Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.01.2013, 14:19   #1
Carrab17
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



Hallo,

ich bin neu hier. Letzte Woche Mittwoch habe habe eine E-Mail von einem, mir unbekannten, Absender erhalten. Inhalt war eine Zahlungsaufforderung für eine von mir nie bestellte Lieferung.
An die E-Mail war eine Zip-Datei angehängt, die ich dummerweise geöffnet habe. Danach ist nichts passiert. Auch mein Antivirenprogramm (AVG Anti-Virus Free Edition 2013) hat nichts gemeldet. Hab meinen Laptop zugeklappt (ihn noch nicht runtergefahren) und ihn danach erstmal nicht mehr verwendet.

Am Sonntag hat mein Vater meinen Rechner neugestartet und von einer Avira
Professional Rescue CD gebooted. Das Programm hat weder infizierte, noch verdächtige Dateien gefunden.

Über einen zweiten Rechner habe ich im Internet nach ähnlichen Problemen recherchiert und dabei gelesen, dass einige Trojaner, die durch solche Zip-Dateien verschickt werden können, sich auch von professionellen Virenprogrammen schwer finden lassen.
Ich bin mir nicht sicher, ob sich durch das Öffnen der Datei überhaupt ein Trojaner oder ein Virus auf meinem Computer installiert hat. Es ist seitdem nichts Außergewöhnliches passiert, aber ich will sicher sein, dass mein Rechner auch wirklich nicht infiziert ist, bevor ich ihn wieder normal nutze und externe Geräte anschließe.

Kann mir bitte jemand helfen? VG

Alt 28.01.2013, 15:00   #2
markusg
/// Malware-holic
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



hi
bitte solche Mails immer an uns weiterleiten.
wie das geht, steht in meiner signatur.
Avira logs mit funden posten, lizenzangaben bitte streichen.
welches Betriebssystem?
__________________

__________________

Alt 28.01.2013, 15:06   #3
Carrab17
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



Hallo,

ich hatte Ihnen gestern schon eine E-Mail deswegen geschickt. In ihrer Antwort schrieben Sie:

Zitat:

"die Mail wird uns nichts nützen, da sie bereits einige Tage alt ist sind die dort verwendeten server bereits offline.
was ich anbieten kann, eröffne ein Thema bei uns [...]"

Mein Betriebssystem ist Windows 7.

Hier die Avira logs:


configuration file:/etc/avira/scancl.conf

WARNING: (Unexpected end of file)/media/Devices/sda2/User/***/AppData/Roaming/Move/Networks/uninstall.exe

WARNING: (Error opening file.(Input/Output error))/media/Devices/sda2/ProgramData/AVG2013/Chjw/884624644624556a.dat

WARNING: (Error opening file.(Input/Output error))/media/Devices/sda2/ProgramData/AVG2013/Chjw/ec8e215e8e212296.dat

WARNING: (File is encrypted)/media/Devices/sda2/ProgramData/AVG2013/Ids/config/quarantinedList.zip

WARNING: (File is encrypted)/media/Devices/sda2/ProgramData/AVG2013/Ids/config/quarantinedList.zip.bak

Directories: 26712
Archives: 1557
Files: 437483
Infected: 0
Warnings: 5
Suspicious: 0

Bei der ersten Warnung hab ich meinen Namen durch drei Sternchen ersetzt.
__________________

Geändert von Carrab17 (28.01.2013 um 15:44 Uhr)

Alt 29.01.2013, 15:55   #4
markusg
/// Malware-holic
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



Hi,
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 29.01.2013, 16:32   #5
Carrab17
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



hier sind die Logs:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 29.01.2013 16:09:29 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\Daten\Carmen\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 59,48% Memory free
3,75 Gb Paging File | 2,26 Gb Available in Paging File | 60,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,89 Gb Total Space | 43,22 Gb Free Space | 57,71% Space Free | Partition Type: NTFS
Drive D: | 7,20 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 72,68 Gb Total Space | 19,83 Gb Free Space | 27,28% Space Free | Partition Type: NTFS
 
Computer Name: CARMEN | User Name: Carmen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.29 16:03:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Daten\Carmen\Desktop\OTL.exe
PRC - [2013.01.15 13:52:12 | 001,101,488 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
PRC - [2013.01.15 13:52:12 | 000,945,328 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
PRC - [2012.12.11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgui.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgidsagent.exe
PRC - [2012.10.30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgrsx.exe
PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.10.22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgnsx.exe
PRC - [2012.10.22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgemcx.exe
PRC - [2012.10.22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgcsrvx.exe
PRC - [2011.08.08 13:43:58 | 000,690,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2011.08.08 13:36:58 | 000,087,960 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2011.05.09 16:06:02 | 002,750,376 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2011.04.01 17:41:44 | 000,152,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.26 23:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010.11.26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010.11.20 04:17:58 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 04:17:42 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.09.06 16:18:00 | 000,746,384 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2009.07.14 02:14:45 | 000,396,800 | -HS- | M] (Microsoft Corporation) -- C:\Programme\Windows Mail\WinMail.exe
PRC - [2009.05.15 11:36:50 | 000,251,184 | R--- | M] (BUFFALO INC.) -- C:\Programme\BUFFALO\NASNAVI\nassvc.exe
PRC - [2009.05.15 11:36:48 | 001,553,800 | R--- | M] (BUFFALO INC.) -- C:\Programme\BUFFALO\NASNAVI\NasNavi.exe
PRC - [2009.05.15 11:36:48 | 000,206,128 | R--- | M] (BUFFALO INC.) -- C:\Programme\BUFFALO\NASNAVI\nassche.exe
PRC - [2009.04.07 12:53:32 | 000,030,440 | ---- | M] () -- C:\Programme\dcmsvc\dcmsvc.exe
PRC - [2008.02.22 04:25:21 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
PRC - [2007.09.26 16:15:22 | 000,245,760 | ---- | M] (Dossin-Brade GbR) -- C:\Windows\System32\studnet\studnet.exe
PRC - [2007.08.15 14:31:50 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPStart.exe
PRC - [2007.08.15 13:58:02 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynToshiba.exe
PRC - [2007.08.09 18:26:42 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.08.01 13:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2007.06.27 11:28:40 | 000,436,088 | ---- | M] () -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2007.06.18 09:51:10 | 001,507,328 | ---- | M] (Interactive Digital Media) -- C:\Programme\IDM\Desktop SMS\DesktopSMS.exe
PRC - [2007.06.11 12:10:04 | 004,762,624 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2007.05.22 16:32:52 | 000,538,744 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2007.05.22 10:50:02 | 000,413,696 | ---- | M] (Chicony) -- C:\Programme\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2007.04.03 16:52:22 | 000,509,496 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2007.03.29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007.03.29 10:39:00 | 000,411,192 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2007.01.10 12:45:02 | 000,554,616 | ---- | M] (Symantec Corporation) -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007.01.09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) -- C:\Programme\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007.01.05 01:19:28 | 000,047,712 | ---- | M] (Symantec Corporation) -- C:\Programme\Common Files\Symantec Shared\AppCore\AppSvc32.exe
PRC - [2007.01.04 22:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Programme\Viewpoint\Common\ViewpointService.exe
PRC - [2006.11.14 19:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2006.08.23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006.05.25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.01.15 13:52:12 | 001,101,488 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
MOD - [2013.01.15 13:52:12 | 000,156,848 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\SiteSafety.dll
MOD - [2013.01.11 23:49:20 | 000,519,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\a6536128c5f017a0352454c14966e855\TCrdMain.ni.exe
MOD - [2013.01.11 13:21:18 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.01.11 13:19:50 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5f3769db958cc666dc98cb7748a84ac9\PresentationFramework.ni.dll
MOD - [2013.01.11 13:18:18 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013.01.11 13:18:13 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.11 13:17:52 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\45e239d35a2c14b841dd4ef2c186ff2f\PresentationCore.ni.dll
MOD - [2013.01.11 13:17:13 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.11 13:16:51 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.11 13:16:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.11 13:16:07 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2010.11.13 01:02:21 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 09:47:20 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2009.04.07 12:53:32 | 000,030,440 | ---- | M] () -- C:\Programme\dcmsvc\dcmsvc.exe
MOD - [2007.08.29 15:11:16 | 000,958,464 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\de\TCrdMain.resources.dll
MOD - [2007.06.27 11:28:40 | 000,436,088 | ---- | M] () -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
MOD - [2007.06.11 12:10:04 | 004,762,624 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe
MOD - [2007.01.18 08:30:00 | 000,094,208 | ---- | M] () -- C:\Programme\IDM\Desktop SMS\oehook.dll
MOD - [2006.11.08 19:08:30 | 000,009,216 | ---- | M] () -- C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll
MOD - [2006.10.10 10:44:16 | 000,009,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2006.10.07 11:57:04 | 000,053,248 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2003.07.11 02:09:28 | 000,048,192 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\Web Folders\1031\NSEXTINT.DLL
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2013.01.15 13:52:12 | 000,945,328 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe -- (vToolbarUpdater14.0.1)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2011.04.01 17:41:44 | 000,152,496 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010.11.26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.11.20 04:17:58 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.08.06 22:32:20 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.22 03:13:57 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.05.15 11:36:50 | 000,251,184 | R--- | M] (BUFFALO INC.) [Auto | Running] -- C:\Programme\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService)
SRV - [2007.10.25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007.10.18 11:31:54 | 000,098,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2007.09.14 09:20:20 | 001,174,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007.08.01 13:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007.03.29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007.01.14 00:11:06 | 000,080,504 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2007.01.12 20:40:58 | 000,049,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007.01.10 12:45:02 | 002,918,008 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007.01.10 12:45:02 | 000,554,616 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler)
SRV - [2007.01.09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007.01.09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007.01.09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007.01.05 01:19:28 | 000,047,712 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2007.01.04 22:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Programme\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006.11.14 19:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006.08.23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006.05.25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2005.11.17 13:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013.01.15 13:52:12 | 000,031,576 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.11.15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012.10.22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012.10.15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.10.02 02:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.09.21 02:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.09.21 02:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012.09.21 02:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012.09.14 02:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.08.05 10:21:52 | 000,236,728 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2011.07.12 19:07:40 | 000,016,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2011.01.27 15:26:16 | 000,056,888 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2010.11.29 11:47:00 | 000,070,448 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2010.11.20 02:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.11 10:26:00 | 000,042,672 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2010.08.30 10:48:00 | 000,080,064 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2010.04.26 11:48:00 | 000,053,760 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2009.12.07 15:59:09 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.07.24 11:31:00 | 000,021,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2009.07.13 23:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.07.13 23:02:53 | 000,347,136 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2009.06.17 11:59:00 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2009.03.30 16:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2008.11.08 10:55:24 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007.11.09 04:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.09.14 09:21:48 | 000,115,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007.09.13 01:00:00 | 000,865,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070913.017\NAVEX15.SYS -- (NAVEX15)
DRV - [2007.09.13 01:00:00 | 000,081,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070913.017\NAVENG.SYS -- (NAVENG)
DRV - [2007.07.27 22:36:40 | 002,929,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.04.16 10:19:10 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007.03.21 21:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.02.24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.01.23 15:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.01.18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10N.sys -- (KR10N)
DRV - [2007.01.18 15:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10I.sys -- (KR10I)
DRV - [2007.01.11 19:22:20 | 000,276,792 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007.01.11 19:22:18 | 000,025,400 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007.01.11 19:22:14 | 000,247,608 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007.01.09 15:32:14 | 000,191,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2007.01.09 15:32:14 | 000,027,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2007.01.03 08:05:02 | 000,417,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006.12.27 23:48:26 | 000,212,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20070108.003\IDSvix86.sys -- (IDSvix86)
DRV - [2006.11.20 13:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006.10.30 10:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {D0D95264-BF0E-4BB0-A607-C7E0A8A4AB92}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D0D95264-BF0E-4BB0-A607-C7E0A8A4AB92}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1008082228\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{3D41F773-C2A2-4541-8F58-DF94FA1311D3}: "URL" = hxxp://search.yahoo.com/search?ei=utf-8&FR=chr-vmn&type=oovoo2_0yach&q={searchTerms}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={9121D0DD-B1D0-4507-B519-70177237FC12}&mid=0517661c2c8047d0a1cdd1e997726502-36ed5e2b35e1962daae7abf80e180f8b93f3b009&lang=de&ds=AVG&pr=fr&d=2012-09-09 15:38:01&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{D0D95264-BF0E-4BB0-A607-C7E0A8A4AB92}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNA_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Carmen\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Carmen\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Carmen\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Carmen\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.0.2.14 [2013.01.15 13:58:09 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Carmen\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Carmen\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Carmen\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\Carmen\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: AT_AnnaSui = C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjohejgigkmiclpgnilojffhiohcglib\3_0\
CHR - Extension: Google-Suche = C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: AVG Secure Search = C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.0.2.14_0\
CHR - Extension: Google Mail = C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Reg Error: Value error.) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1008082228\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1008082228\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [dcmsvc] C:\Programme\dcmsvc\dcmsvc.exe ()
O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
O4 - HKLM..\Run: [IS CfgWiz] C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe (Symantec Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [studNET-Autologin] C:\Windows\System32\studnet\studnet.exe (Dossin-Brade GbR)
O4 - HKCU..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
O4 - Startup: C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator.lnk = C:\Programme\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
O4 - Startup: C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk = C:\Programme\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} hxxp://www2.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{436CB8C7-7AD5-4C8B-9F18-D6752EFAA0A8}: NameServer = 139.18.25.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5A4C96C-3749-4E7D-80F7-4C4E5A982855}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{d99d1c2e-71cc-11e1-a097-00a0d1968cf1}\Shell - "" = AutoRun
O33 - MountPoints2\{d99d1c2e-71cc-11e1-a097-00a0d1968cf1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d99d1c37-71cc-11e1-a097-00a0d1968cf1}\Shell - "" = AutoRun
O33 - MountPoints2\{d99d1c37-71cc-11e1-a097-00a0d1968cf1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d99d1c3c-71cc-11e1-a097-00a0d1968cf1}\Shell - "" = AutoRun
O33 - MountPoints2\{d99d1c3c-71cc-11e1-a097-00a0d1968cf1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.29 16:03:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- E:\Daten\Carmen\Desktop\OTL.exe
[2013.01.27 13:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.01.27 13:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.01.11 16:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[1 E:\Daten\Carmen\Documents\*.tmp files -> E:\Daten\Carmen\Documents\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.29 16:03:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Daten\Carmen\Desktop\OTL.exe
[2013.01.29 15:24:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.29 13:01:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.28 15:11:15 | 000,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.28 15:11:15 | 000,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.28 13:57:10 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.28 13:57:10 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.28 13:57:10 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.28 13:57:10 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.27 18:45:53 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.27 18:45:45 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2013.01.27 18:45:34 | 000,382,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.27 18:44:39 | 1508,413,440 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.15 13:52:12 | 000,031,576 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013.01.11 16:06:09 | 000,000,956 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.01.02 00:11:14 | 000,017,408 | ---- | M] () -- C:\Users\Carmen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 E:\Daten\Carmen\Documents\*.tmp files -> E:\Daten\Carmen\Documents\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.01.15 13:57:48 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2012.11.09 18:45:16 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2012.10.01 21:07:24 | 000,684,916 | ---- | C] () -- C:\Windows\unins000.exe
[2012.10.01 21:07:24 | 000,012,452 | ---- | C] () -- C:\Windows\unins000.dat
[2012.07.29 18:54:25 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[2012.07.29 18:31:45 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2012.07.29 18:29:05 | 000,240,640 | ---- | C] () -- C:\Windows\System32\NMOCOD.DLL
[2011.12.21 22:01:53 | 000,017,408 | ---- | C] () -- C:\Users\Carmen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.28 07:09:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.11.17 22:34:27 | 000,021,532 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2008.03.07 20:09:31 | 000,000,016 | -H-- | C] () -- C:\Users\Carmen\mxfilerelatedcache.mxc2
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.11.17 21:59:35 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\Anvil-Soft
[2012.09.09 14:42:54 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\AVG2013
[2012.05.07 19:09:19 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\Canon
[2012.09.27 17:45:21 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1
[2011.11.17 21:59:37 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\Costco Photo Organizer
[2011.11.17 21:59:37 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\Costco Photo Viewer US
[2011.11.17 21:59:38 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\DesktopSMS
[2011.11.17 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\ICQ
[2008.03.08 18:21:01 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\ICQ Toolbar
[2011.11.17 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\InterVideo
[2011.11.17 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\IrfanView
[2011.11.17 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\Kybtec Software
[2011.11.17 22:02:17 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\MAGIX
[2011.11.17 22:02:49 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\MipKukSoft
[2011.11.17 22:02:49 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\NASNaviator2
[2012.09.01 10:36:57 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\ooVoo Details
[2011.11.17 22:03:16 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\TOSHIBA
[2012.09.09 14:39:53 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\TuneUp Software
[2011.11.17 22:03:16 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\Ulead Systems
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 29.01.2013 16:09:29 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\Daten\Carmen\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 59,48% Memory free
3,75 Gb Paging File | 2,26 Gb Available in Paging File | 60,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,89 Gb Total Space | 43,22 Gb Free Space | 57,71% Space Free | Partition Type: NTFS
Drive D: | 7,20 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 72,68 Gb Total Space | 19,83 Gb Free Space | 27,28% Space Free | Partition Type: NTFS
 
Computer Name: CARMEN | User Name: Carmen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1113CDEC-6064-4378-A5AC-B8088A49CCAC}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{118E5FAA-BB30-4A8D-B0D1-8C295A05280C}" = lport=443 | protocol=17 | dir=in | name=oovoo udp port 443 | 
"{1980C845-88F2-496F-80BD-FF39C8753F87}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{274B96D6-836D-43A6-86AC-BEA8750EAB16}" = lport=37674 | protocol=6 | dir=in | name=oovoo tcp port 37674 | 
"{2A47AA31-0E20-46A8-8643-A2D85EE84C88}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{34ECE41D-892A-49F7-8A4E-B0B41FAB1338}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{354369E8-A78A-42A9-B1ED-4CC397D852BA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{42260C57-19B4-42E9-9439-741C185CDDB7}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{4B8EA568-F583-4142-838C-1AD71044FF3F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{82E4389A-A732-456F-91F3-0202887EBC8E}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{9A0A20C8-BFF4-411B-8AD4-B0F7DEEC44E2}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{A87B6896-1AB4-4185-B873-9A61D6D8942D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CBC1BE0B-717F-429C-8E36-CCB59BB6E0BB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{D1F172F3-8F22-432D-9E41-D387F0D8E305}" = lport=443 | protocol=6 | dir=in | name=oovoo tcp port 443 | 
"{D26D169A-82DA-4408-B28A-B0CFA41D5C1B}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 | 
"{E2026AF4-30DC-451A-B7A9-4B2BE9E1154E}" = lport=37674 | protocol=17 | dir=in | name=oovoo udp port 37674 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009DA4F7-31D6-43ED-8691-466A56CD0B28}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{02A5C51F-260A-4E5D-9BD8-656A1AB74D8E}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{0365E911-CB97-447F-9B1C-87761EE73D95}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | 
"{04208F37-1DB7-47C5-9E78-9B0BB21D6B6F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{04C1D435-3F5A-4F01-BBE6-E7E835FC1AAA}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{064813E0-0C14-4F53-9329-AF81EB5EE212}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{1F8DCCBD-C39F-491E-90D5-8E0872A4A1FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{21A017C9-0124-4B9A-B0EC-E2642DD030B7}" = protocol=17 | dir=in | app=c:\program files\buffalo\nasnavi\nasnavi.exe | 
"{25AFFE1D-2CEC-43D4-888A-AA952D2292DD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{26F20B3D-65EA-445B-961F-A762F7D67A10}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | 
"{27CAEB48-D8E6-44D6-9275-E339C008CB36}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{2B21D3F3-9D9D-4EA7-B560-FE77219E2D1D}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{3724AE9C-212E-49E3-A967-6DB07C2BCDC3}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{3EE86B75-38D4-46DA-9A69-1AD646B248A9}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{4404530B-ED0D-4386-B144-6D575AE137BA}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{4BE207ED-0838-4CE9-BB31-3E534DEE887E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | 
"{4FC7E8AD-5609-4FC8-92AE-6C49C65F2EF3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{538BB92D-FB7A-4A89-AE87-B5164358130A}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{599BE9FD-2248-42AF-BD0E-BAD41B7E081C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6089468B-43B1-4575-AA1F-303640FF07C5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | 
"{6B986630-8F48-4645-83EE-24C938B10468}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{6CD57249-517D-4CF0-9072-EB5F2F2576C1}" = protocol=6 | dir=in | app=c:\program files\buffalo\nasnavi\nasnavi.exe | 
"{6FD18711-C7B9-4479-A64A-883B7C6EED9E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | 
"{705CB8B3-1FB1-4F50-AFAB-61CFCE906C16}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{7080B365-E8E1-4500-ABCC-859FC6A06820}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{71A31A35-7039-41BF-817E-98E59E03EC69}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{725E049E-7897-4E8C-8DCE-4CF67B9D3241}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | 
"{7F3D6139-C013-4F2F-9DA3-4A2D1B3236CC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{857D8BE1-5294-43C0-A22D-596FC56D1D82}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | 
"{88B7D8B5-86C6-43AF-91B2-A787C62ACF75}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | 
"{8919227D-1D80-4D28-A7FC-11B444064236}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{8A9C1D0C-0710-4E94-8ECA-C42717D579C0}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{8D020263-83CC-4E94-B9BD-7D5CCAEAD423}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8EB52670-4822-4AF4-8AC8-03151B8531F4}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{91BFC2FD-13F5-451F-9F96-5DE0CB0B0519}" = protocol=17 | dir=in | app=c:\program files\buffalo\nasnavi\nasinst.exe | 
"{956F815B-549C-4A6F-9933-0C3099EC0AF8}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | 
"{9C240A9B-AE56-4E57-8FF2-D0ED90316822}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{9CE2906E-DC79-4835-8D09-BAF34F49709A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AAF74F4D-381C-4FA5-80B8-C5775D895F64}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe | 
"{AFC4BB5C-D805-4206-886D-56513138E550}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{B25C3801-091C-4A20-AFC9-5CAF73EF2F6C}" = protocol=6 | dir=out | app=system | 
"{BC25236E-B825-4426-A18E-9CD856484A34}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{C73D23B8-7321-42A2-AE99-050B8BF165CD}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | 
"{C8EA5963-491A-43E1-A09D-5036CAF9223B}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | 
"{CB7AEE43-AE01-4792-BD21-961E12CE4314}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D03AC29D-387D-482B-B364-D628BEA4D6AA}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | 
"{D317129C-4B13-482A-B179-9B5C50CE49B7}" = protocol=6 | dir=in | app=c:\program files\buffalo\nasnavi\nasinst.exe | 
"{D42B672B-D835-4A1E-9A5E-9C1C756DF536}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{DB398679-F1EA-4963-8F10-0B4870A4D86C}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | 
"{DEBB2E25-0919-4E90-9686-629C42A2B9D4}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{E261A893-E8E9-4ED4-A4B8-102F02988607}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E3775C24-A7F2-4C80-A9EE-D214D1C0DA96}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe | 
"{E99AB90F-B454-41EC-9251-F0879F025C3E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | 
"TCP Query User{0E2A66C7-8468-4C7E-8447-47353ACA3068}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{102C8A84-4A78-429A-B2F1-DC7EFC615F7E}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe | 
"TCP Query User{1A473795-3F7A-4731-92DF-8A40BD45EE24}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{1B6EB279-F49E-4647-9C3F-1BE4D0DB243B}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{4114CB49-1BCD-4F60-896F-92E6AAF450A4}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"TCP Query User{5C94F5F3-66F3-4291-B9F8-89D06CBBEFB0}C:\program files\buffalo\nasnavi\nasnavi.exe" = protocol=6 | dir=in | app=c:\program files\buffalo\nasnavi\nasnavi.exe | 
"TCP Query User{668E2DE6-3D65-449E-A13F-500D60C9A93D}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{672E00EF-FD5B-49AF-9FA6-632D10D86253}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{777FB0FC-B1B7-470B-A79E-BD77ADC52AB3}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"TCP Query User{94DAA922-CC06-450B-BA81-3719FAB3B68E}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe | 
"TCP Query User{C9E68428-7E2D-47BC-8EF9-3A1A6A438144}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{0271A380-60D0-4CAC-8DDC-5B979072A657}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{1954CE25-9A66-4207-AB70-B26266081B29}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{1A15BF1D-D42C-486D-8F81-D51AD9E75957}C:\program files\buffalo\nasnavi\nasnavi.exe" = protocol=17 | dir=in | app=c:\program files\buffalo\nasnavi\nasnavi.exe | 
"UDP Query User{3C51F3A0-A1B0-4583-AED2-0CA04352C7DE}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{5AFCD9BA-6106-403E-9E9C-78226B4C42F4}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{6D8ABB5E-E66E-4D29-901E-43223F6EF480}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{8E12EC77-48EB-454D-B00C-B3D187FA2425}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe | 
"UDP Query User{9A9DEAFD-C1EE-4C95-A106-815570E0C72A}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"UDP Query User{B380DA08-BDC6-4B80-AC08-46E4ED7C1332}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{EE43040D-4B66-405C-A71D-2FBB9E858F4A}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe | 
"UDP Query User{F6DE6C1D-D5AD-4A11-A66B-4E8F9711B9B4}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{01244A94-5226-425B-84E0-E76839AD488B}" = PowerInfo und Zurück 2008
"{0221A397-962E-6D84-F786-64E445617999}" = CCC Help English
"{08CB1B3E-D42C-3ED5-7896-F8BC31839315}" = Catalyst Control Center Localization Czech
"{0AC49543-9CE2-4434-AD42-5AA6E2967FA5}" = Windows Live Toolbar
"{0C9B3E29-3B8B-295E-773B-82F3516F17DD}" = CCC Help Thai
"{0D99E1E9-D28C-6806-0820-13E10082CE7B}" = CCC Help Italian
"{0DC5B855-1CE2-9EA3-AA12-78C8939F68EF}" = Catalyst Control Center Core Implementation
"{0E2C948E-44D6-9A1C-54E7-05217E7DCC13}" = CCC Help Dutch
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1B5AB0D6-4F7C-9B93-5323-9037F1E61142}" = CCC Help Chinese Standard
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{21EA2A28-3146-E63D-16EE-0BF9FA3D6F5E}" = Catalyst Control Center Localization German
"{22543949-70E8-45D0-A938-F38143EB8BF8}" = Catalyst Control Center - Branding
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{25D4A6A6-BFBF-49AF-89CA-635A468B0515}" = Kybtec World Clock 3.3.1.1
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2BDF38E0-1A7F-4220-B4B7-118DD45E5E13}" = TOSHIBA Supervisor Password
"{2CCC5C78-20FF-478E-8B65-46B58CC5781B}" = AVG 2013
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{31C97472-E522-A760-F46D-FC0648F77E9C}" = CCC Help French
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40E3BE50-51A6-F8A0-DB5F-7C2698FA5E1F}" = CCC Help Spanish
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{432DC370-01EF-F2D8-34C3-27DCC9B13083}" = CCC Help Norwegian
"{44151656-ECAC-99DC-1AC5-1F06A1A62939}" = Catalyst Control Center Graphics Light
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{454AB369-FABF-EB84-FBC1-CA4E8FBD3926}" = Catalyst Control Center Localization Hungarian
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{497268C1-AE62-4A1D-1129-1D03183538B0}" = Catalyst Control Center Localization Portuguese
"{4CE6623E-C867-81B3-8B94-A4FE021782BF}" = CCC Help Portuguese
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{55FE1E6B-4E8A-0F2B-5B36-8F4363A0AEBC}" = Catalyst Control Center Localization Chinese Traditional
"{56995235-B76E-44A6-BA17-8FF13D3F907A}" = TOSHIBA Benutzerhandbücher
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{59DC42FB-13A7-45E1-BCC3-37CE5977951E}" = CCC Help Japanese
"{59DF97C6-3144-FA5A-4380-6B891BB44812}" = CCC Help German
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5BBE3EAB-D749-0560-2C39-53DC8531CB01}" = Catalyst Control Center Localization Korean
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{608738F2-51B4-CD53-C1CC-220363513ED7}" = CCC Help Czech
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{649C3B52-AA90-1F36-3D36-CE7F2BB1CB8C}" = Catalyst Control Center Localization Chinese Standard
"{654CABFA-4289-9EC0-F088-34BFCC84A798}" = Catalyst Control Center Localization Turkish
"{65CC9CE1-AAF1-866B-B07E-FECC0B53277E}" = Catalyst Control Center Localization Danish
"{6A9DF7EE-E7B9-E4F1-204A-FE72F47231CB}" = CCC Help Finnish
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{7095FD27-37F0-4750-9DE8-D37DC0043706}" = REALTEK RTL8187B Wireless LAN Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7163A2F1-2DED-9EF4-24FC-06D607D2A9C9}" = Catalyst Control Center Graphics Full New
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{731341F3-55AA-8488-A3F1-3D4C43412C87}" = CCC Help Russian
"{731E713B-C13E-4527-B624-8A6DF2D33DAF}" = AVG 2013
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7A929336-7D2E-C4E3-2AC9-CA80FBEB5701}" = Catalyst Control Center Localization Spanish
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{84C7D852-CDF6-7006-91C7-E6A54519E5D5}" = Catalyst Control Center Graphics Full Existing
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8E850D2A-F5E9-C322-ABFF-683C69686C13}" = Catalyst Control Center Localization Russian
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93FE0FBE-23F5-7BF4-9085-6E046D609F22}" = CCC Help Chinese Traditional
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A30EE8A6-6B9F-4973-B5ED-2A60B40576E4}_is1" = StudNET Login Client
"{A74BE9F1-1129-FB71-DA7B-96F5D99CA330}" = Catalyst Control Center Localization Finnish
"{A762A897-3E65-E264-5188-CBAD303064C2}" = Skins
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB79C30D-A920-D219-B4FD-C9552A0419D3}" = CCC Help Polish
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AD6A78C4-AD77-448D-4F9D-43AD80C8D8FF}" = Catalyst Control Center Localization French
"{AEE482BA-1731-499C-346D-B5F498B7DBF8}" = CCC Help Turkish
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B3E356C8-CEB3-467C-EA92-8FC2CA15AD51}" = Catalyst Control Center Localization Polish
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{BBD408BC-486B-9857-C805-945F8F083877}" = CCC Help Swedish
"{BE044C42-908B-4952-5140-E2B8FD67F267}" = CCC Help Danish
"{BFC85CDC-BD7C-4FDD-9507-8D74B5A79404}" = TOSHIBA Hardware Setup
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C29D1033-0247-FFC6-7895-204ABABA0F20}" = ccc-utility
"{C643EEE3-A55A-58D1-D543-ED46726288CB}" = CCC Help Greek
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C7B4B7FE-F49F-4954-A5F8-C8823B78CE93}" = Personal Translator 2008 Home German English
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0B87CB2-8599-4975-0E50-DB2F8E6B9AE6}" = Catalyst Control Center Localization Thai
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{DA401137-8791-F77A-591C-F0BC3E7ED04E}" = Catalyst Control Center Localization Greek
"{DC9B7572-50C6-180D-916D-3E2CBD00C0C7}" = Catalyst Control Center Localization Japanese
"{DFCFF0F1-005D-E317-733D-8D19D54FBF08}" = Catalyst Control Center Localization Swedish
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E748D6A5-D03D-BDE1-C094-DAE3F5BCEEF6}" = Catalyst Control Center Graphics Previews Vista
"{E8316038-8C38-52A8-9014-FD35536567E8}" = Catalyst Control Center Localization Dutch
"{E96A0335-C6EA-D11A-3A49-8586A8FED544}" = ccc-core-static
"{E9E6642B-0714-37B4-0248-D036B60F8F12}" = CCC Help Korean
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F05E0039-D2A7-198B-B79E-285395EBB5BB}" = Catalyst Control Center Localization Italian
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F734CA55-0939-1F1A-A8B5-19B91B3D4B1F}" = Catalyst Control Center Localization Norwegian
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FE4C0830-A0F3-B67E-93BC-21C4B0BB0267}" = CCC Help Hungarian
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AFPL Ghostscript 8.53" = AFPL Ghostscript 8.53
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"AVG" = AVG 2013
"AVG Secure Search" = AVG Security Toolbar
"CCleaner" = CCleaner
"CD Inlet&Label" = CD Inlet&Label
"dcmsvc_is1" = dcmsvc 1.0
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"ICQToolbar" = ICQ Toolbar
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{C7B4B7FE-F49F-4954-A5F8-C8823B78CE93}" = Personal Translator 2008 Home German English
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IrfanView" = IrfanView (remove only)
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"Micrografx Picture Publisher 8" = Micrografx Picture Publisher 8
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SuperTux_is1" = SuperTux 0.1.3
"Surf & E-Mail-Stick" = Surf & E-Mail-Stick
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"UN060501" = BUFFALO NAS Navigator
"UN070209" = Uninstall of File Security Tool
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.1.11
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = ooVoo toolbar, powered by Ask.com Updater
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.07.2011 10:08:18 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error - 25.07.2011 10:09:17 | Computer Name = Carmen | Source = Application Error
 | ID = 1000
 
