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
PAGE spsys.sys!?SPRevision@@3PADA + 4F90 AE23A000 221 Bytes [8B, FF, 55, 8B, EC, 33, C0, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 506E AE23A0DE 68 Bytes [AE, 75, 06, 09, 0D, 28, 55, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 50B3 AE23A123 629 Bytes [55, 23, AE, FE, 05, 34, 55, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 5329 AE23A399 101 Bytes [6A, 28, 59, A5, 5E, C6, 03, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 538F AE23A3FF 148 Bytes [18, 5D, C2, 14, 00, 8B, FF, ...]
PAGE ...
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [744E24CB] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [744C562E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [744C56EC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [744E2546] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [744D85AA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [744D4D5E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [744D5105] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [744D51DA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [744D6707] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [744D8301] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [744D8850] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [744D90B1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [744DE254] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [744D4C90] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[6048] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75A2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[6048] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75A2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[6048] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75A2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[6048] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75A2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[6048] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75A2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device \Driver\ACPI_HAL \Device\00000049 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
Bei osam hab ich als es die Onlinedatenbank abgleichen wollte auf "cancel" gedrückt, ich hoff das war was du meintest. Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:04:53 on 17.10.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl "ISUSPM.cpl" - "Macrovision Corporation" - C:\Windows\system32\ISUSPM.cpl "QuickTime.cpl" - "Apple Computer, Inc." - C:\Windows\system32\QuickTime.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office12\MLCFG32.CPL [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\Users\Erwin\AppData\Local\Temp\catchme.sys (File not found) "G Data Rootkit Detector Driver" (GRD) - "G Data Software" - C:\Windows\system32\drivers\GRD.sys "G DATA WFP CD" (gdwfpcd) - "G DATA Software AG" - C:\Windows\System32\DRIVERS\gdwfpcd32.sys "GDBehave" (GDBehave) - "G Data Software AG" - C:\Windows\System32\drivers\GDBehave.sys "GDMnIcpt" (GDMnIcpt) - "G Data Software AG" - C:\Windows\system32\drivers\MiniIcpt.sys "GDPkIcpt" (GDPkIcpt) - "G DATA Software AG" - C:\Windows\system32\drivers\PktIcpt.sys "HookCentre" (HookCentre) - "G Data Software AG" - C:\Windows\system32\drivers\HookCentre.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {04184942-D1DF-4B17-BD72-81C230531CA6} "AVKVirtualFolder Class" - "G Data Software AG" - C:\Program Files\G Data\TotalCare\AVKBackup\AVKBackupNSE.dll {6230EF55-8E71-4F40-861A-DBA282584FF5} "AVSVideoConverter Object" - ? - C:\PROGRA~1\AVS4YOU\AVSVID~1\AVSVID~1.DLL (File not found) {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\Display\nvui.dll {EB47FF00-225E-11D2-9E1D-00A0C9AB0EEE} "eLicense Control" - ? - C:\Windows\lcmmfu.cpl {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {CA5FEE26-14C1-4B5A-86E9-233FC0EE2682} "IZArc DragDrop Menu" - ? - C:\PROGRA~1\IZArc\IZArcCM.dll (File found, but it contains no detailed information) {BC593DF5-466F-44EC-8FFD-C4DBC603B917} "IZArc Shell Context Menu" - ? - C:\PROGRA~1\IZArc\IZArcCM.dll (File found, but it contains no detailed information) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office12\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office12\OLKFSTUB.