| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ist Trojaner Trojan.Agent jemals aktiv geworden?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.10.2010, 11:48
| #31 |
 |  Ist Trojaner Trojan.Agent jemals aktiv geworden? Mal 'ne kurze Zwischenfrage: War mein Rechner tatsächlich wirklich befallen, und der Trojaner auch schon aktiv, oder sind wir noch in der Untersuchungs-Phase? Ein Zwischenergebnis Deiner Einschätzung würde mich sehr interessieren, und woran (grob) Du das erkennen konntest. Danke! |
|
08.10.2010, 13:27
| #32 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Ist Trojaner Trojan.Agent jemals aktiv geworden? Ein paar Sachen waren dabei. Aber wirklich Böses hab ich noch nicht ausgemacht. Wird sich zeigen wie die nächsten Logs aussehen.
__________________
__________________ |
|
10.10.2010, 19:53
| #33 | |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden?Zitat:
GMER habe ich ausgeführt. Als ich am nächsten Morgen den etwas zugeklappten Notebook-Bildschirm öffnete, sah es zunächst für einen kurzen Blick aus dem Augenwinkel ganz gut aus, doch stieß ich dann versehentlich an die Maus (ohne Klick) und sah dann denn berühmten Anwendungsfehler-Dialog. Evtl. irre ich mich, aber ich hatte den Eindruck, daß der erst mit dem Anstoßen an die Maus dazukam. Das soll nur so mitgeteilt werden, vielleicht ist es ja von Wichtigkeit. OSAM konnte ich leider nicht runterlagen, da der auf der Anleitung angegebene Link mehrmals in "Die Verbindung zum Server wurde zurückgesetzt, während die Seite geladen wurde." endete. Hier nun das GMER-log: Code:
ATTFilter GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-10-10 07:56:11
Windows 5.1.2600 Service Pack 3
Running: pel7zqu1.exe; Driver: C:\DOKUME~1\+++\LOKALE~1\Temp\pgtdypod.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwAllocateVirtualMemory [0xB91D8B30]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xB4D1ECF0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xB4D1EBAC]
SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwCreateThread [0xB91D86F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xB4D1F160]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xB4D1F08A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xB4D1E782]
SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwMapViewOfSection [0xB91D8470]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xB4D1EC86]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xB4D1E6C2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xB4D1E726]
SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwProtectVirtualMemory [0xB91D8C50]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xB4D1EDA6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xB4D1F22E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xB4D1ED66]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xB4D1EEE6]
SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwShutdownSystem [0xB91D8990]
SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwTerminateProcess [0xB91D88D0]
SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwWriteVirtualMemory [0xB91D8D60]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB4D2BBAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xB4D2B9D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xB4D2BB0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
PAGE ntkrnlpa.exe!ZwLoadDriver 805795FA 7 Bytes JMP B4D2BB10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection 805A075C 7 Bytes JMP B4D2B9D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805B1CE0 5 Bytes JMP B4D275D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805B8B58 5 Bytes JMP B4D28FFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805C73EA 7 Bytes JMP B4D2BBB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB9946000, 0x1C5D38, 0xE8000020]
.text tcpip.sys!IPTransmit + 10FC B4F55D3A 6 Bytes CALL B9DBEE50 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text tcpip.sys!IPTransmit + 2A52 B4F57690 6 Bytes CALL B9DBEE50 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text tcpip.sys!IPRegisterProtocol + 930 B4F6D454 6 Bytes CALL B9DBEE50 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text wanarp.sys B91CB3FD 7 Bytes CALL B9DBEFA0 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text C:\WINDOWS\system32\drivers\ACEDRV05.sys section is writeable [0xB2914000, 0x30A4A, 0xE8000020]
.pklstb C:\WINDOWS\system32\drivers\ACEDRV05.sys entry point in ".pklstb" section [0xB2956000]
.relo2 C:\WINDOWS\system32\drivers\ACEDRV05.sys unknown last section [0xB2971000, 0x8E, 0x42000040]
---- User code sections - GMER 1.0.15 ----
.text C:\Programme\Alwil Software\Avast5\AvastSvc.exe[684] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [B9DBFC70] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [B9DBFBD0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DBFB10] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [B9DBF8E0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [B9DBF8E0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [B9DBFBD0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [B9DBFC70] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DBFB10] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DBFB10] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [B9DBF8E0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [B9DBFBD0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [B9DBFC70] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [B9DBF8E0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [B9DBFB10] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [B9DBFC70] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [B9DBFBD0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [B9DBFC70] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [B9DBFBD0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [B9DBF8E0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DBFB10] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B9DBF8E0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [B9DBFBD0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [B9DBFC70] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [B9DBFC70] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [B9DBFBD0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DBFB10] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [B9DBF8E0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\irda.sys[NDIS.SYS!NdisOpenAdapter] [B9DBFBD0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\irda.sys[NDIS.SYS!NdisRegisterProtocol] [B9DBF8E0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\irda.sys[NDIS.SYS!NdisCloseAdapter] [B9DBFC70] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\irda.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DBFB10] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [B9DBF8E0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [B9DBFB10] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [B9DBFC70] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [B9DBFBD0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\system32\wscntfy.exe[272] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00802EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wscntfy.exe[272] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00802C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wscntfy.exe[272] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00802C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wscntfy.exe[272] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00802C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe[336] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C92EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe[336] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C92C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe[336] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C92C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe[336] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C92C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[728] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AF2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[728] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AF2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[728] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AF2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[728] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AF2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[756] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AC2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[756] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AC2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[756] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AC2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[756] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AC2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE[796] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A32EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE[796] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A32C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE[796] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A32C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE[796] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A32C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\services.exe[1160] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002
IAT C:\WINDOWS\system32\services.exe[1160] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000
IAT C:\Program Files\Digital Line Detect\DLG.exe[1244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A82EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Digital Line Detect\DLG.exe[1244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A82C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Digital Line Detect\DLG.exe[1244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A82C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Digital Line Detect\DLG.exe[1244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A82C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[1316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AC2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[1316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AC2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[1316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AC2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[1316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AC2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe[2004] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00882EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe[2004] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00882C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe[2004] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00882C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe[2004] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00882C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\LVComSX.exe[2308] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A52EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\LVComSX.exe[2308] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A52C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\LVComSX.exe[2308] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A52C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\LVComSX.exe[2308] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A52C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[2396] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtCreateFile] [00B82EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[2396] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDeviceIoControlFile] [00B82C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[2396] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtClose] [00B82C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe[2396] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDuplicateObject] [00B82C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\mRouterRuntime.exe[2508] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AC2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\mRouterRuntime.exe[2508] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AC2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\mRouterRuntime.exe[2508] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AC2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\mRouterRuntime.exe[2508] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AC2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Dokumente und Einstellungen\All Users\Desktop\pel7zqu1.exe[2752] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00802EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Dokumente und Einstellungen\All Users\Desktop\pel7zqu1.exe[2752] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00802C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Dokumente und Einstellungen\All Users\Desktop\pel7zqu1.exe[2752] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00802C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Dokumente und Einstellungen\All Users\Desktop\pel7zqu1.exe[2752] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00802C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\TPPALDR.EXE[2756] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009A2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\TPPALDR.EXE[2756] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009A2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\TPPALDR.EXE[2756] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009A2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\TPPALDR.EXE[2756] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009A2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Lenovo\HOTKEY\TPONSCR.exe[2832] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A22EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Lenovo\HOTKEY\TPONSCR.exe[2832] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A22C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Lenovo\HOTKEY\TPONSCR.exe[2832] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A22C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Lenovo\HOTKEY\TPONSCR.exe[2832] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A22C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe[4068] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00382EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe[4068] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00382C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe[4068] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00382C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe[4068] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00382C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\TpScrLk.exe[4356] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00992EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\TpScrLk.exe[4356] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00992C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\TpScrLk.exe[4356] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00992C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\TpScrLk.exe[4356] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00992C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe[4724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00FE2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe[4724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00FE2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe[4724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00FE2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe[4724] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00FE2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Synaptics\SynTP\SynTPEnh.exe[4948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00BC2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Synaptics\SynTP\SynTPEnh.exe[4948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00BC2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Synaptics\SynTP\SynTPEnh.exe[4948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00BC2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Synaptics\SynTP\SynTPEnh.exe[4948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00BC2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[4964] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003E2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[4964] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003E2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[4964] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003E2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[4964] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003E2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\TortoiseSVN\bin\TSVNCache.exe[5028] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A72EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\TortoiseSVN\bin\TSVNCache.exe[5028] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A72C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\TortoiseSVN\bin\TSVNCache.exe[5028] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A72C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\TortoiseSVN\bin\TSVNCache.exe[5028] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A72C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[5040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00392EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[5040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00392C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[5040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00392C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[5040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00392C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe[5072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00972EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe[5072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00972C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe[5072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00972C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe[5072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00972C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe[5840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00BA2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe[5840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00BA2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe[5840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00BA2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe[5840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00BA2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\IBMTOOLS\UTILS\ibmprc.exe[6328] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00372EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\IBMTOOLS\UTILS\ibmprc.exe[6328] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00372C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\IBMTOOLS\UTILS\ibmprc.exe[6328] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00372C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\IBMTOOLS\UTILS\ibmprc.exe[6328] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00372C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[6468] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C82EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[6468] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C82C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[6468] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C82C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[6468] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C82C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[6508] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003D2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[6508] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003D2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[6508] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003D2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[6508] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003D2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe[6608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D72EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe[6608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D72C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe[6608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D72C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe[6608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D72C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\vsnp2std.exe[6640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AE2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\vsnp2std.exe[6640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AE2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\vsnp2std.exe[6640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AE2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\vsnp2std.exe[6640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AE2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe[6692] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003C2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe[6692] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003C2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe[6692] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003C2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe[6692] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003C2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\TpShocks.exe[6772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003B2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\TpShocks.exe[6772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003B2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\TpShocks.exe[6772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003B2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\TpShocks.exe[6772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003B2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Synaptics\SynTP\SynTPLpr.exe[6984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003A2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Synaptics\SynTP\SynTPLpr.exe[6984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003A2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Synaptics\SynTP\SynTPLpr.exe[6984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003A2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Synaptics\SynTP\SynTPLpr.exe[6984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003A2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe[7084] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003C2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe[7084] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003C2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe[7084] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003C2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe[7084] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003C2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\taskswitch.exe[7100] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [008D2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\taskswitch.exe[7100] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [008D2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\taskswitch.exe[7100] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [008D2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\taskswitch.exe[7100] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [008D2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe[7144] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009A2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe[7144] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009A2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe[7144] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009A2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe[7144] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009A2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe[7192] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009F2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe[7192] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009F2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe[7192] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009F2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe[7192] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009F2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe[7236] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00982EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe[7236] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00982C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe[7236] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00982C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe[7236] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00982C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\IBM\Messages By IBM\ibmmessages.exe[7332] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00BE2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\IBM\Messages By IBM\ibmmessages.exe[7332] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00BE2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\IBM\Messages By IBM\ibmmessages.exe[7332] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00BE2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\IBM\Messages By IBM\ibmmessages.exe[7332] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00BE2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\DLA\DLACTRLW.EXE[7484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A72EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\DLA\DLACTRLW.EXE[7484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A72C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\DLA\DLACTRLW.EXE[7484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A72C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\DLA\DLACTRLW.EXE[7484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A72C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe[7580] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00962EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe[7580] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00962C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe[7580] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00962C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe[7580] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00962C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[7624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003E2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[7624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003E2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[7624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003E2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[7624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003E2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[7632] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtCreateFile] [00802EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[7632] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDeviceIoControlFile] [00802C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[7632] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtClose] [00802C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[7632] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDuplicateObject] [00802C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[7660] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AA2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[7660] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AA2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[7660] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AA2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[7660] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AA2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe[7816] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D42EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe[7816] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D42C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe[7816] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D42C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe[7816] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D42C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe[8128] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A32EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe[8128] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A32C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe[8128] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A32C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe[8128] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A32C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
Device \Driver\aswTdi \Device\AswUdpFilter wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device \Driver\aswTdi \Device\ASWTDI wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device \Driver\aswTdi \Device\AswTcpFilter wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Programme\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xFF 0x36 0xBB 0x94 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000e9bda3b35
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xFF 0x36 0xBB 0x94 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0xF6 0x70 0xC0 0xA2 ...