Error - 25.07.2011 10:09:50 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error - 25.07.2011 18:37:13 | Computer Name = Carmen | Source = Application Error
 | ID = 1000
 
Error - 26.07.2011 19:50:07 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error - 27.07.2011 04:31:15 | Computer Name = Carmen | Source = Application Error
 | ID = 1000
 
Error - 28.07.2011 06:02:46 | Computer Name = Carmen | Source = RasClient | ID = 20227
Description = 
 
Error - 28.07.2011 06:03:46 | Computer Name = Carmen | Source = RasClient | ID = 20227
Description = 
 
Error - 08.08.2011 03:41:25 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error - 08.08.2011 07:45:24 | Computer Name = Carmen | Source = WerSvc | ID = 5007
 
Description = 
Error - 09.08.2011 05:56:00 | Computer Name = Carmen | Source = Application Hang
 | ID = 1002
 
Error - 16.08.2011 15:01:38 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error - 21.08.2011 17:17:19 | Computer Name = Carmen | Source = WerSvc | ID = 5007
 
Description = 
Error - 22.08.2011 07:26:23 | Computer Name = Carmen | Source = Application Error
 | ID = 1000
 
Error - 28.08.2011 15:21:37 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error - 28.08.2011 15:32:18 | Computer Name = Carmen | Source = RasClient | ID =
 20227
 
Description = 
Error - 28.08.2011 15:34:13 | Computer Name = Carmen | Source = EventSystem | ID
 = 4621
 
Description = 
Error - 28.08.2011 16:07:39 | Computer Name = Carmen | Source = Application Error
 | ID = 1000
 
Error - 28.08.2011 16:36:35 | Computer Name = Carmen | Source = WerSvc | ID = 5007
Description = 
 
Error - 29.08.2011 18:50:41 | Computer Name = Carmen | Source = Application Error | ID = 1000
 
Error encountered while reading event logs.
 
< End of report >
         
--- --- ---


Kann ich das Programm und die txt-Dateien jetzt schließen oder soll ich die Dateien abspeichern?


Alt 29.01.2013, 16:38   #6
markusg
/// Malware-holic
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



hi
öffne mal avira, verwaltung, quarantäne, poste die Fundmeldungen mit Pfadangabe bitte
programm und txt schließen.
__________________
--> verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet

Alt 29.01.2013, 16:42   #7
Carrab17
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



hi,

dazu hab ich ne Frage: Ich hab Avira nicht als Programm auf meinem PC gespeichert. Das war nur ne CD, die mein Vater benutzt hat. Mein Antivirenprogramm ist AVG, soll ich dir einfach die Fundmeldungen davon posten?

Alt 29.01.2013, 19:02   #8
markusg
/// Malware-holic
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



hattest du mal avira, denn ich sehe einen treiber und service davon laufen.
dann avg funde posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 29.01.2013, 19:14   #9
Carrab17
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



kann sein, dass ich mal Avira hatte, muss aber schon ne ganze Weile her sein. Hab glaub ich irgendwann mal durch ne Version von Norton Internet Security ersetzt, die war dann aber abgelaufen und ich hab sie deinstalliert nachdem mir mein Freund AVG installiert hat, weil er gute Erfahrungen damit gemacht hat.

Ich hab gerade bei AVG - Optionen - Virenquarantäne nachgesehen.
Da steht: "Virenquarantäne ist leer."

Nen anderen passenden Menüpunkt find ich nicht. Weißt du, wo ich nochmal schauen müsste oder kann es sein, dass die einfach leer ist?

Alt 31.01.2013, 15:07   #10
markusg
/// Malware-holic
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



ok
weiter hiermit:
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.01.2013, 15:48   #11
Carrab17
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



danke, hab ich gemacht.

hier der Inhalt:

