Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien (https://www.trojaner-board.de/118710-bundespolizei-computer-wurde-gesperrt-ohne-verschluesselte-dateien.html)

123click 06.07.2012 16:15
Bundespolizei - Ihr Computer wurde gesperrt - ohne verschlüsselte Dateien
 
Hallo liebe TB-Cracks,

heute erhielt ich eine Meldung, dass mein Computer nun gesperrt sei, war auch so. Unterlegt war das ganze mit einer Zahlungsaufforderung (100 €) und einem Bundespolizeilogo. Die Meldung sah in etwa so aus wie bei Mitglied "itsme42" vom 24.06..Habe mich dann in einem anderen Konto eingeloggt und mbam laufen lassen. Hier das log:
Code:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.29.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Nino :: STEFFI-PC [limited]

Protection: Enabled

06.07.2012 13:47:56
mbam-log-2012-07-06 (13-47-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 179221
Time elapsed: 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Steffi\0.8205128083309062.exe (Trojan.Agent.Gen) -> Delete on reboot.

(end)
Dann den neuesten Wiederherstellungspunkt gesucht und System zurück gesetzt.
Wieder in mein Konto - alles funktioniert wieder.
Nochmaliges scannen mit mbam:
Code:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.06.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Steffi :: STEFFI-PC [Administrator]

Schutz: Aktiviert

06.07.2012 14:12:21
mbam-log-2012-07-06 (14-12-21).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 433354
Laufzeit: 15 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Steffi\Downloads\dllcentral_d16586.exe (PUP.BundleInstaller.IQ) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Diesmal ging auch was in die Quarantäne.
Außerdem sind mir noch zwei Dinge aufgefallen: Eine Datei namens "czsuwjoensdagaa" ohne Dateinamenerweiterung und ein Ordner "wjonzjvnfenvuqi" mit dem Logo der Bundespolizei, weiteren Bildchen und einer html-Datei, etc. Beides natürlich von heute.
Hier die otl-logs:
OTL Logfile:
Code:
OTL logfile created on: 06.07.2012 16:41:05 - Run 1
OTL by OldTimer - Version 3.2.53.1    Folder = C:\Users\Steffi\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,32 Gb Available Physical Memory | 78,99% Memory free
15,99 Gb Paging File | 14,25 Gb Available in Paging File | 89,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 1,83 Gb Free Space | 3,76% Space Free | Partition Type: NTFS
Drive D: | 62,97 Gb Total Space | 32,98 Gb Free Space | 52,38% Space Free | Partition Type: NTFS
Drive G: | 48,83 Gb Total Space | 45,45 Gb Free Space | 93,08% Space Free | Partition Type: NTFS
Drive H: | 100,22 Gb Total Space | 59,44 Gb Free Space | 59,31% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 110,34 Gb Free Space | 11,85% Space Free | Partition Type: NTFS
 
Computer Name: STEFFI-PC | User Name: Steffi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.06 16:21:27 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Steffi\Downloads\OTL.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.02.29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.01.06 16:30:00 | 001,446,760 | ---- | M] (Garmin) -- D:\Programme\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2010.11.16 15:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2009.11.20 13:17:54 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.09.24 15:59:40 | 000,707,184 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
PRC - [2009.09.24 15:59:36 | 000,850,544 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
PRC - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
PRC - [2009.07.27 16:54:14 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Steffi\AppData\Roaming\Mobile Partner\ouc.exe
PRC - [2009.07.15 13:43:46 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.14 20:25:22 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012.06.14 20:25:12 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012.06.14 20:25:10 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012.06.14 20:25:06 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012.06.14 20:25:05 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012.05.10 15:19:21 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012.05.10 15:19:21 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll
MOD - [2012.05.10 15:03:53 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
MOD - [2012.05.10 15:02:44 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012.05.10 15:02:42 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012.05.10 15:02:40 | 000,736,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\5a3beae8b211b91bfc620c029cf4c2d4\System.Security.ni.dll
MOD - [2012.05.10 15:02:39 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012.05.10 15:02:35 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.09.24 15:59:50 | 000,255,384 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\winphook.dll
MOD - [2009.09.24 15:59:40 | 000,707,184 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
MOD - [2009.09.24 15:59:36 | 000,850,544 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.11.20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.11.16 15:38:16 | 000,339,456 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.24 09:20:04 | 000,088,064 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Realtek\Smart Dual Lan\SDLService.exe -- (SDLService)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2009.07.15 13:43:46 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.01.17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.30 18:19:32 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010.12.24 11:48:38 | 000,221,312 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.12.23 09:48:28 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010.07.27 09:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2010.04.27 11:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.04.13 16:08:04 | 000,022,568 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter)
DRV:64bit: - [2010.04.13 16:08:04 | 000,016,936 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiRemFil.sys -- (SiRemFil)
DRV:64bit: - [2010.04.13 16:08:00 | 000,340,008 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Si3124r5.sys -- (Si3124r5)
DRV:64bit: - [2010.03.22 11:57:20 | 000,347,680 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.11.20 13:16:02 | 000,177,152 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009.11.20 13:15:58 | 000,075,776 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.07.15 13:43:30 | 000,020,592 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PdiPorts.sys -- (PdiPorts)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2012.07.06 14:36:01 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010.01.21 07:23:28 | 000,017,392 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Realtek\Smart Dual Lan\rtkio.sys -- (rtkio)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DC A4 3C 1D 18 4B CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{D737D121-03B4-4743-98DC-D1BB06D17F74}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: d:\Programme\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.7: D:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: d:\Programme\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.19 23:25:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: D:\Programme\Mozilla Thunderbird\components [2012.06.20 12:25:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: D:\Programme\Mozilla Thunderbird\plugins [2010.09.24 10:03:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.20 12:17:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2011.06.22 12:45:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: D:\Programme\Mozilla Thunderbird\components [2012.06.20 12:25:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: D:\Programme\Mozilla Thunderbird\plugins [2010.09.24 10:03:55 | 000,000,000 | ---D | M]
 