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\000e9bda3b35 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xFF 0x36 0xBB 0x94 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0xF6 0x70 0xC0 0xA2 ...
---- Files - GMER 1.0.15 ----
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-j2ee-metadata.xml 419 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-j2ee-persistence-kit.xml 438 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-j2ee-persistence.xml 428 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-j2ee-persistenceapi.xml 437 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-j2ee-toplinklib.xml 752 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-debug.xml 411 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-editor-lib.xml 426 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-editor.xml 422 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-examples.xml 420 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-freeform.xml 420 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-guards.xml 414 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-helpset.xml 507 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-hints.xml 415 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-j2seplatform.xml 534 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-j2seproject.xml 538 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-kit.xml 402 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-lexer.xml 411 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-apache-tools-ant-module.xml 3830 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-api-debugger-jpda.xml 409 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-api-java.xml 381 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-libs-javacapi.xml 460 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-libs-javacimpl.xml 468 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-ant-browsetask.xml 510 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-ant-debugger.xml 419 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-platform.xml 517 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-preprocessorbridge.xml 447 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-project.xml 516 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-source.xml 416 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-sourceui.xml 424 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-javadoc.xml 405 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-javawebstart-signtask.xml 537 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-javawebstart.xml 415 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-junit.xml 593 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-refactoring-java.xml 428 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-swingapp.xml 622 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-websvc-jaxws21.xml 1369 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-websvc-jaxws21api.xml 900 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-websvc-serviceapi.xml 430 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-ant-freeform.xml 418 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-j2ee-metadata-model-support.xml 462 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-java-navigation.xml 425 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-ant-grammar.xml 414 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-ant-kit.xml 398 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-dbschema.xml 494 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-debugger-jpda-ant.xml 523 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-debugger-jpda-projects.xml 447 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-debugger-jpda-ui.xml 428 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-debugger-jpda.xml 421 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-derby.xml 462 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-form-j2ee.xml 408 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-form-kit.xml 401 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-form.xml 862 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-i18n-form.xml 409 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-i18n.xml 394 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-j2ee-jpa-refactoring.xml 438 bytes
File C:\Programme\Java\NetBeans 6.0 RC2\java1\update_tracking\org-netbeans-modules-j2ee-jpa-verification.xml 444 bytes
---- EOF - GMER 1.0.15 ----
|
|
10.10.2010, 21:00
| #34 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ist Trojaner Trojan.Agent jemals aktiv geworden? OSAM hatte ich als zip vor ein paar Wochen mal hochgeladen => File-Upload.net - osam.zip
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.10.2010, 08:49
| #35 | |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden? Danke! Zitat:
Ansonsten scheint die Datenbank für OSAM leider offline zu sein... |
|
11.10.2010, 11:57
| #37 |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden? Als ich vom AdministratorBenutzer wieder hierher zurückgekehrt bin, fragte mich meine FRITZ!Protect-Firewall, ob OSAM der Zugriff zum Internet erlaubt werden soll, und das, obwohl ich OSAM unter dem AdministratorBenutzer komplett geschlossen hatte. Es scheint also einen Unterprozess zu geben, welcher noch im eingeschränkten Benutzermodus aktiv zu sein scheint. Das zum Thema, warum ich diese Firewall und deren Infomationen für nützlich halte. Code:
ATTFilter <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Report of OSAM: Autorun Manager v5.0.11926.0</title> <style type="text/css"> body { margin : 10px 10px 10px 20px; color : #000000; background-color : #fffbf0; font : 10pt Tahoma, Verdana, Arial, Helvetica, sans-serif; scrollbar-3dlight-color : #fffbf0; scrollbar-arrow-color : #000000; scrollbar-darkshadow-color: #000000; scrollbar-face-color : #fffbf0; scrollbar-highlight-color : #000000; scrollbar-shadow-color : #fffbf0; scrollbar-track-color : #fffbf0; } a:link { color: #e15616; } a:visited { color: #e15616; } a:hover { color: #e4743f; } a:active { color: #e4743f; } .header1 { font-size : 115%; font-weight: bold; margin-left: 0px; } table { border-collapse: collapse; border : 1px solid #000000; cellpadding : 0; cellspacing : 0; width : 90%; } td,th { font-size : 12px; color : #000000; background : #fffbf0; border : 1px solid #000000; text-align : left; vertical-align: top; padding : 2px 4px 2px 4px; } .cap { font-weight: bold; font-size : 10pt; padding : 2px 4px 2px 4px; border : 1px solid #000000; } .group { font-weight: bold; font-size : 10pt; padding : 2px 4px 2px 4px; text-align : center; } .reg { font-weight: bold; font-size : 10pt; border : 0px none; padding : 2px 4px 2px 4px; } .notfound { background-color: #B3DDFF; } .blocked { background-color: #FF96EB; } .nodetails { background-color: #FFFF75; } .trusted { background-color: #C8FFC8; } .rootkit { background-color: #FF8696; } td.rs { text-align: center; vertical-align: center; font-family: courier; } td.rs.rm { background: #F90424; title: "Malware"; } td.rs.ri { background: #F90424; title: "Infected"; color: #21F411; } td.rs.rw { background: #F90424; title: "Unwanted"; } td.rs.rs { background: #F90424; title: "Suspicious"; } td.rs.rt { background: #21F411; title: "Trusted"; } td.rs.rc { background: #21F411; title: "Checked"; } td.rs.ry { background: #21F411; title: "Up-to-You"; } td.rs.rr { background: #F6EB13; title: "Riskware"; } td.rs.ru { background: #D4D0C8; title: "Unknown"; } td.rs.rn { background: #FFFFFF; title: "Not checked"; } </style> </head> <body> <p><span class="header1">Report of OSAM: Autorun Manager v5.0.11926.0</span><br> <a href="hxxp://www.online-solutions.ru/en/" target="_blank">hxxp://www.online-solutions.ru/en/</a><br> Saved at 12:38:23 on 11.10.2010</p> <b>OS</b>: Windows XP Professional Service Pack 3 (Build 2600)<br> <b>Default Browser</b>: Microsoft Corporation Internet Explorer 6.00.2900.5512<br> <br><b>Scanner Settings</b><br> <input type="checkbox" disabled checked>Rootkits detection (hidden registry)<br> <input type="checkbox" disabled checked>Rootkits detection (hidden files)<br> <input type="checkbox" disabled checked>Retrieve files information<br> <input type="checkbox" disabled checked>Check Microsoft signatures<br> <br><b>Filters</b><br> <input type="checkbox" disabled>Trusted entries<br> <input type="checkbox" disabled>Empty entries<br> <input type="checkbox" disabled checked>Hidden registry entries (rootkit activity)<br> <input type="checkbox" disabled checked>Exclusively opened files<br> <input type="checkbox" disabled checked>Not found files<br> <input type="checkbox" disabled checked>Files without detailed information<br> <input type="checkbox" disabled checked>Existing files<br> <input type="checkbox" disabled>Non-startable services<br> <input type="checkbox" disabled>Non-startable drivers<br> <input type="checkbox" disabled checked>Active entries<br> <input type="checkbox" disabled checked>Disabled entries<br> <br> <table border="1" cellpadding="0" cellspacing="0"> <tr> <th class="cap" width="20"> </th> <th class="cap">Risk</th> <th class="cap">Name</th> <th class="cap">Publisher</th> <th class="cap">Full Path</th> <th class="cap">Status</th> </tr> <tr> <td class="group" colspan="6">Boot Execute</td> </tr> <tr> <td class="reg" colspan="6">HKLM\SYSTEM\CurrentControlSet\Control\Session Manager</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"BootExecute"</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\system32\lsdelete.exe</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td class="group" colspan="6">Common</td> </tr> <tr> <td class="reg" colspan="6">%SystemRoot%\Tasks</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"AppleSoftwareUpdate.job"</td> <td>"Apple Inc."</td> <td>C:\Programme\Apple Software Update\SoftwareUpdate.exe</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"GoogleUpdateTaskMachineUA.job"</td> <td class="notfound"></td> <td class="notfound">C:\Programme\Google\Update\GoogleUpdate.exe</td> <td class="notfound">File not found</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"PMTask.job"</td> <td class="nodetails"></td> <td class="nodetails">C:\PROGRA~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"RealUpgradeLogonTaskS-1-5-21-999901472-3601035388-3065584919-1005.job"</td> <td>"RealNetworks, Inc."</td> <td>C:\Programme\Real\RealUpgrade\realupgrade.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"RealUpgradeLogonTaskS-1-5-21-999901472-3601035388-3065584919-1008.job"</td> <td>"RealNetworks, Inc."</td> <td>C:\Programme\Real\RealUpgrade\realupgrade.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"RealUpgradeScheduledTaskS-1-5-21-999901472-3601035388-3065584919-1005.job"</td> <td>"RealNetworks, Inc."</td> <td>C:\Programme\Real\RealUpgrade\realupgrade.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"RealUpgradeScheduledTaskS-1-5-21-999901472-3601035388-3065584919-1008.job"</td> <td>"RealNetworks, Inc."</td> <td>C:\Programme\Real\RealUpgrade\realupgrade.exe</td> <td>File exists</td> </tr> <tr> <td class="group" colspan="6">Control Panel Objects</td> </tr> <tr> <td class="reg" colspan="6">%SystemRoot%\system32</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"btcpl.cpl"</td> <td>"Broadcom Corporation."