15:43:22.0370 9136 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:43:22.0698 9136 ============================================================
15:43:22.0698 9136 Current date / time: 2013/01/31 15:43:22.0698
15:43:22.0698 9136 SystemInfo:
15:43:22.0698 9136
15:43:22.0698 9136 OS Version: 6.1.7601 ServicePack: 1.0
15:43:22.0698 9136 Product type: Workstation
15:43:22.0698 9136 ComputerName: CARMEN
15:43:22.0698 9136 UserName: Carmen
15:43:22.0698 9136 Windows directory: C:\Windows
15:43:22.0698 9136 System windows directory: C:\Windows
15:43:22.0698 9136 Processor architecture: Intel x86
15:43:22.0698 9136 Number of processors: 2
15:43:22.0698 9136 Page size: 0x1000
15:43:22.0698 9136 Boot type: Normal boot
15:43:22.0698 9136 ============================================================
15:43:29.0094 9136 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:43:29.0125 9136 ============================================================
15:43:29.0125 9136 \Device\Harddisk0\DR0:
15:43:29.0125 9136 MBR partitions:
15:43:29.0125 9136 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x95CA000
15:43:29.0125 9136 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x98B8800, BlocksNum 0x915E800
15:43:29.0125 9136 ============================================================
15:43:29.0156 9136 C: <-> \Device\Harddisk0\DR0\Partition1
15:43:29.0296 9136 E: <-> \Device\Harddisk0\DR0\Partition2
15:43:29.0296 9136 ============================================================
15:43:29.0296 9136 Initialize success
15:43:29.0296 9136 ============================================================
15:43:56.0534 7756 ============================================================
15:43:56.0534 7756 Scan started
15:43:56.0534 7756 Mode: Manual; SigCheck; TDLFS;
15:43:56.0534 7756 ============================================================
15:43:58.0999 7756 ================ Scan system memory ========================
15:43:58.0999 7756 System memory - ok
15:43:59.0014 7756 ================ Scan services =============================
15:43:59.0186 7756 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:43:59.0576 7756 1394ohci - ok
15:43:59.0623 7756 [ BEB5E6A8C17C3C7485563281E0F9E77E ] 61883 C:\Windows\system32\DRIVERS\61883.sys
15:43:59.0716 7756 61883 - ok
15:43:59.0779 7756 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:43:59.0810 7756 ACPI - ok
15:43:59.0872 7756 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:43:59.0966 7756 AcpiPmi - ok
15:44:00.0013 7756 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:44:00.0075 7756 adp94xx - ok
15:44:00.0106 7756 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:44:00.0138 7756 adpahci - ok
15:44:00.0153 7756 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:44:00.0184 7756 adpu320 - ok
15:44:00.0216 7756 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:44:00.0294 7756 AeLookupSvc - ok
15:44:00.0325 7756 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:44:00.0465 7756 AFD - ok
15:44:00.0840 7756 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
15:44:00.0964 7756 AgereSoftModem - ok
15:44:00.0996 7756 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:44:01.0027 7756 agp440 - ok
15:44:01.0074 7756 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:44:01.0089 7756 aic78xx - ok
15:44:01.0152 7756 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:44:01.0214 7756 ALG - ok
15:44:01.0245 7756 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:44:01.0261 7756 aliide - ok
15:44:01.0448 7756 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:44:01.0479 7756 amdagp - ok
15:44:01.0495 7756 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:44:01.0526 7756 amdide - ok
15:44:01.0573 7756 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:44:01.0635 7756 AmdK8 - ok
15:44:01.0666 7756 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:44:01.0713 7756 AmdPPM - ok
15:44:01.0744 7756 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:44:01.0760 7756 amdsata - ok
15:44:01.0791 7756 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:44:01.0822 7756 amdsbs - ok
15:44:01.0838 7756 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:44:01.0854 7756 amdxata - ok
15:44:01.0963 7756 [ 9015BC03F62940527EC92D45EE89E46F ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:44:02.0010 7756 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - warning
15:44:02.0010 7756 AntiVirSchedulerService - detected UnsignedFile.Multi.Generic (1)
15:44:02.0041 7756 [ B8720A787C1223492E6F319465E996CE ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:44:02.0072 7756 AntiVirService ( UnsignedFile.Multi.Generic ) - warning
15:44:02.0072 7756 AntiVirService - detected UnsignedFile.Multi.Generic (1)
15:44:02.0119 7756 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:44:02.0228 7756 AppID - ok
15:44:02.0290 7756 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:44:02.0353 7756 AppIDSvc - ok
15:44:02.0384 7756 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:44:02.0462 7756 Appinfo - ok
15:44:02.0571 7756 [ 1961CB10BB48EB4D97E37DB6373E9E63 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
15:44:02.0602 7756 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - warning
15:44:02.0602 7756 Apple Mobile Device - detected UnsignedFile.Multi.Generic (1)
15:44:02.0649 7756 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:44:02.0680 7756 arc - ok
15:44:02.0696 7756 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:44:02.0727 7756 arcsas - ok
15:44:02.0758 7756 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:44:02.0899 7756 AsyncMac - ok
15:44:02.0930 7756 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:44:02.0946 7756 atapi - ok
15:44:03.0024 7756 [ 581B9BE9E92A0F3856CC85EC011EDC6F ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
15:44:03.0102 7756 Ati External Event Utility - ok
15:44:03.0211 7756 [ 22D300F835600C9C634860CF2912F9CF ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:44:03.0336 7756 atikmdag - ok
15:44:03.0382 7756 [ 4AA1EB65481C392955939E735D27118B ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
15:44:03.0445 7756 AtiPcie - ok
15:44:03.0492 7756 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:44:03.0554 7756 AudioEndpointBuilder - ok
15:44:03.0570 7756 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:44:03.0616 7756 Audiosrv - ok
15:44:03.0694 7756 [ C0E25BB0E6A159D332048AFAA2ED24CE ] Automatisches LiveUpdate - Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
15:44:03.0726 7756 Automatisches LiveUpdate - Scheduler - ok
15:44:03.0757 7756 [ C44BDD77E06053CF5AFE046F3A47C16B ] Avc C:\Windows\system32\DRIVERS\avc.sys
15:44:03.0804 7756 Avc - ok
15:44:04.0100 7756 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
15:44:04.0412 7756 AVGIDSAgent - ok
15:44:04.0474 7756 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
15:44:04.0506 7756 AVGIDSDriver - ok
15:44:04.0537 7756 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
15:44:04.0552 7756 AVGIDSHX - ok
15:44:04.0599 7756 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
15:44:04.0615 7756 AVGIDSShim - ok
15:44:04.0662 7756 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
15:44:04.0677 7756 Avgldx86 - ok
15:44:04.0724 7756 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
15:44:04.0740 7756 Avglogx - ok
15:44:04.0771 7756 [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
15:44:04.0786 7756 Avgmfx86 - ok
15:44:04.0833 7756 [ 14FE36D8F2C6A2435275338D061A0B66 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:44:04.0849 7756 avgntflt - ok
15:44:04.0880 7756 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
15:44:04.0896 7756 Avgrkx86 - ok
15:44:04.0927 7756 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
15:44:04.0958 7756 Avgtdix - ok
15:44:05.0005 7756 [ 740970262714E0575F23A917A2A53A31 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
15:44:05.0052 7756 avgtp - ok
15:44:05.0083 7756 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
15:44:05.0114 7756 avgwd - ok
15:44:05.0145 7756 [ 6D52060B59E7D79CD2A044B6ADD1F1EF ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:44:05.0176 7756 avipbb - ok
15:44:05.0208 7756 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:44:05.0301 7756 AxInstSV - ok
15:44:05.0364 7756 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:44:05.0426 7756 b06bdrv - ok
15:44:05.0473 7756 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:44:05.0566 7756 b57nd60x - ok
15:44:05.0629 7756 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:44:05.0707 7756 BDESVC - ok
15:44:05.0754 7756 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:44:05.0800 7756 Beep - ok
15:44:05.0863 7756 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:44:05.0925 7756 BFE - ok
15:44:05.0956 7756 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
15:44:06.0034 7756 BITS - ok
15:44:06.0050 7756 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:44:06.0097 7756 blbdrive - ok
15:44:06.0159 7756 [ CFD4C3352E29A8B729536648466E8DF5 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:44:06.0190 7756 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
15:44:06.0190 7756 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
15:44:06.0222 7756 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:44:06.0300 7756 bowser - ok
15:44:06.0331 7756 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:44:06.0362 7756 BrFiltLo - ok
15:44:06.0378 7756 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:44:06.0440 7756 BrFiltUp - ok
15:44:06.0487 7756 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
15:44:06.0549 7756 Browser - ok
15:44:06.0612 7756 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:44:06.0658 7756 Brserid - ok
15:44:06.0674 7756 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:44:06.0721 7756 BrSerWdm - ok
15:44:06.0736 7756 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:44:06.0814 7756 BrUsbMdm - ok
15:44:06.0830 7756 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:44:06.0892 7756 BrUsbSer - ok
15:44:06.0924 7756 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:44:06.0955 7756 BTHMODEM - ok
15:44:07.0002 7756 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:44:07.0048 7756 bthserv - ok
15:44:07.0111 7756 [ FE69C498B922CE835E2E2123FBD0A272 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
15:44:07.0126 7756 ccEvtMgr - ok
15:44:07.0142 7756 [ FE69C498B922CE835E2E2123FBD0A272 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
15:44:07.0158 7756 ccSetMgr - ok
15:44:07.0189 7756 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:44:07.0267 7756 cdfs - ok
15:44:07.0314 7756 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
15:44:07.0345 7756 cdrom - ok
15:44:07.0392 7756 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:44:07.0454 7756 CertPropSvc - ok
15:44:07.0516 7756 [ C82162949BBA6CC5D006C7BD008F3CF1 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
15:44:07.0532 7756 CFSvcs ( UnsignedFile.Multi.Generic ) - warning
15:44:07.0532 7756 CFSvcs - detected UnsignedFile.Multi.Generic (1)
15:44:07.0579 7756 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:44:07.0626 7756 circlass - ok
15:44:07.0672 7756 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:44:07.0688 7756 CLFS - ok
15:44:07.0782 7756 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:44:07.0828 7756 clr_optimization_v2.0.50727_32 - ok
15:44:07.0891 7756 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:44:07.0984 7756 clr_optimization_v4.0.30319_32 - ok
15:44:08.0000 7756 [ FE69C498B922CE835E2E2123FBD0A272 ] CLTNetCnService C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
15:44:08.0016 7756 CLTNetCnService - ok
15:44:08.0047 7756 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:44:08.0125 7756 CmBatt - ok
15:44:08.0156 7756 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:44:08.0187 7756 cmdide - ok
15:44:08.0218 7756 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
15:44:08.0296 7756 CNG - ok
15:44:08.0343 7756 [ 3B38F3DEFD61DB294421993F969BC88F ] comHost C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
15:44:08.0359 7756 comHost - ok
15:44:08.0406 7756 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:44:08.0421 7756 Compbatt - ok
15:44:08.0468 7756 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:44:08.0484 7756 CompositeBus - ok
15:44:08.0499 7756 COMSysApp - ok
15:44:08.0530 7756 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:44:08.0546 7756 crcdisk - ok
15:44:08.0593 7756 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:44:08.0655 7756 CryptSvc - ok
15:44:08.0686 7756 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:44:08.0749 7756 DcomLaunch - ok
15:44:08.0780 7756 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:44:08.0842 7756 defragsvc - ok
15:44:08.0889 7756 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:44:08.0952 7756 DfsC - ok
15:44:08.0998 7756 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:44:09.0061 7756 Dhcp - ok
15:44:09.0092 7756 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:44:09.0154 7756 discache - ok
15:44:09.0186 7756 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:44:09.0201 7756 Disk - ok
15:44:09.0232 7756 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:44:09.0264 7756 Dnscache - ok
15:44:09.0295 7756 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:44:09.0357 7756 dot3svc - ok
15:44:09.0404 7756 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:44:09.0451 7756 DPS - ok
15:44:09.0498 7756 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:44:09.0544 7756 drmkaud - ok
15:44:09.0591 7756 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:44:09.0638 7756 DXGKrnl - ok
15:44:09.0685 7756 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:44:09.0747 7756 EapHost - ok
15:44:09.0888 7756 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:44:09.0997 7756 ebdrv - ok
15:44:10.0012 7756 eeCtrl - ok
15:44:10.0044 7756 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:44:10.0527 7756 EFS - ok
15:44:11.0260 7756 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:44:12.0150 7756 ehRecvr - ok
15:44:12.0196 7756 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:44:12.0243 7756 ehSched - ok
15:44:12.0306 7756 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:44:12.0337 7756 elxstor - ok
15:44:12.0352 7756 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:44:12.0399 7756 ErrDev - ok
15:44:12.0446 7756 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:44:12.0508 7756 EventSystem - ok
15:44:12.0540 7756 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:44:12.0586 7756 exfat - ok
15:44:12.0618 7756 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:44:12.0664 7756 fastfat - ok
15:44:12.0727 7756 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:44:12.0789 7756 Fax - ok
15:44:12.0836 7756 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:44:12.0867 7756 fdc - ok
15:44:12.0898 7756 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:44:12.0961 7756 fdPHost - ok
15:44:12.0976 7756 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:44:13.0039 7756 FDResPub - ok
15:44:13.0054 7756 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:44:13.0086 7756 FileInfo - ok
15:44:13.0101 7756 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:44:13.0148 7756 Filetrace - ok
15:44:13.0257 7756 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
15:44:13.0304 7756 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
15:44:13.0304 7756 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
15:44:13.0335 7756 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:44:13.0366 7756 flpydisk - ok
15:44:13.0413 7756 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:44:13.0444 7756 FltMgr - ok
15:44:13.0491 7756 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
15:44:13.0554 7756 FontCache - ok
15:44:13.0632 7756 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:44:13.0663 7756 FontCache3.0.0.0 - ok
15:44:13.0678 7756 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:44:13.0694 7756 FsDepends - ok
15:44:13.0710 7756 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:44:13.0741 7756 Fs_Rec - ok
15:44:13.0772 7756 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:44:13.0803 7756 fvevol - ok
15:44:13.0850 7756 [ CBC22823628544735625B280665E434E ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
15:44:13.0897 7756 FwLnk - ok
15:44:13.0928 7756 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:44:13.0959 7756 gagp30kx - ok
15:44:13.0990 7756 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:44:14.0068 7756 gpsvc - ok
15:44:14.0146 7756 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:44:14.0162 7756 gupdate - ok
15:44:14.0178 7756 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:44:14.0193 7756 gupdatem - ok
15:44:14.0240 7756 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:44:14.0302 7756 hcw85cir - ok
15:44:14.0334 7756 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:44:14.0365 7756 HDAudBus - ok
15:44:14.0396 7756 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:44:14.0427 7756 HidBatt - ok
15:44:14.0443 7756 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:44:14.0490 7756 HidBth - ok
15:44:14.0536 7756 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:44:14.0568 7756 HidIr - ok
15:44:14.0614 7756 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
15:44:14.0661 7756 hidserv - ok
15:44:14.0708 7756 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
15:44:14.0739 7756 HidUsb - ok
15:44:14.0770 7756 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:44:14.0817 7756 hkmsvc - ok
15:44:14.0864 7756 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:44:14.0958 7756 HomeGroupListener - ok
15:44:14.0989 7756 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:44:15.0020 7756 HomeGroupProvider - ok
15:44:15.0067 7756 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:44:15.0082 7756 HpSAMD - ok
15:44:15.0145 7756 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:44:15.0192 7756 HTTP - ok
15:44:15.0238 7756 [ 1720966D9C7EA5E2D78B6DB92D2F9171 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:44:15.0301 7756 hwdatacard - ok
15:44:15.0316 7756 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:44:15.0348 7756 hwpolicy - ok
15:44:15.0394 7756 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:44:15.0441 7756 i8042prt - ok
15:44:15.0472 7756 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:44:15.0504 7756 iaStorV - ok
15:44:15.0566 7756 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:44:15.0613 7756 idsvc - ok
15:44:15.0722 7756 [ 67070D3859BDE8EF7DBC995EBD49227E ] IDSvix86 C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20070108.003\IDSvix86.sys
15:44:15.0753 7756 IDSvix86 - ok
15:44:15.0800 7756 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:44:15.0816 7756 iirsp - ok
15:44:15.0862 7756 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:44:15.0940 7756 IKEEXT - ok
15:44:16.0050 7756 [ 97CAC2A7E92FFCB30C15101AB002ED30 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:44:16.0128 7756 IntcAzAudAddService - ok
15:44:16.0159 7756 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:44:16.0174 7756 intelide - ok
15:44:16.0206 7756 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:44:16.0252 7756 intelppm - ok
15:44:16.0284 7756 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:44:16.0330 7756 IPBusEnum - ok
15:44:16.0362 7756 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:44:16.0424 7756 IpFilterDriver - ok
15:44:16.0455 7756 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:44:16.0502 7756 iphlpsvc - ok
15:44:16.0533 7756 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:44:16.0580 7756 IPMIDRV - ok
15:44:16.0596 7756 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:44:16.0658 7756 IPNAT - ok
15:44:16.0705 7756 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:44:16.0783 7756 IRENUM - ok
15:44:16.0798 7756 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:44:16.0830 7756 isapnp - ok
15:44:16.0861 7756 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:44:16.0876 7756 iScsiPrt - ok
15:44:16.0923 7756 [ 31E4D7875FF05D9F81C2ABDF48F51B11 ] ISPwdSvc C:\Program Files\Norton Internet Security\isPwdSvc.exe
15:44:16.0954 7756 ISPwdSvc - ok
15:44:17.0001 7756 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:44:17.0017 7756 kbdclass - ok
15:44:17.0064 7756 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:44:17.0095 7756 kbdhid - ok
15:44:17.0126 7756 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:44:17.0142 7756 KeyIso - ok
15:44:17.0204 7756 [ A383F2CEA0A8F4E76E71ABC869BD5748 ] KR10I C:\Windows\system32\drivers\kr10i.sys
15:44:17.0282 7756 KR10I - ok
15:44:17.0313 7756 [ 6E9922332386C2A49936B30B2B6FD298 ] KR10N C:\Windows\system32\drivers\kr10n.sys
15:44:17.0360 7756 KR10N - ok
15:44:17.0391 7756 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:44:17.0407 7756 KSecDD - ok
15:44:17.0438 7756 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:44:17.0454 7756 KSecPkg - ok
15:44:17.0516 7756 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:44:17.0578 7756 KtmRm - ok
15:44:17.0625 7756 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
15:44:17.0688 7756 LanmanServer - ok
15:44:17.0719 7756 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:44:17.0781 7756 LanmanWorkstation - ok
15:44:17.0890 7756 [ F3CB12A5791761EBCA4C7BA5FC89F5C2 ] LiveUpdate C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
15:44:17.0984 7756 LiveUpdate - ok
15:44:18.0031 7756 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:44:18.0093 7756 lltdio - ok
15:44:18.0140 7756 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:44:18.0171 7756 lltdsvc - ok
15:44:18.0202 7756 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:44:18.0249 7756 lmhosts - ok
15:44:18.0296 7756 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:44:18.0312 7756 LSI_FC - ok
15:44:18.0327 7756 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:44:18.0358 7756 LSI_SAS - ok
15:44:18.0390 7756 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:44:18.0405 7756 LSI_SAS2 - ok
15:44:18.0421 7756 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:44:18.0452 7756 LSI_SCSI - ok
15:44:18.0468 7756 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:44:18.0514 7756 luafv - ok
15:44:18.0546 7756 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:44:18.0577 7756 Mcx2Svc - ok
15:44:18.0592 7756 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:44:18.0624 7756 megasas - ok
15:44:18.0655 7756 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:44:18.0686 7756 MegaSR - ok
15:44:18.0717 7756 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:44:18.0764 7756 MMCSS - ok
15:44:18.0795 7756 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:44:18.0842 7756 Modem - ok
15:44:18.0889 7756 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:44:18.0936 7756 monitor - ok
15:44:18.0967 7756 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
15:44:18.0982 7756 mouclass - ok
15:44:19.0014 7756 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:44:19.0045 7756 mouhid - ok
15:44:19.0076 7756 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:44:19.0092 7756 mountmgr - ok
15:44:19.0123 7756 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:44:19.0154 7756 mpio - ok
15:44:19.0185 7756 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:44:19.0248 7756 mpsdrv - ok
15:44:19.0294 7756 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:44:19.0357 7756 MpsSvc - ok
15:44:19.0404 7756 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:44:19.0435 7756 MRxDAV - ok
15:44:19.0482 7756 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:44:19.0513 7756 mrxsmb - ok
15:44:19.0544 7756 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:44:19.0575 7756 mrxsmb10 - ok
15:44:19.0606 7756 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:44:19.0622 7756 mrxsmb20 - ok
15:44:19.0653 7756 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:44:19.0669 7756 msahci - ok
15:44:19.0669 7756 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:44:19.0700 7756 msdsm - ok
15:44:19.0731 7756 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:44:19.0778 7756 MSDTC - ok
15:44:19.0825 7756 [ 114B67C324D64C8195FD3BF93B4DF02A ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
15:44:19.0872 7756 MSDV - ok
15:44:19.0903 7756 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:44:19.0950 7756 Msfs - ok
15:44:19.0965 7756 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:44:20.0012 7756 mshidkmdf - ok
15:44:20.0043 7756 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:44:20.0074 7756 msisadrv - ok
15:44:20.0121 7756 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:44:20.0168 7756 MSiSCSI - ok
15:44:20.0184 7756 msiserver - ok
15:44:20.0215 7756 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:44:20.0262 7756 MSKSSRV - ok
15:44:20.0308 7756 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:44:20.0371 7756 MSPCLOCK - ok
15:44:20.0402 7756 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:44:20.0449 7756 MSPQM - ok
15:44:20.0464 7756 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:44:20.0496 7756 MsRPC - ok
15:44:20.0527 7756 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:44:20.0542 7756 mssmbios - ok
15:44:20.0574 7756 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:44:20.0620 7756 MSTEE - ok
15:44:20.0636 7756 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:44:20.0667 7756 MTConfig - ok
15:44:20.0698 7756 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:44:20.0714 7756 Mup - ok
15:44:20.0761 7756 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:44:20.0823 7756 napagent - ok
15:44:20.0870 7756 NasPmService - ok
15:44:20.0917 7756 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:44:20.0948 7756 NativeWifiP - ok
15:44:21.0010 7756 [ A6F5AB84104412CD9742E7EE942EA08D ] NAVENG C:\ProgramData\Symantec\Definitions\VirusDefs\20070913.017\NAVENG.SYS
15:44:21.0042 7756 NAVENG - ok
15:44:21.0088 7756 [ C8069BF95363A58441CB33E4B989DD4F ] NAVEX15 C:\ProgramData\Symantec\Definitions\VirusDefs\20070913.017\NAVEX15.SYS
15:44:21.0135 7756 NAVEX15 - ok
15:44:21.0463 7756 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:44:21.0494 7756 NDIS - ok
15:44:21.0556 7756 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:44:21.0588 7756 NdisCap - ok
15:44:21.0619 7756 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:44:21.0681 7756 NdisTapi - ok
15:44:21.0697 7756 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:44:21.0759 7756 Ndisuio - ok
15:44:21.0790 7756 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:44:21.0853 7756 NdisWan - ok
15:44:21.0900 7756 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:44:21.0962 7756 NDProxy - ok
15:44:21.0993 7756 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:44:22.0056 7756 NetBIOS - ok
15:44:22.0087 7756 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:44:22.0149 7756 NetBT - ok
15:44:22.0180 7756 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
15:44:22.0196 7756 Netlogon - ok
15:44:22.0758 7756 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:44:23.0335 7756 Netman - ok
15:44:23.0382 7756 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:44:23.0428 7756 netprofm - ok
15:44:23.0460 7756 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:44:23.0475 7756 NetTcpPortSharing - ok
15:44:23.0522 7756 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:44:23.0553 7756 nfrd960 - ok
15:44:23.0694 7756 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:44:23.0740 7756 NlaSvc - ok
15:44:23.0787 7756 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:44:23.0834 7756 Npfs - ok
15:44:23.0865 7756 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:44:23.0896 7756 nsi - ok
15:44:23.0912 7756 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:44:23.0974 7756 nsiproxy - ok
15:44:24.0037 7756 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:44:24.0099 7756 Ntfs - ok
15:44:24.0130 7756 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:44:24.0193 7756 Null - ok
15:44:24.0240 7756 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:44:24.0255 7756 nvraid - ok
15:44:24.0286 7756 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:44:24.0302 7756 nvstor - ok
15:44:24.0333 7756 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:44:24.0349 7756 nv_agp - ok
15:44:24.0380 7756 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:44:24.0411 7756 ohci1394 - ok
15:44:24.0458 7756 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:44:24.0474 7756 ose - ok
15:44:24.0723 7756 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:44:24.0801 7756 p2pimsvc - ok
15:44:24.0817 7756 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:44:24.0848 7756 p2psvc - ok
15:44:24.0895 7756 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:44:24.0942 7756 Parport - ok
15:44:24.0973 7756 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:44:25.0004 7756 partmgr - ok
15:44:25.0020 7756 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:44:25.0051 7756 Parvdm - ok
15:44:25.0082 7756 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:44:25.0113 7756 PcaSvc - ok
15:44:25.0144 7756 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:44:25.0176 7756 pci - ok
15:44:25.0191 7756 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:44:25.0207 7756 pciide - ok
15:44:25.0254 7756 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:44:25.0285 7756 pcmcia - ok
15:44:25.0300 7756 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:44:25.0316 7756 pcw - ok
15:44:25.0347 7756 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:44:25.0425 7756 PEAUTH - ok
15:44:25.0519 7756 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:44:25.0597 7756 pla - ok
15:44:25.0659 7756 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:44:25.0722 7756 PlugPlay - ok
15:44:25.0800 7756 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
15:44:25.0909 7756 PMBDeviceInfoProvider - ok
15:44:25.0940 7756 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:44:25.0987 7756 PNRPAutoReg - ok
15:44:26.0018 7756 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:44:26.0034 7756 PNRPsvc - ok
15:44:26.0080 7756 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:44:26.0158 7756 PolicyAgent - ok
15:44:26.0190 7756 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:44:26.0236 7756 Power - ok
15:44:26.0283 7756 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:44:26.0346 7756 PptpMiniport - ok
15:44:26.0361 7756 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:44:26.0408 7756 Processor - ok
15:44:26.0439 7756 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
15:44:26.0502 7756 ProfSvc - ok
15:44:26.0517 7756 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:44:26.0533 7756 ProtectedStorage - ok
15:44:26.0564 7756 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:44:26.0611 7756 Psched - ok
15:44:26.0673 7756 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:44:26.0736 7756 ql2300 - ok
15:44:26.0751 7756 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:44:26.0767 7756 ql40xx - ok
15:44:26.0814 7756 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:44:26.0845 7756 QWAVE - ok
15:44:26.0860 7756 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:44:26.0892 7756 QWAVEdrv - ok
15:44:26.0907 7756 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:44:26.0970 7756 RasAcd - ok
15:44:27.0001 7756 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:44:27.0063 7756 RasAgileVpn - ok
15:44:27.0079 7756 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:44:27.0126 7756 RasAuto - ok
15:44:27.0173 7756 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:44:27.0219 7756 Rasl2tp - ok
15:44:27.0282 7756 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:44:27.0344 7756 RasMan - ok
15:44:27.0516 7756 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:44:27.0578 7756 RasPppoe - ok
15:44:27.0594 7756 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:44:27.0641 7756 RasSstp - ok
15:44:27.0687 7756 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:44:27.0734 7756 rdbss - ok
15:44:27.0765 7756 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:44:27.0797 7756 rdpbus - ok
15:44:27.0828 7756 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:44:27.0859 7756 RDPCDD - ok
15:44:27.0890 7756 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:44:27.0953 7756 RDPENCDD - ok
15:44:27.0984 7756 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:44:28.0015 7756 RDPREFMP - ok
15:44:28.0046 7756 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:44:28.0109 7756 RDPWD - ok
15:44:28.0140 7756 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:44:28.0171 7756 rdyboost - ok
15:44:28.0218 7756 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:44:28.0280 7756 RemoteAccess - ok
15:44:28.0311 7756 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:44:28.0811 7756 RemoteRegistry - ok
15:44:29.0247 7756 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
15:44:29.0325 7756 rimmptsk - ok
15:44:29.0840 7756 [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
15:44:29.0887 7756 rimsptsk - ok
15:44:29.0934 7756 [ D231B577024AA324AF13A42F3A807D10 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
15:44:29.0965 7756 rismxdp - ok
15:44:30.0012 7756 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
15:44:30.0059 7756 ROOTMODEM - ok
15:44:30.0090 7756 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:44:30.0152 7756 RpcEptMapper - ok
15:44:30.0183 7756 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:44:30.0230 7756 RpcLocator - ok
15:44:30.0261 7756 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:44:30.0308 7756 RpcSs - ok
15:44:30.0324 7756 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:44:30.0371 7756 rspndr - ok
15:44:30.0417 7756 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
15:44:30.0449 7756 RTL8167 - ok
15:44:30.0511 7756 [ CA5A4FBFE341F13733955B8AAC98F0B5 ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys
15:44:30.0558 7756 RTL8187B - ok
15:44:30.0589 7756 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
15:44:30.0605 7756 SamSs - ok
15:44:30.0636 7756 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:44:30.0667 7756 sbp2port - ok
15:44:30.0714 7756 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:44:30.0776 7756 SCardSvr - ok
15:44:30.0807 7756 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:44:30.0854 7756 scfilter - ok
15:44:30.0917 7756 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:44:30.0979 7756 Schedule - ok
15:44:31.0010 7756 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:44:31.0041 7756 SCPolicySvc - ok
15:44:31.0073 7756 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
15:44:31.0119 7756 sdbus - ok
15:44:31.0151 7756 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:44:31.0229 7756 SDRSVC - ok
15:44:31.0275 7756 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:44:31.0322 7756 secdrv - ok
15:44:31.0650 7756 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:44:31.0712 7756 seclogon - ok
15:44:31.0759 7756 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:44:31.0790 7756 SENS - ok
15:44:31.0837 7756 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:44:31.0884 7756 SensrSvc - ok
15:44:31.0899 7756 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:44:31.0931 7756 Serenum - ok
15:44:31.0946 7756 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:44:31.0993 7756 Serial - ok
15:44:32.0024 7756 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:44:32.0071 7756 sermouse - ok
15:44:32.0118 7756 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:44:32.0180 7756 SessionEnv - ok
15:44:32.0196 7756 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:44:32.0258 7756 sffdisk - ok
15:44:32.0274 7756 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:44:32.0305 7756 sffp_mmc - ok
15:44:32.0321 7756 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:44:32.0352 7756 sffp_sd - ok
15:44:32.0383 7756 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:44:32.0399 7756 sfloppy - ok
15:44:32.0445 7756 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:44:32.0508 7756 SharedAccess - ok
15:44:32.0539 7756 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:44:32.0601 7756 ShellHWDetection - ok
15:44:32.0648 7756 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:44:32.0664 7756 sisagp - ok
15:44:32.0711 7756 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:44:32.0726 7756 SiSRaid2 - ok
15:44:32.0742 7756 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:44:32.0773 7756 SiSRaid4 - ok
15:44:32.0835 7756 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:44:32.0867 7756 SkypeUpdate - ok
15:44:32.0898 7756 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:44:32.0945 7756 Smb - ok
15:44:32.0991 7756 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:44:33.0023 7756 SNMPTRAP - ok
15:44:33.0101 7756 [ 0FDE4B4895D4691C4482CA67FA532BE0 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
15:44:33.0132 7756 SPBBCDrv - ok
15:44:33.0179 7756 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:44:33.0194 7756 spldr - ok
15:44:33.0225 7756 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
15:44:33.0272 7756 Spooler - ok
15:44:33.0397 7756 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:44:33.0506 7756 sppsvc - ok
15:44:33.0537 7756 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:44:33.0600 7756 sppuinotify - ok
15:44:33.0631 7756 [ ED5E9F3BF11D0BB770F652B22EC26465 ] SRTSP C:\Windows\system32\Drivers\SRTSP.SYS
15:44:33.0662 7756 SRTSP - ok
15:44:33.0678 7756 [ C70A2581E35E03C85F29AA1BC723659A ] SRTSPL C:\Windows\system32\Drivers\SRTSPL.SYS
15:44:33.0709 7756 SRTSPL - ok
15:44:33.0725 7756 [ 05F2DB228922E6B8A001ED83EE4D1153 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX.SYS
15:44:33.0756 7756 SRTSPX - ok
15:44:33.0771 7756 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:44:33.0834 7756 srv - ok
15:44:33.0849 7756 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:44:33.0896 7756 srv2 - ok
15:44:33.0912 7756 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:44:33.0943 7756 srvnet - ok
15:44:33.0990 7756 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:44:34.0037 7756 SSDPSRV - ok
15:44:34.0052 7756 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:44:34.0115 7756 SstpSvc - ok
15:44:34.0146 7756 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:44:34.0161 7756 stexstor - ok
15:44:34.0208 7756 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:44:34.0255 7756 StiSvc - ok
15:44:34.0271 7756 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:44:34.0302 7756 swenum - ok
15:44:34.0349 7756 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:44:34.0395 7756 swprv - ok
15:44:34.0458 7756 [ 43CFCA936D211BF7F1CDE1DDF807CB76 ] Symantec Core LC C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
15:44:34.0505 7756 Symantec Core LC - ok
15:44:34.0551 7756 [ EFF5C2A0A06BCBFC5CF931C00CF6146D ] SymAppCore C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
15:44:34.0567 7756 SymAppCore - ok
15:44:34.0598 7756 [ 403BD24FA5C55FC648ABDD039629A954 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
15:44:34.0629 7756 SymEvent - ok
15:44:34.0645 7756 [ 829830A3CA1C5E329D68E26C9CD2DE8D ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS
15:44:34.0661 7756 SYMREDRV - ok
15:44:34.0692 7756 [ B1AA9704124B494C34E8D372E6654196 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS
15:44:34.0707 7756 SYMTDI - ok
15:44:34.0754 7756 [ 11F730BF0D0AA4FE7DE7138A32A52422 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:44:34.0785 7756 SynTP - ok
15:44:35.0097 7756 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:44:35.0160 7756 SysMain - ok
15:44:35.0175 7756 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:44:35.0207 7756 TabletInputService - ok
15:44:35.0253 7756 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:44:35.0316 7756 TapiSrv - ok
15:44:35.0347 7756 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:44:35.0409 7756 TBS - ok
15:44:35.0487 7756 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:44:35.0534 7756 Tcpip - ok
15:44:35.0581 7756 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:44:35.0628 7756 TCPIP6 - ok
15:44:35.0659 7756 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:44:35.0721 7756 tcpipreg - ok
15:44:35.0753 7756 [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
15:44:35.0815 7756 tdcmdpst - ok
15:44:35.0846 7756 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:44:35.0924 7756 TDPIPE - ok
15:44:35.0924 7756 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:44:35.0955 7756 TDTCP - ok
15:44:35.0987 7756 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:44:36.0033 7756 tdx - ok
15:44:36.0065 7756 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:44:36.0080 7756 TermDD - ok
15:44:36.0127 7756 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:44:36.0189 7756 TermService - ok
15:44:36.0221 7756 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:44:36.0252 7756 Themes - ok
15:44:36.0267 7756 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:44:36.0314 7756 THREADORDER - ok
15:44:36.0408 7756 [ 804FED244FC47642CC635236D47A67D4 ] TNaviSrv C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
15:44:36.0423 7756 TNaviSrv ( UnsignedFile.Multi.Generic ) - warning
15:44:36.0423 7756 TNaviSrv - detected UnsignedFile.Multi.Generic (1)
15:44:36.0470 7756 [ D540858E65BFA6FDED41AD2495ECE344 ] TODDSrv C:\Windows\system32\TODDSrv.exe
15:44:36.0486 7756 TODDSrv ( UnsignedFile.Multi.Generic ) - warning
15:44:36.0486 7756 TODDSrv - detected UnsignedFile.Multi.Generic (1)
15:44:36.0548 7756 [ 6A54C28B53C6B50D333C8EE974C6B208 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
15:44:36.0579 7756 TosCoSrv - ok
15:44:36.0813 7756 [ F95208D35A9667C58CF8122EE22805A6 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
15:44:36.0829 7756 TOSHIBA Bluetooth Service - ok
15:44:36.0860 7756 [ 90AFA1A4451BBBEE87C9F18A665D8121 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
15:44:36.0876 7756 tosporte - ok
15:44:36.0938 7756 [ 490A76AB428F34EA676A23E429DD6DA4 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
15:44:36.0969 7756 tosrfbd - ok
15:44:36.0985 7756 [ 75CD3C238A0FFC66C4581C3870C09314 ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
15:44:37.0001 7756 tosrfbnp - ok
15:44:37.0032 7756 [ B551D3F266DDA311256F963E8CFD1E9B ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
15:44:37.0047 7756 Tosrfcom - ok
15:44:37.0079 7756 [ 51BAA142744E236C3A886479CAD99A06 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys
15:44:37.0094 7756 tosrfec - ok
15:44:37.0094 7756 [ F3E8762163EE87F3AC95537584CF5B4F ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
15:44:37.0125 7756 Tosrfhid - ok
15:44:37.0141 7756 [ B2A1A6538245FD69578224BBF2FD4677 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
15:44:37.0172 7756 tosrfnds - ok
15:44:37.0188 7756 [ 3DE5CBB4F8EB64563CE08E8EC7458D03 ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
15:44:37.0250 7756 TosRfSnd - ok
15:44:37.0266 7756 [ AF5126FB6E9ED41C99AB7A10E98729CD ] tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
15:44:37.0281 7756 tosrfusb - ok
15:44:37.0328 7756 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:44:37.0359 7756 TrkWks - ok
15:44:37.0422 7756 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:44:37.0469 7756 TrustedInstaller - ok
15:44:37.0500 7756 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:44:37.0562 7756 tssecsrv - ok
15:44:37.0609 7756 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:44:37.0656 7756 TsUsbFlt - ok
15:44:37.0718 7756 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:44:37.0765 7756 tunnel - ok
15:44:37.0827 7756 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
15:44:37.0843 7756 TVALZ - ok
15:44:37.0874 7756 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:44:37.0905 7756 uagp35 - ok
15:44:37.0921 7756 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:44:37.0983 7756 udfs - ok
15:44:38.0030 7756 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:44:38.0077 7756 UI0Detect - ok
15:44:38.0124 7756 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
15:44:38.0139 7756 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
15:44:38.0139 7756 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
15:44:38.0171 7756 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:44:38.0186 7756 uliagpkx - ok
15:44:38.0233 7756 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
15:44:38.0264 7756 umbus - ok
15:44:38.0295 7756 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:44:38.0327 7756 UmPass - ok
15:44:38.0358 7756 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:44:38.0420 7756 upnphost - ok
15:44:38.0451 7756 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:44:38.0514 7756 usbccgp - ok
15:44:38.0561 7756 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:44:38.0592 7756 usbcir - ok
15:44:38.0607 7756 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:44:38.0639 7756 usbehci - ok
15:44:38.0685 7756 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:44:38.0717 7756 usbhub - ok
15:44:38.0748 7756 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:44:38.0795 7756 usbohci - ok
15:44:38.0826 7756 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:44:38.0841 7756 usbprint - ok
15:44:38.0888 7756 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:44:38.0935 7756 usbscan - ok
15:44:38.0951 7756 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:44:39.0029 7756 USBSTOR - ok
15:44:39.0044 7756 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:44:39.0075 7756 usbuhci - ok
15:44:39.0107 7756 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:44:39.0153 7756 usbvideo - ok
15:44:39.0200 7756 [ 9D19B042A4FD5C02195071EA2FE0C821 ] usnjsvc C:\Program Files\Windows Live\Messenger\usnsvc.exe
15:44:39.0231 7756 usnjsvc - ok
15:44:39.0247 7756 [ 3B929A72AAEA96DC0150D3A6DA268C89 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS
15:44:39.0294 7756 UVCFTR - ok
15:44:39.0356 7756 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:44:39.0403 7756 UxSms - ok
15:44:39.0419 7756 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
15:44:39.0450 7756 VaultSvc - ok
15:44:39.0465 7756 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:44:39.0481 7756 vdrvroot - ok
15:44:39.0528 7756 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:44:39.0606 7756 vds - ok
15:44:39.0637 7756 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:44:39.0653 7756 vga - ok
15:44:39.0668 7756 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:44:39.0715 7756 VgaSave - ok
15:44:39.0746 7756 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:44:39.0762 7756 vhdmp - ok
15:44:39.0809 7756 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:44:39.0824 7756 viaagp - ok
15:44:39.0855 7756 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:44:39.0887 7756 ViaC7 - ok
15:44:39.0933 7756 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:44:39.0949 7756 viaide - ok
15:44:39.0996 7756 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
15:44:40.0011 7756 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - warning
15:44:40.0011 7756 Viewpoint Manager Service - detected UnsignedFile.Multi.Generic (1)
15:44:40.0043 7756 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:44:40.0058 7756 volmgr - ok
15:44:40.0105 7756 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:44:40.0370 7756 volmgrx - ok
15:44:40.0776 7756 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:44:41.0010 7756 volsnap - ok
15:44:41.0478 7756 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:44:41.0509 7756 vsmraid - ok
15:44:41.0883 7756 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:44:41.0977 7756 VSS - ok
15:44:42.0102 7756 [ 50D3941555FEFDF46424431702EC5FB6 ] vToolbarUpdater14.0.1 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
15:44:42.0149 7756 vToolbarUpdater14.0.1 - ok
15:44:42.0164 7756 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:44:42.0195 7756 vwifibus - ok
15:44:42.0242 7756 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:44:42.0305 7756 W32Time - ok
15:44:42.0336 7756 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:44:42.0367 7756 WacomPen - ok
15:44:42.0414 7756 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:44:42.0476 7756 WANARP - ok
15:44:42.0476 7756 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:44:42.0523 7756 Wanarpv6 - ok
15:44:42.0585 7756 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:44:42.0695 7756 wbengine - ok
15:44:42.0726 7756 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:44:42.0773 7756 WbioSrvc - ok
15:44:42.0819 7756 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:44:42.0866 7756 wcncsvc - ok
15:44:42.0897 7756 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:44:42.0960 7756 WcsPlugInService - ok
15:44:42.0991 7756 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:44:43.0007 7756 Wd - ok
15:44:43.0053 7756 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:44:43.0085 7756 Wdf01000 - ok
15:44:43.0116 7756 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:44:43.0209 7756 WdiServiceHost - ok
15:44:43.0209 7756 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:44:43.0241 7756 WdiSystemHost - ok
15:44:43.0272 7756 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:44:43.0303 7756 WebClient - ok
15:44:43.0319 7756 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:44:43.0365 7756 Wecsvc - ok
15:44:43.0381 7756 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:44:43.0428 7756 wercplsupport - ok
15:44:43.0475 7756 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:44:43.0537 7756 WerSvc - ok
15:44:43.0568 7756 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:44:43.0599 7756 WfpLwf - ok
15:44:43.0615 7756 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:44:43.0646 7756 WIMMount - ok
15:44:43.0724 7756 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:44:43.0787 7756 WinDefend - ok
15:44:43.0802 7756 WinHttpAutoProxySvc - ok
15:44:43.0896 7756 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:44:43.0927 7756 Winmgmt - ok
15:44:43.0989 7756 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:44:44.0083 7756 WinRM - ok
15:44:44.0161 7756 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:44:44.0208 7756 Wlansvc - ok
15:44:44.0270 7756 [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc C:\Program Files\Windows Live\installer\WLSetupSvc.exe
15:44:44.0286 7756 WLSetupSvc ( UnsignedFile.Multi.Generic ) - warning
15:44:44.0286 7756 WLSetupSvc - detected UnsignedFile.Multi.Generic (1)
15:44:44.0333 7756 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:44:44.0348 7756 WmiAcpi - ok
15:44:44.0395 7756 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:44:44.0426 7756 wmiApSrv - ok
15:44:44.0551 7756 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:44:44.0645 7756 WMPNetworkSvc - ok
15:44:44.0676 7756 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:44:44.0754 7756 WPCSvc - ok
15:44:44.0769 7756 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:44:44.0832 7756 WPDBusEnum - ok
15:44:44.0879 7756 WPFFontCache_v0400 - ok
15:44:44.0910 7756 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:44:44.0972 7756 ws2ifsl - ok
15:44:45.0003 7756 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
15:44:45.0050 7756 wscsvc - ok
15:44:45.0066 7756 WSearch - ok
15:44:45.0159 7756 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:44:45.0222 7756 wuauserv - ok
15:44:45.0253 7756 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:44:45.0300 7756 WudfPf - ok
15:44:45.0331 7756 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:44:45.0378 7756 WUDFRd - ok
15:44:45.0393 7756 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:44:45.0456 7756 wudfsvc - ok
15:44:45.0487 7756 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:44:45.0518 7756 WwanSvc - ok
15:44:45.0549 7756 ================ Scan global ===============================
15:44:45.0581 7756 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:44:45.0612 7756 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
15:44:45.0627 7756 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
15:44:45.0674 7756 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:44:45.0705 7756 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:44:45.0721 7756 [Global] - ok
15:44:45.0721 7756 ================ Scan MBR ==================================
15:44:45.0737 7756 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:44:46.0142 7756 \Device\Harddisk0\DR0 - ok
15:44:46.0142 7756 ================ Scan VBR ==================================
15:44:46.0142 7756 [ A004D365BEDFFAB321DB5EC6255868C2 ] \Device\Harddisk0\DR0\Partition1
15:44:46.0142 7756 \Device\Harddisk0\DR0\Partition1 - ok
15:44:46.0173 7756 [ 079B7AF248A5C624F5B42F471C79D45D ] \Device\Harddisk0\DR0\Partition2
15:44:46.0173 7756 \Device\Harddisk0\DR0\Partition2 - ok
15:44:46.0173 7756 ============================================================
15:44:46.0173 7756 Scan finished
15:44:46.0173 7756 ============================================================
15:44:46.0189 9156 Detected object count: 11
15:44:46.0189 9156 Actual detected object count: 11
15:45:18.0809 9156 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:18.0809 9156 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:18.0809 9156 AntiVirService ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:18.0809 9156 AntiVirService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:18.0809 9156 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:18.0809 9156 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:18.0824 9156 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:18.0824 9156 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:18.0824 9156 CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:18.0824 9156 CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:18.0824 9156 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:18.0824 9156 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:18.0824 9156 TNaviSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:18.0824 9156 TNaviSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:18.0824 9156 TODDSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:18.0824 9156 TODDSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:18.0840 9156 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:18.0840 9156 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:18.0840 9156 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:18.0840 9156 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:18.0840 9156 WLSetupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:18.0840 9156 WLSetupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