[2012.06.19 13:30:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steffi\AppData\Roaming\mozilla\Extensions
[2012.06.19 13:30:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steffi\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.06.19 13:30:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\apjzir3v.default\extensions
[2012.06.29 00:08:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\e5zmxj5s.default\extensions
[2012.06.19 13:30:57 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\e5zmxj5s.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012.06.19 13:30:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\e5zmxj5s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.06.19 13:30:57 | 000,000,000 | ---D | M] (Wortliste von hxxp://tkltrans.sf.net (alte und neue deutsche Rechtschreibung)) -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\e5zmxj5s.default\extensions\de-DE-comb@dictionaries.addons.mozilla.org
[2012.06.19 13:30:57 | 000,000,000 | ---D | M] (Dictionary Switcher) -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\e5zmxj5s.default\extensions\dictionary-switcher@design-noir.de
[2012.06.19 13:30:57 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\e5zmxj5s.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2012.06.19 13:30:57 | 000,000,000 | ---D | M] (Dictionnaire français «Classique & Réforme 1990») -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\e5zmxj5s.default\extensions\fr-classique-reforme1990@dictionaries.addons.mozilla.org
[2012.06.19 13:30:57 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\e5zmxj5s.default\extensions\personas@christopher.beard
[2012.06.19 13:30:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steffi\AppData\Roaming\mozilla\Firefox\Profiles\q2mk66j9.default\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = D:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = D:\Programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = D:\Programme\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = D:\Programme\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = D:\Programme\VideoLAN\VLC\npvlc.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2011.07.01 12:47:07 | 000,000,592 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 wip4.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Garmin Lifetime Updater] D:\Programme\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [HW_OPENEYE_OUC_Mobile Partner] D:\Programme\Mobile Partner\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found
O4 - HKCU..\Run: [Xvid] D:\Programme\Xvid\CheckUpdate.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: microsoft.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] * in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.windowsupdate] * in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]* in Trusted sites)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13C4357C-E7DB-4879-A02A-5E46811691E2}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98633FEB-0FF4-4A5D-A394-80DEDCE7CF51}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9a4d304b-a3d6-11e1-bd8c-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{9a4d304b-a3d6-11e1-bd8c-6cf049ed8b76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b1154766-c71e-11df-b02a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b1154766-c71e-11df-b02a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{f4302ff3-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f4302ff3-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f430302d-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f430302d-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f430303a-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f430303a-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f430304c-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f430304c-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f4303086-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f4303086-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f4303090-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f4303090-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f43030b5-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f43030b5-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f43030cd-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f43030cd-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f43030d7-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f43030d7-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f43030e9-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f43030e9-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f43030ec-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f43030ec-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f4303106-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f4303106-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{f4303114-a565-11e1-b5d0-6cf049ed8b76}\Shell - "" = AutoRun
O33 - MountPoints2\{f4303114-a565-11e1-b5d0-6cf049ed8b76}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.06 15:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.07.06 13:42:06 | 000,000,000 | ---D | C] -- C:\ProgramData\wjonzjvnfenvuqi
[2012.07.01 16:48:32 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\ParetoLogic
[2012.07.01 16:48:32 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\DriverCure
[2012.07.01 16:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2012.06.23 22:40:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.06.23 22:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.06.23 22:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.06.19 15:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Garmin
[2012.06.19 13:30:50 | 000,000,000 | R--D | C] -- C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.06.19 13:30:50 | 000,000,000 | R--D | C] -- C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.06.19 13:30:50 | 000,000,000 | R--D | C] -- C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.06.19 13:30:50 | 000,000,000 | R--D | C] -- C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.06.19 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\Talkback
[2012.06.19 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\SharePod
[2012.06.19 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\OpenOffice.org
[2012.06.19 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\NVIDIA
[2012.06.19 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
[2012.06.19 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\Media Center Programs
[2012.06.19 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\Macromedia
[2012.06.19 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kampfjets 3D
[2012.06.19 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\Identities
[2012.06.19 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012.06.19 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\DisplayTune
[2012.06.18 16:16:14 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012.06.16 13:44:14 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Roaming\SumatraPDF
[2012.06.10 20:05:29 | 000,000,000 | ---D | C] -- C:\Users\Steffi\AppData\Local\Macromedia
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.06 16:14:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.06 15:40:52 | 000,000,448 | ---- | M] () -- C:\Users\Steffi\Documents\cc_20120706_154048.reg
[2012.07.06 15:40:05 | 000,000,705 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.07.06 14:43:05 | 000,013,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.06 14:43:05 | 000,013,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.06 14:40:15 | 001,492,424 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.06 14:40:15 | 000,651,996 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.06 14:40:15 | 000,614,184 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.06 14:40:15 | 000,129,036 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.06 14:40:15 | 000,105,426 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.06 14:37:25 | 000,000,460 | ---- | M] () -- C:\Users\Steffi\Documents\cc_20120706_143717.reg
[2012.07.06 14:36:07 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.06 14:36:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.06 14:35:49 | 2145,550,335 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.06 13:42:07 | 000,000,051 | ---- | M] () -- C:\ProgramData\czsuwjoensdagaa
[2012.07.03 13:00:40 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2012.07.03 12:58:10 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdu.DAT
[2012.07.02 11:38:15 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLbx.DAT
[2012.07.01 18:52:28 | 000,002,560 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012.07.01 18:52:28 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012.07.01 16:59:16 | 000,000,202 | ---- | M] () -- C:\Users\Steffi\Documents\cc_20120701_165908.reg
[2012.07.01 16:58:59 | 000,001,504 | ---- | M] () -- C:\Users\Steffi\Documents\cc_20120701_165853.reg
[2012.07.01 16:58:34 | 000,192,892 | ---- | M] () -- C:\Users\Steffi\Documents\cc_20120701_165815.reg
[2012.06.29 09:42:55 | 000,000,773 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.23 22:40:08 | 000,001,575 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.06.18 20:35:33 | 000,012,782 | ---- | M] () -- C:\Users\Steffi\Documents\Unbenannt2.JPG
[2012.06.18 12:41:39 | 000,014,005 | ---- | M] () -- C:\Users\Steffi\Documents\Vollmacht i. S. Mehr Stefan (Vorfall vom 30.04.2012).pdf
[2012.06.18 12:39:15 | 000,019,561 | ---- | M] () -- C:\Users\Steffi\Documents\Vollmacht i. S. Mehr Stefan (Vorfall vom 30.04.2012).rtf
[2012.06.18 12:37:57 | 000,021,419 | ---- | M] () -- C:\Users\Steffi\Documents\Vollmacht i. S. Mehr Stefan (Vorfall vom 30.04.2012).odt
[2012.06.16 13:14:16 | 002,530,574 | ---- | M] () -- C:\Users\Steffi\Documents\Garmin-Handbuch.pdf
[2012.06.14 21:46:37 | 004,851,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.11 12:42:17 | 000,103,838 | ---- | M] () -- C:\Users\Steffi\Documents\Briefmarken.1Stk.11.06.2012_1238.tif
 