</td> <td>C:\WINDOWS\system32\btcpl.cpl</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ecsepm.cpl"</td> <td>"Teleca Software Solutions AB"</td> <td>C:\WINDOWS\system32\ecsepm.cpl</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"IBMJavaPlugin142.cpl"</td> <td>"IBM"</td> <td>C:\WINDOWS\system32\IBMJavaPlugin142.cpl</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"infocardcpl.cpl"</td> <td>"Microsoft Corporation"</td> <td>C:\WINDOWS\system32\infocardcpl.cpl</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ISUSPM.cpl"</td> <td>"InstallShield Software Corporation"</td> <td>C:\WINDOWS\system32\ISUSPM.cpl</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"javacpl.cpl"</td> <td>"Sun Microsystems, Inc."</td> <td>C:\WINDOWS\system32\javacpl.cpl</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"PWMCPl.cpl"</td> <td>"Lenovo Group Limited"</td> <td>C:\WINDOWS\system32\PWMCPl.cpl</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Spcselfb.cpl"</td> <td>"SEIKO EPSON CORP."</td> <td>C:\WINDOWS\system32\Spcselfb.cpl</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"tp4ex.cpl"</td> <td>"IBM Corporation"</td> <td>C:\WINDOWS\system32\tp4ex.cpl</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TP98.CPL"</td> <td>"Lenovo Group Limited"</td> <td>C:\WINDOWS\system32\TP98.CPL</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TpShCPL.cpl"</td> <td>"Lenovo."</td> <td>C:\WINDOWS\system32\TpShCPL.cpl</td> <td>File exists</td> </tr> <tr> <td class="reg" colspan="6">HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ECSEPM"</td> <td>"Sony Ericsson Mobile Communications AB"</td> <td>C:\Programme\Sony Ericsson\Mobile\Mobile Phone Monitor\ecsepm.cpl</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"QuickTime"</td> <td>"Apple Inc."</td> <td>C:\Programme\QuickTime\QTSystem\QuickTime.cpl</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"SMAX4CP"</td> <td>"Analog Devices, Inc."</td> <td>C:\Programme\Analog Devices\SoundMAX\SMax4.cpl</td> <td>File exists</td> </tr> <tr> <td class="group" colspan="6">Drivers</td> </tr> <tr> <td class="reg" colspan="6">HKLM\SYSTEM\CurrentControlSet\Services</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ACEDRV05" (ACEDRV05)</td> <td>"Protect Software GmbH"</td> <td>C:\WINDOWS\system32\drivers\ACEDRV05.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ANC" (ANC)</td> <td>"IBM Corp."</td> <td>C:\WINDOWS\System32\drivers\ANC.SYS</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"APS Digitizer Activity Monitor" (TPDIGIMN)</td> <td>"Lenovo."</td> <td>C:\WINDOWS\System32\DRIVERS\ApsHM86.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Aspi32" (Aspi32)</td> <td>"Adaptec"</td> <td>C:\WINDOWS\system32\drivers\Aspi32.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"aswFsBlk" (aswFsBlk)</td> <td>"AVAST Software"</td> <td>C:\WINDOWS\system32\drivers\aswFsBlk.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"aswMon2" (aswMon2)</td> <td>"AVAST Software"</td> <td>C:\WINDOWS\system32\drivers\aswMon2.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"aswRdr" (aswRdr)</td> <td>"AVAST Software"</td> <td>C:\WINDOWS\system32\drivers\aswRdr.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"aswSP" (aswSP)</td> <td>"AVAST Software"</td> <td>C:\WINDOWS\system32\drivers\aswSP.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"avast! Asynchronous Virus Monitor" (Aavmker4)</td> <td>"AVAST Software"</td> <td>C:\WINDOWS\system32\drivers\Aavmker4.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"avast! Network Shield Support" (aswTdi)</td> <td>"AVAST Software"</td> <td>C:\WINDOWS\system32\drivers\aswTdi.sys</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"AVM FRITZ!web DSL PPP" (NETFWDSL)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\System32\DRIVERS\NETFWDSL.SYS</td> <td class="notfound">File not found</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"AVM USB-Fernanschluss" (avmaura)</td> <td>"AVM Berlin"</td> <td>C:\WINDOWS\System32\DRIVERS\avmaura.sys</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"catchme" (catchme)</td> <td class="notfound"></td> <td class="notfound">C:\DOKUME~1\+++\LOKALE~1\Temp\catchme.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"Changer" (Changer)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\system32\drivers\Changer.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"Conexant Setup API" (UIUSys)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\System32\drivers\UIUSys.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"DLABOIOM" (DLABOIOM)</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\DLA\DLABOIOM.SYS</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"DLACDBHM" (DLACDBHM)</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\Drivers\DLACDBHM.SYS</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"DLADResN" (DLADResN)</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\DLA\DLADResN.SYS</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"DLAIFS_M" (DLAIFS_M)</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\DLA\DLAIFS_M.SYS</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"DLAOPIOM" (DLAOPIOM)</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\DLA\DLAOPIOM.SYS</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"DLAPoolM" (DLAPoolM)</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\DLA\DLAPoolM.SYS</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"DLARTL_N" (DLARTL_N)</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\Drivers\DLARTL_N.SYS</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"DLAUDFAM" (DLAUDFAM)</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\DLA\DLAUDFAM.SYS</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"DLAUDF_M" (DLAUDF_M)</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\DLA\DLAUDF_M.SYS</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"DozeHDD" (DozeHDD)</td> <td>"Lenovo."</td> <td>C:\WINDOWS\System32\DRIVERS\DozeHDD.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"drvmcdb" (drvmcdb)</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\Drivers\DRVMCDB.SYS</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"drvnddm" (drvnddm)</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\Drivers\DRVNDDM.SYS</td> <td>File exists</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"epmntdrv" (epmntdrv)</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\system32\epmntdrv.sys</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"EuGdiDrv" (EuGdiDrv)</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\system32\EuGdiDrv.sys</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"GEAR ASPI Filter Driver" (GEARAspiWDM)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"giveio" (giveio)</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\System32\giveio.sys</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"IBM Access Support" (EGATHDRV)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\SYSTEM32\EGATHDRV.SYS</td> <td class="notfound">File not found</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"IBMTPCHK" (IBMTPCHK)</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\system32\Drivers\IBMBLDID.sys</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"Imagedrv" (Imagedrv)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\System32\DRIVERS\imagedrv.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"IVI ASPI Shell" (Iviaspi)</td> <td>"InterVideo, Inc."</td> <td>C:\WINDOWS\System32\drivers\iviaspi.sys</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"lbrtfdc" (lbrtfdc)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\system32\drivers\lbrtfdc.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Logitech LVPrcMon Driver" (LVPrcMon)</td> <td>"Logitech Inc."</td> <td>C:\WINDOWS\system32\drivers\LVPrcMon.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Padus ASPI Shell" (Pfc)</td> <td>"Padus, Inc."</td> <td>C:\WINDOWS\System32\drivers\pfc.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"PalmUSBD" (PalmUSBD)</td> <td>"Palm, Inc."</td> <td>C:\WINDOWS\System32\drivers\PalmUSBD.sys</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"PCDRNDISUIO Usermode I/O Protocol" (PcdrNdisuio)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"PCIDump" (PCIDump)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\system32\drivers\PCIDump.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"PDCOMP" (PDCOMP)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\system32\drivers\PDCOMP.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"PDFRAME" (PDFRAME)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\system32\drivers\PDFRAME.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"PDRELI" (PDRELI)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\system32\drivers\PDRELI.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"PDRFRAME" (PDRFRAME)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\system32\drivers\PDRFRAME.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"PMEM" (PMEM)</td> <td>"Microsoft Corporation"</td> <td>C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"PORTMON" (PORTMON)</td> <td class="notfound"></td> <td class="notfound">C:\Programme\sysinternals\PortMon\PORTMSYS.SYS</td> <td class="notfound">File not found</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"PQNTDrv" (PQNTDrv)</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\system32\drivers\PQNTDrv.sys</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"PSI" (PSI)</td> <td>"Secunia"</td> <td>C:\WINDOWS\System32\DRIVERS\psi_mf.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"PxHelp20" (PxHelp20)</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\Drivers\PxHelp20.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Shockprf" (Shockprf)</td> <td>"Lenovo."</td> <td>C:\WINDOWS\System32\DRIVERS\Apsx86.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Smapint" (Smapint)</td> <td>"Microsoft Corporation"</td> <td>C:\WINDOWS\System32\drivers\Smapint.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Sony Ericsson Device 039 Driver driver (WDM)" (SE27bus)</td> <td>"MCCI"</td> <td>C:\WINDOWS\System32\DRIVERS\SE27bus.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)" (se27nd5)</td> <td>"MCCI"</td> <td>C:\WINDOWS\System32\DRIVERS\se27nd5.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)" (se27unic)</td> <td>"MCCI"</td> <td>C:\WINDOWS\System32\DRIVERS\se27unic.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)" (SE27mgmt)</td> <td>"MCCI"</td> <td>C:\WINDOWS\System32\DRIVERS\SE27mgmt.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Sony Ericsson Device 039 USB WMC Modem Driver" (SE27mdm)</td> <td>"MCCI"</td> <td>C:\WINDOWS\System32\DRIVERS\SE27mdm.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Sony Ericsson Device 039 USB WMC Modem Filter" (SE27mdfl)</td> <td>"MCCI"</td> <td>C:\WINDOWS\System32\DRIVERS\SE27mdfl.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Sony Ericsson Device 039 USB WMC OBEX Interface" (SE27obex)</td> <td>"MCCI"</td> <td>C:\WINDOWS\System32\DRIVERS\SE27obex.