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "eBay - Der weltweite Online-Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 (HTTP value) -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_18" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} "Java Plug-in 1.6.0_18" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_18" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_18.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} "Microsoft Genuine Advantage Self Support Tool" - "Microsoft Corporation" - C:\Windows\system32\SelfHelpControl.DLL / hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab {02BCC737-B171-4746-94C9-0D8A0B2C0089} "Microsoft Office Template and Media Control" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office12\IEAWSDC.DLL / hxxp://office.microsoft.com/sites/production/ieawsdc32.cab {233C1507-6A77-46A4-9443-F871F945D258} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\Windows\system32\Adobe\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash32_11_4_402_265.ocx / hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab {1E54D648-B804-468d-BC78-4AFFED8E262F} "System Requirements Lab Class" - "Husdawg, LLC" - C:\Windows\Downloaded Program Files\sysreqlab_nvd.dll / hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab {17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\Windows\system32\LegitCheckControl.DLL / hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab {7530BFB8-7293-4D34-9923-61A11451AFC5} "{7530BFB8-7293-4D34-9923-61A11451AFC5}" - ? - (File not found | COM-object registry key not found) / hxxp://download.eset.com/special/eos/OnlineScanner.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll "eBay - Der weltweite Online-Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 (HTTP value) {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {0124123D-61B4-456f-AF86-78C53A0790C5} "G Data WebFilter" - "G Data Software AG" - C:\Program Files\G Data\TotalCare\Webfilter\AVKWebIE.dll <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {0124123D-61B4-456f-AF86-78C53A0790C5} "G Data WebFilter" - "G Data Software AG" - C:\Program Files\G Data\TotalCare\Webfilter\AVKWebIE.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corporation" - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Erwin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Dropbox.lnk" - "Dropbox, Inc." - C:\Users\Erwin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "G DATA AntiVirus Trayapplication" - "G Data Software AG" - C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe "GDFirewallTray" - "G DATA Software AG" - C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe "G Data AntiVirus Proxy" (AVKProxy) - "G Data Software AG" - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe "G Data Backup Service" (G Data Backup Service) - "G Data Software AG" - C:\Program Files\G Data\TotalCare\AVKBackup\AVKBackupService.exe "G Data Dateisystem Wächter" (AVKWCtl) - "G Data Software AG" - C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe "G Data Personal Firewall" (GDFwSvc) - "G Data Software AG" - C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe "G Data Scanner" (GDScan) - "G Data Software AG" - C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe "G Data Scheduler" (AVKService) - "G Data Software AG" - C:\Program Files\G Data\TotalCare\AVK\AVKService.exe "G Data Tuner Service" (G Data Tuner Service) - "G Data Software AG" - C:\Program Files\G Data\TotalCare\AVKTuner\AVKTunerService.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Intel(R) Rapid Storage Technology" (IAStorDataMgrSvc) - "Intel Corporation" - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe "LicCtrl Service" (LicCtrlService) - ? - C:\Windows\runservice.exe (File found, but it contains no detailed information) "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe "NVIDIA Update Service Daemon" (nvUpdatusService) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "ProtexisLicensing" (ProtexisLicensing) - ? - C:\Windows\system32\PSIService.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-17 21:10:09
-----------------------------
21:10:09.526 OS Version: Windows 6.1.7601 Service Pack 1
21:10:09.526 Number of processors: 4 586 0x2502
21:10:09.526 ComputerName: ERWIN-PC UserName: Erwin
21:10:11.632 Initialize success
21:29:47.089 AVAST engine defs: 12101701
21:31:59.190 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:31:59.190 Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3
21:31:59.206 Disk 0 MBR read successfully
21:31:59.206 Disk 0 MBR scan