========== Files Created - No Company Name ==========
 
[2012.07.06 15:40:50 | 000,000,448 | ---- | C] () -- C:\Users\Steffi\Documents\cc_20120706_154048.reg
[2012.07.06 15:40:05 | 000,000,705 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.07.06 14:37:19 | 000,000,460 | ---- | C] () -- C:\Users\Steffi\Documents\cc_20120706_143717.reg
[2012.07.06 13:42:03 | 000,000,051 | ---- | C] () -- C:\ProgramData\czsuwjoensdagaa
[2012.07.01 18:49:14 | 000,002,560 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012.07.01 18:49:14 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012.07.01 16:59:10 | 000,000,202 | ---- | C] () -- C:\Users\Steffi\Documents\cc_20120701_165908.reg
[2012.07.01 16:58:55 | 000,001,504 | ---- | C] () -- C:\Users\Steffi\Documents\cc_20120701_165853.reg
[2012.07.01 16:58:17 | 000,192,892 | ---- | C] () -- C:\Users\Steffi\Documents\cc_20120701_165815.reg
[2012.06.29 09:33:13 | 000,000,773 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.23 22:40:08 | 000,001,575 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.06.19 13:30:52 | 000,001,443 | ---- | C] () -- C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.06.19 13:30:52 | 000,001,409 | ---- | C] () -- C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.06.18 20:35:33 | 000,012,782 | ---- | C] () -- C:\Users\Steffi\Documents\Unbenannt2.JPG
[2012.06.18 12:41:38 | 000,014,005 | ---- | C] () -- C:\Users\Steffi\Documents\Vollmacht i. S. Mehr Stefan (Vorfall vom 30.04.2012).pdf
[2012.06.18 12:39:03 | 000,019,561 | ---- | C] () -- C:\Users\Steffi\Documents\Vollmacht i. S. Mehr Stefan (Vorfall vom 30.04.2012).rtf
[2012.06.18 12:37:54 | 000,021,419 | ---- | C] () -- C:\Users\Steffi\Documents\Vollmacht i. S. Mehr Stefan (Vorfall vom 30.04.2012).odt
[2012.06.16 13:25:57 | 002,530,574 | ---- | C] () -- C:\Users\Steffi\Documents\Garmin-Handbuch.pdf
[2012.06.11 12:40:39 | 000,103,838 | ---- | C] () -- C:\Users\Steffi\Documents\Briefmarken.1Stk.11.06.2012_1238.tif
[2012.02.29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.01.06 00:17:56 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Widgets
[2012.01.06 00:13:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\User Pictures
[2012.01.06 00:13:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\Piano Med
[2011.10.10 09:14:41 | 000,000,000 | ---- | C] () -- C:\Users\Steffi\AppData\Local\{4FA275A7-7412-4AAD-8448-25A7FA34ED3F}
[2011.06.22 16:04:44 | 000,269,919 | ---- | C] () -- C:\Users\Steffi\2freres07.jpg
[2011.05.31 18:03:35 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.05.31 18:03:35 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.11.20 12:55:15 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI
[2010.09.30 11:43:17 | 000,007,432 | ---- | C] () -- C:\Windows\SysWow64\Machnm32.sys
[2010.09.25 23:55:30 | 005,722,068 | ---- | C] () -- C:\Users\Steffi\boot_BASE+CSWITCH_1.cab
[2010.09.25 23:55:20 | 044,040,192 | ---- | C] () -- C:\Users\Steffi\boot_BASE+CSWITCH_1.etl
[2010.09.25 23:51:56 | 005,432,877 | ---- | C] () -- C:\Users\Steffi\bootPrep_BASE+CSWITCH_6.cab
[2010.09.25 23:51:46 | 047,185,920 | ---- | C] () -- C:\Users\Steffi\bootPrep_BASE+CSWITCH_6.etl
[2010.09.25 23:48:02 | 004,956,593 | ---- | C] () -- C:\Users\Steffi\bootPrep_BASE+CSWITCH_5.cab
[2010.09.25 23:47:54 | 045,088,768 | ---- | C] () -- C:\Users\Steffi\bootPrep_BASE+CSWITCH_5.etl
[2010.09.25 23:44:21 | 004,103,345 | ---- | C] () -- C:\Users\Steffi\bootPrep_BASE+CSWITCH_4.cab
[2010.09.25 23:44:14 | 047,185,920 | ---- | C] () -- C:\Users\Steffi\bootPrep_BASE+CSWITCH_4.etl
[2010.09.25 23:39:59 | 003,245,528 | ---- | C] () -- C:\Users\Steffi\bootPrep_BASE+CSWITCH_3.cab
[2010.09.25 23:39:53 | 042,991,616 | ---- | C] () -- C:\Users\Steffi\bootPrep_BASE+CSWITCH_3.etl
[2010.09.25 23:34:05 | 002,388,625 | ---- | C] () -- C:\Users\Steffi\bootPrep_BASE+CSWITCH_2.cab
[2010.09.25 23:34:00 | 050,331,648 | ---- | C] () -- C:\Users\Steffi\bootPrep_BASE+CSWITCH_2.etl
[2010.09.25 23:29:52 | 001,421,373 | ---- | C] () -- C:\Users\Steffi\bootPrep_BASE+CSWITCH_1.cab
[2010.09.25 23:29:48 | 045,088,768 | ---- | C] () -- C:\Users\Steffi\bootPrep_BASE+CSWITCH_1.etl
[2010.09.25 17:11:10 | 000,024,064 | ---- | C] () -- C:\Users\Steffi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.24 23:04:50 | 001,588,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.09.24 14:35:24 | 000,725,037 | ---- | C] () -- C:\Windows\unins000.exe
[2010.09.24 14:35:24 | 000,026,020 | ---- | C] () -- C:\Windows\unins000.dat
[2010.09.24 14:07:36 | 000,007,609 | ---- | C] () -- C:\Users\Steffi\AppData\Local\Resmon.ResmonCfg
[2010.09.24 10:34:02 | 000,000,268 | RH-- | C] () -- C:\ProgramData\WebServer
[2010.09.24 10:34:02 | 000,000,268 | -H-- | C] () -- C:\Users\Steffi\AppData\Roaming\User Pictures
[2010.09.24 10:34:02 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLck.DAT
[2010.09.24 10:34:00 | 000,000,268 | -H-- | C] () -- C:\Users\Steffi\AppData\Roaming\Utilities
[2010.09.24 10:30:43 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Radio Sounds
[2010.09.24 10:30:43 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Quartz Composer
[2010.09.24 10:30:43 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Project Templates
[2010.09.24 10:30:43 | 000,000,268 | -H-- | C] () -- C:\Users\Steffi\AppData\Roaming\PrintsService
[2010.09.24 10:30:43 | 000,000,268 | -H-- | C] () -- C:\Users\Steffi\AppData\Roaming\PrintingModule
[2010.09.24 10:30:43 | 000,000,268 | -H-- | C] () -- C:\Users\Steffi\AppData\Roaming\Printers
[2010.09.24 10:30:43 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2010.09.24 10:30:43 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2010.09.24 10:30:43 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2010.09.24 10:30:43 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Screen Savers
[2010.09.24 10:30:43 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Sci-Fi
[2010.09.24 10:30:43 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Sampler Files
[2010.09.24 10:23:55 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Pop Kit
[2010.09.24 10:23:55 | 000,000,268 | -H-- | C] () -- C:\Users\Steffi\AppData\Roaming\Plug-Ins
[2010.09.24 10:23:55 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010.09.24 10:23:55 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Profiles
[2010.09.24 10:17:10 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2010.09.23 18:54:12 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
 
========== LOP Check ==========
 
[2011.08.13 15:18:38 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.07.01 11:52:58 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010.09.24 19:06:39 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\com.mypicturetown.myptuploader.F9C4985A082C78528AFA4529A49FFE7D3454A64B.1
[2012.06.19 13:30:50 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\DisplayTune
[2012.07.01 16:48:32 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\DriverCure
[2012.04.08 17:03:13 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\elsterformular
[2010.09.24 12:17:33 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\Foxit
[2010.09.24 10:06:14 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\Foxit Software
[2012.06.19 13:30:50 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\Garmin
[2012.02.29 18:22:29 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\Klett
[2012.07.06 14:09:07 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\Mobile Partner
[2012.07.06 14:09:07 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\Nikon
[2012.06.19 13:30:50 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\Nvu
[2012.06.19 13:30:50 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\OpenOffice.org
[2012.07.01 16:48:32 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\ParetoLogic
[2012.05.06 14:29:37 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\pdfforge
[2012.06.19 13:30:50 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\SharePod
[2012.06.16 13:44:33 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\SumatraPDF
[2012.06.19 13:30:50 | 000,000,000 | ---D | M] -- C:\Users\Steffi\AppData\Roaming\Thunderbird
[2012.05.15 08:37:29 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---
und
OTL Logfile:
Code:
OTL Extras logfile created on: 06.07.2012 16:41:05 - Run 1
OTL by OldTimer - Version 3.2.53.1    Folder = C:\Users\Steffi\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,32 Gb Available Physical Memory | 78,99% Memory free
15,99 Gb Paging File | 14,25 Gb Available in Paging File | 89,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 1,83 Gb Free Space | 3,76% Space Free | Partition Type: NTFS
Drive D: | 62,97 Gb Total Space | 32,98 Gb Free Space | 52,38% Space Free | Partition Type: NTFS
Drive G: | 48,83 Gb Total Space | 45,45 Gb Free Space | 93,08% Space Free | Partition Type: NTFS
Drive H: | 100,22 Gb Total Space | 59,44 Gb Free Space | 59,31% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 110,34 Gb Free Space | 11,85% Space Free | Partition Type: NTFS
 