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"speedfan" (speedfan)</td> <td>"Windows (R) 2000 DDK provider"</td> <td>C:\WINDOWS\System32\speedfan.sys</td> <td>File exists</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"StarOpen" (StarOpen)</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\system32\drivers\StarOpen.sys</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"SyGate for NT, wg3n" (wg3n)</td> <td>"Sygate Technologies, Inc."</td> <td>C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"SyGate for NT, wg4n" (wg4n)</td> <td>"Sygate Technologies, Inc."</td> <td>C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"SyGate for NT, wg5n" (wg5n)</td> <td>"Sygate Technologies, Inc."</td> <td>C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"SyGate for NT, wg6n" (wg6n)</td> <td>"Sygate Technologies, Inc."</td> <td>C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys</td> <td>File exists</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"TDSMAPI" (TDSMAPI)</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\System32\drivers\TDSMAPI.SYS</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Teefer for NT" (Teefer)</td> <td>"Sygate Technologies, Inc."</td> <td>C:\WINDOWS\System32\Drivers\Teefer.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TPDiskPM" (TPDiskPM)</td> <td>"Lenovo, Ltd. and IBM Corporation"</td> <td>C:\WINDOWS\system32\drivers\TPDiskPM.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TPHKDRV" (TPHKDRV)</td> <td>"IBM Corporation"</td> <td>C:\WINDOWS\System32\DRIVERS\TPHKDRV.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TPInput" (TPInput)</td> <td>"Lenovo, Ltd. and IBM Corporation."</td> <td>C:\WINDOWS\System32\DRIVERS\TPInput.sys</td> <td>File exists</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"TPPWRIF" (TPPWRIF)</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\System32\drivers\Tppwrif.sys</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"TSMAPIP" (TSMAPIP)</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\System32\drivers\TSMAPIP.SYS</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ui11rdr" (ui11rdr)</td> <td>"1&1 Internet AG"</td> <td>C:\WINDOWS\System32\DRIVERS\ui11rdr.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"uigxrdr" (uigxrdr)</td> <td>"GMX GmbH"</td> <td>C:\WINDOWS\System32\DRIVERS\uigxrdr.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ultradfg" (ultradfg)</td> <td>"UltraDefrag Development Team"</td> <td>C:\WINDOWS\System32\DRIVERS\ultradfg.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"USB 2.0 10/100Base Ethernet Adapter" (GWUSB2E)</td> <td>"Generic "</td> <td>C:\WINDOWS\System32\DRIVERS\GWUSB2E.sys</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"USB Storage Adapter V2 (TPP)" (TPP200)</td> <td>"In-System Design, Inc."</td> <td>C:\WINDOWS\System32\DRIVERS\TPP200.SYS</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"WDICA" (WDICA)</td> <td class="notfound"></td> <td class="notfound">C:\WINDOWS\system32\drivers\WDICA.sys</td> <td class="notfound">File not found</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"wpsdrvnt" (wpsdrvnt)</td> <td>"Sygate Technologies, Inc."</td> <td>C:\WINDOWS\system32\drivers\wpsdrvnt.sys</td> <td>File exists</td> </tr> <tr> <td class="group" colspan="6">Explorer</td> </tr> <tr> <td class="reg" colspan="6">HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath"</td> <td>"Microsoft Corporation"</td> <td>c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install</td> <td>File exists</td> </tr> <tr> <td class="reg" colspan="6">HKLM\Software\Classes\Folder\shellex\ColumnHandlers</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension"</td> <td>"Adobe Systems, Inc."</td> <td>C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{30351349-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\TortoiseSVN\bin\TortoiseStub.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"</td> <td></td> <td>C:\Programme\OpenOffice\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll</td> <td>File exists</td> </tr> <tr> <td class="reg" colspan="6">HKLM\Software\Classes\Protocols\Filter</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1"</td> <td>"Microsoft Corporation"</td> <td>C:\WINDOWS\system32\mscoree.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1"</td> <td>"Microsoft Corporation"</td> <td>C:\WINDOWS\system32\mscoree.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1"</td> <td>"Microsoft Corporation"</td> <td>C:\WINDOWS\system32\mscoree.dll</td> <td>File exists</td> </tr> <tr> <td class="reg" colspan="6">HKLM\Software\Classes\Protocols\Handler</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class"</td> <td>"Skype Technologies"</td> <td>C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0"</td> <td>"Microsoft Corporation"</td> <td>C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll</td> <td>File exists</td> </tr> <tr> <td class="reg" colspan="6">HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension"</td> <td>"Igor Pavlov"</td> <td>C:\Programme\7-Zip\7-zip.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{472083B0-C522-11CF-8763-00608CC02F24} "avast"</td> <td>"AVAST Software"</td> <td>C:\Programme\Alwil Software\Avast5\ashShell.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{6af09ec9-b429-11d4-a1fb-0090960218cb} "Bluetooth-Umgebung"</td> <td>"Broadcom Corporation."</td> <td>C:\WINDOWS\system32\BTNEIG~1.DLL</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung"</td> <td class="notfound"></td> <td class="notfound">deskpan.dll</td> <td class="notfound">File not found</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">{FCF608CF-5716-47C3-A1A8-991D873AF72B} "Delphi Context Menu Shell Extension Example"</td> <td class="nodetails"></td> <td class="nodetails">C:\Programme\Exifer\exifershellext.dll</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{5CA3D70E-1895-11CF-8E15-001234567890} "DriveLetterAccess"</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\DLA\DLASHX_W.DLL</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">{56160A70-D083-4856-9998-F565ABC03F86} "FolderSizes Shell Extension"</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache"</td> <td>"Microsoft Corporation"</td> <td>c:\WINDOWS\system32\mscoree.dll</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung"</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{fc181130-05a0-11d6-8140-000102e745a6} "Mein P910i"</td> <td>"Teleca Software Solutions AB"</td> <td>C:\Programme\Sony Ericsson\Mobile\auexpext.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class"</td> <td>"Broadcom Corporation."</td> <td>C:\WINDOWS\system32\btncopy.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler"</td> <td></td> <td>C:\Programme\OpenOffice\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler"</td> <td></td> <td>C:\Programme\OpenOffice\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler"</td> <td></td> <td>C:\Programme\OpenOffice\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer"</td> <td></td> <td>C:\Programme\OpenOffice\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung"</td> <td>"Microsoft Corporation"</td> <td>C:\PROGRA~1\MICROS~3\Office\OLKFSTUB.DLL</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class"</td> <td>"RealNetworks, Inc."</td> <td>c:\program files\real\realplayer\rpshell.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{E91B2703-013E-4A99-AD33-2B6FB00AA356} "RecordNow! ContextMenuExt"</td> <td></td> <td>C:\Programme\Sonic\RecordNow!\RecordNow!\shlext.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{DEE12703-6333-4D4E-8F34-738C4DCC2E04} "RecordNow! SendToExt"</td> <td></td> <td>C:\Programme\Sonic\RecordNow!\RecordNow!\shlext.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References"</td> <td>"Microsoft Corporation"</td> <td>c:\WINDOWS\system32\dfshim.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{62DF97A2-3635-4412-AE30-80B164BC88AD} "ShellContextMenuHandler Class"</td> <td>"1&1 Internet AG"</td> <td>C:\Programme\1&1\1&1 Upload-Manager\SHNDLERS.DLL</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{D6613619-EDAA-451e-AA0C-671737CF6022} "ShellContextMenuHandler Class"</td> <td>"GMX GmbH"</td> <td>C:\Programme\GMX\GMX Upload-Manager\SHNDLERS.DLL</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung"</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References"</td> <td>"Microsoft Corporation"</td> <td>c:\WINDOWS\system32\dfshim.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class"</td> <td>"Advanced Micro Devices, Inc."</td> <td>C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">{01D8AD1E-46C9-4882-925C-CC29D9A99858} "SKTimeStamp"</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">{738D66C6-0149-4D40-84E4-A7BB2D0CE949} "Sony Ericsson File Manager"</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{46605027-5B8C-4DCE-BFE0-051B7972D64C} "TortoiseHg"</td> <td>"TortoiseHg Project"</td> <td>C:\Programme\TortoiseHg\ThgShellx86.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{869C8877-2C3C-438D-844B-31B86BFE5E8A} "TortoiseHg"</td> <td>"TortoiseHg Project"</td> <td>C:\Programme\TortoiseHg\ThgShellx86.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{9E3D4EC9-0624-4393-8B48-204C217ED1FF} "TortoiseHg"</td> <td>"TortoiseHg Project"</td> <td>C:\Programme\TortoiseHg\ThgShellx86.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{AF42ADAB-8C2E-4285-B746-99B31094708E} "TortoiseHg"</td> <td>"TortoiseHg Project"</td> <td>C:\Programme\TortoiseHg\ThgShellx86.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{CDA1C89D-E9B5-4981-A857-82DD932EA2FD} "TortoiseHg"</td> <td>"TortoiseHg Project"</td> <td>C:\Programme\TortoiseHg\ThgShellx86.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{30351346-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\TortoiseSVN\bin\TortoiseStub.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{30351347-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\TortoiseSVN\bin\TortoiseStub.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{30351348-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\TortoiseSVN\bin\TortoiseStub.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{30351349-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\TortoiseSVN\bin\TortoiseStub.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{3035134A-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\TortoiseSVN\bin\TortoiseStub.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{3035134B-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\TortoiseSVN\bin\TortoiseStub.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{3035134C-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\TortoiseSVN\bin\TortoiseStub.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{3035134D-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\TortoiseSVN\bin\TortoiseStub.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{3035134E-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\TortoiseSVN\bin\TortoiseStub.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{3035134F-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\TortoiseSVN\bin\TortoiseStub.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{30351350-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\TortoiseSVN\bin\TortoiseStub.