21:31:59.362 Disk 0 unknown MBR code
21:31:59.393 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:31:59.424 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 932262 MB offset 206848
21:31:59.455 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 20480 MB offset 1909479424
21:31:59.502 Disk 0 Partition 4 00 12 Compaq diag NTFS 1025 MB offset 1951422464
21:31:59.533 Disk 0 scanning sectors +1953521664
21:31:59.689 Disk 0 scanning C:\Windows\system32\drivers
21:32:19.533 Service scanning
21:32:43.650 Modules scanning
21:32:47.176 Disk 0 trace - called modules:
21:32:47.191 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
21:32:47.207 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8863e9c8]
21:32:47.207 3 CLASSPNP.SYS[8bf8859e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86ac5028]
21:32:50.046 AVAST engine scan C:\Windows
21:34:37.421 AVAST engine scan C:\Windows\system32
21:46:32.807 AVAST engine scan C:\Windows\system32\drivers
21:46:53.930 AVAST engine scan C:\Users\Erwin
22:16:52.862 AVAST engine scan C:\ProgramData
22:23:10.305 Scan finished successfully
22:26:16.803 Disk 0 MBR has been saved successfully to "C:\Users\Erwin\Desktop\MBR.dat"
22:26:16.803 The log file has been saved successfully to "C:\Users\Erwin\Desktop\aswMBR.txt"
|
|
17.10.2012, 22:09
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.10.2012, 19:21
| #28 |
| | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Hallo Den aswMBR-Fix hab ich ausgeführt, ich denke der hat auch funktioniert, auch wenn mir die benötigte zeit etwas kurz vorgekommen ist (hat nur wenige sekunden gebraucht, dann stand das "finnished"). Allerdings hat sich beim anschließendem Scan (nach neustart natürlich) der PC selbst ausgeschaltet ("Windows has been shut down to prevent damage..."). Soll ichs den Scan einfach nochmal probieren oder heisst das schon dass alles "kaputt" ist? hellofan |
|
23.10.2012, 15:16
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Nein das kann durchaus mal vorkorkommen, mach den Scan einfach nochmal Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.10.2012, 19:15
| #30 |
| | RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? Hallo aswMBR-log: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-24 19:30:47
-----------------------------
19:30:47.570 OS Version: Windows 6.1.7601 Service Pack 1
19:30:47.570 Number of processors: 4 586 0x2502
19:30:47.570 ComputerName: ERWIN-PC UserName: Erwin
19:31:27.381 Initialize success
19:31:35.883 AVAST engine defs: 12102400
19:32:00.953 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:32:00.968 Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3
19:32:00.984 Disk 0 MBR read successfully
19:32:00.984 Disk 0 MBR scan
19:32:00.984 Disk 0 Windows 7 default MBR code
19:32:00.999 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:32:00.999 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 932262 MB offset 206848
19:32:01.031 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 20480 MB offset 1909479424
19:32:01.046 Disk 0 Partition 4 00 12 Compaq diag NTFS 1025 MB offset 1951422464
19:32:01.062 Disk 0 scanning sectors +1953521664
19:32:01.140 Disk 0 scanning C:\Windows\system32\drivers
19:32:09.735 Service scanning
19:32:26.084 Modules scanning
19:32:30.109 Disk 0 trace - called modules:
19:32:30.125 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
19:32:30.125 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8863e920]
19:32:30.140 3 CLASSPNP.SYS[8bf8359e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86ac2028]
19:32:34.243 AVAST engine scan C:\Windows
19:32:39.001 AVAST engine scan C:\Windows\system32
19:34:40.666 AVAST engine scan C:\Windows\system32\drivers
19:34:51.445 AVAST engine scan C:\Users\Erwin
19:39:16.739 AVAST engine scan C:\ProgramData
19:47:26.019 Scan finished successfully
20:09:08.090 Disk 0 MBR has been saved successfully to "C:\Users\Erwin\Desktop\MBR.dat"
20:09:08.106 The log file has been saved successfully to "C:\Users\Erwin\Desktop\aswMBRafterfix.txt"
|
|
| Themen zu RunDll : install_0_msi.exe wurde nicht gefunden, trojaner? |
| appdata, befall, beim starten, computersperrung, datei, desktop, dll, einfach, forum, gdata, install, install_0_msi.exe, internet, ism_0_llatsni.pad, modul, neustarten, problem, problem beim starten von c, quarantäne, rundll, scan, surfen, system, temp, trojaner, trojaner?, verschieben, windows, windows 7 |
Linear-Darstellung