Computer Name: STEFFI-PC | User Name: Steffi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programme\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "D:\Programme\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programme\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [Browse with &IrfanView] -- "D:\Programme\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C187650-45A6-4270-AE0E-3B8D8A5708C6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0FE77EFD-F357-498C-B20E-865B49181B1D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{100B31FF-BD6D-41DF-AF97-0344AFC70DFA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14995D76-8D4B-42D1-891B-033AD08997AB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1987ECF9-ACF8-4236-8B93-DD1EE4786F2F}" = rport=445 | protocol=6 | dir=out | app=system |
"{1FECF2C7-BAD6-4DA0-BC71-14F2E7E1DED6}" = lport=138 | protocol=17 | dir=in | app=system |
"{31F2177A-AA65-44C3-824D-0E831A4CF2DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{34E003F1-61B6-4745-AC62-CF13DC4C98A7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46E2A7A7-E77E-49B6-8565-3F5F6DB40864}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4AFF6922-B034-4EEF-8ABA-AA388C1B0B8E}" = rport=139 | protocol=6 | dir=out | app=system |
"{5E747E52-1DB0-4294-891C-F2080418261E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{69742814-451E-499B-A68F-929C4E0B7F4D}" = rport=137 | protocol=17 | dir=out | app=system |
"{72E0C8CD-2599-47FE-8267-9A8EDECDE8D3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{77B5ABED-7912-48FA-A432-8D00B516BA19}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B4E76D6-55D5-4993-AF78-BD7B62CDB8E4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{81AB6976-573F-4EB2-BD23-64A8FD6A5A11}" = rport=138 | protocol=17 | dir=out | app=system |
"{8EE2415E-53D5-46D1-9689-F2B0793A8746}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9542591C-802D-4F1B-B866-EB05819844F0}" = lport=445 | protocol=6 | dir=in | app=system |
"{A811D272-6EE1-4339-B319-ED960C76F2A0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C50C17FA-6D70-4816-B8AA-B0E770C8D153}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C813C299-4839-4767-9A52-E11DCD25C9F5}" = lport=137 | protocol=17 | dir=in | app=system |
"{C87DF6D4-DCB2-4D35-B879-970E25784516}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB029C32-7AAE-4E13-AAA0-3FF5A7108B6A}" = lport=139 | protocol=6 | dir=in | app=system |
"{D2F29011-BFFE-4A84-A486-2012A60AFD2F}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework64\v3.0\windows communication foundation\smsvchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20324C75-42BF-46C8-8BBB-D946D4A135FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2402EC7C-FDBA-4B08-86EC-D7E749244FAB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2BB80E39-0EFD-4350-8CB3-D61E5F1419FA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{34770E80-CF87-4F78-8C69-F1B7A1CBD727}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{47387074-060F-4097-BA9B-3A66ED78D206}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4FAC377C-D63A-434D-8DA3-76761D9459BD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{531BD2A7-FBE2-4682-87B7-4C20371500DD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5709E223-D760-485F-A32A-36C1B3A8D2AB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5A065B65-2557-491E-8132-DD422FEB4931}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{721B4E95-5130-470D-8BC0-00C7F4A9CF13}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{73F7643B-B6C1-45AF-9D79-C2E9C54C471F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7456B36E-4CB5-4679-9247-C58503A3F142}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7FD06397-BA57-420B-AF0A-09058D76CEE2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{84F7C99F-F2FA-452E-9ACD-55B765A4F851}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{88CAADD0-8206-4318-AFDE-3B79574246E4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{999E83D1-15CF-40A7-A669-1938F800AABB}" = dir=out | app=d:\programme\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe |
"{A645CEC3-7A8D-423E-A3C3-0788E7CBB3D1}" = protocol=6 | dir=out | app=system |
"{B376CE7A-E2F4-493D-AB9A-A96474204AD9}" = dir=out | app=d:\programme\adobe\adobe illustrator cs5.1\support files\contents\windows\illustrator.exe |
"{BE6493EB-8AB1-4D7F-B322-E31F3F472CE1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE7F23E2-9062-4B9E-95F3-4412DE0A8074}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C0A6F9F1-A1E7-4778-888F-D1B3BEFA67DF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C42C4D45-DBE9-4512-B5C3-CBE2A2661040}" = dir=in | app=d:\programme\skype\phone\skype.exe |
"{C50C9428-B9AE-4CDE-8C46-34799B1F3F31}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D4812A0E-E710-4FB4-9371-F462E83FD66B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D72101A2-303D-488A-B2C7-25691DE0BD35}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E8E4131C-08CD-496C-A443-9801EF1326F6}" = dir=in | app=d:\programme\itunes\itunes.exe |
"{EE30523A-3D38-4711-9A1A-1A029F11958E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EF8DD6CC-B85F-43E6-A8D9-383CB78ACC3C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{D888C6D8-347D-4E56-A07C-A2D386B5A3D5}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{FD43B92E-88F2-4372-9784-BF4B2647D354}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{5F5C3336-4D2C-4B15-B815-108287582DCE}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{76F40EA5-AC90-47A4-B745-06C7218EA936}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11953C65-BB4E-4CA4-B0F0-2600A4B20040}" = Picture Control Utility x64
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{24190661-2122-40D1-9F7C-8FDEA5AE4197}" = Microsoft Windows Performance Toolkit
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4653CB40-DF74-3770-8FB0-24472395D885}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (40715)
"{5ba298a9-47dd-4c81-b0e2-3f2823d34339}.sdb" = nikon-config
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7298E5E5-90A7-3785-AAFA-AC335DA3178F}" = Microsoft Windows SDK for Windows 7 Common Utilities (40715)
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A216DF4A-28D1-3D94-ADA6-3AE50E42742D}" = Microsoft Windows SDK Intellisense and Reference Assemblies (40715)
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 296.10
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8ED63AE-B171-3D63-8C35-40B82C4A5FBA}" = Microsoft Windows SDK for Windows 7 (7.0)
"{B96F81BB-EFE4-46DE-BBD9-04DC87211805}" = FastPictureViewer 1.2 (64-bit)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SDKSetup_7.0.7600.16385.40715" = Microsoft Windows SDK for Windows 7 (7.0)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.1214.1
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}" = Garmin Lifetime Updater
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23767F5D-A80C-4264-B8EA-ED4085FC332A}" = Adobe Illustrator CS5.1
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{36D3FD7C-A497-8DE1-8932-2CF519CE2F13}" = my Picturetown Uploader
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5D90E53A-BD7C-8F32-9B82-7733D0F0BC8E}" = Adobe Download Assistant
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8E4B4330-1CE8-4725-9C7F-BD4CC995FF54}" = Garmin City Navigator Europe (Unicode) NT 2013.10 Update
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93656878-FF8B-4935-99BB-F3F260037C57}" = Lara Croft Tomb Raider: The Angel Of Darkness
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B862B671-59FD-7457-AFA0-C738FB7ABD60}" = Windows SDK Intellidocs
"{C054E561-E47E-409C-ABA1-230AA85C5120}" = FastPictureViewer WIC Codec Pack 1.66
"{C8616041-2802-4DE2-B3BD-6285AAD65C2A}" = Nikon RAW Codec
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}" = Nikon File Uploader 2
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB238A00-FB43-49C8-8955-6F1F430944B7}" = Smart Dual Lan
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Capture NX 2" = Capture NX 2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Color Efex Pro 3.0 Complete NX2" = Color Efex Pro 3.0 Complete for Capture NX 2
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.mypicturetown.myptuploader.F9C4985A082C78528AFA4529A49FFE7D3454A64B.1" = my Picturetown Uploader
"DivX Setup" = DivX-Setup
"Elevated Shortcut" = Elevated Shortcut
"ElsterFormular 11.5.1.4843" = ElsterFormular
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{93656878-FF8B-4935-99BB-F3F260037C57}" = Lara Croft Tomb Raider: The Angel Of Darkness
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"IrfanView" = IrfanView (remove only)
"Klett Lernsoftware Mathematik - Lambacher Schwei~F1920F00_is1" = Klett Lernsoftware Mathematik - Lambacher Schweizer (1. Lernjah
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
"Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SumatraPDF" = SumatraPDF
"Tomb Raider II" = Tomb Raider II
"Tomb Raider II Gold" = Tomb Raider II Gold
"Tomb Raider: Legend" = Tomb Raider: Legend 1.0
"VLC media player" = VLC media player 1.1.7
"Xvid Video Codec 1.3.1" = Xvid Video Codec
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"Mozilla Thunderbird 13.0.1 (x86 de)" = Mozilla Thunderbird 13.0.1 (x86 de)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 05.07.2012 03:30:49 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4009
 