muss ich den Rechner noch neustarten oder kann ich das Programm einfach wieder schließen?

Alt 31.01.2013, 18:03   #12
markusg
/// Malware-holic
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



programm schließen bitte
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.01.2013, 18:56   #13
Carrab17
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



hab meinen Virenschutz wieder aktiviert, hier ist die Logfile:

Combofix Logfile:
Code:
ATTFilter
ComboFix 13-01-31.01 - Carmen 31.01.2013  18:21:37.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.1918.989 [GMT 1:00]
ausgeführt von:: e:\daten\Carmen\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Carmen\AppData\Local\Temp\ppcrlui_6036_2
c:\users\Public\Favorites\mxfilerelatedcache.mxc2
c:\users\Public\invokesi.exe
c:\windows\system32\pt
c:\windows\system32\pt\toscdspd.cpl.mui
e:\daten\Carmen\Documents\~WRL3402.tmp
e:\daten\Carmen\Favorites\mxfilerelatedcache.mxc2
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_usnjsvc
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-12-28 bis 2013-01-31  ))))))))))))))))))))))))))))))
.
.
2013-01-31 17:32 . 2013-01-31 17:32	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2013-01-27 12:28 . 2013-01-27 12:28	--------	d-----w-	c:\program files\Common Files\Skype
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-15 12:52 . 2012-09-09 13:37	31576	----a-w-	c:\windows\system32\drivers\avgtpx86.sys
2012-12-16 14:13 . 2012-12-31 09:49	295424	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-31 09:49	34304	----a-w-	c:\windows\system32\atmlib.dll
2012-12-04 16:48 . 2009-07-14 02:05	152576	----a-w-	c:\windows\system32\msclmd.dll
2012-11-23 02:56 . 2013-01-09 22:36	2345984	----a-w-	c:\windows\system32\win32k.sys
2012-11-23 02:48 . 2013-01-09 16:03	49152	----a-w-	c:\windows\system32\taskhost.exe
2012-11-20 04:51 . 2013-01-09 16:03	220160	----a-w-	c:\windows\system32\ncrypt.dll
2012-11-15 22:33 . 2012-11-15 22:33	94048	----a-w-	c:\windows\system32\drivers\avgmfx86.sys
2012-11-14 02:09 . 2012-12-13 16:19	1800704	----a-w-	c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-13 16:19	1427968	----a-w-	c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 16:19	1129472	----a-w-	c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-13 16:19	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 16:19	420864	----a-w-	c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-13 16:19	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-11-09 04:43 . 2013-01-09 22:34	492032	----a-w-	c:\windows\system32\win32spl.dll
2012-11-09 04:42 . 2012-12-13 16:16	2048	----a-w-	c:\windows\system32\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29	1402312	----a-w-	c:\windows\system32\msxml4.dll
2007-05-14 00:03 . 2007-05-14 00:03	159744	----a-w-	c:\program files\internet explorer\plugins\pluginhostctrl.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-01-15 12:52	1883824	----a-w-	c:\program files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll" [2013-01-15 1883824]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2007-06-27 436088]
"studNET-Autologin"="c:\windows\System32\studnet\studnet.exe" [2007-09-26 245760]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-15 102400]
"RtHDVCpl"="RtHDVCpl.exe" [2007-08-09 4702208]
"Skytel"="Skytel.exe" [2007-08-03 1826816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-05-22 413696]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816]
"Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 1507328]
"IS CfgWiz"="c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [2007-01-12 431752]
"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-31 385024]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-04-03 509496]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2011-04-01 80840]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-05-04 1561768]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-01-15 1101488]
"dcmsvc"="c:\program files\dcmsvc\dcmsvc.exe" [2009-04-07 30440]
.
c:\users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
BUFFALO NAS Navigator.lnk - c:\program files\BUFFALO\NASNAVI\NasNavi.exe [2010-3-2 1553800]
NAS Scheduler.lnk - c:\program files\BUFFALO\NASNAVI\nassche.exe [2010-3-2 206128]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2009-8-6 439648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"StartCCC"=c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [x]
R3 IDSvix86;Symantec Intrusion Prevention Driver;c:\programdata\Symantec\Definitions\SymcData\idsdefs\20070108.003\IDSvix86.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [x]
S2 NasPmService;NAS PM Service;c:\program files\BUFFALO\NASNAVI\nassvc.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [x]
S2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 RTL8187B;RTL8187B Drahtlos-802.11b/g-USB 2.0-Netzwerkadapter (54 MBit/s) von Realtek;c:\windows\system32\DRIVERS\RTL8187B.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - COMHOST
*NewlyCreated* - WS2IFSL
*Deregistered* - avgio
*Deregistered* - ssmdrv
.
Inhalt des "geplante Tasks" Ordners
.
2008-03-09 c:\windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
2013-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 10:55]
.
2013-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 10:55]
.
2012-09-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107629863-3530946852-433808793-1001Core1cd970a5b2e0af1.job
- c:\users\Carmen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-23 02:13]
.
2010-12-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107629863-3530946852-433808793-1001UA.job
- c:\users\Carmen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-23 02:13]
.
2013-01-31 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job
- c:\program files\AVG Secure Search\PostInstall\ROC.exe [2013-01-15 12:52]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: Interfaces\{436CB8C7-7AD5-4C8B-9F18-D6752EFAA0A8}: NameServer = 139.18.25.3
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-SuperTux_is1 - e:\daten\Carmen\Downloads\SuperTux\unins000.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Àù ÉZÍv£ÐvþÿÿÿR~Ðv·ÄÎu\ç Ðç ¹ÃÎuÀÄÎu*]
"7040110900063D11C8EF10054038389C"="C?\\Windows\\system32\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\software\Symantec\Common Client\ccService\Channels]
@Denied: (C D) (Everyone)
"{00BA7C15-234B-4F2A-B9E7-C945EC8C1D38}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{2C8FD4DC-AD29-422D-8D68-73D7E6D6F417}"="{22BFA560-055F-4CD5-B14F-324A39069086}"
"{37DF08EC-2631-41E6-A52F-A5AAD1AAFACD}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{57104FE6-8BCF-44F8-B31B-0DB18744DCE2}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{6321BB3D-5821-46C8-9966-73AD6AE66D2A}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{75350A12-176A-4482-9FB3-81ADD75D2F20}"="{22BFA560-055F-4CD5-B14F-324A39069086}"
"{A4DB23FA-E6A6-4951-A1FD-D28754D1D970}"="{C213CCF9-EAD8-41D0-880A-58DCBEE68FF4}"
"{AF61DCCC-4420-491E-92FC-653E02738A2D}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{C9C0C83A-8B96-4024-A30B-153615E49F50}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{CBE2032A-F719-4189-9393-C9481519A019}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{E2BEAB59-2B2B-42DA-98E3-1EAEBDC762B1}"="{C213CCF9-EAD8-41D0-880A-58DCBEE68FF4}"
"{EDCB62E6-8CC2-45B5-BD39-9B872AFB016C}"="{22BFA560-055F-4CD5-B14F-324A39069086}"
"{FE8016F9-86E3-4F52-B53A-968BB58811CC}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{7ECCFB31-E92E-4627-A84C-7C4DBEF2560E}"="{4A275407-E8CD-4D0A-9286-93BDBCA4194B}"
"{2534DDB7-56E2-474A-8A98-24399943CF29}"="{BDD92022-B8FC-4AF0-86B6-E748C373149F}"
"{7E3AF02B-AE9C-4FBF-BC69-6E317EE330F8}"="{BDD92022-B8FC-4AF0-86B6-E748C373149F}"
"{1E289833-1116-47BD-801B-769B7BB12E37}"="{4A275407-E8CD-4D0A-9286-93BDBCA4194B}"
"{9F540492-0A84-4CE5-8D84-E26861CC023E}"="{4A275407-E8CD-4D0A-9286-93BDBCA4194B}"
"{6B0D006F-AE03-46D8-8431-82590F7B5C8E}"="{557F6955-90E7-48DB-9D05-89B730D5C93D}"
"{6C27C50C-F309-4BAC-8871-9FCBC194EC4C}"="{557F6955-90E7-48DB-9D05-89B730D5C93D}"
"{A9E70EB5-1F8D-480C-8729-546407BE1759}"="{557F6955-90E7-48DB-9D05-89B730D5C93D}"
"{381C619F-1051-4E89-B70F-A8325AF10EE4}"="{557F6955-90E7-48DB-9D05-89B730D5C93D}"
"{02BD7174-9C92-455A-BB1A-11A19EF34152}"="{150FE274-D0B7-49A5-A422-1FB8CEA5EED2}"
"{F97297B8-DAEC-49F5-A0C5-D1F092000E66}"="{150FE274-D0B7-49A5-A422-1FB8CEA5EED2}"
"{C9348AFF-5DE1-469B-9A87-D952F6ABCC4B}"="{1A7D9155-E047-48A9-98B9-60336092969F}"
"{B5D35D62-A6CA-4F9F-8F8D-D7CE9ACCC163}"="{1A7D9155-E047-48A9-98B9-60336092969F}"
"{69523131-0F4E-4800-860E-0C2C8A8B2110}"="{8F7B2831-B002-4033-BA6C-F4CF922C5851}"
"{4C1B3FF0-0ED5-4EB1-B44A-7F2B55AA9DAF}"="{8F7B2831-B002-4033-BA6C-F4CF922C5851}"
"{4E67473A-430C-4837-90B6-C171F7A2AC31}"="{8F7B2831-B002-4033-BA6C-F4CF922C5851}"
"{776F0871-AE3F-4BDE-8E91-6AB6C082F880}"="{8F7B2831-B002-4033-BA6C-F4CF922C5851}"
"{D28957FE-8448-4DF8-9C20-E59E8EE280A5}"="{8F7B2831-B002-4033-BA6C-F4CF922C5851}"
"{8CF7BA07-E428-4186-8665-DFE5057080C0}"="{E53EAA41-1685-4547-9657-F929817E5461}"
"{1712DF7B-C826-4FC0-9391-5E95250AA165}"="{E53EAA41-1685-4547-9657-F929817E5461}"
"{F1ED4950-C045-4739-AA4D-F01FF7CA9212}"="{E53EAA41-1685-4547-9657-F929817E5461}"
"{E3091DAA-EA7D-4626-81CE-2DB82508C4F3}"="{E53EAA41-1685-4547-9657-F929817E5461}"
"{58053B97-E3CB-4664-858F-D5EF7541B098}"="{A8B138D0-2628-478E-A8AD-FB7F5F974CF4}"
"{5B8DCA79-6A6A-4093-9050-3A0832ED3CA7}"="{A8B138D0-2628-478E-A8AD-FB7F5F974CF4}"
"{96C06601-3282-4903-B0D6-70D4D8D66DB6}"="{8C245FA1-2471-4879-BE86-15C26FB0BE1E}"
"{1747E4AB-3A1F-4FB5-B42D-87454635E4EF}"="{8C245FA1-2471-4879-BE86-15C26FB0BE1E}"
"{39B8A175-B93B-4473-A39A-A26D07AA474E}"="{8C245FA1-2471-4879-BE86-15C26FB0BE1E}"
"{6D01831C-30A9-48C7-9836-74AE1355D6A5}"="{8C245FA1-2471-4879-BE86-15C26FB0BE1E}"
"{A8CF5287-95E2-45C1-97B4-909B0CDD0ED5}"="{8C245FA1-2471-4879-BE86-15C26FB0BE1E}"
"{A88139BC-B844-4EDC-8537-22D0CDE2CB19}"="{11DC4D48-CB91-4E3D-B035-8F64416169E9}"
"{D38783C8-170A-451B-B63A-09CE46619C74}"="{CD3F3BB8-B871-4C1D-8DA3-3C622E422CC6}"
"{07AEE749-56FB-4501-A749-2952FCD38FE5}"="{CD3F3BB8-B871-4C1D-8DA3-3C622E422CC6}"
"{2E0C2AF8-79A4-4DBF-B59C-6811CF4E02BF}"="{0DE2C928-5B82-4634-847F-80616ED491FC}"
"{930A1927-60BD-4416-B391-A5050293D819}"="{D8DD111D-01EB-462A-80AA-09520D68D32A}"
"{C65698B2-A97C-48EA-84CE-A50AE26EEE1C}"="{D8DD111D-01EB-462A-80AA-09520D68D32A}"
"{97252A45-0217-4B59-8623-4E1FF5A64CC4}"="{49E588D4-7DA4-4BA1-9593-4A92D146C3D5}"
"{FAA85A58-116F-452E-9A15-C4ED4608A1F6}"="{49E588D4-7DA4-4BA1-9593-4A92D146C3D5}"
"{42B9A997-C4AB-467F-8A4D-6F9A585ADA01}"="{49E588D4-7DA4-4BA1-9593-4A92D146C3D5}"
"{0BB506FB-3C69-4B8B-AEFB-C63DA6AF293A}"="{49E588D4-7DA4-4BA1-9593-4A92D146C3D5}"
"{E4ECAF51-2923-426B-A168-FDF1FE11E97F}"="{49E588D4-7DA4-4BA1-9593-4A92D146C3D5}"
"{993F8CD0-C136-4101-947D-BF34A0B71A57}"="{DAE877DE-A00F-4992-B78B-38800CBD31BD}"
"{3CD58812-8545-48CB-AD89-EFDACED2B8D8}"="{DAE877DE-A00F-4992-B78B-38800CBD31BD}"
"{AF79100D-1021-49C4-A99F-6D89CAD48165}"="{349874FA-504B-42F0-8F20-972F60F9AA1D}"
"{AD61943D-2CD8-4CD7-A9F5-7EDEBCD65755}"="{349874FA-504B-42F0-8F20-972F60F9AA1D}"
"{2842139B-BC43-4246-82C7-BD45E88F8DE2}"="{56194707-8D09-40CA-80E8-12557B7D0FEA}"
"{8EA72189-BD90-4EAC-B4FB-87C6D17BFBA8}"="{56194707-8D09-40CA-80E8-12557B7D0FEA}"
"{46905F9B-56BE-444A-92C6-339CBA46B2DB}"="{56194707-8D09-40CA-80E8-12557B7D0FEA}"
"{F94CD8B5-EE38-414E-A1CD-D4E75299A59A}"="{56194707-8D09-40CA-80E8-12557B7D0FEA}"
"{B9052112-9E3F-4928-B00E-91FBAA67CB08}"="{56194707-8D09-40CA-80E8-12557B7D0FEA}"
"{11CBEE1D-F7CE-456C-9483-314B0C556734}"="{CF90F225-8A8F-4390-B160-660853C32EBC}"
"{030598A7-6C91-40D9-B91B-9337E6902552}"="{CF90F225-8A8F-4390-B160-660853C32EBC}"
"{A238F65C-5A5A-4279-ACBB-9B195CD52C69}"="{CF90F225-8A8F-4390-B160-660853C32EBC}"
"{CF2D2786-C4A1-48AE-8E02-43B998A2D739}"="{CF90F225-8A8F-4390-B160-660853C32EBC}"
"{407C3B8F-41CE-40BA-98D2-6AB5513D7492}"="{4BFCAD7F-4770-4E66-9AFC-15909C0BEE88}"
"{891B4437-8D4E-4EBB-ACC0-C01244B28093}"="{4BFCAD7F-4770-4E66-9AFC-15909C0BEE88}"
"{D33A5217-803A-4ADB-B81C-716D98B250A2}"="{52450474-24C1-43E3-B7F7-BF2452AD760F}"
"{E1F762E7-590F-4072-94AC-87DDF3C1C775}"="{52450474-24C1-43E3-B7F7-BF2452AD760F}"
"{2D6946D4-CA60-41F9-B4D0-2D2123578AA6}"="{52450474-24C1-43E3-B7F7-BF2452AD760F}"
"{2E1E0B4A-8395-494C-883A-96DFF4641A98}"="{52450474-24C1-43E3-B7F7-BF2452AD760F}"
"{8B291428-1F97-4419-BC42-813A6C6DCAAE}"="{52450474-24C1-43E3-B7F7-BF2452AD760F}"
"{97F48B16-4220-403F-9209-032D8911C359}"="{03F30F79-6AA2-4F6A-A355-49C9BDDA882A}"
"{CE394C96-38B0-495F-A4E7-88721866722C}"="{03F30F79-6AA2-4F6A-A355-49C9BDDA882A}"
"{12371CE3-A7B9-4DD1-8055-9712B7F32770}"="{608B6C3F-185D-4E38-9141-5CE28ACBD1AB}"
"{C8B4A885-8DB7-4E58-A000-A441E75CA17A}"="{608B6C3F-185D-4E38-9141-5CE28ACBD1AB}"
"{490F9699-4289-45F5-BFE5-53FC1598B5E6}"="{608B6C3F-185D-4E38-9141-5CE28ACBD1AB}"
"{23D69B1E-4453-4BF8-88C3-C7F92E153EAA}"="{608B6C3F-185D-4E38-9141-5CE28ACBD1AB}"
"{7ED0EF18-A4C5-42E7-8C56-52E6D83FF276}"="{608B6C3F-185D-4E38-9141-5CE28ACBD1AB}"
"{C6E07E92-BAB5-4143-8AF7-502F61D8ACBD}"="{ABED9656-1B13-4C92-989C-60AF08451C9F}"
"{8F4A892B-74BA-46DB-A8AD-D2F876572366}"="{ABED9656-1B13-4C92-989C-60AF08451C9F}"
"{4E905571-3402-4005-A790-C3A0A7F12BBC}"="{20523FA6-CBDC-475F-9769-197F919D2260}"
"{E7BB783D-8F97-4F18-B596-296756B58CF0}"="{20523FA6-CBDC-475F-9769-197F919D2260}"
"{F031E52E-E5DD-476C-A799-6D8A79A2A2F6}"="{20523FA6-CBDC-475F-9769-197F919D2260}"
"{264A4FAB-8269-4F1A-AFF5-8636ADC32923}"="{20523FA6-CBDC-475F-9769-197F919D2260}"
"{ACC5B198-A24C-4CE3-A02D-AABC453A527C}"="{20523FA6-CBDC-475F-9769-197F919D2260}"
"{8AE9F9F5-BB53-4F9E-A9F8-3A419A21F8C2}"="{37AB619F-B517-41DA-96E2-9501A1CB7D3A}"
"{5FA1325D-5412-47CA-935A-E7B007DE6FED}"="{37AB619F-B517-41DA-96E2-9501A1CB7D3A}"
"{D8541E5C-39C0-4FD2-8AF5-EE01A68AB69F}"="{37AB619F-B517-41DA-96E2-9501A1CB7D3A}"
"{3AB46120-00B7-4336-ABDF-DC4014B537BB}"="{7D2BD4B8-1539-4ED4-8AD9-8189A050E6C8}"
"{3594EB6A-D2FF-4BD7-AC55-D23785713892}"="{7D2BD4B8-1539-4ED4-8AD9-8189A050E6C8}"
"{BDCD084E-F65D-40BA-95D6-89D9C0AE47BB}"="{98C2AF2C-2BA6-46D6-AC8C-6DB7EE4C4EBA}"
"{A26B0ECF-B57D-4961-ACE8-763758EC4E75}"="{98C2AF2C-2BA6-46D6-AC8C-6DB7EE4C4EBA}"
"{0461D39C-2B59-4899-9ED0-ABADF4FDB707}"="{98C2AF2C-2BA6-46D6-AC8C-6DB7EE4C4EBA}"
"{11B410BE-0065-4FFD-966A-4C0A5A3706B7}"="{98C2AF2C-2BA6-46D6-AC8C-6DB7EE4C4EBA}"
"{10EE6E91-3755-41F5-8DEB-CC3F34756845}"="{98C2AF2C-2BA6-46D6-AC8C-6DB7EE4C4EBA}"
"{DDD5B9A9-61DC-43EF-8027-03AFDF9FFF0D}"="{F3A0B6BD-F38B-41AA-A1C0-2CB1F23E5E82}"
"{9621A483-C913-4DE7-8026-BF74EF63CD8F}"="{F3A0B6BD-F38B-41AA-A1C0-2CB1F23E5E82}"
"{31B1F6A1-A6E0-40A1-8FBA-39EF03A1C459}"="{F3A0B6BD-F38B-41AA-A1C0-2CB1F23E5E82}"
"{D724C2FB-F225-4EF8-9528-8686297CABD7}"="{76764220-24F1-4C71-A69D-B6EF7F7B7761}"
"{B449643D-0B24-4690-9A2D-3FD24B723D85}"="{76764220-24F1-4C71-A69D-B6EF7F7B7761}"
"{0820A5B1-459A-425B-874E-5EBBC0B06559}"="{BE01BA7F-A3D2-48C5-8173-9C875A2B635D}"
"{D913DACA-0E12-4668-B704-06E0505D93C7}"="{BE01BA7F-A3D2-48C5-8173-9C875A2B635D}"
"{C66C6029-B361-4279-8832-5E7AB7A81937}"="{BE01BA7F-A3D2-48C5-8173-9C875A2B635D}"
"{9E178987-385C-49A6-AB91-35FB0155753E}"="{BE01BA7F-A3D2-48C5-8173-9C875A2B635D}"
"{58408D67-F832-4894-9956-A2E99A5EFA31}"="{BE01BA7F-A3D2-48C5-8173-9C875A2B635D}"
"{CF5DBCEE-B9E0-44AA-B3E8-E34B57BEA782}"="{127223C3-90EA-4EBC-8388-AF35F9D2ACB1}"
"{9FB6BE33-BEA7-43A6-B971-237A216D26B9}"="{127223C3-90EA-4EBC-8388-AF35F9D2ACB1}"
"{EBCC6D0D-5583-4DA1-A4C9-865C1C58C8A7}"="{127223C3-90EA-4EBC-8388-AF35F9D2ACB1}"
"{2D5E947E-AAEE-47ED-A5EE-6380C3689078}"="{127223C3-90EA-4EBC-8388-AF35F9D2ACB1}"
"{1BD921F9-DFDC-41FC-AFC3-074887FA832C}"="{127223C3-90EA-4EBC-8388-AF35F9D2ACB1}"
"{91FAA476-8AAC-449C-9029-D6499534D595}"="{B1E4224B-C96F-47FD-91C7-16569DAAEE74}"
"{461D80BF-E6CE-487E-AD72-9AB87FAFD436}"="{B1E4224B-C96F-47FD-91C7-16569DAAEE74}"
"{0DDCD530-766D-40BD-B532-97C3B6520259}"="{B1E4224B-C96F-47FD-91C7-16569DAAEE74}"
"{AEEB3E2F-1C9E-4CB4-88C2-8C3990C7E0F1}"="{B1E4224B-C96F-47FD-91C7-16569DAAEE74}"
"{B82617D2-D8BC-4D1A-A58C-C3102122CDD5}"="{B1E4224B-C96F-47FD-91C7-16569DAAEE74}"
"{A30ED02F-4DE5-4057-8CCD-E1B35D33F458}"="{647DBAA7-F5D9-4777-AED8-320B47A84EEA}"
"{E62E4E73-8FAC-4004-B7CD-E0CD5F513A34}"="{647DBAA7-F5D9-4777-AED8-320B47A84EEA}"
"{2002BA6D-5163-47B4-84B4-E15AD691E4B3}"="{E47440B5-4CF1-4313-9CB4-138BD859A585}"
"{7F241564-E73F-4F95-BBE8-47F0FF830406}"="{E47440B5-4CF1-4313-9CB4-138BD859A585}"
"{5CFA49C7-77CE-4D88-9F71-D36ADDCEACBD}"="{E47440B5-4CF1-4313-9CB4-138BD859A585}"
"{1D1AB864-1DCF-4FC5-BDA1-9E1ECA704D01}"="{E47440B5-4CF1-4313-9CB4-138BD859A585}"
"{67CBAEA8-A0B9-4EEE-A925-1D067D518F1C}"="{E47440B5-4CF1-4313-9CB4-138BD859A585}"
"{7FAABE0A-0273-4287-B3DF-E1773C2FF95C}"="{B88B6777-598C-4F8B-80BA-BF67D7B2ADE3}"
"{8C7B9599-A537-4D47-8214-AEBC1A2B9876}"="{B88B6777-598C-4F8B-80BA-BF67D7B2ADE3}"
"{574D371B-102D-4E0D-A394-AAEBD6BA49B7}"="{B88B6777-598C-4F8B-80BA-BF67D7B2ADE3}"
"{8EFD10FD-3152-4C75-A613-F774E91ACCB6}"="{053CCBF4-F7FC-44C8-A5F3-8BE7D5F02C2B}"
"{D19CCEE0-D334-44A2-81EA-B1E4D007CDFF}"="{053CCBF4-F7FC-44C8-A5F3-8BE7D5F02C2B}"
"{E21B47ED-527F-4EAB-8707-8C1DEFB0CB64}"="{1DCFF5AD-48E4-4167-ABDA-BA95BB775AF7}"
"{6D62DBAA-BF56-4220-A46F-D3CE931CD33C}"="{1DCFF5AD-48E4-4167-ABDA-BA95BB775AF7}"
"{12488F7E-DDCD-45FB-93BE-821E705D3861}"="{1DCFF5AD-48E4-4167-ABDA-BA95BB775AF7}"
"{351B4642-A2F7-4A12-A9D3-AB8B9E87FB4C}"="{1DCFF5AD-48E4-4167-ABDA-BA95BB775AF7}"
"{224DB475-E13B-4A08-A340-9C5CB6858F91}"="{1DCFF5AD-48E4-4167-ABDA-BA95BB775AF7}"
"{9E2D154B-3D92-4365-A65E-B29A5D4E5FD4}"="{44F5F1EC-9397-4EB3-8C82-3E767A295242}"
"{605A31FF-F71D-45B0-BB1F-AF0263CDFBAF}"="{44F5F1EC-9397-4EB3-8C82-3E767A295242}"
"{76850FB6-4D34-462E-B741-2C68A87FE36C}"="{44F5F1EC-9397-4EB3-8C82-3E767A295242}"
"{A5CBC696-FC25-4AAC-AD91-8781B54E2D47}"="{3B4173EB-4D12-47AD-8E9C-29F026ABFD6A}"
"{34DDCB7C-CB3D-4DC9-A6A4-7148B78B96B0}"="{3B4173EB-4D12-47AD-8E9C-29F026ABFD6A}"
"{80A59354-E92B-4C89-88DC-E535C7495BA0}"="{AF46402A-D1E2-4003-8A81-E83C79A9D4A5}"
"{4CAC1715-CCC9-4DDC-857F-326530E64569}"="{AF46402A-D1E2-4003-8A81-E83C79A9D4A5}"
"{4343C915-C43C-41F0-B7A3-172B566F494D}"="{AF46402A-D1E2-4003-8A81-E83C79A9D4A5}"
"{FF2A9B62-DF6A-4A2D-8965-8F9B101F48B6}"="{AF46402A-D1E2-4003-8A81-E83C79A9D4A5}"
"{138B4B0B-D36F-46DB-8A10-0053E06F6481}"="{5194BF8B-A401-459A-B7C0-3040CC7FAB60}"
"{01EF34AD-87F2-4BB9-A8BE-D5F5F4E76867}"="{5194BF8B-A401-459A-B7C0-3040CC7FAB60}"
"{B059F3BE-5C5F-49E1-A3C3-C63886160545}"="{5194BF8B-A401-459A-B7C0-3040CC7FAB60}"
"{34242076-2CF1-4C42-B1E6-57996B9C51B4}"="{44764C08-C2B0-4C5F-B990-4BEBA02A9071}"
"{17C627E3-C7E9-4BB1-8DE2-C26AB47CD181}"="{44764C08-C2B0-4C5F-B990-4BEBA02A9071}"
"{A6B39590-C892-41ED-95CD-186E7AA36DE5}"="{44764C08-C2B0-4C5F-B990-4BEBA02A9071}"
"{B0C831EA-B2E9-44C8-9049-3461913A8B31}"="{44764C08-C2B0-4C5F-B990-4BEBA02A9071}"
"{20A304ED-88A7-46D8-AB7A-7B6B0C902B5E}"="{44764C08-C2B0-4C5F-B990-4BEBA02A9071}"
"{01100039-4484-4992-8C5C-B186C0A07A57}"="{407D2C76-81AA-4024-B70B-A9DFF8652F17}"
"{36F42E03-7B34-4FEC-B995-221E2B9DA1BA}"="{407D2C76-81AA-4024-B70B-A9DFF8652F17}"
"{964EBAC9-1A36-4053-9E62-15FB42AE0B27}"="{CD0B4FDC-25ED-4F25-B3BB-BB1BD2300B48}"
"{1FAE42F1-18B5-42DE-AE6B-37530201CE94}"="{CD0B4FDC-25ED-4F25-B3BB-BB1BD2300B48}"
"{BD079197-1A43-4BC6-AEDA-6E8DABA7910E}"="{E1C83E5C-B242-4D07-AE0E-5A334B4ACA40}"
"{85080D01-0F7C-4824-932C-9675514E8D53}"="{E1C83E5C-B242-4D07-AE0E-5A334B4ACA40}"
"{9A0F07BC-6CCF-4883-AB6B-DCD694C54799}"="{E1C83E5C-B242-4D07-AE0E-5A334B4ACA40}"
"{75B66DB5-3BB7-4222-94B2-3C6A6B95D397}"="{E1C83E5C-B242-4D07-AE0E-5A334B4ACA40}"
"{0439FC4D-5387-4FC3-AD4D-C7E4E526C59F}"="{E1C83E5C-B242-4D07-AE0E-5A334B4ACA40}"
"{28450187-0497-44C6-8EAB-BB7237FA7E7A}"="{18DE2631-38FB-45DC-8060-8239531C3D69}"
"{9F0C044D-E679-4520-A6EA-1A00F532D96B}"="{18DE2631-38FB-45DC-8060-8239531C3D69}"
"{F27FAADE-5581-459A-9EFE-0234E1EE7EA2}"="{C7AE81F0-0739-4EA7-97BD-1B518D0B957A}"
"{6CEF45A6-8DDC-4855-B84D-FC0807F5171B}"="{C7AE81F0-0739-4EA7-97BD-1B518D0B957A}"