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{C5994560-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{C5994561-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{C5994562-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{C5994563-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{C5994564-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{C5994565-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{C5994566-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{C5994567-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{C5994568-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN"</td> <td>"hxxp://tortoisesvn.net"</td> <td>C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll</td> <td>File exists</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} "UnlockerShellExtension"</td> <td class="nodetails"></td> <td class="nodetails">C:\Programme\Unlocker\UnlockerCOM.dll</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR"</td> <td class="nodetails"></td> <td class="nodetails">C:\Programme\WinRAR\rarext.dll</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{E0D79304-84BE-11CE-9641-444553540000} "WinZip"</td> <td>"WinZip Computing, Inc."</td> <td>C:\PROGRA~1\WINZIP\WZSHLSTB.DLL</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{E0D79305-84BE-11CE-9641-444553540000} "WinZip"</td> <td>"WinZip Computing, Inc."</td> <td>C:\PROGRA~1\WINZIP\WZSHLSTB.DLL</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{E0D79306-84BE-11CE-9641-444553540000} "WinZip"</td> <td>"WinZip Computing, Inc."</td> <td>C:\PROGRA~1\WINZIP\WZSHLSTB.DLL</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{E0D79307-84BE-11CE-9641-444553540000} "WinZip"</td> <td>"WinZip Computing, Inc."</td> <td>C:\PROGRA~1\WINZIP\WZSHLSTB.DLL</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">Rename-It! extension "{A64BBF5F-1250-4083"</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td class="group" colspan="6">Internet Explorer</td> </tr> <tr> <td class="reg" colspan="6">HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound"><binary data> "ITBarLayout"</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td class="reg" colspan="6">HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{106E49CF-797A-11D2-81A2-00E02C015623} "AlternaTIFF ActiveX"<br>hxxp://www.alternatiff.com/install-ie/alttiff.cab</td> <td>"Medical Informatics Engineering, Inc."</td> <td>C:\WINDOWS\Downloaded Program Files\alttiff.ocx</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{2DAD3559-2923-4935-AD49-B673D2539944} "IASRunner Class"<br>hxxp://www-307.ibm.com/pc/support/acpir.cab</td> <td></td> <td>C:\WINDOWS\Downloaded Program Files\acpir2.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_21"<br>hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab</td> <td>"Sun Microsystems, Inc."</td> <td>C:\Programme\Java\jre6\bin\npjpi160_21.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21"<br>hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab</td> <td>"Sun Microsystems, Inc."</td> <td>C:\Programme\Java\jre6\bin\npjpi160_21.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21"<br>hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab</td> <td>"Sun Microsystems, Inc."</td> <td>C:\Programme\Java\jre6\bin\npjpi160_21.dll</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">Microsoft XML Parser for Java "Microsoft XML Parser for Java"<br>file://C:\WINDOWS\Java\classes\xmldso.cab</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool"<br>hxxp://go.microsoft.com/fwlink/?linkid=39204</td> <td>"Microsoft Corporation"</td> <td>C:\WINDOWS\system32\legitcheckcontrol.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{15A7CF10-CB3E-4265-8779-9FD22619E8ED} "XPanel Class"<br>hxxp://192.168.1.205/XPanel.cab</td> <td>"Crestron Electronics, Inc."</td> <td>C:\WINDOWS\Downloaded Program Files\cmxpanel.dll</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}"<br>hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} "{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}"<br>hxxp://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}"<br>hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}"<br>hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">{F74959B0-1779-472E-BE6E-3023E1DBEC73} "{F74959B0-1779-472E-BE6E-3023E1DBEC73}"<br>hxxp://192.168.1.205/XInit.cab</td> <td class="notfound"></td> <td class="notfound"></td> <td class="notfound">File not found | COM-object registry key not found</td> </tr> <tr> <td class="reg" colspan="6">HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"@btrez.dll,-4015"</td> <td></td> <td>C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{86529161-034E-4F8A-88D2-3C625E612E04} "Run WinHTTrack"</td> <td></td> <td>C:\Programme\WinHTTrack\WinHTTrackIEBar.dll</td> <td>File exists</td> </tr> <tr> <td class="reg" colspan="6">HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper"</td> <td>"Adobe Systems Incorporated"</td> <td>C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{5CA3D70E-1895-11CF-8E15-001234567890} "DriveLetterAccess"</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\DLA\DLASHX_W.DLL</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper"</td> <td>"Sun Microsystems, Inc."</td> <td>C:\Programme\Java\jre6\bin\jp2ssv.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class"</td> <td>"Sun Microsystems, Inc."</td> <td>C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer"</td> <td>"RealPlayer"</td> <td>C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll</td> <td>File exists</td> </tr> <tr> <td class="group" colspan="6">Logon</td> </tr> <tr> <td class="reg" colspan="6">%AllUsersProfile%\Startmenü\Programme\Autostart</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"desktop.ini"</td> <td></td> <td>C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Digital Line Detect.lnk"</td> <td>"BVRP Software"</td> <td>C:\Program Files\Digital Line Detect\DLG.exe</td> <td>Shortcut exists | File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"EPSON SMART PANEL.lnk"</td> <td>"NewSoft"</td> <td>C:\Programme\EPSON\SMART PANEL\SmaPanel.exe</td> <td>Shortcut exists | File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"EPSON Status Monitor 3 Environment Check.lnk"</td> <td>"SEIKO EPSON CORPORATION"</td> <td>C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE</td> <td>Shortcut exists | File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Fax-Controller.lnk"</td> <td>"NewSoft Technology Corporation"</td> <td>C:\Programme\EPSON\SMART PANEL\faxicore.exe</td> <td>Shortcut exists | File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"FRITZ!DSL Startcenter.lnk"</td> <td>"AVM Berlin"</td> <td>C:\Programme\FRITZ!DSL\StCenter.exe</td> <td>Shortcut exists | File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Telefonverbindungsmonitor.lnk"</td> <td>"Teleca Software Solutions AB"</td> <td>C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe</td> <td>Shortcut exists | File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Erinnerungen in Microsoft Works-Kalender.lnk"</td> <td>"Microsoft® Corporation"</td> <td>C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe</td> <td>Shortcut exists | File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"BTTray.lnk"</td> <td>"Broadcom Corporation."</td> <td>C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe</td> <td>Shortcut exists | File exists</td> </tr> <tr> <td class="reg" colspan="6">%UserProfile%\Startmenü\Programme\Autostart</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"desktop.ini"</td> <td></td> <td>C:\Dokumente und Einstellungen\+++\Startmenü\Programme\Autostart\desktop.ini</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"FRITZ!DSL Protect.lnk"</td> <td>"AVM Berlin"</td> <td>C:\Programme\FRITZ!DSL\FwebProt.exe</td> <td>Shortcut exists | File exists</td> </tr> <tr> <td class="reg" colspan="6">HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"AVMUSBFernanschluss"</td> <td>"AVM Berlin"</td> <td>C:\Dokumente und Einstellungen\+++\Lokale Einstellungen\Apps\2.0\P2PN3W8Y.MX4\860T49LP.4CK\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\AVMAutoStart.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ibmmessages"</td> <td>"IBM"</td> <td>C:\Programme\IBM\Messages By IBM\ibmmessages.exe</td> <td>File exists</td> </tr> <tr> <td class="reg" colspan="6">HKLM\Software\Microsoft\Windows\CurrentVersion\Run</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ACTray"</td> <td>"Lenovo "</td> <td>C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ACWLIcon"</td> <td>"Lenovo "</td> <td>C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Adobe ARM"</td> <td>"Adobe Systems Incorporated"</td> <td>"C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Adobe Reader Speed Launcher"</td> <td>"Adobe Systems Incorporated"</td> <td>"C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"AppleSyncNotifier"</td> <td>"Apple Inc."</td> <td>C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ATIPTA"</td> <td>"ATI Technologies, Inc."</td> <td>"C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"avast5"</td> <td>"AVAST Software"</td> <td>"C:\Programme\Alwil Software\Avast5\avastUI.exe" /nogui</td> <td>File exists</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"BLOG"</td> <td class="nodetails"></td> <td class="nodetails">rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"CoolSwitch"</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\system32\taskswitch.exe</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"DLA"</td> <td>"Sonic Solutions"</td> <td>C:\WINDOWS\System32\DLA\DLACTRLW.EXE</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"EZEJMNAP"</td> <td>"Lenovo Group Ltd."</td> <td>C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"FinePrint Dispatcher v4"</td> <td>"FinePrint Software, LLC"</td> <td>C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\fpdisp4.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ibmmessages"</td> <td>"IBM"</td> <td>C:\Programme\IBM\Messages By IBM\ibmmessages.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"IBMPRC"</td> <td>"IBM Corp."</td> <td>C:\IBMTOOLS\UTILS\ibmprc.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ISUSPM Startup"</td> <td>"InstallShield Software Corporation"</td> <td>C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ISUSScheduler"</td> <td>"InstallShield Software Corporation"</td> <td>"C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"LogitechCommunicationsManager"</td> <td>"Logitech Inc."</td> <td>"C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe"</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"LogitechQuickCamRibbon"</td> <td>"Logitech Inc."</td> <td>"C:\Programme\Logitech\QuickCam10\QuickCam10.exe" /hide</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Message Center Plus"</td> <td></td> <td>C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe /start</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Microsoft Works Portfolio"</td> <td>"Microsoft® Corporation"</td> <td>C:\Programme\Microsoft Works\WksSb.exe /AllUsers</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Microsoft Works Update Detection"</td> <td>"Microsoft® Corporation"</td> <td>C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"PWRMGRTR"</td> <td>"Lenovo Group Limited"</td> <td>rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"QuickTime Task"</td> <td>"Apple Inc."