Error - 05.07.2012 03:30:49 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4009
 
Error - 05.07.2012 03:30:50 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 05.07.2012 03:30:50 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5007
 
Error - 05.07.2012 03:30:50 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5007
 
Error - 05.07.2012 10:00:02 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 05.07.2012 10:00:02 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 999
 
Error - 05.07.2012 10:00:02 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 999
 
Error - 05.07.2012 10:00:03 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 05.07.2012 10:00:03 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1997
 
Error - 05.07.2012 10:00:03 | Computer Name = Steffi-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1997
 
Error - 06.07.2012 06:52:24 | Computer Name = Steffi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Foxit Reader.exe, Version: 4.1.1.805,
 Zeitstempel: 0x4c5a5003  Name des fehlerhaften Moduls: COMCTL32.dll, Version: 6.10.7601.17514,
 Zeitstempel: 0x4ce7b71c  Ausnahmecode: 0xc0000409  Fehleroffset: 0x000ab772  ID des fehlerhaften
 Prozesses: 0x11d4  Startzeit der fehlerhaften Anwendung: 0x01cd5b5b9c5e8c45  Pfad der
 fehlerhaften Anwendung: D:\Programme\Foxit Software\Foxit Reader\Foxit Reader.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll
Berichtskennung:
 aae0d8c7-c758-11e1-b99d-6cf049ed8b76
 
Error - 06.07.2012 06:52:55 | Computer Name = Steffi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Foxit Reader.exe, Version: 4.1.1.805,
 Zeitstempel: 0x4c5a5003  Name des fehlerhaften Moduls: COMCTL32.dll, Version: 6.10.7601.17514,
 Zeitstempel: 0x4ce7b71c  Ausnahmecode: 0xc0000409  Fehleroffset: 0x000ab772  ID des fehlerhaften
 Prozesses: 0xa20  Startzeit der fehlerhaften Anwendung: 0x01cd5b6579100012  Pfad der
 fehlerhaften Anwendung: D:\Programme\Foxit Software\Foxit Reader\Foxit Reader.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll
Berichtskennung:
 bd357f7e-c758-11e1-b99d-6cf049ed8b76
 
[ System Events ]
Error - 06.07.2012 07:48:58 | Computer Name = Steffi-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
 nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 
Error - 06.07.2012 07:51:47 | Computer Name = Steffi-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 06.07.2012 07:51:47 | Computer Name = Steffi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 06.07.2012 08:11:59 | Computer Name = Steffi-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 06.07.2012 08:11:59 | Computer Name = Steffi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 06.07.2012 08:13:17 | Computer Name = Steffi-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x800700c1 fehlgeschlagen: Windows Update Core
 
Error - 06.07.2012 08:38:03 | Computer Name = Steffi-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 06.07.2012 08:38:03 | Computer Name = Steffi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 06.07.2012 08:52:40 | Computer Name = Steffi-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x800700c1 fehlgeschlagen: Windows Update Core
 
Error - 06.07.2012 09:50:47 | Computer Name = Steffi-PC | Source = bowser | ID = 8003
Description =
 
 
< End of report >
--- --- ---
.

Wie soll ich nun weiter vorgehen? Ich gehe davon aus, dass außer den zwei auffälligen Dateien bzw. Ordnern noch irgend etwas versteckt ist, sonst wäre es wohl zu einfach.

Im Voraus vielen Dank für die Hilfe!

Gruß Stefan

markusg 06.07.2012 19:10
hi,
hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
:OTL
[2012/07/06 12:31:49 | 000,001,889 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk

 :Files
:Commands
[Reboot]


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

für eine weitere analyse benötige ich mal folgendes.
c:\Users\name\AppData\LocalLow\Sun\Java\Deployment\cache
dort rechtsklick auf den ordner cache, diesen mit winrar oder einem anderen programm packen, und im upload channel hochladen bitte
Trojaner-Board Upload Channel
teile mir mit, wenn fertig.

123click 06.07.2012 19:57
Hallo Markus,

auf c: habe ich im otl-Ordner folgendes gefunden (hoffe, du meintest das. Sieht aber so aus, als ob da ein falscher Name drinsteht):
Zitat:
========== OTL ==========
File C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.53.1 log created on 07062012_203540
Ist das normal, dass auf den Partitionen und Festplatten lauter neue Ordner sind, teils mit Vorhängeschlössern?
Upload ist fertig.

Gruß Stefan

markusg 06.07.2012 20:11
danke fürs hochladen, ordner waren schon immer da, aber versteckt.
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