"{0B2C42D2-F6C9-4B0E-8D83-A86ED90008D8}"="{C7AE81F0-0739-4EA7-97BD-1B518D0B957A}"
"{BF16C338-4E79-4453-AC73-8406946160D6}"="{C7AE81F0-0739-4EA7-97BD-1B518D0B957A}"
"{73849DB7-09DE-400C-A0D3-087B9AE7B68F}"="{C7AE81F0-0739-4EA7-97BD-1B518D0B957A}"
"{2B5177E6-DD03-4198-B3EE-EFD0990C4779}"="{CC5FB538-5353-4EA1-A7F0-0DD33DEDEB1C}"
"{E1A6C061-6A23-4C97-B7C5-CEE119D4E42F}"="{CC5FB538-5353-4EA1-A7F0-0DD33DEDEB1C}"
"{0E3F7B30-2AF3-4089-8C56-50BF0918665D}"="{CAA21266-BD1A-4E5E-93F1-965D7F3A8C20}"
"{7197EF19-3C23-404F-B025-0671523D28C9}"="{CAA21266-BD1A-4E5E-93F1-965D7F3A8C20}"
"{EDCB15F4-7F7C-4676-B50F-92BAD6A0079C}"="{CAA21266-BD1A-4E5E-93F1-965D7F3A8C20}"
"{9C2FDD96-8BC7-4CD0-98E4-24A19A2605C6}"="{CAA21266-BD1A-4E5E-93F1-965D7F3A8C20}"
"{3844EDBC-A126-453C-9C7D-4A921DCD2145}"="{CAA21266-BD1A-4E5E-93F1-965D7F3A8C20}"
"{5AF3675D-2904-4A1A-B1B5-6231A414BB5E}"="{A98EAFC5-2810-4AF9-B6FD-53F2AB7A9D78}"
"{1ED168BC-6CD8-4EF2-9A69-996FDA83CDA8}"="{A98EAFC5-2810-4AF9-B6FD-53F2AB7A9D78}"
"{FE6238DA-2ED6-4384-AB45-FC0E26CF88BF}"="{A98EAFC5-2810-4AF9-B6FD-53F2AB7A9D78}"
"{B6CAF94C-B4DF-4ED2-ADD9-133F7592520A}"="{A98EAFC5-2810-4AF9-B6FD-53F2AB7A9D78}"
"{9281BF34-D695-4F74-BB81-583C380C074E}"="{BADB0A03-850A-4D4E-B7EA-47977EE6409A}"
"{E97E341E-065D-4B2A-85EA-AE453A10CD4D}"="{BADB0A03-850A-4D4E-B7EA-47977EE6409A}"
"{DB029EEB-E5BC-47C3-AB77-B08E7D8A887B}"="{6B0B8ED3-BD1E-4239-A37A-CED5FB8B6502}"
"{362C793A-D936-4BD8-B988-66F90A8A125D}"="{6B0B8ED3-BD1E-4239-A37A-CED5FB8B6502}"
"{B45F1A8D-752A-45A7-AD28-FA00A93C9455}"="{6B0B8ED3-BD1E-4239-A37A-CED5FB8B6502}"
"{BBCEAD87-BC68-4C9A-969F-4400A024573A}"="{6B0B8ED3-BD1E-4239-A37A-CED5FB8B6502}"
"{6AA43571-9AD2-47A1-8AB3-A47B2E0262A1}"="{6B0B8ED3-BD1E-4239-A37A-CED5FB8B6502}"
"{8418134B-AC78-423B-B865-236105D075E0}"="{40DB2EFA-F461-4722-A173-B0DAB109B992}"
"{9622F0D0-589D-4ADE-9D21-124BBB6FCFA3}"="{40DB2EFA-F461-4722-A173-B0DAB109B992}"
"{12FA23D4-DB9E-4DA0-824F-7B95D42BE814}"="{DD8BF7ED-912B-4255-9012-03E2AD76321A}"
"{E9B26BD5-1BDD-48C1-A52E-E9402FB1D910}"="{DD8BF7ED-912B-4255-9012-03E2AD76321A}"
"{D154FB60-2E21-4223-9779-4F43CE6EFF45}"="{DD8BF7ED-912B-4255-9012-03E2AD76321A}"
"{F8FFA0E4-99B6-49DA-91B9-929B166BA00E}"="{DD8BF7ED-912B-4255-9012-03E2AD76321A}"
"{1BE29AE9-2ACD-4122-A642-459D0A66661F}"="{DD8BF7ED-912B-4255-9012-03E2AD76321A}"
"{664C0CC8-E425-40DC-96C8-5070AF5BEBFB}"="{EC65B621-B250-442B-9FF3-F74518703135}"
"{C02CB8EA-3BA0-47B4-A1C3-17DD7222A5CD}"="{EC65B621-B250-442B-9FF3-F74518703135}"
"{1879080D-5584-4944-8C9C-D2843DA42E02}"="{EC65B621-B250-442B-9FF3-F74518703135}"
"{8B101892-3A1B-4566-9A10-4C62B04A00EB}"="{585CC6ED-6406-4BF2-8D6E-891069C9DFD5}"
"{950FC2D5-D4B2-4894-9E3C-DFB426067F01}"="{585CC6ED-6406-4BF2-8D6E-891069C9DFD5}"
"{154B9158-0B22-4626-BAA1-86A0E3FC25C4}"="{FCF3FD62-FD70-4829-BA94-A0FAA0910FBA}"
"{396DDFA1-968E-4AAC-8F64-26D59194AEDD}"="{FCF3FD62-FD70-4829-BA94-A0FAA0910FBA}"
"{4C112C3A-201A-4467-A5F1-3CF3D4375399}"="{FCF3FD62-FD70-4829-BA94-A0FAA0910FBA}"
"{E8CB0F1B-F66B-4E1F-808A-30D9D77CF05C}"="{FCF3FD62-FD70-4829-BA94-A0FAA0910FBA}"
"{4CD611AB-E12B-422E-8C1F-D7848974C114}"="{FCF3FD62-FD70-4829-BA94-A0FAA0910FBA}"
"{8A25026A-153F-4075-B558-1E92C104DAB2}"="{E323003C-9AE5-4B79-BA8A-D5023395A0F1}"
"{0B753F8D-7C52-4415-B9CB-5A2797C915E1}"="{E323003C-9AE5-4B79-BA8A-D5023395A0F1}"
"{F96D8024-AABD-4C71-AA00-C228CB0A3A4B}"="{9BC085E3-7574-4167-8780-3F3B7415B2DF}"
"{37A8A0AB-7710-4BA3-BC57-D68936A1A608}"="{9BC085E3-7574-4167-8780-3F3B7415B2DF}"
"{74D55FA7-B14A-4764-925C-D5EB6FDE7955}"="{9BC085E3-7574-4167-8780-3F3B7415B2DF}"
"{22966731-45D7-46E1-A5B2-DE82A5B051CF}"="{9BC085E3-7574-4167-8780-3F3B7415B2DF}"
"{29C172A6-714E-4E58-AFB0-8C2CDEDBE1DD}"="{9BC085E3-7574-4167-8780-3F3B7415B2DF}"
"{96E6E7D7-9F7D-4615-ADCD-A1A24224F690}"="{9C8514E4-860C-42C4-AE4F-676F97522D07}"
"{DB109FC6-30DA-428B-B530-9392CD0C4C7C}"="{9C8514E4-860C-42C4-AE4F-676F97522D07}"
"{95AE751F-E98B-4B1A-ABFA-A4021613ABA0}"="{FFE9C493-EA72-447C-B471-B3309B4B3371}"
"{E1B528B8-83B1-4883-9CE1-BA0240C9B9CD}"="{FFE9C493-EA72-447C-B471-B3309B4B3371}"
"{29914B7B-0E90-47CE-A7C9-E68631FB2E15}"="{FFE9C493-EA72-447C-B471-B3309B4B3371}"
"{5DE5EA2B-BE28-43D0-8EA6-76008B52D1C4}"="{FFE9C493-EA72-447C-B471-B3309B4B3371}"
"{5AD4E4DD-94B8-4F0D-9EB8-33FDDB2139CD}"="{FFE9C493-EA72-447C-B471-B3309B4B3371}"
"{606E321A-6C6E-41BD-82D7-71751AC367CF}"="{B8E263D8-FC40-4985-8F74-B83702A60B69}"
"{91B1B987-44D5-4AEB-8226-FD886BEFF48C}"="{B8E263D8-FC40-4985-8F74-B83702A60B69}"
"{01747634-5F95-41F6-A52D-D8DCB3324148}"="{B8E263D8-FC40-4985-8F74-B83702A60B69}"
"{E2A53CF4-71A1-495C-BAEB-F6DD5AB357C2}"="{29FD54DE-DBBD-4A79-8C34-DBD96F899340}"
"{D3168915-B34A-4533-9CD1-EC96CFF34AFF}"="{29FD54DE-DBBD-4A79-8C34-DBD96F899340}"
"{9AC8105E-7AAB-4458-B462-0D1E19408329}"="{8AF95A74-1308-4E8E-B886-1C73F8388E0F}"
"{7E981DB0-8DED-46EC-8056-B9F5B3289A3D}"="{8AF95A74-1308-4E8E-B886-1C73F8388E0F}"
"{707F2FC3-60B5-47C7-A767-2B784B45CDF5}"="{8AF95A74-1308-4E8E-B886-1C73F8388E0F}"
"{962C9323-7834-4618-AC40-97A2009D0110}"="{8AF95A74-1308-4E8E-B886-1C73F8388E0F}"
"{DAE85353-4F7D-478C-A174-146B01C326AD}"="{8AF95A74-1308-4E8E-B886-1C73F8388E0F}"
"{7739DE69-5188-448F-8F88-EB88B0CA5F35}"="{D28F4AAE-5AD2-4BEB-8FE7-989C6E66238C}"
"{F411120A-DE9E-475F-A045-63F67BDF21D6}"="{D28F4AAE-5AD2-4BEB-8FE7-989C6E66238C}"
"{21EEE00B-220B-4754-B59D-B22FBF3F6837}"="{D28F4AAE-5AD2-4BEB-8FE7-989C6E66238C}"
"{EE6B6921-5A9A-4B08-9717-5B895451A530}"="{19D56D81-D149-4009-9687-C71433E363F0}"
"{AF1CC895-A577-42F5-A536-6FEB26882B72}"="{19D56D81-D149-4009-9687-C71433E363F0}"
"{D04561E9-55B1-4EAC-9A9E-825157CCB439}"="{19D56D81-D149-4009-9687-C71433E363F0}"
"{E1E8E0F4-EB17-4F36-913E-AD56A6A31ED1}"="{19D56D81-D149-4009-9687-C71433E363F0}"
"{29B5D28E-7985-4DF0-852C-461C84DC6123}"="{19D56D81-D149-4009-9687-C71433E363F0}"
"{B96EBD1A-28C9-43C5-9468-7733B7F8DEB3}"="{B7AD334A-8977-43AB-A7A6-7190548B1ABE}"
"{05F087F7-5B48-48E4-9F71-C1AB007C66F1}"="{B7AD334A-8977-43AB-A7A6-7190548B1ABE}"
"{4E3EF772-4563-42A2-B129-8E6A3A03FB10}"="{77F8CE9F-0773-4096-92FF-A435D67D294D}"
"{B5C985A8-2D81-4273-BAB8-D058F76B5168}"="{77F8CE9F-0773-4096-92FF-A435D67D294D}"
"{71A1A6CE-0453-4588-A79E-E0B30273CE4B}"="{F02AAF25-782A-480D-94BC-D9301E21A2E4}"
"{69CC6A47-FAE9-44C1-AF98-C5FFD0515607}"="{F02AAF25-782A-480D-94BC-D9301E21A2E4}"
"{887E7106-B72D-40FB-A49E-A7CAC46A34E4}"="{F02AAF25-782A-480D-94BC-D9301E21A2E4}"
"{7C2C1C33-303B-4A13-8C95-5E75E4682903}"="{A59534E3-12D5-4768-AB98-AD8E4149051D}"
"{290084E9-1361-4CB8-AF14-00997DB2D68F}"="{A59534E3-12D5-4768-AB98-AD8E4149051D}"
"{1EF89E45-D19F-47C2-969A-404D1CD17C03}"="{35B3BEDD-4275-4513-803C-F3F885336CE7}"
"{A329DB41-5AAA-49C7-9DB8-7C4AE9CC3990}"="{35B3BEDD-4275-4513-803C-F3F885336CE7}"
"{38FCB080-9CE4-4A6F-B436-8585D570EAA8}"="{35B3BEDD-4275-4513-803C-F3F885336CE7}"
"{96C786D3-195D-4731-B6E7-A89B24EDD1A3}"="{35B3BEDD-4275-4513-803C-F3F885336CE7}"
"{A1AE5B84-9CC4-4AC5-8E24-40102A0FE704}"="{35B3BEDD-4275-4513-803C-F3F885336CE7}"
"{3CEFE3E5-7FE2-4212-B81E-77DFF3AE7373}"="{FBFA814F-625F-4764-8FD2-359E53058079}"
"{C1B0C570-BD0A-4124-A2C7-B8A547CAD2BA}"="{FBFA814F-625F-4764-8FD2-359E53058079}"
"{099EC8B8-0C26-4367-BD27-C0A9289556FD}"="{FBFA814F-625F-4764-8FD2-359E53058079}"
"{BADF1974-C12F-4A46-AAFD-38D04F1DBACB}"="{6E54F4BE-EC49-44F1-ADAE-1448E9F84D24}"
"{FC2B4B00-18C1-4F41-AF93-3E97340BDE0E}"="{6E54F4BE-EC49-44F1-ADAE-1448E9F84D24}"
"{641D1A2B-462D-4790-9933-1BE3BD152139}"="{E6C1C450-F7CC-491B-964D-81550F861AF3}"
"{33518933-C81E-4657-B454-AFBF1A751AC7}"="{E6C1C450-F7CC-491B-964D-81550F861AF3}"
"{4374B6C6-929E-4EB7-AD3F-56DDAA4AD37A}"="{E6C1C450-F7CC-491B-964D-81550F861AF3}"
"{108D1D30-EECD-4DD6-B813-3A2E724D4104}"="{E6C1C450-F7CC-491B-964D-81550F861AF3}"
"{E5D09878-E364-418D-926B-44EA09793044}"="{E6C1C450-F7CC-491B-964D-81550F861AF3}"
"{6FA3E990-3C75-415B-8987-71C16AA08159}"="{36B44FB8-BDE5-4684-BC08-68926A0F081F}"
"{150FF62E-32BA-45F3-A3AB-E080F9659A39}"="{36B44FB8-BDE5-4684-BC08-68926A0F081F}"
"{71101991-09DA-4C82-BCAD-7193D3F3CB02}"="{F96F1035-BA09-4F8E-8340-8AF89B1299C7}"
"{405D28D1-17F3-440E-8272-C126B53C06C5}"="{F96F1035-BA09-4F8E-8340-8AF89B1299C7}"
"{1403A2EC-CEFB-408D-81A7-48294DA75C6C}"="{F96F1035-BA09-4F8E-8340-8AF89B1299C7}"
"{06A47049-5AF5-441C-B48D-80EB376C41CC}"="{F96F1035-BA09-4F8E-8340-8AF89B1299C7}"
"{B2F4C374-5091-494E-B297-1A223AFB41F6}"="{F96F1035-BA09-4F8E-8340-8AF89B1299C7}"
"{2C037389-FD02-41E3-83A7-166C5838C0D1}"="{4EBEFC0B-2001-40A1-A281-7F94EECB21CD}"
"{8E876AC5-D19F-461E-89E7-7016247B639F}"="{4EBEFC0B-2001-40A1-A281-7F94EECB21CD}"
"{FDB9A4F8-D865-425A-BE30-2B282F027D0F}"="{4EBEFC0B-2001-40A1-A281-7F94EECB21CD}"
"{BEE91319-BB0F-4EA9-B213-2D11383C43C1}"="{15128307-2852-468C-B2ED-4CC6A7E26EBB}"
"{5C416256-3013-445A-B959-3843892A59F9}"="{15128307-2852-468C-B2ED-4CC6A7E26EBB}"
"{465D44BD-8B52-48F1-A1A0-F6BC1D260563}"="{FF39B7BA-E655-446C-926F-1E48C2392A1F}"
"{FF55FBB0-3574-4D49-BA54-8374F64055C8}"="{FF39B7BA-E655-446C-926F-1E48C2392A1F}"
"{FBCD7986-133D-46A9-962D-77FB5F4C0F82}"="{FF39B7BA-E655-446C-926F-1E48C2392A1F}"
"{854CC9A5-927D-4B02-865B-A8510846CE09}"="{FF39B7BA-E655-446C-926F-1E48C2392A1F}"
"{CA385699-F645-4C16-950E-5B7080296A6D}"="{FF39B7BA-E655-446C-926F-1E48C2392A1F}"
"{77C919AE-E524-48C6-B583-5FE92FEE3495}"="{94FDC60D-4CE0-40B6-88A4-5379B5583CFA}"
"{B82928F6-83AA-4CF8-86B1-AB165476033C}"="{94FDC60D-4CE0-40B6-88A4-5379B5583CFA}"
"{672243B7-BA0F-4764-8110-87EF8C8A2CAC}"="{94FDC60D-4CE0-40B6-88A4-5379B5583CFA}"
"{0C164810-3AB5-45C4-9EE7-986DE9338D76}"="{E46EDD86-4F98-4C1D-BA00-0BF36C54E5E6}"
"{D209F05A-CE8E-4005-8A1A-1D9220387EF9}"="{E46EDD86-4F98-4C1D-BA00-0BF36C54E5E6}"
"{67077AEB-AAD9-4990-8A93-747E0FDF0675}"="{E46EDD86-4F98-4C1D-BA00-0BF36C54E5E6}"
"{5E668D55-AB9C-4D3E-AD74-8A4B2CC34718}"="{103683CE-FD19-42C3-89D7-6C4C8E1C86C1}"
"{9FF96D87-C59C-4919-AE51-A83595579E6C}"="{103683CE-FD19-42C3-89D7-6C4C8E1C86C1}"
"{5AC92435-8A3B-43EE-8C00-F94299CD4B3B}"="{E59A070F-2826-457C-AD82-F56790F95DC0}"
"{FD5A6530-77A3-4100-8F34-D250F3AD5A36}"="{E59A070F-2826-457C-AD82-F56790F95DC0}"
"{EDD573D8-E737-47D3-BF55-444E8B512906}"="{E59A070F-2826-457C-AD82-F56790F95DC0}"
"{9E426CE3-099C-4122-95CA-721E35347C34}"="{E59A070F-2826-457C-AD82-F56790F95DC0}"
"{27F147F8-EC00-4EB4-B4CD-97D040CE27FB}"="{E59A070F-2826-457C-AD82-F56790F95DC0}"
"{628241F3-ACFE-407C-A094-81CE3ECF5153}"="{52EFB4D2-A10C-46D9-A696-1888655A7B1F}"
"{31AD35D6-B206-4942-83A5-CC5A19F7AF37}"="{52EFB4D2-A10C-46D9-A696-1888655A7B1F}"
"{5E87ED2D-9A39-4F61-A11F-69D9C61BCE9B}"="{52EFB4D2-A10C-46D9-A696-1888655A7B1F}"
"{6C462417-FFC4-4B89-BE6D-B93A178EE2AA}"="{428C2EF9-8B65-4E24-BE89-973C61EA2398}"
"{00BB0AB6-F89F-4C70-B2DF-B2D700590169}"="{428C2EF9-8B65-4E24-BE89-973C61EA2398}"
"{FA34C4C9-4090-43E3-A378-665C9DA401BA}"="{9C55453C-8B25-4946-BCCC-B0145BA4903E}"
"{C42576C1-DFD2-47D7-888D-B0437F4A9EAC}"="{9C55453C-8B25-4946-BCCC-B0145BA4903E}"
"{00E6378F-529D-4739-A5CA-DECA264C50E0}"="{9C55453C-8B25-4946-BCCC-B0145BA4903E}"
"{FE70E08C-B0C6-432F-A3F3-4B2510B63794}"="{9C55453C-8B25-4946-BCCC-B0145BA4903E}"
"{E1DA4B75-60DB-47BC-BF1D-7947BD90E28D}"="{9C55453C-8B25-4946-BCCC-B0145BA4903E}"
"{A0893328-CA93-462D-95FD-6C44AA10B5BF}"="{54D28B01-F3F6-4340-98F6-651BCF2C52FC}"
"{403DEFA3-088D-49D2-AC56-755A456A81EB}"="{54D28B01-F3F6-4340-98F6-651BCF2C52FC}"
"{F03AB299-F4DF-44CA-9562-42D55AA5B521}"="{54D28B01-F3F6-4340-98F6-651BCF2C52FC}"
"{7F1C76D3-B74C-4ED0-B764-67F89C780257}"="{6C9C0E88-308D-4CD6-B219-9FA8470052B8}"
"{185E77D5-B0B3-45B7-9A6D-B20552F1D6BE}"="{6C9C0E88-308D-4CD6-B219-9FA8470052B8}"
"{ED15E5EC-4BAA-42B7-938B-663CED6D75A7}"="{1301BA0C-0957-487F-97A2-997272CA787F}"
"{C158A5B1-39E7-42A2-B464-B49139772454}"="{1301BA0C-0957-487F-97A2-997272CA787F}"
"{C0992FFB-075D-4E02-A29D-558FFFE1A081}"="{1301BA0C-0957-487F-97A2-997272CA787F}"
"{5AE92176-31CE-4E0B-B5FB-73BCB9A57ADE}"="{1301BA0C-0957-487F-97A2-997272CA787F}"
"{123729C4-DA7A-4972-B04E-C88893663986}"="{1301BA0C-0957-487F-97A2-997272CA787F}"
"{1CC60299-49A2-4110-B19B-08F7605B3534}"="{FA84112A-6162-4A27-9798-6656099A07D5}"
"{A76EB7C8-186D-471E-8623-C694E4CC9DA1}"="{FA84112A-6162-4A27-9798-6656099A07D5}"
"{9338A227-0A0D-472D-8705-D3A2786418C1}"="{997F3565-9273-4ADE-ACE4-61E260484290}"
"{6434968E-3D91-43B8-BBF6-40863DD27594}"="{997F3565-9273-4ADE-ACE4-61E260484290}"
"{9D51ABA6-94E9-4226-89F3-84673491DE7F}"="{997F3565-9273-4ADE-ACE4-61E260484290}"
"{C799BF36-3BB5-451D-B0ED-B966390FDAB6}"="{997F3565-9273-4ADE-ACE4-61E260484290}"
"{41DB2D02-F6B9-4B9C-A0CF-657A97FFFB33}"="{997F3565-9273-4ADE-ACE4-61E260484290}"
"{3F8F3AD9-98E5-454C-B99F-96E6656FE6B0}"="{CD142757-C2F6-4A3F-A73D-F9620C20AE40}"
"{587EF3EA-E8AF-4640-9863-05525748DCA6}"="{CD142757-C2F6-4A3F-A73D-F9620C20AE40}"
"{2B45F4BC-C9FA-45B4-8224-DA29D9EACB01}"="{051710BD-28BD-422D-8802-C72BA19F4460}"
"{D51D544F-E493-4A25-9786-750136BAB57A}"="{051710BD-28BD-422D-8802-C72BA19F4460}"
"{86991D91-A0EA-4755-8352-96BD63152B4C}"="{051710BD-28BD-422D-8802-C72BA19F4460}"
"{0BBE3C57-7EE3-4AA3-AE54-5714B2E5E37B}"="{051710BD-28BD-422D-8802-C72BA19F4460}"
"{394DAA91-4FE6-4FD7-A045-A4873E609AFD}"="{051710BD-28BD-422D-8802-C72BA19F4460}"
"{65E23ADC-D545-438E-B699-37258E44ABAB}"="{57541540-FA22-46E9-B429-868609C2C9E8}"
"{810402D9-E675-4B77-B518-CE27066FC7B4}"="{57541540-FA22-46E9-B429-868609C2C9E8}"
"{933DA7DC-7930-407B-8EA2-BC563DAE8247}"="{36C480CA-A28D-4A50-8E24-B4A15D6144B0}"
"{AD0102B8-2CBE-41C3-A81C-9275AAD61B9F}"="{36C480CA-A28D-4A50-8E24-B4A15D6144B0}"
"{35490AE1-AFC5-4EF1-B9A9-9C2DE1D378CA}"="{36C480CA-A28D-4A50-8E24-B4A15D6144B0}"
"{0FBDAA3A-0958-474B-A907-D89CE0050E64}"="{36C480CA-A28D-4A50-8E24-B4A15D6144B0}"
"{2C383EBB-A3B5-42E6-907F-63DF7445F28C}"="{36C480CA-A28D-4A50-8E24-B4A15D6144B0}"
"{4DAD7678-926F-463A-861E-4BB63D30B39D}"="{87C20754-93F4-41D3-8F7E-293B2711F49C}"
"{A74A9CF0-D0F4-453D-B296-57C4FB3DB668}"="{BAAAE749-96EA-4AD9-9062-9EFDA7545258}"
"{80ACC720-178F-418F-B6E3-CC3E8C083B25}"="{BAAAE749-96EA-4AD9-9062-9EFDA7545258}"
"{9E6D673C-E182-4695-A25E-75EF32541960}"="{FEC49275-26C7-4389-95AF-C00D0E8C3087}"
"{D2F03F6C-3AD0-43C2-BE76-8BC26079FD06}"="{FEC49275-26C7-4389-95AF-C00D0E8C3087}"
"{E9CDA016-818D-45DD-9850-5F7425E78B75}"="{FEC49275-26C7-4389-95AF-C00D0E8C3087}"
"{3ECB9FB9-945C-4E9B-A5E5-2CBE3077C8EE}"="{FEC49275-26C7-4389-95AF-C00D0E8C3087}"
"{0419272A-22F6-45E1-873A-B0A509302A88}"="{FEC49275-26C7-4389-95AF-C00D0E8C3087}"
"{B9DA4D00-CD44-400C-BA55-499DF593E10A}"="{528D9FFE-AEB5-4426-97D9-DC11B8B6EB84}"
"{EED38255-1D42-48F8-BB7F-9BA98649A570}"="{528D9FFE-AEB5-4426-97D9-DC11B8B6EB84}"
"{F1C3775E-EDEF-41EC-8B1A-F073DEBED40E}"="{528D9FFE-AEB5-4426-97D9-DC11B8B6EB84}"
"{42738E05-4036-4089-9557-C1B7648BDB1C}"="{017EFC09-E379-4140-B30A-997C8E3403F4}"
"{469CDF8E-AA5B-43D3-8095-4C20BA0F578B}"="{017EFC09-E379-4140-B30A-997C8E3403F4}"
"{35511123-12EF-41F6-B3DE-67B04F7BD8AC}"="{EF6D6A12-37FB-4779-ADAF-75A5AB200C36}"
"{2D27B5BC-B951-41C4-82B0-83817A9FFCDD}"="{EF6D6A12-37FB-4779-ADAF-75A5AB200C36}"
"{0D5AC8FD-B0C9-4AC3-B8B9-0D0A0581DF2C}"="{EF6D6A12-37FB-4779-ADAF-75A5AB200C36}"
"{139C57C3-BF59-438A-8CC7-706C9A4339A6}"="{EF6D6A12-37FB-4779-ADAF-75A5AB200C36}"
"{8F17073E-2193-44F4-9820-29387F13C427}"="{EF6D6A12-37FB-4779-ADAF-75A5AB200C36}"
"{F1A2E8AF-8BFF-4BFF-B1AE-6EFBA714EA0B}"="{2E3BD869-AED6-4D51-8895-3501DAB462CE}"
"{FEDF70E1-67BF-42F3-B8D3-289E72C81EC1}"="{2E3BD869-AED6-4D51-8895-3501DAB462CE}"
"{019B2FFC-79F5-4BDA-B9E2-294A5F99B5E7}"="{DD52E9DF-5287-4C8E-BB07-2BB95E13298E}"
"{042499B3-AF22-4950-8A23-89DA730E3E76}"="{DD52E9DF-5287-4C8E-BB07-2BB95E13298E}"
"{517F9090-D703-4FD5-AD6B-2EB3E49DE642}"="{DD52E9DF-5287-4C8E-BB07-2BB95E13298E}"
"{D79F59E8-479A-4BDC-B0F3-97D095BC894C}"="{DD52E9DF-5287-4C8E-BB07-2BB95E13298E}"
"{E4D04FC1-2D57-4261-811C-332847531AA0}"="{DD52E9DF-5287-4C8E-BB07-2BB95E13298E}"
"{DF865DC1-ED7E-40D5-BB47-E643B190D33C}"="{DD52E9DF-5287-4C8E-BB07-2BB95E13298E}"
"{F8E9E686-D79E-4FC2-9373-9B1413E29617}"="{C96B6CA3-E210-4749-86F2-0D3A58009230}"
"{A16AB67A-183F-4DF5-9802-62F639774E97}"="{C96B6CA3-E210-4749-86F2-0D3A58009230}"
"{838D81FA-801E-4FBD-9FE7-06FCB246ED75}"="{C96B6CA3-E210-4749-86F2-0D3A58009230}"
"{186FE2CC-876D-4EBE-86C8-4F8F08592093}"="{75755467-B832-43FE-99A0-0DC523DE863C}"
"{91ED20F1-F76F-431B-94DE-E5E41B60BA55}"="{75755467-B832-43FE-99A0-0DC523DE863C}"
"{0C80D95E-FA9B-4F5C-B014-83E3DAA3D210}"="{FE798561-759B-4105-A49C-695553287514}"
"{C3F00C1A-9B5F-4638-9E9D-D5D4B4D218EF}"="{FE798561-759B-4105-A49C-695553287514}"
"{F183A3B6-381E-41A9-8B93-B6DABB8211EE}"="{FE798561-759B-4105-A49C-695553287514}"
"{91836B63-53D9-4DEE-8F28-B5BC7CD93B27}"="{FE798561-759B-4105-A49C-695553287514}"
"{AE00176F-4610-4218-A88E-93B14498C459}"="{FE798561-759B-4105-A49C-695553287514}"
"{B14EBBE2-053D-4B96-B97C-B4EF0B3CE745}"="{FBAFEA1A-4399-42C4-A9A7-1C177AF10C61}"
"{5DF6E975-7C7F-4012-9BDA-21429BA12077}"="{FBAFEA1A-4399-42C4-A9A7-1C177AF10C61}"
"{3A2F8D98-5CAC-4EE1-B127-6C8E3F4BA970}"="{FBAFEA1A-4399-42C4-A9A7-1C177AF10C61}"
"{60AC5190-905E-4921-B865-7AAEF5C6BC05}"="{5C694D94-E773-45E3-84E6-80C3E7F9C124}"
"{875C719E-8DE8-4BE7-846E-A1CD92FB6E8D}"="{5C694D94-E773-45E3-84E6-80C3E7F9C124}"
"{C99CA9B8-BFCE-4622-8118-9C7FF78B6365}"="{E9C2A512-5B13-47CA-97BE-2E203D3E7927}"
"{D35B32D6-55E7-4991-9696-1AC59BA31C91}"="{E9C2A512-5B13-47CA-97BE-2E203D3E7927}"
"{4BE342A4-345D-4FEE-B592-465A47FE113F}"="{E9C2A512-5B13-47CA-97BE-2E203D3E7927}"
"{A201EA8F-E847-4023-9EF5-2A5DAA30526B}"="{E9C2A512-5B13-47CA-97BE-2E203D3E7927}"
"{191189C7-5FCD-4DCB-8815-97DAA22C70E6}"="{E9C2A512-5B13-47CA-97BE-2E203D3E7927}"
"{5D064DAE-DC5C-47C3-B32C-72B13D2BC3C8}"="{0094CE62-79BB-45C4-92F4-F3000463D318}"
"{4CD4FCB3-E077-43BC-AF4B-55D1620D54DF}"="{0094CE62-79BB-45C4-92F4-F3000463D318}"
"{EC13DE5A-7793-4C8D-B400-ADE9D287A3CE}"="{0094CE62-79BB-45C4-92F4-F3000463D318}"
"{E7A718F6-923F-4D63-8602-BB44926D484A}"="{948C8BEC-15A7-4E08-ABED-0C5E751B1D09}"
"{7C124753-A8A8-4B13-B2C0-768B4293DBD2}"="{948C8BEC-15A7-4E08-ABED-0C5E751B1D09}"
"{682C23E1-2D26-4B22-80B1-10AD4D4DA1C6}"="{948C8BEC-15A7-4E08-ABED-0C5E751B1D09}"
"{A8AE0AA4-7C01-4F92-88E8-7835CE93D49D}"="{948C8BEC-15A7-4E08-ABED-0C5E751B1D09}"
"{8F72DE12-4B06-4ED9-8978-DC9EDD523D18}"="{948C8BEC-15A7-4E08-ABED-0C5E751B1D09}"
"{ED40F62B-6558-4322-AF44-4150C637DCA5}"="{98294DD7-7D92-4E57-AA8C-55B6C0D4C78A}"
"{45F086E5-6FA5-412E-BC0C-FF7B5694DA0D}"="{98294DD7-7D92-4E57-AA8C-55B6C0D4C78A}"
"{ED5B5377-348F-4631-B009-D518CA6315DA}"="{2D936A6C-9607-4746-A5DE-9AC4D3FC105E}"
"{DBDC30A5-1BF9-43F6-B0A3-3093DA15B59C}"="{2D936A6C-9607-4746-A5DE-9AC4D3FC105E}"
"{A00A59FC-701F-4290-9105-3275F63606D8}"="{2D936A6C-9607-4746-A5DE-9AC4D3FC105E}"
"{207B0E7C-DA15-4EDF-9AC3-54A3FE0DF051}"="{E575BF64-20BD-49A8-B4C0-74E4404F1FA2}"
"{867111D5-8E55-496C-B71C-42F5A1B77C22}"="{E575BF64-20BD-49A8-B4C0-74E4404F1FA2}"
"{4E523946-E353-42FE-8547-CA649C617AC1}"="{E575BF64-20BD-49A8-B4C0-74E4404F1FA2}"
"{7628A297-B444-45A4-B698-87BBB6D2DCC0}"="{E575BF64-20BD-49A8-B4C0-74E4404F1FA2}"
"{D9AFE2E4-752C-4500-8BED-EDB2ED9999F6}"="{E575BF64-20BD-49A8-B4C0-74E4404F1FA2}"
"{C8DB05C5-D602-4971-807D-0BE120C9E723}"="{E575BF64-20BD-49A8-B4C0-74E4404F1FA2}"
"{C71E62B4-07CE-4F5D-AC6F-5453E0F3FD4C}"="{614127FA-B6F6-458F-95E1-BE6A64FF964C}"
"{7D972825-F5F8-40DC-9493-29CB80481C19}"="{614127FA-B6F6-458F-95E1-BE6A64FF964C}"
"{4AA53011-991C-4E1F-B908-EC8C6B256185}"="{A0036D84-0D3F-44EF-8386-3C52C204D445}"
"{B0C1693E-F095-472A-AF94-FF20CA23C0CC}"="{A0036D84-0D3F-44EF-8386-3C52C204D445}"
"{2CE068C0-C5E0-4B18-B011-0DF253DD3437}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{7E7F2EE1-3F21-4DB1-8E28-4D1777D655D2}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{3879AB14-7493-4755-B60D-B696741A3B44}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{377DD732-4609-4017-A7F0-7CEA8FB61904}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{0DF61948-73D6-4A83-AA10-DA62F694A19D}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{3893FF00-DDDE-4B22-82E8-74AA7C4565FE}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{D06CF57D-DC2D-499C-AD98-DFAE14BF97A3}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{770B1719-EA34-4DBC-8E9A-C0C95D456930}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{D660869A-DE16-4D1E-A255-FA2AB2339F6B}"="{BB8F791F-4FE7-41E7-A265-5F95DC4295DF}"