</td> <td>"C:\Programme\QuickTime\QTTask.exe" -atboottime</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"RemoteControl"</td> <td>"Cyberlink Corp."</td> <td>"C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe"</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"SmcService"</td> <td>"Sygate Technologies, Inc."</td> <td>C:\PROGRA~1\Sygate\SPF\smc.exe -startgui</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"SoundMAXPnP"</td> <td>"Analog Devices, Inc."</td> <td>C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"StartCCC"</td> <td>"Advanced Micro Devices, Inc."</td> <td>"C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"SunJavaUpdateSched"</td> <td>"Sun Microsystems, Inc."</td> <td>"C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TkBellExe"</td> <td>"RealNetworks, Inc."</td> <td>"C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TortoiseHgOverlayIconServer"</td> <td></td> <td>C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TP4EX"</td> <td>"Lenovo Group Limited"</td> <td>tp4ex.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TPHOTKEY"</td> <td>"Lenovo Group Limited"</td> <td>C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe</td> <td>File exists</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"TPKBDLED"</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\system32\TpScrLk.exe</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TPKMAPHELPER"</td> <td>"IBM Corp."</td> <td>C:\Programme\ThinkPad\Utilities\TpKmapAp.exe -helper</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TPP Auto Loader"</td> <td>"In-System Design, Inc."</td> <td>C:\WINDOWS\TPPALDR.EXE</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TpShocks"</td> <td>"Lenovo."</td> <td>TpShocks.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"tsnp2std"</td> <td>"SONIX"</td> <td>C:\WINDOWS\tsnp2std.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TVT Scheduler Proxy"</td> <td>"Lenovo Group Limited"</td> <td>C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe</td> <td>File exists</td> </tr> <tr> <td class="group" colspan="6">Network Providers</td> </tr> <tr> <td class="reg" colspan="6">HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"1&1 SmartDrive"</td> <td>"1&1 Internet AG"</td> <td>C:\WINDOWS\System32\ui11np.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"GMX MediaCenter"</td> <td>"GMX GmbH"</td> <td>C:\WINDOWS\System32\uigxnp.dll</td> <td>File exists</td> </tr> <tr> <td class="group" colspan="6">Print Monitors</td> </tr> <tr> <td class="reg" colspan="6">HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"avm:"</td> <td>"AVM Berlin GmbH"</td> <td>C:\WINDOWS\system32\avmprmon.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Bluetooth-Druckeranschluss"</td> <td>"Broadcom Corporation."</td> <td>C:\WINDOWS\system32\bthcrp.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"doPDF 7 Monitor"</td> <td>"Softland"</td> <td>C:\WINDOWS\system32\dopdfmn7.dll</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"EPSON STM3 2KMonitor9"</td> <td>"SEIKO EPSON CORPORATION"</td> <td>C:\WINDOWS\system32\E_SL2009.DLL</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"FPR4:"</td> <td>"FinePrint Software, LLC"</td> <td>C:\WINDOWS\system32\fpmon4.dll</td> <td>File exists</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"PDF995 Monitor"</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\system32\pdfmon.dll</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td class="group" colspan="6">Services</td> </tr> <tr> <td class="reg" colspan="6">HKLM\SYSTEM\CurrentControlSet\Services</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32)</td> <td>"Microsoft Corporation"</td> <td>C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Ac Profile Manager Service" (AcPrfMgrSvc)</td> <td>"Lenovo "</td> <td>C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Access Connections Main Service" (AcSvc)</td> <td>"Lenovo "</td> <td>C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ASP.NET-Zustandsdienst" (aspnet_state)</td> <td>"Microsoft Corporation"</td> <td>C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"avast! Antivirus" (avast! Antivirus)</td> <td>"AVAST Software"</td> <td>C:\Programme\Alwil Software\Avast5\AvastSvc.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"avast! Mail Scanner" (avast! Mail Scanner)</td> <td>"AVAST Software"</td> <td>C:\Programme\Alwil Software\Avast5\AvastSvc.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"avast! Web Scanner" (avast! Web Scanner)</td> <td>"AVAST Software"</td> <td>C:\Programme\Alwil Software\Avast5\AvastSvc.exe</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"AVM FRITZ!web Routing Service" (de_serv)</td> <td class="notfound"></td> <td class="notfound">C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe</td> <td class="notfound">File not found</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"AVM IGD CTRL Service" (IGDCTRL)</td> <td>"AVM Berlin"</td> <td>C:\Programme\FRITZ!DSL\IGDCTRL.EXE</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Bluetooth Service" (btwdins)</td> <td>"Broadcom Corporation."</td> <td>C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe</td> <td>File exists</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"Google Update Service (gupdate)" (gupdate)</td> <td class="notfound"></td> <td class="notfound">"C:\Programme\Google\Update\GoogleUpdate.exe" /svc</td> <td class="notfound">File not found</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"HID Input Service" (HidServ)</td> <td class="notfound"></td> <td class="notfound"> C:\WINDOWS\System32\hidserv.dll</td> <td class="notfound">File not found</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"IBM KCU Service" (TpKmpSVC)</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\system32\TpKmpSVC.exe</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"InstallDriver Table Manager" (IDriverT)</td> <td>"Macrovision Corporation"</td> <td>C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Intel(R) PROSet/Wireless Event Log" (EvtEng)</td> <td>"Intel(R) Corporation"</td> <td>C:\Programme\Intel\WiFi\bin\EvtEng.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Intel(R) PROSet/Wireless Registry Service" (RegSrvc)</td> <td>"Intel(R) Corporation"</td> <td>C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Intel(R) PROSet/Wireless WiFi Service" (S24EventMonitor)</td> <td>"Intel(R) Corporation"</td> <td>C:\Programme\Intel\WiFi\bin\S24EvMon.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Java Quick Starter" (JavaQuickStarterService)</td> <td>"Sun Microsystems, Inc."</td> <td>C:\Programme\Java\jre6\bin\jqs.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Lavasoft Ad-Aware Service" (aawservice)</td> <td>"Lavasoft"</td> <td>C:\Programme\Lavasoft\Ad-Aware\aawservice.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Lenovo Doze Mode Service" (DozeSvc)</td> <td>"Lenovo."</td> <td>C:\Programme\ThinkPad\Utilities\DOZESVC.EXE</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Logitech Process Monitor" (LVPrcSrv)</td> <td>"Logitech Inc."</td> <td>c:\programme\gemeinsame dateien\logishrd\lvmvfm\LVPrcSrv.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"LVSrvLauncher" (LVSrvLauncher)</td> <td>"Logitech Inc."</td> <td>C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe</td> <td>File exists</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"NMSAccessU" (NMSAccessU)</td> <td class="nodetails"></td> <td class="nodetails">C:\WINDOWS\system32\NMSAccessU.exe</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Power Manager DBC Service" (Power Manager DBC Service)</td> <td></td> <td>C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"SoundMAX Agent Service" (SoundMAX Agent Service (default))</td> <td>"Analog Devices, Inc."</td> <td>C:\Programme\Analog Devices\SoundMAX\SMAgent.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Sygate Personal Firewall" (SmcService)</td> <td>"Sygate Technologies, Inc."</td> <td>C:\Programme\Sygate\SPF\smc.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"System Update" (SUService)</td> <td>"Lenovo Group Limited"</td> <td>c:\programme\lenovo\system update\suservice.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ThinkPad HDD APS Logging Service" (TPHDEXLGSVC)</td> <td>"Lenovo."</td> <td>C:\WINDOWS\System32\TPHDEXLG.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"ThinkVantage Registry Monitor Service" (ThinkVantage Registry Monitor Service)</td> <td>"Lenovo Group Limited"</td> <td>C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"TVT Scheduler" (TVT Scheduler)</td> <td>"Lenovo Group Limited"</td> <td>C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Ulead Burning Helper" (UleadBurningHelper)</td> <td>"Ulead Systems, Inc."</td> <td>C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Windows CardSpace" (idsvc)</td> <td>"Microsoft Corporation"</td> <td>C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0)</td> <td>"Microsoft Corporation"</td> <td>c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe</td> <td>File exists</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"X10 Device Network Service" (x10nets)</td> <td>"X10"</td> <td>C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe</td> <td>File exists</td> </tr> <tr> <td class="group" colspan="6">Winlogon</td> </tr> <tr> <td class="reg" colspan="6">HKCU\Control Panel\IOProcs</td> </tr> <tr> <td class="notfound"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="notfound">"MVB"</td> <td class="notfound"></td> <td class="notfound">mvfs32.dll</td> <td class="notfound">File not found</td> </tr> <tr> <td class="reg" colspan="6">HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"tpfnf2"</td> <td class="nodetails"></td> <td class="nodetails">C:\Programme\Lenovo\HOTKEY\notifyf2.dll</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td class="nodetails"><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td class="nodetails">"tphotkey"</td> <td class="nodetails"></td> <td class="nodetails">C:\Programme\Lenovo\HOTKEY\tphklock.dll</td> <td class="nodetails">File found, but it contains no detailed information</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"WgaLogon"</td> <td>"Microsoft Corporation"</td> <td>C:\WINDOWS\system32\WgaLogon.dll</td> <td>File exists</td> </tr> <tr> <td class="group" colspan="6">Winsock Providers</td> </tr> <tr> <td class="reg" colspan="6">HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"Sarah NSP"</td> <td>"AVM Berlin"</td> <td>C:\Programme\FRITZ!DSL\sarah.dll</td> <td>File exists</td> </tr> <tr> <td class="reg" colspan="6">HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries</td> </tr> <tr> <td><input type="checkbox" disabled checked></td> <td class="rs rn"> </td> <td>"SARAH LSP"</td> <td>"AVM Berlin"</td> <td>C:\Programme\FRITZ!DSL\sarah.dll</td> <td>File exists</td> </tr> </table> <p>If You have questions or want to get some help, You can visit <a href="hxxp://forum.online-solutions.ru" target="_blank">hxxp://forum.online-solutions.ru</a></p> </body></html> Code:
ATTFilter für MBRCheck.....txt ist leider der Zugriff von hier nicht erlaubt, obwohl in den All Users Ordner verschoben.