123click 06.07.2012 20:51
Code:
ComboFix 12-07-06.02 - Steffi 06.07.2012  21:27:15.1.4 - x64
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.8190.6231 [GMT 2:00]
ausgeführt von:: c:\users\Steffi\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\adob
c:\programdata\adob\Adobe PDF\Extras\MAGAZINE Ad 2006 JPN.joboptions
c:\programdata\adob\Adobe PDF\Extras\PDFX1a 2001 JPN.joboptions
c:\programdata\adob\Adobe PDF\Extras\PDFX1a 2003 JPN.joboptions
c:\programdata\adob\Adobe PDF\Extras\PDFX1a 2003.joboptions
c:\programdata\adob\Adobe PDF\Extras\PDFX3 2002 JPN.joboptions
c:\programdata\adob\Adobe PDF\Extras\PDFX3 2003 JPN.joboptions
c:\programdata\adob\Adobe PDF\Extras\PDFX3 2003.joboptions
c:\programdata\adob\Adobe PDF\Extras\PDFX4 2008 JPN.joboptions
c:\programdata\adob\Adobe PDF\Extras\Rich Content PDF.joboptions
c:\programdata\adob\Adobe PDF\Settings\High Quality Print.joboptions
c:\programdata\adob\Adobe PDF\Settings\PDFX1a 2001.joboptions
c:\programdata\adob\Adobe PDF\Settings\PDFX3 2002.joboptions
c:\programdata\adob\Adobe PDF\Settings\PDFX4 2008.joboptions
c:\programdata\adob\Adobe PDF\Settings\Press Quality.joboptions
c:\programdata\adob\Adobe PDF\Settings\Smallest File Size.joboptions
c:\programdata\adob\AIR\eulaAccepted
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS-1D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS-1D Mark II Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS-1D Mark II N Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS-1D Mark III Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS-1D Mark IV Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS-1Ds Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS-1Ds Mark II Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS-1Ds Mark III Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 1000D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 10D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 20D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 20Da Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 300D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 30D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 350D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 400D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 40D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 450D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 500D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 50D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 5D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 5D Mark II Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS 7D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS D30 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon EOS D60 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot A5 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot A50 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot G1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot G10 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot G11 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot G2 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot G3 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot G5 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot G6 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot G9 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot Pro1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot Pro70 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot Pro90 IS Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot S30 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot S40 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot S45 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot S50 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot S60 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot S70 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot S90 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Canon PowerShot SX1 IS Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Casio EX-F1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Contax N Digital Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Epson R-D1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Epson R-D1s Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Epson R-D1x Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix E550 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix E900 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix F700 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix F710 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix F810 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S100FS Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S20Pro Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S2Pro Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S3Pro Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S5000 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S5100 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S5200 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S5500 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S5Pro Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S6000fd Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S7000 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S9000 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm FinePix S9100 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Fujifilm IS-1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Hasselblad 39-Coated Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Kodak Z1015 IS Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Kodak Z980 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Konica Minolta DiMAGE A2 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Konica Minolta DiMAGE A200 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Konica Minolta Maxxum 5D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Konica Minolta Maxxum 7D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf AFi 54S Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf AFi 65S Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf AFi 75S Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf Aptus 17 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf Aptus 22 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf Aptus 54S Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf Aptus 65 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf Aptus 65S Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf Aptus 75 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf Aptus 75S Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf C-Most Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf Valeo 11 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf Valeo 17 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf Valeo 22 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leaf Valeo 6 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leica D-LUX 3 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leica D-LUX 4 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leica D-Lux2 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leica Digilux 2 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leica DIGILUX 3 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leica M8 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leica M8 Digital Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leica M8 Digital Camera Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Leica V-LUX 1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\LEICA X1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\M8 Digital Camera Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\M9 Digital Camera Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Mamiya M18 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Mamiya M22 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Mamiya M31 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Mamiya ZD Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Minolta DiMAGE 5 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Minolta DiMAGE 7 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Minolta DiMAGE 7Hi Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Minolta DiMAGE 7i Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Minolta DiMAGE A1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon Coolpix 5000 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon Coolpix 5400 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon Coolpix 5700 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon Coolpix 8400 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon Coolpix 8700 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon Coolpix 8800 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon Coolpix P6000 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D100 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D1H Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D1X Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D200 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D2H Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D2Hs Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D2X Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D2Xs Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D3 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D300 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D3000 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D300S Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D3S Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D3X Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D40 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D40X Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D50 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D5000 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D60 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D70 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D700 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D70s Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D80 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Nikon D90 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus C-5050Z Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus C-5060WZ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus C-7000Z Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus C-7070WZ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus C-8080WZ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-10 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-20 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-3 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-30 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-300 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-330 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-400 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-410 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-420 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-450 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-500 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-510 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-520 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-620 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-P1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus E-P2 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus SP-310 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus SP-320 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus SP-350 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus SP-500UZ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus SP-510UZ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus SP-550UZ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus SP-560UZ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus SP-565UZ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Olympus SP-570UZ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-FX150 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-FZ18 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-FZ28 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-FZ30 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-FZ35 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-FZ50 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-FZ8 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-G1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-GF1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-GH1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-L1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-L10 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-LC1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-LX1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-LX2 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Panasonic DMC-LX3 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax istD Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax istDL Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax istDL2 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax istDS Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax istDS2 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax K-7 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax K-m Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\PENTAX K-x Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax K100D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax K100D Super Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax K10D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax K110D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax K2000 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax K200D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Pentax K20D Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Phase One H25 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Phase One P20 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Phase One P20+ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Phase One P21 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Phase One P21+ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Phase One P25 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Phase One P25+ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Phase One P30 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Phase One P30+ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Phase One P45 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Phase One P45+ Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\RICOH GR A12 50mm F2.5 MACRO Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Ricoh GR DIGITAL 3 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Ricoh RICOH GX200 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\RICOH S10 24-72mm F2.5-4.4 VC Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Samsung GX-1L Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Samsung GX-1S Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Samsung GX10 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\SAMSUNG GX20 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSC-F828 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSC-R1 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSC-V3 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSLR-A100 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSLR-A200 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSLR-A230 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSLR-A300 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSLR-A330 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSLR-A350 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSLR-A380 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSLR-A500 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSLR-A550 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSLR-A700 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSLR-A850 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Adobe Standard\Sony DSLR-A900 Adobe Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark II N\Canon EOS-1D Mark II N Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark II N\Canon EOS-1D Mark II N Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark II N\Canon EOS-1D Mark II N Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark II N\Canon EOS-1D Mark II N Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark II N\Canon EOS-1D Mark II N Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark II\Canon EOS-1D Mark II Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark II\Canon EOS-1D Mark II Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark II\Canon EOS-1D Mark II Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark II\Canon EOS-1D Mark II Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark II\Canon EOS-1D Mark II Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark III\Canon EOS-1D Mark III Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark III\Canon EOS-1D Mark III Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark III\Canon EOS-1D Mark III Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark III\Canon EOS-1D Mark III Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark III\Canon EOS-1D Mark III Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark IV\Canon EOS-1D Mark IV Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark IV\Canon EOS-1D Mark IV Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark IV\Canon EOS-1D Mark IV Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark IV\Canon EOS-1D Mark IV Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D Mark IV\Canon EOS-1D Mark IV Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D\Canon EOS-1D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D\Canon