"{D43E8652-6873-4E55-9338-D9D1FD63F3E5}"="{BB8F791F-4FE7-41E7-A265-5F95DC4295DF}"
"{0D8F5CD1-3682-4390-AEB8-E7F4551B87C5}"="{BB8F791F-4FE7-41E7-A265-5F95DC4295DF}"
"{53E6669D-DEC7-4AB5-94EA-732954C58843}"="{BB8F791F-4FE7-41E7-A265-5F95DC4295DF}"
"{19FC04B6-44D9-4B5C-8888-F23A5376B89E}"="{BB8F791F-4FE7-41E7-A265-5F95DC4295DF}"
"{824B1D1E-3C24-4C8A-B480-9914050D908C}"="{E5AC69A9-8414-421C-96EC-8B87D82070A2}"
"{DD9B56AB-B698-4930-A4F2-68C1812DAD60}"="{6AFE8BFE-7468-4C06-962A-1CE9AFACA446}"
"{647BEF2D-A54B-4EFB-AD65-A2616F0067BB}"="{6AFE8BFE-7468-4C06-962A-1CE9AFACA446}"
"{82CEDF35-E131-4549-85E9-732BD3C9D3EB}"="{E7E76A21-6E5A-4662-B40E-A4975B7898B8}"
"{73953AD9-0CE3-439E-86B4-EE6F2FBD998A}"="{E7E76A21-6E5A-4662-B40E-A4975B7898B8}"
"{0CF607D1-E448-4968-80A8-5F7B740C644F}"="{6AFE8BFE-7468-4C06-962A-1CE9AFACA446}"
"{51D5A7E5-4E01-46F9-A9D5-C02D5C856E46}"="{6AFE8BFE-7468-4C06-962A-1CE9AFACA446}"
"{E999F83F-91B5-4D40-9127-C620B82A4E29}"="{6AFE8BFE-7468-4C06-962A-1CE9AFACA446}"
"{05ADB82A-A723-4BE9-B25B-FB1CAD8A4EF1}"="{1B0FCD74-5D6B-43C5-AE97-F365BEA81805}"
"{97025A50-B365-4468-8F06-D52EC1574303}"="{1B0FCD74-5D6B-43C5-AE97-F365BEA81805}"
"{DB2473EC-C66D-4A5F-922C-4FFF4579D7BA}"="{1B0FCD74-5D6B-43C5-AE97-F365BEA81805}"
"{676989C8-7DB3-4874-932B-76F494AC8F0D}"="{9F5E6236-5B5D-43EA-9585-3ADAC77CDA3F}"
"{17400A54-C858-4000-835C-716A05732BB5}"="{9F5E6236-5B5D-43EA-9585-3ADAC77CDA3F}"
"{77D2078D-DF5E-4191-B3EC-1075B1BF7861}"="{9F5E6236-5B5D-43EA-9585-3ADAC77CDA3F}"
"{56CF2E59-0FFE-4141-AA90-A9C930A116CD}"="{9F5E6236-5B5D-43EA-9585-3ADAC77CDA3F}"
"{32242B87-749B-49E8-9A41-9CE9CE2C8D87}"="{9F5E6236-5B5D-43EA-9585-3ADAC77CDA3F}"
"{2D82B246-CD3B-4D5A-A907-C5D26E6CF2ED}"="{27490EB8-8677-43C0-9B26-14B5A99940C0}"
"{7F185544-087D-41CF-8E1C-A56B6118D90E}"="{27490EB8-8677-43C0-9B26-14B5A99940C0}"
"{38C4A361-7B07-4D7A-B6A5-6AA27B051375}"="{FAD49C4D-55E3-40CF-80CE-F1523C2BC039}"
"{37566B75-AB65-4094-8172-29F5ABA66A8E}"="{FAD49C4D-55E3-40CF-80CE-F1523C2BC039}"
"{C2114544-D3F1-42F4-B4F5-9DAE1C4D6BC5}"="{AC697A5E-9793-4B28-8825-D77D8A99F08C}"
"{BA5EE57B-1069-474D-A843-EC3ABEEF53A1}"="{AC697A5E-9793-4B28-8825-D77D8A99F08C}"
"{646D097E-FF10-42EA-8A92-04A58184F108}"="{AC697A5E-9793-4B28-8825-D77D8A99F08C}"
"{FF070484-31A3-46DD-9110-A843C4ECD57C}"="{AC697A5E-9793-4B28-8825-D77D8A99F08C}"
"{EBFD756A-B895-4237-B310-F601C95E5669}"="{AC697A5E-9793-4B28-8825-D77D8A99F08C}"
"{47006AD7-3C3E-4177-B8A0-D8005A900275}"="{67160C80-5C38-4E5D-BA06-7731793EB3F0}"
"{BBD176FE-0FCC-4723-921F-F67FC8ACB185}"="{67160C80-5C38-4E5D-BA06-7731793EB3F0}"
"{F714FB6C-7E30-4441-8C78-DC978C4630FD}"="{67160C80-5C38-4E5D-BA06-7731793EB3F0}"
"{1C6B8D51-CD2D-4861-ACB8-3E670187B81E}"="{02F454FA-6D4C-440F-BAA0-D9FBBED57462}"
"{05943DDF-C0F0-4A2F-98EF-70E26EB7E4C1}"="{02F454FA-6D4C-440F-BAA0-D9FBBED57462}"
"{49E77C0A-A1E5-4887-8B1F-F20788848448}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{D2706F53-C27D-4E4C-BD53-13D1EDA011CB}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{4AF8E1D6-6B7B-4C84-9F6A-2A5E3BDDD079}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{CEBDABB7-0263-42C1-B760-1C065F60FAA5}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{A0221D97-0023-4D8E-89AA-FFBFB8A355D6}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{A4E4E7C1-C51B-45AA-889E-1D17A427D93D}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{9BD7900C-64AE-4012-89F5-DA23472DFF78}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{614ED7A1-2535-466C-AE62-42474706D9F1}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{F815BD12-172E-4C33-997C-8834D1A4444A}"="{DAFA071B-79BB-4B5F-B4EE-7D788F898364}"
"{4B3F3B78-7A5A-4ECB-9047-53379602EA41}"="{DAFA071B-79BB-4B5F-B4EE-7D788F898364}"
"{A13C8724-836C-4E5A-AC6E-1BA73BD2B93A}"="{DAFA071B-79BB-4B5F-B4EE-7D788F898364}"
"{EBBA00E6-9137-4BCB-8EFA-78F76696ED34}"="{238BE142-9BB4-4418-A804-8123FE1719E4}"
"{7132834F-C55D-4A9C-800B-32BE843CB3DE}"="{238BE142-9BB4-4418-A804-8123FE1719E4}"
"{C91C8C4E-2859-4762-864A-87405EEC43F9}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{6E4F0C11-150B-4E0B-8FD8-8A929EFB17FF}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{07277AE9-5D79-4C90-9BDD-B56747142A7C}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{CC730AD2-D1AD-426A-81E9-FCC834996BF5}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{0D4A2782-C93D-492B-B59D-F0C38CB93681}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{5B85E984-1E21-424A-AA2A-AF0A1E011F56}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{914841C4-0E96-4C28-AC0A-3C59C00B852C}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{22DD41ED-A661-45FD-BB06-F37AE312B3C5}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{C9FF3539-C40C-4157-896D-3ACCD586C17A}"="{B899466F-A149-4C19-BE4C-82F28E78C90C}"
"{513B3722-5E12-4BF7-8B74-401D7CD108D4}"="{B899466F-A149-4C19-BE4C-82F28E78C90C}"
"{1AF9E027-D20E-4493-9C52-3FEE80F2D85C}"="{B899466F-A149-4C19-BE4C-82F28E78C90C}"
"{448EAE52-64A9-4AE1-B692-8919FD98719B}"="{CD70742A-A310-4A83-AA3E-9EE6C713699B}"
"{E1DB68AD-8072-415C-ADDB-BE20DB38D222}"="{CD70742A-A310-4A83-AA3E-9EE6C713699B}"
"{6C310303-1AD6-4871-8DA9-FC5AB66CEF24}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{0ECCC5DE-A027-44F1-8F7F-2FBA34A46838}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{B6E4AF96-48C2-4ACA-9A16-6A08A0CDC37E}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{6B62AC2C-A0A1-4328-B0E4-0CE4B8031111}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{F041CADE-1427-443D-94D4-2D488EEE9903}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{DBD6FFC1-E51D-4561-A8B1-A3E761CA9000}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{52F428C6-3024-47FA-A6AD-820CA6637278}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{465533BF-8BCA-4B90-B8F5-6170F6236890}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{7E1A11F9-8015-4070-BA3E-7D1654DE0298}"="{910B8A31-95E6-44FC-8646-793F2B600259}"
"{E25FC7C6-FA91-458C-94D8-E722AB2FCFE3}"="{910B8A31-95E6-44FC-8646-793F2B600259}"
"{69D52080-40DB-41DD-B790-0BDE045EE7BA}"="{910B8A31-95E6-44FC-8646-793F2B600259}"
"{FF732987-8AB7-4C95-827A-BFB97BFBD12D}"="{BD873650-4B10-4C8E-A67E-AF79BCD40C4B}"
"{C125DD96-7711-495D-8430-3FE1690C044D}"="{BD873650-4B10-4C8E-A67E-AF79BCD40C4B}"
"{1098AA54-C745-4960-B488-08451B7A474C}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{2A474596-490B-408D-BE96-FF7A6B48F504}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{F88A0270-8643-49C5-8975-8CB2B1D78A12}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{1A7C8DF8-BB7A-4992-A83D-BCDB32E7BFF8}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{839522E1-EEA9-4CF8-B81B-E41E38F968AC}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{EA8B004E-FE7E-4731-942C-86B8040E3540}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{1C5FBE02-FC02-4439-9025-7D0EF1CA8D5B}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{DC22A8A7-6F42-497C-8AA5-CA5923132B2D}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{CA8BFE53-F13E-40CF-AE2C-ECB5B4DC56D4}"="{5F753B33-D188-4B3A-B4C0-76FE707F7296}"
"{28528495-E74F-401D-B7DC-575FD4600665}"="{5F753B33-D188-4B3A-B4C0-76FE707F7296}"
"{A5FB7118-C25E-44AF-BC4D-B6C5BE5C13E1}"="{5F753B33-D188-4B3A-B4C0-76FE707F7296}"
"{055DCE49-33A1-42B4-AD2B-C76BC0C2CF2B}"="{9E9753B3-A361-4E0A-8CCC-8B9380E6AC23}"
"{A8A895F3-7994-4F11-A1AC-6A0841C9402E}"="{9E9753B3-A361-4E0A-8CCC-8B9380E6AC23}"
"{936C6132-90AD-4417-BDA3-A2500F0C5AC0}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{833E5685-3EA7-48B1-A265-597158CFDCE9}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{E523B77A-86EB-4F15-A82E-34594651B37F}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{DFBE23C8-CCAC-460B-86D2-B88970B4ACB6}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{78E911D8-7ED6-49F5-9580-6099D0A5D6EE}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{FB081C8C-FED2-44A9-80EF-AAD23D06EE74}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{2335624F-29C8-4DC6-97D6-6FFAE5703F33}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{C1090242-1B85-4BE8-BB93-4B5BB0B54E2E}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{21C9E2F8-142C-44D5-87BA-3FF8094747E1}"="{2E2B80DF-C5A9-470B-8C6A-32DF00432964}"
"{E5CF211C-AC4A-4D6E-BFA8-685134FB1983}"="{CFC44A84-D2C6-4152-BAEA-28C973FE3E14}"
"{B6C8DF73-4C39-4F95-8B43-E2382736079A}"="{CFC44A84-D2C6-4152-BAEA-28C973FE3E14}"
"{CAE9506B-84C9-4065-9AA9-1897A7CD18CD}"="{C100DD80-C740-49D5-BECB-215C7C9B00F4}"
"{2D926FFA-178E-4E17-90EB-69316A80FC8A}"="{C100DD80-C740-49D5-BECB-215C7C9B00F4}"
"{D053B201-ADD4-40C8-9A44-2D5D7ED1A201}"="{C100DD80-C740-49D5-BECB-215C7C9B00F4}"
"{A3092916-1B06-4BFF-A054-3DA19CA9D593}"="{C100DD80-C740-49D5-BECB-215C7C9B00F4}"
"{A3F82B63-E63A-4E02-9ABA-3CE6577C2578}"="{C100DD80-C740-49D5-BECB-215C7C9B00F4}"
"{59EC1962-7C7B-4B2E-B792-159EDA04DCA3}"="{33216227-AE1F-4BCA-839C-0D3DCECDC56B}"
"{EE4E5DFD-22D3-4D9F-8501-FDF2BEA13D9F}"="{33216227-AE1F-4BCA-839C-0D3DCECDC56B}"
"{70AC2DFF-7F6E-4A59-956A-2148B896FE52}"="{33216227-AE1F-4BCA-839C-0D3DCECDC56B}"
"{98EC01A3-3509-4E8D-B415-F2B5DA65187C}"="{BBC45557-D3A0-4968-B31B-A1DD6EE48F5A}"
"{D087E2D5-11C2-4211-9B06-305FF3F0DD11}"="{BBC45557-D3A0-4968-B31B-A1DD6EE48F5A}"
"{AE232A9F-42CB-450A-BCAA-FCB71767F4EF}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{3B4138A3-D261-4604-8139-30C4DDB7F269}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{B862EA5C-3806-47A2-8FB8-E21DDBD42154}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{DC4858A1-1DD6-4DB8-9CB8-E4566B958A8A}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{B527E0DE-D6EA-4C95-9CF3-E72B4589184C}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{02796C73-D9A2-4A92-A97B-300DB615B686}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{0D56273B-C961-4490-956A-011013061F4D}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{768D2D5F-7E45-4194-B2A9-AADDD5F59271}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{FE94199C-F95B-4211-A3C5-986D9B73D990}"="{17DB7ADE-C558-401C-9A3F-7FA59D54A8B2}"
"{AEC3641F-140E-4BFE-9A8A-BC29530EA32A}"="{17DB7ADE-C558-401C-9A3F-7FA59D54A8B2}"
"{8432C32F-FBE0-466C-A620-BA7631E41EB5}"="{17DB7ADE-C558-401C-9A3F-7FA59D54A8B2}"
"{BBAF1D72-C613-4BB9-8E02-8CCCCCB74885}"="{ABC394C7-253B-4CDC-90C5-C3272B1F90BD}"
"{4D42B1AD-C3AC-4543-B31D-30D660E42170}"="{ABC394C7-253B-4CDC-90C5-C3272B1F90BD}"
"{65389FAC-5C56-42F9-89A3-E62CB4E85F24}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{2DC71DBF-8316-4D64-9DE3-7FB0B46E056F}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{0262BAE7-5292-4CF7-AD97-4701C75A41FC}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{4558F1C7-C202-4F78-9BEA-C66F4A73DC0E}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{82E5F2D9-9DC3-4B59-A8B4-1AC890A4D9C7}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{39738C8E-29FC-4DE9-9419-7446BF8289E7}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{246ED2D2-D88C-413E-86ED-9AD3C209AF5D}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{14DE47C2-22A6-4621-A0F4-31EDFEF86F2A}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{04413D01-E7F0-4C10-8473-23E25E5833FC}"="{BD59FB9C-98C9-49FA-AF29-3EEEA1595BE6}"
"{83DDBA60-A945-4E0B-A177-E88388AB009E}"="{BD59FB9C-98C9-49FA-AF29-3EEEA1595BE6}"
"{2A08795B-13BE-46E3-8D63-0F3DD38879CD}"="{B56398C6-C461-4AE5-8DE7-A2A69678979D}"
"{6B372822-2D9A-449B-8070-310872C003ED}"="{B56398C6-C461-4AE5-8DE7-A2A69678979D}"
"{713734A0-E2AB-434E-A8BE-3B67148C65BE}"="{B56398C6-C461-4AE5-8DE7-A2A69678979D}"
"{7ACF6C4F-2E42-4B91-BD91-679CDA224476}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{74D9D2BE-1C65-4382-B0FD-A3858D287F32}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{BF6036A8-3DAC-408D-BCF0-DD6378E0EBDA}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{47404449-43E8-4ED1-BC81-AC97D572A449}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{646DAE25-1CC9-4297-A22E-FD07867B47D8}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{D4691E25-F864-4E9B-AD52-00DBBE274950}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{7D14D084-B06C-4883-BC6A-CA56C44DC606}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{0F033C6E-3859-4067-8F3B-34BE3E4DFEF3}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{2C8003DC-FAAF-40A2-957B-69D393F0A7EF}"="{6D72DE4C-EF5C-4EB3-9F1D-7422E845B2BB}"
"{18809CD4-F5BE-4604-B751-25C08ADECF6D}"="{6D72DE4C-EF5C-4EB3-9F1D-7422E845B2BB}"
"{B555FAB0-685C-4514-A7C7-E0BFDB48E046}"="{6D72DE4C-EF5C-4EB3-9F1D-7422E845B2BB}"
"{CE1F2739-E14A-49E4-9F82-2B769E042E77}"="{391E29B7-3037-4AB8-B238-5AF828B16AB4}"
"{ADE245CD-10DF-45A7-99B3-250EAB4BA4B2}"="{391E29B7-3037-4AB8-B238-5AF828B16AB4}"
"{DB85F002-CCA2-4503-B530-CA26E46FAC7E}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{2D4CD886-906F-4163-AF36-73D8019EE3D6}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{B30E7C13-8EAF-49BA-B7AE-A7EFC9248457}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{0A85928C-14C9-4343-BA45-B7D1DB82F080}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{9ACB9632-E823-4D51-B1D5-28608DEACBD3}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{9B201D22-F04D-465F-8140-3C625F3EC58E}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{D7A640A8-641F-4185-9338-D68E6EA1FB5A}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{29AC4BBF-D82C-41BF-8AD2-127BBCBBC616}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{789B93D8-09D7-47CF-90BE-D023E500F7CD}"="{2D69BA53-72CF-4663-B8D8-32D40B6F581F}"
"{0BCCE404-75B9-4CA7-A9F7-62DA530870AE}"="{2D69BA53-72CF-4663-B8D8-32D40B6F581F}"
"{B22AE220-81FB-4F25-8080-DAA9A44F1B5A}"="{2D69BA53-72CF-4663-B8D8-32D40B6F581F}"
"{0DC4770B-3C91-43B4-9136-D7B49ACEF5E2}"="{50C8170E-79DA-49F0-B5B1-48BA82357D83}"
"{9C75AFE5-1EBE-46F1-A918-B219FC1DCF3F}"="{50C8170E-79DA-49F0-B5B1-48BA82357D83}"
"{A52FB15D-F1F5-456A-9752-5D46159D2030}"="{2CFE0A15-CDCE-4978-8639-99D5697F51D8}"
"{F52C8A55-C1D6-46D8-B1F5-64C7339F328F}"="{2CFE0A15-CDCE-4978-8639-99D5697F51D8}"
"{0E966F50-8447-48A8-95BE-3FD2D8FBBB82}"="{2CFE0A15-CDCE-4978-8639-99D5697F51D8}"
"{22A2094A-8CFE-4A7A-8F14-B13BF9C995CC}"="{2CFE0A15-CDCE-4978-8639-99D5697F51D8}"
"{DB19E559-906C-4221-8CCD-90E57866474B}"="{2CFE0A15-CDCE-4978-8639-99D5697F51D8}"
"{41D4FF75-4D11-4F03-A339-E42FEE71CC29}"="{7F0F8DDA-A104-440C-BA3C-34141F35126A}"
"{F7F279CA-DDFB-4A6D-96CD-B7C7C2D6137C}"="{7F0F8DDA-A104-440C-BA3C-34141F35126A}"
"{67EB6487-654C-43B5-801D-9264E2F325D8}"="{A3F1E27D-7AD4-4ADB-98E0-12F92AF81C95}"
"{88E96299-F096-4DC4-8481-54A8D5D9163A}"="{A3F1E27D-7AD4-4ADB-98E0-12F92AF81C95}"
"{3081FC38-9FA7-4F8B-821C-81DEA10F6D65}"="{94E19B14-45B2-41EB-ADC9-F8305E222D91}"
"{EB6FCFEB-4FEE-4527-BB32-0F70B29D3F40}"="{94E19B14-45B2-41EB-ADC9-F8305E222D91}"
"{46D2B353-0645-4387-B688-F35CCF9F1D49}"="{94E19B14-45B2-41EB-ADC9-F8305E222D91}"
"{3939155E-F29A-48F5-AAD7-4BADB37B1DBE}"="{94E19B14-45B2-41EB-ADC9-F8305E222D91}"
"{B9758959-DB41-45A0-9DED-D7F3CD60A615}"="{94E19B14-45B2-41EB-ADC9-F8305E222D91}"
"{5F135811-B325-484F-B7A5-ECF87179E758}"="{14088C6F-3664-4264-A07B-D6DC3B8691C9}"
"{8844A2D8-5FBF-4F1F-840B-595371A0DBF4}"="{14088C6F-3664-4264-A07B-D6DC3B8691C9}"
"{ABF29DEC-6A32-4970-A243-16B4E82BB59F}"="{14088C6F-3664-4264-A07B-D6DC3B8691C9}"
"{A42141DA-BD49-44BD-9807-EB32E2270C4D}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{C4CE52E8-3C93-46FC-AEC1-83799F754DF0}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{774D0066-4EAC-49A4-8DC8-552B41D4BBA6}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{261CA942-68FE-4FE6-94B5-7891DE9605CA}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{65D0AFF8-DAF6-48BE-938D-67DEF8EA6602}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{BC15812C-ABF8-4269-9915-362CDACB2C62}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{6D833695-F2FD-4CAD-8396-A822F318955B}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{9CDB1660-D609-42BA-B346-2D2A2D1305A6}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{B4B4C02D-90C4-4313-B030-B21E4DD68B3C}"="{A3860E7E-1F33-407F-A1B6-2486655CFB43}"
"{448DCF6C-FD66-4B60-A79D-D56E58A31772}"="{A3860E7E-1F33-407F-A1B6-2486655CFB43}"
"{B21E2AAD-D51C-4DDA-92CC-B9714B00C733}"="{1E478287-3FFA-49B2-B0DE-59C422C9C937}"
"{49B7E2A8-1ADA-4C00-B214-2F6F013EEDBF}"="{1E478287-3FFA-49B2-B0DE-59C422C9C937}"
"{7ECF0251-FB72-4ED4-828D-8AE2175FBF94}"="{1E478287-3FFA-49B2-B0DE-59C422C9C937}"
"{49420A61-2188-4989-8539-41BAC70A8B75}"="{D2F94D66-57E7-4267-9628-CDA206B8148B}"
"{C3F7135A-B8EA-4588-8E6D-4B128BFBAED3}"="{D2F94D66-57E7-4267-9628-CDA206B8148B}"
"{FAB55FE5-9752-487E-A909-83E41EE3791E}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{E0537022-874E-4074-B211-EA268EF484FB}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{1098C90F-064E-4B0A-B6B7-5EEF15212B6E}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{EC003826-D4AC-4273-B3CE-34AD867E9EDB}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{685CA88B-9702-419D-AD48-7EADA6D3E22F}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{96827657-349B-41E4-9946-7A823DF24F6F}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{6A0A0229-4BDD-416F-8862-D26299AF4103}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{AA378FDC-FC2D-4F75-9079-CDE58C83763E}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{0B09DDEE-BE84-4E4B-8EF2-55163D2272DB}"="{0297F0CA-3A98-48FA-AF0F-BBB37F797A15}"
"{45B445C5-0E2F-42A9-8585-B244C7DB9AF2}"="{0297F0CA-3A98-48FA-AF0F-BBB37F797A15}"
"{A956A538-8556-493E-987D-032684DA3FFC}"="{40F336AA-2DEF-4BFD-A916-E9541838B742}"
"{124C4BBB-022B-4002-82CF-83CC0F5323AD}"="{40F336AA-2DEF-4BFD-A916-E9541838B742}"
"{3E8AE868-937B-470F-BAF5-51918B32C685}"="{0297F0CA-3A98-48FA-AF0F-BBB37F797A15}"
"{4595C60C-059D-4610-82D4-BF555F39FA8B}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{7B1922B0-AE8A-4D10-96E6-58BBECCF1C99}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{37814041-0174-4D82-A511-04F750AC154C}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{294D4FFE-1E13-4BB4-8351-17E8AEEF19D4}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{D892C988-736B-4AC1-8C05-69705C62863C}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{A1A7B685-B2F7-4669-9616-661A4B6D23D9}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{5F5ABC2E-1519-4296-9DF3-1AF97B8A7BF6}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{42BB2C30-F85C-4646-B98F-E8DC1EA381ED}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{E0CD88A1-D5CC-466C-9EA7-F558DFE77FFF}"="{F2033916-E0C7-4E3D-85E8-C305A4833CF9}"
"{C3085D0A-3339-4E73-9BF4-E79AB026F573}"="{F2033916-E0C7-4E3D-85E8-C305A4833CF9}"
"{DC37DA4E-A0DA-4228-8F70-02C3C89926A9}"="{74392E45-9992-48F2-BB7D-1568110C0BBF}"
"{00FBC8D6-84E0-4EBE-BE0D-3ED2A60FD350}"="{74392E45-9992-48F2-BB7D-1568110C0BBF}"
"{A20FD829-126D-4295-A981-EB18074C2A0D}"="{74392E45-9992-48F2-BB7D-1568110C0BBF}"
"{CA1CB2B6-DD03-4A6A-89CE-DF2B610DB999}"="{74392E45-9992-48F2-BB7D-1568110C0BBF}"
"{F3895717-F5C5-4342-88BF-3650AEEECE90}"="{74392E45-9992-48F2-BB7D-1568110C0BBF}"
"{84906370-1F02-4AC4-8614-144D7B53505C}"="{AA4DA560-2123-4DD7-A084-D5137A43230C}"
"{019CA4BF-4C13-4019-84D4-774AEC364332}"="{AA4DA560-2123-4DD7-A084-D5137A43230C}"
"{F29828C8-4F5D-40FF-8B58-3CA3FE6EDF09}"="{AA4DA560-2123-4DD7-A084-D5137A43230C}"
"{361B1E1E-18A1-4F55-B3BA-ECBEFB218303}"="{56C4A16F-6818-44E9-8452-2DE8B9AD6225}"
"{BFE883A8-1538-4599-9AD7-D0B995056699}"="{56C4A16F-6818-44E9-8452-2DE8B9AD6225}"
"{6BC75E94-2A54-4AFA-8B28-B70A0301A405}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{5B5A4AB1-67F1-426F-AE7E-3625CD9A9741}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{82AB07EA-2F45-4C64-AC36-915319398BCC}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{4EF8AE39-EECB-4701-8E53-3740E5723ECE}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{8BF7BB32-3A30-4A81-B647-A9174C02BA60}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{C2A2D45F-45BD-471B-8F63-ECBAB9568ED4}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{34BEA3EB-3D15-4AA5-B1B4-AA35CF077CFF}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{149EE642-ED30-4A28-BA0C-9F0E166F9ACB}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{6450AF8E-5669-4830-B09E-97EAE4783DAC}"="{29BE8FBA-2DE5-4AB4-8225-E4481B6709FF}"