Also wieder zurück zum Administrator, um zu sehen, was da los ist.
|
|
11.10.2010, 12:07
| #38 |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden?Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x000007fc
Kernel Drivers (total 200):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D1000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9F78000 ACPI.sys
0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB9F67000 pci.sys
0xBA0A8000 isapnp.sys
0xBA4BC000 compbatt.sys
0xBA4C0000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xB9F49000 pcmcia.sys
0xBA0B8000 MountMgr.sys
0xB9F2A000 ftdisk.sys
0xBA5AC000 dmload.sys
0xB9F04000 dmio.sys
0xBA330000 PartMgr.sys
0xBA4C4000 ACPIEC.sys
0xBA671000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xBA4C8000 TPDiskPM.sys
0xBA0C8000 VolSnap.sys
0xB9EEC000 atapi.sys
0xBA0D8000 disk.sys
0xBA0E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB9ECC000 fltmgr.sys
0xB9EBA000 sr.sys
0xB9EA4000 DRVMCDB.SYS
0xBA338000 PxHelp20.sys
0xB9E8D000 KSecDD.sys
0xBA340000 DozeHDD.sys
0xB9E00000 Ntfs.sys
0xB9DD3000 NDIS.sys
0xBA0F8000 ApsHM86.sys
0xB9DB6000 Teefer.sys
0xBA5AE000 speedfan.sys
0xB9D96000 Apsx86.sys
0xBA108000 sbp2port.sys
0xBA118000 ohci1394.sys
0xBA128000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xB9D7C000 Mup.sys
0xBA672000 giveio.sys
0xBA178000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xBA188000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB9945000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xB9909000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB98DE000 \SystemRoot\system32\DRIVERS\b57xp32.sys
0xBA370000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB98BA000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBA378000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB969C000 \SystemRoot\system32\DRIVERS\w29n51.sys
0xB965C000 \SystemRoot\system32\drivers\smwdm.sys
0xB9638000 \SystemRoot\system32\drivers\portcls.sys
0xBA1A8000 \SystemRoot\system32\drivers\drmk.sys
0xB9615000 \SystemRoot\system32\drivers\ks.sys
0xB95F5000 \SystemRoot\system32\drivers\aeaudio.sys
0xB95B9000 \SystemRoot\system32\DRIVERS\HSFHWICH.sys
0xB94C5000 \SystemRoot\system32\DRIVERS\HSF_DPV.sys
0xB9414000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xBA3A0000 \SystemRoot\System32\Drivers\Modem.SYS
0xBA1C8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xBA3B8000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBA5B6000 \SystemRoot\System32\DRIVERS\TPInput.sys
0xB93DD000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xBA5BA000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xBA1D8000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xB936C000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xBA3C8000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBA3D8000 \SystemRoot\system32\DRIVERS\fdc.sys
0xBA1E8000 \SystemRoot\system32\DRIVERS\serial.sys
0xBA5A0000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB9358000 \SystemRoot\system32\DRIVERS\parport.sys
0xBA3E0000 \SystemRoot\system32\DRIVERS\nscirda.sys
0xBA5A4000 \SystemRoot\system32\DRIVERS\irenum.sys
0xBA3F0000 \SystemRoot\system32\DRIVERS\tpm.sys
0xB9D3F000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xBA400000 \SystemRoot\system32\DRIVERS\ibmpmdrv.sys
0xBA1F8000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA208000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA218000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB933F000 \SystemRoot\system32\DRIVERS\avmaura.sys
0xBA418000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB9246000 \SystemRoot\system32\DRIVERS\btkrnl.sys
0xBA7B9000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBA430000 \SystemRoot\system32\DRIVERS\rasirda.sys
0xBA278000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB9D0F000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB918F000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA288000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA2A8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB917E000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA2B8000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xBA450000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBA460000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB914E000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xBA2C8000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBA478000 \SystemRoot\system32\DRIVERS\psadd.sys
0xBA5C2000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB90F0000 \SystemRoot\system32\DRIVERS\update.sys
0xB993D000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xBA488000 \SystemRoot\system32\DRIVERS\btport.sys
0xBA2F8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xBA168000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xB9327000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xBA5CC000 \SystemRoot\System32\Drivers\DLACDBHM.SYS
0xBA5D0000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA679000 \SystemRoot\System32\Drivers\Null.SYS
0xBA5D4000 \SystemRoot\System32\Drivers\Beep.SYS
0xBA358000 \SystemRoot\System32\Drivers\DLARTL_N.SYS
0xBA368000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xBA380000 \SystemRoot\System32\drivers\vga.sys
0xBA5D8000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA5DC000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA390000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA3A8000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB9317000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB4FAB000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB4F52000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB91F6000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xB4F2C000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB91E6000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB91D6000 \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys
0xB91C6000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xB4EDC000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB90DC000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xB4EBA000 \SystemRoot\System32\drivers\afd.sys
0xB90D4000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB91B6000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB91A6000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB4E95000 \SystemRoot\System32\DRIVERS\uigxrdr.sys
0xB4E70000 \SystemRoot\System32\DRIVERS\ui11rdr.sys
0xBA408000 \SystemRoot\System32\drivers\TSMAPIP.SYS
0xBA410000 \SystemRoot\System32\drivers\Tppwrif.sys
0xBA428000 \SystemRoot\system32\DRIVERS\TPHKDRV.sys
0xBA438000 \SystemRoot\System32\drivers\TDSMAPI.SYS
0xBA440000 \SystemRoot\System32\drivers\Smapint.sys
0xB4DD5000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xBA6B5000 \SystemRoot\System32\Drivers\PQNTDrv.SYS
0xB4D3D000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xBA5E6000 \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys
0xBA258000 \SystemRoot\System32\Drivers\Fips.SYS
0xB4D16000 \SystemRoot\System32\Drivers\aswSP.SYS
0xBA590000 \SystemRoot\System32\drivers\ANC.SYS
0xBA468000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xB932B000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB4CCA000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xB4F1C000 \SystemRoot\system32\DRIVERS\GWUSB2E.sys
0xBA480000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xBA4A8000 \SystemRoot\system32\DRIVERS\usbprint.sys
0xBA360000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB504E000 \SystemRoot\system32\DRIVERS\ser2pl.sys
0xB4F14000 \SystemRoot\System32\Drivers\usbbc.sys
0xB4F08000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB4CB2000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA5F4000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB90B8000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA3C0000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA6D2000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF065000 \SystemRoot\System32\ati2cqag.dll
0xBF0FE000 \SystemRoot\System32\atikvmag.dll
0xBF182000 \SystemRoot\System32\atiok3x2.dll
0xBF1CD000 \SystemRoot\System32\ati3duag.dll
0xBF572000 \SystemRoot\System32\ativvaxx.dll
0xBA588000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xB2913000 \??\C:\WINDOWS\system32\drivers\ACEDRV05.sys
0xB500E000 \SystemRoot\System32\Drivers\DRVNDDM.SYS
0xBA753000 \SystemRoot\System32\DLA\DLADResN.SYS
0xB28FD000 \SystemRoot\System32\DLA\DLAIFS_M.SYS
0xB29E2000 \SystemRoot\System32\DLA\DLAOPIOM.SYS
0xBA64C000 \SystemRoot\System32\DLA\DLAPoolM.SYS
0xB4E20000 \SystemRoot\System32\DLA\DLABOIOM.SYS
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xB281D000 \SystemRoot\System32\DLA\DLAUDFAM.SYS
0xB2807000 \SystemRoot\System32\DLA\DLAUDF_M.SYS
0xB2639000 \SystemRoot\system32\DRIVERS\irda.sys
0xB273B000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB272F000 \SystemRoot\system32\DRIVERS\s24trans.sys
0xB2629000 \SystemRoot\SYSTEM32\Drivers\wg3n.sys
0xB2621000 \SystemRoot\SYSTEM32\Drivers\wg4n.sys
0xB2611000 \SystemRoot\SYSTEM32\Drivers\wg5n.sys
0xB2733000 \SystemRoot\SYSTEM32\Drivers\wg6n.sys
0xB23F2000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xB22D2000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB1965000 \SystemRoot\system32\drivers\wdmaud.sys
0xB1938000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xB2092000 \SystemRoot\system32\drivers\sysaudio.sys
0xB1C1A000 \SystemRoot\System32\Drivers\Aspi32.SYS
0xB1289000 \SystemRoot\System32\Drivers\HTTP.sys
0xB11E2000 \SystemRoot\system32\DRIVERS\srv.sys
0xB12EE000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xBA5F0000 \??\C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS
0xB1B8A000 \SystemRoot\system32\DRIVERS\secdrv.sys
0xBA388000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xBA398000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xBF9C5000 \SystemRoot\System32\spool\DRIVERS\W32X86\2\fpgraph4.dll
0xBFF50000 \SystemRoot\System32\TSDDD.dll