EOS-1D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D\Canon EOS-1D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D\Canon EOS-1D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1D\Canon EOS-1D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds Mark II\Canon EOS-1Ds Mark II Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds Mark II\Canon EOS-1Ds Mark II Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds Mark II\Canon EOS-1Ds Mark II Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds Mark II\Canon EOS-1Ds Mark II Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds Mark II\Canon EOS-1Ds Mark II Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds Mark III\Canon EOS-1Ds Mark III Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds Mark III\Canon EOS-1Ds Mark III Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds Mark III\Canon EOS-1Ds Mark III Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds Mark III\Canon EOS-1Ds Mark III Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds Mark III\Canon EOS-1Ds Mark III Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds\Canon EOS-1Ds Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds\Canon EOS-1Ds Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds\Canon EOS-1Ds Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds\Canon EOS-1Ds Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS-1Ds\Canon EOS-1Ds Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 1000D\Canon EOS 1000D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 1000D\Canon EOS 1000D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 1000D\Canon EOS 1000D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 1000D\Canon EOS 1000D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 1000D\Canon EOS 1000D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 10D\Canon EOS 10D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 10D\Canon EOS 10D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 10D\Canon EOS 10D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 10D\Canon EOS 10D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 10D\Canon EOS 10D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 20D\Canon EOS 20D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 20D\Canon EOS 20D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 20D\Canon EOS 20D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 20D\Canon EOS 20D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 20D\Canon EOS 20D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 20Da\Canon EOS 20Da Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 20Da\Canon EOS 20Da Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 20Da\Canon EOS 20Da Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 20Da\Canon EOS 20Da Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 20Da\Canon EOS 20Da Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 300D\Canon EOS 300D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 300D\Canon EOS 300D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 300D\Canon EOS 300D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 300D\Canon EOS 300D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 300D\Canon EOS 300D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 30D\Canon EOS 30D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 30D\Canon EOS 30D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 30D\Canon EOS 30D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 30D\Canon EOS 30D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 30D\Canon EOS 30D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 350D\Canon EOS 350D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 350D\Canon EOS 350D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 350D\Canon EOS 350D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 350D\Canon EOS 350D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 350D\Canon EOS 350D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 400D\Canon EOS 400D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 400D\Canon EOS 400D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 400D\Canon EOS 400D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 400D\Canon EOS 400D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 400D\Canon EOS 400D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 40D\Canon EOS 40D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 40D\Canon EOS 40D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 40D\Canon EOS 40D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 40D\Canon EOS 40D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 40D\Canon EOS 40D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 450D\Canon EOS 450D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 450D\Canon EOS 450D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 450D\Canon EOS 450D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 450D\Canon EOS 450D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 450D\Canon EOS 450D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 500D\Canon EOS 500D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 500D\Canon EOS 500D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 500D\Canon EOS 500D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 500D\Canon EOS 500D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 500D\Canon EOS 500D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 50D\Canon EOS 50D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 50D\Canon EOS 50D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 50D\Canon EOS 50D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 50D\Canon EOS 50D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 50D\Canon EOS 50D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 5D Mark II\Canon EOS 5D Mark II Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 5D Mark II\Canon EOS 5D Mark II Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 5D Mark II\Canon EOS 5D Mark II Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 5D Mark II\Canon EOS 5D Mark II Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 5D Mark II\Canon EOS 5D Mark II Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 5D\Canon EOS 5D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 5D\Canon EOS 5D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 5D\Canon EOS 5D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 5D\Canon EOS 5D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 5D\Canon EOS 5D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 7D\Canon EOS 7D Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 7D\Canon EOS 7D Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 7D\Canon EOS 7D Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 7D\Canon EOS 7D Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS 7D\Canon EOS 7D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS D30\Canon EOS D30 Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS D30\Canon EOS D30 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS D30\Canon EOS D30 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS D30\Canon EOS D30 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS D30\Canon EOS D30 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS D60\Canon EOS D60 Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS D60\Canon EOS D60 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS D60\Canon EOS D60 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS D60\Canon EOS D60 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon EOS D60\Canon EOS D60 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G10\Canon PowerShot G10 Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G10\Canon PowerShot G10 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G10\Canon PowerShot G10 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G10\Canon PowerShot G10 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G10\Canon PowerShot G10 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G11\Canon PowerShot G11 Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G11\Canon PowerShot G11 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G11\Canon PowerShot G11 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G11\Canon PowerShot G11 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G11\Canon PowerShot G11 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G9\Canon PowerShot G9 Camera Darker Skin Tone.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G9\Canon PowerShot G9 Camera Lighter Skin Tone.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G9\Canon PowerShot G9 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G9\Canon PowerShot G9 Camera Positive Film.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G9\Canon PowerShot G9 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G9\Canon PowerShot G9 Camera Vivid Blue.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G9\Canon PowerShot G9 Camera Vivid Green.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G9\Canon PowerShot G9 Camera Vivid Red.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot G9\Canon PowerShot G9 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot S90\Canon PowerShot S90 Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot S90\Canon PowerShot S90 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot S90\Canon PowerShot S90 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot S90\Canon PowerShot S90 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot S90\Canon PowerShot S90 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot SX1 IS\Canon PowerShot SX1 IS Camera Faithful.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot SX1 IS\Canon PowerShot SX1 IS Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot SX1 IS\Canon PowerShot SX1 IS Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot SX1 IS\Canon PowerShot SX1 IS Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Canon PowerShot SX1 IS\Canon PowerShot SX1 IS Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Leica M8\Leica M8 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Leica M8\Leica M8 Digital Camera Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Leica M8\Leica M8 Digital Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Leica M8\M8 Digital Camera Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1\Nikon D1 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1\Nikon D1 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1\Nikon D1 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1\Nikon D1 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1\Nikon D1 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1\Nikon D1 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1\Nikon D1 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1\Nikon D1 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D100\Nikon D100 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D100\Nikon D100 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D100\Nikon D100 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D100\Nikon D100 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D100\Nikon D100 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D100\Nikon D100 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D100\Nikon D100 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D100\Nikon D100 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1H\Nikon D1H Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1H\Nikon D1H Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1H\Nikon D1H Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1H\Nikon D1H Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1H\Nikon D1H Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1H\Nikon D1H Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1H\Nikon D1H Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1H\Nikon D1H Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1X\Nikon D1X Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1X\Nikon D1X Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1X\Nikon D1X Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1X\Nikon D1X Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1X\Nikon D1X Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1X\Nikon D1X Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1X\Nikon D1X Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D1X\Nikon D1X Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D200\Nikon D200 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D200\Nikon D200 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D200\Nikon D200 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D200\Nikon D200 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D200\Nikon D200 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D200\Nikon D200 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D200\Nikon D200 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D200\Nikon D200 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2H\Nikon D2H Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2H\Nikon D2H Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2H\Nikon D2H Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2H\Nikon D2H Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2H\Nikon D2H Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2H\Nikon D2H Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2H\Nikon D2H Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2H\Nikon D2H Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Hs\Nikon D2Hs Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Hs\Nikon D2Hs Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Hs\Nikon D2Hs Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Hs\Nikon D2Hs Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Hs\Nikon D2Hs Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Hs\Nikon D2Hs Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Hs\Nikon D2Hs Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Hs\Nikon D2Hs Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2X\Nikon D2X Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2X\Nikon D2X Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2X\Nikon D2X Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2X\Nikon D2X Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2X\Nikon D2X Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2X\Nikon D2X Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2X\Nikon D2X Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2X\Nikon D2X Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Xs\Nikon D2Xs Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Xs\Nikon D2Xs Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Xs\Nikon D2Xs Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Xs\Nikon D2Xs Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Xs\Nikon D2Xs Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Xs\Nikon D2Xs Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Xs\Nikon D2Xs Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D2Xs\Nikon D2Xs Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3\Nikon D3 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3\Nikon D3 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3\Nikon D3 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3\Nikon D3 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3\Nikon D3 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3\Nikon D3 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3\Nikon D3 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3\Nikon D3 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300\Nikon D300 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300\Nikon D300 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300\Nikon D300 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300\Nikon D300 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300\Nikon D300 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300\Nikon D300 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300\Nikon D300 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300\Nikon D300 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3000\Nikon D3000 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3000\Nikon D3000 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3000\Nikon D3000 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3000\Nikon D3000 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3000\Nikon D3000 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3000\Nikon D3000 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3000\Nikon D3000 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3000\Nikon D3000 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300S\Nikon D300S Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300S\Nikon D300S Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300S\Nikon D300S Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300S\Nikon D300S Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300S\Nikon D300S Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300S\Nikon D300S Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300S\Nikon D300S Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D300S\Nikon D300S Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3S\Nikon D3S Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3S\Nikon D3S Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3S\Nikon D3S Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3S\Nikon D3S Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3S\Nikon D3S Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3S\Nikon D3S Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3S\Nikon D3S Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3S\Nikon D3S Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3X\Nikon D3X Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3X\Nikon