"{DA957AE3-BBE8-43CF-923E-1DCB905E4D4A}"="{29BE8FBA-2DE5-4AB4-8225-E4481B6709FF}"
"{EC8B61CD-468F-47D4-8AE3-FE9C4FBACEB1}"="{29BE8FBA-2DE5-4AB4-8225-E4481B6709FF}"
"{49AA2AD2-246C-44D4-9382-BF613C3E6142}"="{E8A99C93-3E77-4E05-BC9C-D52AB03903EB}"
"{3B0438EC-651D-43E1-AFBB-94969DDE9331}"="{E8A99C93-3E77-4E05-BC9C-D52AB03903EB}"
"{EB929DBE-BBCE-4581-808C-7A500180EE00}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{052A04CD-505C-4A6C-A98A-CBFF1BBDFAAB}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{885810E6-A333-49C1-BA9E-4EA0F73EB424}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{E235F7BE-91C5-48FF-A908-9A3913DFCDFD}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{E153140E-006D-4EA4-B02E-E3BEFD5EE4BF}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{2DA4C0BD-C51E-4598-9912-B6ACC2FFA91A}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{1CD4E72E-8A90-4F9F-8381-12884DD4DBB3}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{015ABA7E-88CD-4F05-9462-2BE757814CEE}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{BFEDD8E8-AB84-4E19-B1CA-2906B7B32875}"="{53A5C383-A8F5-425B-AEFB-B4BDE46C6A99}"
"{89011185-44B8-428E-B988-F4B4373753FF}"="{53A5C383-A8F5-425B-AEFB-B4BDE46C6A99}"
"{EBC0E9ED-2F56-4CEC-A896-6353637B19AA}"="{53A5C383-A8F5-425B-AEFB-B4BDE46C6A99}"
"{5800BCC7-716D-48C0-ADAB-6921BF946897}"="{2E51661B-86CF-4ABC-B205-DA944BC2B94D}"
"{27F960EC-8AF4-4CE8-8C43-D8D75EC534E4}"="{2E51661B-86CF-4ABC-B205-DA944BC2B94D}"
"{28EE6B27-4ECC-4989-AE82-061480C9E50D}"="{01F95042-294F-4798-93E2-31AC8ABB054F}"
"{6752E8D8-59A2-47C1-B759-DA22265D505B}"="{01F95042-294F-4798-93E2-31AC8ABB054F}"
"{77DE0315-6C5E-4DAE-99D9-6B18179A53D1}"="{6FFBD8B9-3AB4-4932-9C0A-0298C16F22F3}"
"{B6AAD151-5708-410B-9121-A0B9EE7E4A98}"="{6FFBD8B9-3AB4-4932-9C0A-0298C16F22F3}"
"{A2968EBB-2FE1-4FCA-AD09-AF6E9E9E982D}"="{6FFBD8B9-3AB4-4932-9C0A-0298C16F22F3}"
"{0F604FE4-0E0C-449F-9FA2-08F4D83C4F35}"="{6FFBD8B9-3AB4-4932-9C0A-0298C16F22F3}"
"{77610434-3AD9-4B90-9D69-10BBDECFEF20}"="{6FFBD8B9-3AB4-4932-9C0A-0298C16F22F3}"
"{3F6D5C56-69F6-48B0-A114-4C0D40AE4306}"="{E38EAD64-11B6-4758-A64B-AB5236FD81B1}"
"{D3829C59-9994-47D0-A6F5-36977937F526}"="{E38EAD64-11B6-4758-A64B-AB5236FD81B1}"
"{F150B48C-1318-4541-82A4-FD149E3825EE}"="{E38EAD64-11B6-4758-A64B-AB5236FD81B1}"
"{61F14932-DF8A-4ABB-98D3-571572B77BB2}"="{444B9C0F-6F7F-4CE2-B01B-379980F336DB}"
"{51AE48BA-C8B7-4DD2-BB5F-C9A080504BC7}"="{444B9C0F-6F7F-4CE2-B01B-379980F336DB}"
"{DFAD3B38-171C-4834-9DB5-F93B609651C2}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{8B44792A-35D0-43D8-8CA2-8162A2D38CA1}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{54EC886C-48C4-4A90-8165-511F5B00D026}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{E93B1ADC-96C6-482E-82BE-3E82053A1809}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{6DF4844B-4C94-4571-8826-1A942E4D0A1E}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{87085F46-0665-4E8C-85C6-2DEBF9C91F19}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{4C16B332-52FE-4D4B-8CCA-2638F9058986}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{07078797-E199-4A19-8B78-15B707A87213}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{2903FF09-F8A9-4F98-B9D0-97F6CF7F0B59}"="{0A6A688C-64CC-4B57-B505-7A63F8143EFF}"
"{3D73A879-754B-4C58-8B74-886131162AC0}"="{0A6A688C-64CC-4B57-B505-7A63F8143EFF}"
"{30F188C1-2FF0-47AF-BF96-C97ECFF74144}"="{0A6A688C-64CC-4B57-B505-7A63F8143EFF}"
"{11BF9378-6F0A-4922-B15E-4D93B8D317AD}"="{06E58B7C-205D-458C-9EB3-0053EE1CDB1A}"
"{A6E0D551-CE33-4592-B4CF-C6AEB80E2FA1}"="{06E58B7C-205D-458C-9EB3-0053EE1CDB1A}"
"{995B5A1D-42DF-425A-A01C-30DFE8A4F951}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{5C1EFBD7-1A2E-4E13-9D9F-A16579312CCC}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{4CEDFF4F-8027-49E5-ADDA-D1696CC01451}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{93751D86-2C1C-47DC-BF19-FC83FF98283C}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{BF8BDB16-F5D0-4350-91CB-22A809F0C8AA}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{3F106879-2D21-4211-ACED-DF51F823786F}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{AC538D3A-1156-477E-B710-B178D4DB4D63}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{26E6A52E-ED1D-4A1A-9229-ABB9D58B3B19}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{19780152-EC88-4A15-8DCF-EF69FF633690}"="{20340A5F-56E0-48EB-88A5-D34F7B9B8F6B}"
"{875B55AE-53C4-4A8B-8463-542BCE71FCBC}"="{20340A5F-56E0-48EB-88A5-D34F7B9B8F6B}"
"{00AC9506-9C77-4DF1-8AC3-3FB88FB4123E}"="{20340A5F-56E0-48EB-88A5-D34F7B9B8F6B}"
"{DB62AD6D-0EAE-44EE-9FD7-8CBF3DB98059}"="{CA1243D4-73D9-4B4B-B971-12E41731425B}"
"{27A2CABA-6CB3-4DB4-B59E-CBDB8B32AC77}"="{CA1243D4-73D9-4B4B-B971-12E41731425B}"
"{ED0A2EFD-2742-4CC9-B853-0F3AC064DC4E}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{E8C153AE-8D92-4EAF-AAA2-356272D7A5BA}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{9A04A597-D4AE-41C3-901C-519C6B38767A}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{8AFF5C52-F75C-4624-8A28-163E8B268E27}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{2E86FFA0-D7CB-4883-BE0C-6443DC677B59}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{BB054723-4CE9-48FB-90D3-9419591B5EB5}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{72D403AD-362C-4FF0-AE0C-483AEADC0A6D}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{4E0A6EB7-6D35-4093-8B29-7690568C1BAA}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{7C2B62C0-45F9-4491-8C51-B6AAF6A6F6B0}"="{C8C70070-15F9-43CC-8078-4DE0A8AA5D33}"
"{CBC8CB30-718C-4939-98F9-546E3EDA100D}"="{C8C70070-15F9-43CC-8078-4DE0A8AA5D33}"
"{E778172B-9689-48E8-B56F-BE92E78EBE1C}"="{C8C70070-15F9-43CC-8078-4DE0A8AA5D33}"
"{3D58AE93-2C4D-4920-9D3F-27B628A7FE7A}"="{E9FA7041-BA27-4DB1-8238-1427E2C0F612}"
"{2B72C666-AB6E-42B3-A436-B14C5F9A7C44}"="{E9FA7041-BA27-4DB1-8238-1427E2C0F612}"
"{73154978-63D4-4D29-B239-CDEEC1EE2D7F}"="{AC040E88-ECA5-425F-8A7F-678DB10F3492}"
"{60E6FC55-6CC1-4A5E-B97F-1F7EB33241BD}"="{AC040E88-ECA5-425F-8A7F-678DB10F3492}"
"{E823FB04-B13F-4B14-8619-26645D6150DD}"="{AC040E88-ECA5-425F-8A7F-678DB10F3492}"
"{6D2372E5-9C9B-4021-9F03-B9F5074C444B}"="{AC040E88-ECA5-425F-8A7F-678DB10F3492}"
"{BECB43B3-AF3D-46CC-BFD7-AE78D8A8B604}"="{AC040E88-ECA5-425F-8A7F-678DB10F3492}"
"{9453F5EC-590B-4145-A37C-72A32FEE0102}"="{A6420269-9244-4240-9781-A897369FB498}"
"{C6D4C0FB-74B9-4032-9728-A08737088104}"="{A6420269-9244-4240-9781-A897369FB498}"
"{AD52C911-6703-4AF4-80FC-FD62E3B17E16}"="{A6420269-9244-4240-9781-A897369FB498}"
"{BDFBBD87-39FE-462D-BA42-02AA8F6D9770}"="{23064D50-4BC4-4251-A5CE-A35F478B3C87}"
"{04B1B0D6-C848-46C9-A246-4D11B0678005}"="{23064D50-4BC4-4251-A5CE-A35F478B3C87}"
"{2D89CAF5-7469-4147-A9CB-D08BCCB7F852}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{763D21BC-3F9A-4BA2-8C87-4AC62D514974}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{67D50DAF-9BAB-406D-AF3C-148CD6C8225E}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{77169607-CBB4-429D-BFC0-750E9FE5D43B}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{67B0CC75-A5CC-46CB-8734-029B01252A8E}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{FE96AF76-46CA-4459-93AA-80F813377C19}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{BFDBBC60-0EBB-4A2B-B8B0-AA02FA371A82}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{41C2A9B7-176E-4C5D-9B21-9BAD5E4F5548}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{DA56EE4D-656F-4C3F-B2B5-61B5CDE6556F}"="{FDB7A554-E442-4BE0-BF31-3C90799FF9D6}"
"{64A00939-6EC4-4596-B9CB-211F83C4DA65}"="{FDB7A554-E442-4BE0-BF31-3C90799FF9D6}"
"{BA83AD70-E33C-4DB6-B844-B3790E101B55}"="{FDB7A554-E442-4BE0-BF31-3C90799FF9D6}"
"{0AE25F75-5CF1-4D24-9E0E-C862C40B4BD9}"="{B1FACDC5-5A2B-4F50-8AE7-8C15EF695A3D}"
"{01754B6B-D294-4C1E-9BE5-A2F1A7BEC2B8}"="{B1FACDC5-5A2B-4F50-8AE7-8C15EF695A3D}"
"{987C2419-6887-4B03-AF74-7800AED1F77C}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{2A3F768E-7206-437B-A47B-1A50D3A3FA4B}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{9540CDD1-E9DC-432D-9F77-EFADD9472094}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{736BE774-B096-469E-AF5D-7DF9BFE3F68D}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{2A70914D-7C73-41DC-975B-A9C457DD3A0C}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{7F187632-BFA2-4B8A-ABCB-AD39FD6E659A}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{59005154-F76B-457D-9823-3DECF701D208}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{B913611F-FCDB-4427-AEFC-1D9760D5283D}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{5E939319-0642-47F8-9BED-E6D5E710BC25}"="{8BB0FA2F-5777-4700-A532-F68DD11B8AB7}"
"{E351D09B-B24A-4A93-826F-9CB93022DD8C}"="{8BB0FA2F-5777-4700-A532-F68DD11B8AB7}"
"{05096381-1742-4256-B227-2A0933A233C9}"="{8BB0FA2F-5777-4700-A532-F68DD11B8AB7}"
"{7E2B779A-907A-4DBF-8A68-80C8D06DCB2C}"="{FE787C9C-D8AD-48B3-9C10-1D3FA1A46E47}"
"{6537E4DB-13FC-4AB7-AF72-1195001E57CE}"="{FE787C9C-D8AD-48B3-9C10-1D3FA1A46E47}"
"{63D54BAE-814B-4F18-BCE4-FDEF34409595}"="{C604968E-F399-4FF4-8DC8-9945BDC41B46}"
"{15FA48FC-136B-461C-A810-B1EF1402A211}"="{C604968E-F399-4FF4-8DC8-9945BDC41B46}"
"{81BDC0FF-C18F-44C8-98FB-29048414405D}"="{C604968E-F399-4FF4-8DC8-9945BDC41B46}"
"{CAB568DB-F143-4469-8F16-DDB78DFC5121}"="{C604968E-F399-4FF4-8DC8-9945BDC41B46}"
"{C6DCFEBC-9F3F-4FEA-AF18-84314DDB629E}"="{C604968E-F399-4FF4-8DC8-9945BDC41B46}"
"{7FE3CF19-12D0-4F0B-8B38-A43AE2592039}"="{95B551E3-05FA-4C04-AFE7-012560EA9DEA}"
"{C972A989-538D-4508-8942-CF1D5E29005C}"="{95B551E3-05FA-4C04-AFE7-012560EA9DEA}"
"{6C6CDF29-E2EB-4730-9AFC-F0B98799BFA1}"="{95B551E3-05FA-4C04-AFE7-012560EA9DEA}"
"{26380E66-E6F5-421C-93AE-92E1D8EA7BD6}"="{0A9B239B-68E2-41AF-9C30-0BF0E0EF1E05}"
"{549F6D2A-FB08-41BB-A3A2-215B961ACE78}"="{0A9B239B-68E2-41AF-9C30-0BF0E0EF1E05}"
"{F1EA64DA-66A5-4C9D-A287-4ED26BFE8828}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{8167609F-CE0C-4FF6-9864-751AC7425419}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{EA8C36EC-75E9-4B3C-A7EC-968DA34CC523}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{E388C077-805C-4A6F-8D8E-F303CA42EB43}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{C0F4D606-CB53-4D09-A802-7C830EE5D1B6}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{BF4EFE25-8B3F-4107-AB6B-136656112070}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{2461D2DF-D54A-44A2-A12E-414F2127036A}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{9119B842-C949-4249-8029-33230FC031E2}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{A5569A8B-074B-4BB6-A6C4-C0B0F95DA356}"="{0B0C559A-82CE-402E-858A-423931784C97}"
"{AE66BC61-D1C0-4111-89F5-79CB55DC34DD}"="{0B0C559A-82CE-402E-858A-423931784C97}"
"{26507288-8064-4147-A3CC-1B3713310F9D}"="{8680F8B8-1FFE-4B65-BF0D-3A6BD66BD70D}"
"{2CC336D9-8838-4BF3-8FC7-B693E95BD6B0}"="{8680F8B8-1FFE-4B65-BF0D-3A6BD66BD70D}"
"{3600D27C-A52E-4898-89AC-E5BB180FB7CA}"="{8680F8B8-1FFE-4B65-BF0D-3A6BD66BD70D}"
"{A97443CD-9AEF-4731-8180-E2BB52C7F49B}"="{8680F8B8-1FFE-4B65-BF0D-3A6BD66BD70D}"
"{C04A7988-3B46-4111-9544-01E6BB31AF3C}"="{8680F8B8-1FFE-4B65-BF0D-3A6BD66BD70D}"
"{0DB9BF44-D752-4FD0-8690-9ACBDF98DD1D}"="{1ADAD5C6-C633-4266-866C-EDF6E04CCA3F}"
"{82A109CB-47EF-4EE3-A40D-038A4D955DBF}"="{1ADAD5C6-C633-4266-866C-EDF6E04CCA3F}"
"{4EF3FF1B-B49F-4B66-9033-7DB6FB6CB900}"="{1ADAD5C6-C633-4266-866C-EDF6E04CCA3F}"
"{B78D41A3-0FD8-42FF-A14C-604A6A0742F8}"="{3941A945-3647-4316-BC63-E156DA143EF4}"
"{019D2BCF-DB05-4F67-96E7-34149D1DC3E1}"="{3941A945-3647-4316-BC63-E156DA143EF4}"
"{00A2AA81-C986-4447-AD15-6634B0D24FE5}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{57EE32E7-9E74-4798-866E-673ACE235692}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{7A662B6D-3CD5-4729-A01B-74B13BC96710}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{100383FC-E730-44B2-834B-A273EDB3CEFC}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{4CFE5C24-04E5-4C17-8623-B38127A22631}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{8948EBAB-6604-4E13-A212-7D9341031CF8}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{D5D55120-FE6A-49C4-840C-C0BEDD406F73}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{D596E925-58C3-496B-989E-20CAE88AB413}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{0D344D62-189A-4656-A255-E50C1ED1BEAA}"="{11AF209E-F9A0-4606-A4F6-6E887F48CE6C}"
"{E3090150-6427-402E-A376-0D21C7652EB3}"="{11AF209E-F9A0-4606-A4F6-6E887F48CE6C}"
"{DB09D5A8-D7E4-4002-95AD-B8874B8E3C70}"="{11AF209E-F9A0-4606-A4F6-6E887F48CE6C}"
"{03455C18-BF67-491F-A25C-C3769D458113}"="{9B524427-7C69-41F8-916B-0CB0EE4185AF}"
"{5D69D371-ED9D-4509-934C-1171182E3D84}"="{9B524427-7C69-41F8-916B-0CB0EE4185AF}"
"{9D4E70D6-BE0E-4943-BC75-F2CF056E5B6E}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{FE97A1ED-F0D6-4BEC-B268-D12AB8ABE051}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{135F4AF1-86A2-4ED4-B718-282FC9660ED5}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{7FE92D5B-1E80-4995-8A9E-23F0475667BD}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{67599316-CB9D-48DE-908A-70DA6C91EA6C}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{ECE226FC-D583-42B9-8B78-8900B91CBCF8}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{CDC53F7C-3977-4F99-B223-3731CAD20C2F}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{6800CBC1-A6C8-4BD2-83DF-6DBFF40FB98C}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{CC92F57E-7DE1-4925-AB9B-E37F7F96798B}"="{5A932282-2C17-4E8D-B43B-B91751E1BF0E}"
"{4BDAC934-3260-4C3B-B9B6-A29C7C4255AF}"="{5A932282-2C17-4E8D-B43B-B91751E1BF0E}"
"{A09C5BB5-67AB-4D5A-B1C0-7801EA13C42F}"="{5A932282-2C17-4E8D-B43B-B91751E1BF0E}"
"{43131E7C-02E6-46BD-BC18-1821DA47B09B}"="{532F7960-6A6F-43BA-BCF9-D48141004F41}"
"{4C609F02-E584-41F1-A7BD-FD256DE82B67}"="{532F7960-6A6F-43BA-BCF9-D48141004F41}"
"{453B5D84-C389-4A33-8B41-E42A49143911}"="{BDC4CA98-8C54-4FE7-B851-804E2CD8400A}"
"{9AEDF074-9E7A-4EFB-9983-4B3CF4D39C50}"="{BDC4CA98-8C54-4FE7-B851-804E2CD8400A}"
"{0287B5B6-7CCD-4058-A34F-A432FADCC9BD}"="{BDC4CA98-8C54-4FE7-B851-804E2CD8400A}"
"{5F14195E-FAAA-43EE-81E8-2863FF3B3256}"="{BDC4CA98-8C54-4FE7-B851-804E2CD8400A}"
"{01D46A14-8370-4E8A-A4B1-85CA388D47DD}"="{BDC4CA98-8C54-4FE7-B851-804E2CD8400A}"
"{7B137C4F-A1D8-49E6-B693-D63FA12C43C8}"="{FFBCDF9F-A2A6-43D2-9603-16F29E8C89F3}"
"{F06A7F66-60BC-4432-99FB-CE2D8F96EDBA}"="{FFBCDF9F-A2A6-43D2-9603-16F29E8C89F3}"
"{3B6886C8-A180-447F-8ABF-399C090E20DD}"="{25882375-2F9C-4976-8821-48E5C0E8510A}"
"{745922E3-46F2-4735-A5DB-B2CA725118D2}"="{25882375-2F9C-4976-8821-48E5C0E8510A}"
"{444EB005-B302-4BAF-9009-F2ABC3606F1F}"="{25882375-2F9C-4976-8821-48E5C0E8510A}"
"_AvProdSvcComm_"="{FE1BB958-F464-4355-B0BA-929FC256C622}"
"SubmissionEngineIPC"="{FE1BB958-F464-4355-B0BA-929FC256C622}"
"SubmissionEngineCallbackIPC"="{FE1BB958-F464-4355-B0BA-929FC256C622}"
"{38C4F460-852A-4A9F-9C95-C60F784F4D45}"="{281A59B3-A7D3-498D-A8B8-A4DBEB190B1F}"
"{33F37F9E-527E-40D7-8866-46CE221C89B4}"="{281A59B3-A7D3-498D-A8B8-A4DBEB190B1F}"
"{6B32AA0F-6253-4E94-B837-0529C5E5541B}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{708D59C2-A9AB-405A-8EC0-58A97BCF220F}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{8F31CF16-54C0-46EA-A85B-CFCB1ECFF432}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{2A8B5760-CD26-4CD2-84CE-30428697A230}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{66D6ED66-C640-4F21-B998-99B5E716931C}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{030B3265-65F3-40BD-87A2-F12E75B5B117}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{62910D56-C240-47E8-8BC1-350A108C41B2}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{29194720-87F2-4F0A-981B-3841DA57BE3E}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{2819699B-511C-4115-9841-8B83FDD4BFEE}"="{A595A698-8091-40CF-BD8B-3472D104FB73}"
"{22AACA55-697A-4433-9141-6FEAACAD71C7}"="{A595A698-8091-40CF-BD8B-3472D104FB73}"
"{3B92D4CA-38B5-4395-8B65-81916165B98C}"="{FE1BB958-F464-4355-B0BA-929FC256C622}"
"{05525442-1AA3-4BD9-A98F-26671708AD9D}"="{FE1BB958-F464-4355-B0BA-929FC256C622}"
"{A90A74AD-D821-4E27-AC3F-A492A72C5499}"="{FE1BB958-F464-4355-B0BA-929FC256C622}"
"{C84D8648-2CFE-4112-BE02-86245F137D2C}"="{50004891-569B-490F-AA77-0D7DE1F7FC9B}"
"{2E37040C-1931-4326-A6B2-425C5C82E188}"="{50004891-569B-490F-AA77-0D7DE1F7FC9B}"
"{5B13DAB8-01EC-4EB4-AE33-C26CD0A6194D}"="{50004891-569B-490F-AA77-0D7DE1F7FC9B}"
"{67B90921-ED0A-46AF-86A0-2BA0B8C907D1}"="{50004891-569B-490F-AA77-0D7DE1F7FC9B}"
"{1CEECA1A-B50D-41EA-8C0A-F24E3D4D7141}"="{50004891-569B-490F-AA77-0D7DE1F7FC9B}"
"{ED5337CA-3D7D-4801-A094-54BE522952A9}"="{12753ABF-9A04-4BC2-9591-7CE2E1604A70}"
"{D6DE7AA8-98E8-472D-A3ED-3E3AEBFD55DB}"="{12753ABF-9A04-4BC2-9591-7CE2E1604A70}"
"{1B9CBD02-127E-4758-9A16-982B579E72F6}"="{12753ABF-9A04-4BC2-9591-7CE2E1604A70}"
"{33727F2D-0B9C-4A55-9C61-D705DC97C0D9}"="{749A355D-1F83-4218-BBBA-95FA7B9E90F4}"
"{94E7E7DE-F340-4448-ABC5-06FD09AD3482}"="{06D6BBCD-A7AD-40DC-95F0-F9B591A1A198}"
"{FA15D3F3-D5DF-426C-BEE3-A81BE4837DA8}"="{9515DED7-DAD8-45F6-B923-01D5F8D30717}"
"{446B6448-A9BE-40D8-A8D3-FD221D83A957}"="{4F845F3B-7339-42F4-98AC-13E5CFC5346F}"
"{3EE9240D-E3B8-46DB-A911-EFD779DB15F9}"="{4F845F3B-7339-42F4-98AC-13E5CFC5346F}"
"{13F0DD75-8BE3-4167-83BA-34B16429DDA8}"="{4F845F3B-7339-42F4-98AC-13E5CFC5346F}"
"{6C4AEEE7-9463-45B6-AA48-F5AF1EB75BA4}"="{716F5273-EF1F-484B-8F52-4E7210AD8DF1}"
"{2CEABFB3-40EA-4615-B26A-6BADAAE496B7}"="{716F5273-EF1F-484B-8F52-4E7210AD8DF1}"
"{E0C71D74-E8DA-4FAD-9439-2A9BCC80C410}"="{716F5273-EF1F-484B-8F52-4E7210AD8DF1}"
"ccSvcHst_ccSetMgr"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"{A6D74B3B-C009-48ce-ADB6-159798ECB2C0}"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"SNDServiceRequestChannel"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"SNDLocationChannel"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"ccSettingsService"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"ccSvcHst_CLTNetCnService"="{A39B34B0-EF1B-4691-8726-B37FA95B8404}"
"cltIPCServer_Channel"="{A39B34B0-EF1B-4691-8726-B37FA95B8404}"
"ccSvcHst_ccEvtMgr"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"IPS_COMMAND_CHANNEL"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"ccEvtCli"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"{00D569D0-E16A-480B-990E-E51D66D73069}"="{6B800528-1B54-472B-AD40-4BBB9202BE3C}"
"{79376521-18B8-4CFE-908B-8B17F8779227}"="{6B800528-1B54-472B-AD40-4BBB9202BE3C}"
"{25E5C968-4CC7-430C-A92F-0F50DB292C10}"="{6B800528-1B54-472B-AD40-4BBB9202BE3C}"
"{3455C5E4-B1BE-456E-9128-350C48DCE6DB}"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"{16C67DA3-E339-4EC2-86F8-5D8413DA3890}"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"{BCC5DDE5-CDB7-44EB-8F9C-9E494BA98A6E}"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(5900)
c:\program files\IDM\Desktop SMS\oehook.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\progra~1\AVG\AVG2013\avgrsx.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\taskhost.exe
c:\program files\AVG\AVG2013\avgnsx.exe
c:\program files\AVG\AVG2013\avgemcx.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\RtHDVCpl.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\program files\Synaptics\SynTP\SynToshiba.exe
c:\program files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
c:\program files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
c:\program files\Windows Mail\WinMail.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Ask.com\UpdateTask.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-31  18:46:02 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-01-31 17:46
.
Vor Suchlauf: 9 Verzeichnis(se), 46.256.812.032 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 45.911.203.840 Bytes frei
.
- - End Of File - - CD1793964776BD7CB519ABA26C5F1FE7
         