0x7C910000 \WINDOWS\system32\ntdll.dll
Processes (total 151):
0 System Idle Process
4 System
980 C:\WINDOWS\system32\smss.exe
1216 csrss.exe
1264 C:\WINDOWS\system32\winlogon.exe
1340 C:\WINDOWS\system32\services.exe
1352 C:\WINDOWS\system32\lsass.exe
1524 C:\WINDOWS\system32\ibmpmsvc.exe
1568 C:\WINDOWS\system32\ati2evxx.exe
1588 C:\WINDOWS\system32\svchost.exe
1680 svchost.exe
1840 C:\WINDOWS\system32\svchost.exe
1896 C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
340 C:\Programme\Intel\WiFi\bin\S24EvMon.exe
396 svchost.exe
708 svchost.exe
1096 C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
1276 C:\Programme\Alwil Software\Avast5\AvastSvc.exe
2056 C:\WINDOWS\system32\spoolsv.exe
2128 C:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\LVPrcSrv.exe
2376 svchost.exe
2100 C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
3808 svchost.exe
4068 C:\Programme\ThinkPad\Utilities\DOZESVC.EXE
760 C:\Programme\Intel\WiFi\bin\EvtEng.exe
3396 PresentationFontCache.exe
2164 C:\WINDOWS\system32\svchost.exe
3184 C:\Programme\FRITZ!DSL\IGDCTRL.EXE
3092 C:\Programme\Java\jre6\bin\jqs.exe
3948 C:\WINDOWS\system32\NMSAccessU.exe
3848 C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe
1404 C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
4100 C:\WINDOWS\system32\svchost.exe
4168 C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
4256 C:\WINDOWS\system32\TpKmpSvc.exe
4384 C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
4712 C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
4864 C:\WINDOWS\system32\fxssvc.exe
5012 C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe
5128 C:\Programme\Lenovo\System Update\SUService.exe
5340 C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe
2248 C:\PROGRA~1\COMMON~1\X10\Common\X10nets.exe
2624 wmiprvse.exe
3212 C:\WINDOWS\system32\wbem\wmiapsrv.exe
4972 alg.exe
5884 C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
6732 realupgrade.exe
8168 C:\WINDOWS\system32\ati2evxx.exe
2440 explorer.exe
6412 TSVNCache.exe
8068 tsnp2std.exe
6348 TpShocks.exe
3640 tppaldr.exe
6976 TpScrLk.exe
6444 TPOSDSVC.exe
2768 SynTPEnh.exe
2764 SMax4PNP.exe
7888 vsnp2std.exe
2920 PDVDServ.exe
3572 rundll32.exe
7816 issch.exe
6620 ibmprc.exe
3700 ibmmessages.exe
7340 fpdisp4.exe
1200 EZEJMNAP.EXE
3440 DLACTRLW.EXE
1020 TaskSwitch.exe
1192 TPONSCR.exe
7112 TpScrex.exe
3160 rundll32.exe
4908 scheduler_proxy.exe
3868 Communications_Helper.exe
3020 QuickCam10.exe
4768 MCPLaunch.exe
6056 ACTray.exe
1432 ACWLIcon.exe
3792 MOM.exe
2548 TortoiseHgOverlayServer.exe
528 jusched.exe
3244 realsched.exe
7608 AvastUI.exe
7204 ctfmon.exe
2544 Skype.exe
3744 SynTPLpr.exe
5384 wmpnscfg.exe
3384 BTTray.exe
5168 DLG.exe
4136 SmaPanel.exe
7296 WkCalRem.exe
5632 audevicemgr.exe
1888 FwebProt.exe
6316 StCenter.exe
7924 HOTSYNC.EXE
8136 fritzbox-usb-fernanschluss.exe
4144 LVComSX.exe
3324 CCC.exe
948 MROUTE~2.EXE
2616 CONNMN~1.EXE
2824 COCIManager.exe
3176 skypePM.exe
1768 firefox.exe
9492 plugin-container.exe
7972 csrss.exe
4292 C:\WINDOWS\system32\winlogon.exe
8328 C:\WINDOWS\system32\ati2evxx.exe
9412 C:\WINDOWS\explorer.exe
9104 C:\Programme\TortoiseSVN\bin\TSVNCache.exe
7500 C:\WINDOWS\tsnp2std.exe
9128 C:\WINDOWS\system32\TpShocks.exe
8848 C:\WINDOWS\tppaldr.exe
276 C:\WINDOWS\system32\TpScrLk.exe
3456 C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe
8416 C:\Programme\Synaptics\SynTP\SynTPEnh.exe
5784 C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
9160 C:\WINDOWS\vsnp2std.exe
8108 C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe
288 C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
8288 C:\Programme\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
4140 C:\WINDOWS\system32\rundll32.exe
9988 C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
5716 C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
7684 C:\IBMTOOLS\utils\ibmprc.exe
8628 C:\Programme\IBM\Messages By IBM\ibmmessages.exe
1416 C:\WINDOWS\system32\spool\drivers\w32x86\2\fpdisp4.exe
8952 C:\PROGRA~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE
10112 C:\WINDOWS\system32\dla\DLACTRLW.EXE
9328 C:\WINDOWS\system32\TaskSwitch.exe
9408 C:\WINDOWS\system32\rundll32.exe
7024 C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe
1676 C:\Programme\Gemeinsame Dateien\logishrd\LComMgr\Communications_Helper.exe
10076 C:\Programme\Logitech\QuickCam10\QuickCam10.exe
3804 C:\Programme\Lenovo\Message Center Plus\MCPLaunch.exe
8276 C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
4548 C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.exe
8584 C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe
1456 C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
7732 C:\Programme\Alwil Software\Avast5\AvastUI.exe
8236 C:\Programme\Synaptics\SynTP\SynTPLpr.exe
8528 C:\Dokumente und Einstellungen\+++\Lokale Einstellungen\Apps\2.0\P2PN3W8Y.MX4\860T49LP.4CK\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe
9708 C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe
9996 C:\Program Files\Digital Line Detect\DLG.exe
6600 C:\Programme\EPSON\SMART PANEL\SmaPanel.exe
8036 C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
8640 C:\Programme\Sony Ericsson\Mobile\audevicemgr.exe
3468 C:\Programme\FRITZ!DSL\FwebProt.exe
8020 C:\Programme\Gemeinsame Dateien\logishrd\LComMgr\LVComSX.exe
9740 C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
8736 C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
8924 C:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE
9180 C:\Programme\Gemeinsame Dateien\logishrd\LQCVFX\COCIManager.exe
6504 C:\Dokumente und Einstellungen\All Users\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000018`b5e3cc00 (FAT32)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x00000016`32aa0a00 (FAT32)
\\.\G: --> \\.\PhysicalDrive0 at offset 0x00000017`338fa400 (FAT32)
\\.\H: --> \\.\PhysicalDrive0 at offset 0x0000000f`e146c800 (NTFS)
\\.\I: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)
\\.\J: --> \\.\PhysicalDrive1 at offset 0x00000024`366bb800 (NTFS)
\\.\K: --> \\.\PhysicalDrive1 at offset 0x0000002e`ff1a3600 (NTFS)
PhysicalDrive0 Model Number: SAMSUNGHM160HC, Rev: LQ100-10
PhysicalDrive1 Model Number: WDC WD2500BB-55GUA0, Rev:
Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 38CA05E08340C4AE507EF76A4F8EA9A9594E071E
232 GB \\.\PhysicalDrive1 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice: Enter the physical disk number to dump (0-99, -1 to exit): 0Dumping \\.\PhysicalDisk0...
Enter filename to dump to: NonStandard0_from_IBM_R52.mbrDumped successfully!
Enter the physical disk number to dump (0-99, -1 to exit): -1
Done!
|
|
11.10.2010, 13:01
| #39 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ist Trojaner Trojan.Agent jemals aktiv geworden? Starte den Rechner neu und wähle im Bootmenü die Wiederherstellungskonsole aus. Tipp dort den Befehl fixmbr ein (dann Enter, mit j bestätigen) danach den Befehl fixboot (dann Enter, mit j bestätigen) Mit exit (dann enter drücken) wird der Rechner neu gestartet. Führe im normalen Windowsmodus mbrcheck nochmals aus und poste das neue Log.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.10.2010, 14:12
| #40 |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden? Sicherheitshalber muß ich da leider noch mal dazwischen fragen: fixboot erscheint mir nicht so gefährlich, denn das sollte nur die Windows-Partition betreffen Mit fixmbr befürchte ich, daß dann anschließend die Recovery-Partition meines IBM ThinkPad R52 nicht mehr geht, d.h. per AccessIBM bzw. F11-Taste während dem booten startbar ist. Der MBR besteht hier aus wenigstens 9 Sektoren, und der normale Microsoft MBR ist doch nur 1 Sector groß (?) Bist Du sicher, daß fixmbr die obige Recovery-Funktionalität mit beinhaltet und aufrecht erhält? |
|
11.10.2010, 15:24
| #41 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ist Trojaner Trojan.Agent jemals aktiv geworden?Zitat:
Das erste was man macht ist Recover-Medien zu brennen, wenn man Wert auf die Recover-Geschichte legt!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.10.2010, 15:52
| #42 | |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden? Was man sollte, weiß ich, habe ich aber leider nicht. Das separate Herstellen eines externen Recovery-Mediums habe ich gemäß Removing IBM Rescue & Recovery - ibmfilter.sys problems Code:
ATTFilter hxxp://forums.lenovo.com/t5/T61-and-prior-T-series-ThinkPad/Removing-IBM-Rescue-amp-Recovery-ibmfilter-sys-problems/m-p/60680
Code:
ATTFilter hxxp://sourceware.org/ml/cygwin/2010-01/msg00161.html
Zitat:
Es wäre für mich also von hohem Wert zu wissen, ob mein MBR tatsächlich malware-korrumpiert ist, oder lediglich in korrekter Weise von einem original Microsoft-MBR abweicht. Also was genau testet MBRCheck hier? Geändert von Herzmann (11.10.2010 um 16:00 Uhr) Grund: Links als code eingefügt, da sonst automatisch überschrieben |
|
11.10.2010, 19:32
| #43 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ist Trojaner Trojan.Agent jemals aktiv geworden? Tja, falls denn der neue MBR tatsächlich die Recovery-Partition unbootbar macht, müsstest Du den MBR vorher sichern. Ich weiß nicht ob das mit sowas wie Testdisk geht, mit Linux über die Konsole geht das auf jeden Fall.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.10.2010, 20:37
| #44 | |
| | Ist Trojaner Trojan.Agent jemals aktiv geworden?Zitat:
Wir wüßten immer noch nicht, ob mein MBR Malware-frei ist. |
|
11.10.2010, 20:41
| #45 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ist Trojaner Trojan.Agent jemals aktiv geworden?Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Ist Trojaner Trojan.Agent jemals aktiv geworden? |
| aktiv, anti-malware, avast, board, code, datei, dateien, einstellungen, explorer, frage, infizierte, infizierte dateien, internet, internet explorer, laufzeit, log, löschen, malwarebytes, phänomen, recycler, rum, service, sicherheitscenter, trojan.agent, trojaner, version, windows, worm.autorun.b |
Linear-Darstellung