--- --- ---

achso, ist es normal, dass mein Bildschirmhintergrund weg ist und die Symbole auf meinem Desktop jetzt etwas anders angeordnet sind?

Alt 31.01.2013, 19:27   #14
markusg
/// Malware-holic
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



hi
norton remover ausführen, neustarten:
Download Avira RegistryCleaner
ausführen, neustarten, dann bitte melden
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.01.2013, 19:44   #15
Carrab17
 
verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Standard

verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet



hey

Norton hab ich ausgeführt und neu gestartet.

eine kurze Frage noch:

Bei Avira muss ich auf "Keys auslesen" drücken und die gefundenen Keys dann löschen und dann neustarten, oder?

Antwort

Themen zu verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet
antivirenprogramm, avg, avira, computer, dateien, e-mail, edition, free, infizierte, installiert, internet, laptop, neu, nicht mehr, nichts, probleme, programm, programme, rechner, sonntag, trojaner, unbekannte, verdächtige, verschickt, wirklich, zugeklappt




Ähnliche Themen: verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet


  1. Windows 10: Fake-Paypal-Mail erhalten und versehentlich Anhang geöffnet …
    Plagegeister aller Art und deren Bekämpfung - 22.08.2015 (8)
  2. Ominöse .js-Datei im E-Mail-Anhang. Leider schon geöffnet, was ist das?
    Plagegeister aller Art und deren Bekämpfung - 13.04.2015 (17)
  3. Amazon Inkasso Mail erhalten und zip datei geöffnet!!!
    Log-Analyse und Auswertung - 15.09.2014 (7)
  4. Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 08.08.2014 (16)
  5. Schadhaften E-Mail-Anhang geöffnet (.zip-Datei)
    Log-Analyse und Auswertung - 10.07.2014 (9)
  6. zip-Datei Virus-Anhang in vermeintlicher PayPal-Mail via Handy geöffnet
    Plagegeister aller Art und deren Bekämpfung - 30.06.2014 (3)
  7. E-Mail von Media Center GmbH - Abo 39€ - E-Mail, nicht Anhang geöffnet, Antivirenprogramm meldet sich.
    Plagegeister aller Art und deren Bekämpfung - 24.04.2014 (5)
  8. Spam-Mail erhalten und Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 18.04.2014 (1)
  9. E-Mail Paypalrechnung von Anwaltskanzlei mit zip-Datei im Anhang geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 21.03.2014 (7)
  10. E-Mail mit falschen Zahlungsaufforderungen erhalten und Anhang geöffnet!
    Plagegeister aller Art und deren Bekämpfung - 01.09.2013 (3)
  11. verdächtige Email mit zip Anhang geöffnet- Laptop nun infiziert?
    Plagegeister aller Art und deren Bekämpfung - 22.07.2013 (6)
  12. MAC: Abmahnungs-E-Mail (Spam) erhalten, Zip Datei geöffnet, Trojaner, veränderte Zugriffsrechte
    Alles rund um Mac OSX & Linux - 24.06.2013 (6)
  13. Mail mit ZIP-Datei im Anhang geöffnet - Trojaner?
    Log-Analyse und Auswertung - 14.05.2013 (9)
  14. Zip-Datei im E-Mail-Anhang von "Bestellung bei Amazon Buyvip" geöffnet
    Log-Analyse und Auswertung - 05.04.2013 (9)
  15. e-mail erhalten über eine angeblich Rechnung mit Mahnung u. drohung mit Inkasso u. datei anhang
    Log-Analyse und Auswertung - 14.03.2013 (5)
  16. Zahlungsaufforderung von Groupon erhalten und den Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 11.03.2013 (3)
  17. Verdächtige E-Mail mit Zip-Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 07.03.2013 (10)

Zum Thema verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet - Hallo, ich bin neu hier. Letzte Woche Mittwoch habe habe eine E-Mail von einem, mir unbekannten, Absender erhalten. Inhalt war eine Zahlungsaufforderung für eine von mir nie bestellte Lieferung. An - verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet...
Archiv
Du betrachtest: verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.