D3X Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3X\Nikon D3X Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3X\Nikon D3X Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3X\Nikon D3X Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3X\Nikon D3X Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3X\Nikon D3X Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D3X\Nikon D3X Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40\Nikon D40 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40\Nikon D40 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40\Nikon D40 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40\Nikon D40 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40\Nikon D40 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40\Nikon D40 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40\Nikon D40 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40\Nikon D40 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40X\Nikon D40X Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40X\Nikon D40X Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40X\Nikon D40X Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40X\Nikon D40X Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40X\Nikon D40X Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40X\Nikon D40X Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40X\Nikon D40X Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D40X\Nikon D40X Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D50\Nikon D50 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D50\Nikon D50 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D50\Nikon D50 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D50\Nikon D50 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D50\Nikon D50 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D50\Nikon D50 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D50\Nikon D50 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D50\Nikon D50 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D5000\Nikon D5000 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D5000\Nikon D5000 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D5000\Nikon D5000 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D5000\Nikon D5000 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D5000\Nikon D5000 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D5000\Nikon D5000 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D5000\Nikon D5000 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D5000\Nikon D5000 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D60\Nikon D60 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D60\Nikon D60 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D60\Nikon D60 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D60\Nikon D60 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D60\Nikon D60 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D60\Nikon D60 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D60\Nikon D60 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D60\Nikon D60 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70\Nikon D70 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70\Nikon D70 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70\Nikon D70 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70\Nikon D70 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70\Nikon D70 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70\Nikon D70 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70\Nikon D70 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70\Nikon D70 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D700\Nikon D700 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D700\Nikon D700 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D700\Nikon D700 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D700\Nikon D700 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D700\Nikon D700 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D700\Nikon D700 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D700\Nikon D700 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D700\Nikon D700 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70s\Nikon D70s Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70s\Nikon D70s Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70s\Nikon D70s Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70s\Nikon D70s Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70s\Nikon D70s Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70s\Nikon D70s Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70s\Nikon D70s Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D70s\Nikon D70s Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D80\Nikon D80 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D80\Nikon D80 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D80\Nikon D80 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D80\Nikon D80 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D80\Nikon D80 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D80\Nikon D80 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D80\Nikon D80 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D80\Nikon D80 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D90\Nikon D90 Camera D2X Mode 1.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D90\Nikon D90 Camera D2X Mode 2.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D90\Nikon D90 Camera D2X Mode 3.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D90\Nikon D90 Camera Landscape.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D90\Nikon D90 Camera Neutral.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D90\Nikon D90 Camera Portrait.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D90\Nikon D90 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Nikon D90\Nikon D90 Camera Vivid.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Pentax K-7\Pentax K-7 Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Pentax K10D\Pentax K10D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Pentax K200D\Pentax K200D Camera Standard.dcp
c:\programdata\adob\CameraRaw\CameraProfiles\Camera\Pentax K20D\Pentax K20D Camera Standard.dcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Apple\iPhone (Apple 3.85mm f3 3G).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Apple\iPhone (Apple 3.85mm f3 3GS).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1D Mark III (Canon EF 17-40mm f4 L USM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1D Mark III (Canon EF 17-40mm f4 L USM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 15mm f2.8) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 15mm f2.8).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 17-40mm f4 L USM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 17-40mm f4 L USM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 24-105mm f4 L IS USM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 24-105mm f4 L IS USM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 24-70mm f2.8 L USM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 24-70mm f2.8 L USM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 28-135mm f3.5-5.6 IS USM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 28-135mm f3.5-5.6 IS USM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 50mm f1.4 USM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 50mm f1.4 USM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 70-200mm f2.8 L USM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 70-200mm f2.8 L USM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 70-300mm f4-5.6 IS USM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 70-300mm f4-5.6 IS USM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 85mm f1.8 USM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Canon EF 85mm f1.8 USM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Sigma DG 12-24mm f4.5-5.6 EX HSM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Sigma DG 12-24mm f4.5-5.6 EX HSM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Sigma DG 15mm f2.8 EX) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Sigma DG 15mm f2.8 EX).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Sigma DG 8mm f3.5 EX) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Sigma DG 8mm f3.5 EX).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Tamron Di 28-75mm f2.8 SP XR LD IF) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS-1Ds Mark III (Tamron Di 28-75mm f2.8 SP XR LD IF).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS 50D (Canon EF-S 10-22mm f3.5-4.5 USM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS 50D (Canon EF-S 10-22mm f3.5-4.5 USM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS 50D (Canon EF-S 17-55mm f2.8 IS USM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS 50D (Canon EF-S 17-55mm f2.8 IS USM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS 50D (Canon EF-S 17-85mm f4-5.6 IS USM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS 50D (Canon EF-S 17-85mm f4-5.6 IS USM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS 50D (Canon EF-S 18-55mm f3.5-5.6 IS) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS 50D (Canon EF-S 18-55mm f3.5-5.6 IS).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS 50D (Sigma DC 4.5mm f2.8 HSM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS 50D (Sigma DC 4.5mm f2.8 HSM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS 5D Mark II (Canon EF 15mm f2.8) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon EOS 5D Mark II (Canon EF 15mm f2.8).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon PowerShot G10 (Canon 6.1-30.5mm f2.8-4.5) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Canon\Canon PowerShot G10 (Canon 6.1-30.5mm f2.8-4.5).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\COOLPIX P6000 (Nikon 6-24mm f2.7-5.9) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\COOLPIX P6000 (Nikon 6-24mm f2.7-5.9).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Nikon FX 14-24mm f2.8 G ED) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Nikon FX 14-24mm f2.8 G ED).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Nikon FX 16mm f2.8 D) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Nikon FX 16mm f2.8 D).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Nikon FX 24-70mm f2.8 G ED) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Nikon FX 24-70mm f2.8 G ED).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Nikon FX 50mm f1.8 D) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Nikon FX 50mm f1.8 D).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Nikon FX 70-200mm f2.8 G IF ED) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Nikon FX 70-200mm f2.8 G IF ED).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Sigma DG 12-24mm f4.5-5.6 EX HSM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Sigma DG 12-24mm f4.5-5.6 EX HSM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Sigma DG 15mm f2.8 EX) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Sigma DG 15mm f2.8 EX).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Sigma DG 8mm f3.5 EX) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D3X (Sigma DG 8mm f3.5 EX).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D90 (Nikon DX 10.5mm f2.8 G ED) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D90 (Nikon DX 10.5mm f2.8 G ED).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D90 (Nikon DX 18-200mm f3.5-5.6 G ED IF) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D90 (Nikon DX 18-200mm f3.5-5.6 G ED IF).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D90 (Sigma DC 18-200mm f3.5-6.3) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D90 (Sigma DC 18-200mm f3.5-6.3).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D90 (Sigma DC 4.5mm f2.8 HSM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Nikon\NIKON D90 (Sigma DC 4.5mm f2.8 HSM).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_10-20mm_F3.5_EX_DC_HSM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_10-20mm_F4-5.6_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_100-300mm_F4_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_105mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_12-24mm_F4.5-5.6_EX_DG_AS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_120-300mm_F2.8_APO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_120-400mm_F4.5-5.6_APO_DG_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_150-500mm_F5-6.3_APO_DG_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_150mm_F2.8_APO_MACRO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_17-70mm_F2.8-4.5_DC_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_17-70mm_F2.8-4_DC_MACRO_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_18-125mm_F3.8-5.6_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_18-200mm_F3.5-6.3_DC ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_18-200mm_F3.5-6.3_DC_OS_HSM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_18-250mm_F3.5-6.3_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_18-50mm_F2.8-4.5_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_18-50mm_F2.8_EX_DC_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_180mm_F3.5_APO_MACRO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_200-500mm_F2.8_APO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_20mm_F1.8_EX_DG_AS_RF ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_24-70mm_F2.8_EX_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_24-70mm_F2.8_IF_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_24mm_F1.8_EX_DG_AS_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_28-300mm_F3.5-6.3_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_28-70mm_F2.8-4_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_28mm_F1.8_EX_DG_AS_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_300-800mm_F5.6_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_300mm_F2.8_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_30mm_F1.4_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_50-150mm_F2.8_II_APO_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_50-200mm_F4-5.6_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_50-500mm_F4-6.3_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_500mm_F4.5_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_50mm_F1.4_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_50mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_70-200mm_F2.8_II_APO_EX_DG_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_70-300mm_F4-5.6 APO_DG_MACRO) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_70-300mm_F4-5.6_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_70-300mm_F4-5.6_DG_OS ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_70mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Canon\Canon (Sigma_800mm_F5.6_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_10-20mm_F3.5_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_10-20mm_F4-5.6_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_100-300mm_F4_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_105mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_12-24mm_F4.5-5.6_EX_DG_AS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_120-300mm_F2.8_APO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_120-400mm_F4.5-5.6_APO_DG_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_150-500mm_F5-6.3_APO_DG_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_150mm_F2.8_APO_MACRO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_17-70mm_F2.8-4.5_DC_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_17-70mm_F2.8-4_DC_MACRO_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_18-125mm_F3.8-5.6_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_18-200mm_F3.5-6.3_DC ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_18-200mm_F3.5-6.3_DC_OS_HSM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_18-250mm_F3.5-6.3_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_18-50mm_F2.8-4.5_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_18-50mm_F2.8_EX_DC_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_180mm_F3.5_APO_MACRO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_200-500mm_F2.8_APO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_20mm_F1.8_EX_DG_AS_RF ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_24-70mm_F2.8_EX_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_24-70mm_F2.8_IF_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_24mm_F1.8_EX_DG_AS_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_28-300mm_F3.5-6.3_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_28-70mm_F2.8-4_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_28mm_F1.8_EX_DG_AS_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_300-800mm_F5.6_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_300mm_F2.8_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_30mm_F1.4_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_50-150mm_F2.8_II_APO_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_50-200mm_F4-5.6_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_50-500mm_F4-6.3_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_500mm_F4.5_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_50mm_F1.4_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_50mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_70-200mm_F2.8_II_APO_EX_DG_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_70-300mm_F4-5.6 APO_DG_MACRO) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_70-300mm_F4-5.6_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_70-300mm_F4-5.6_DG_OS ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_70mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Nikon\NIKON CORPORATION (Sigma_800mm_F5.6_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Olympus\OLYMPUS IMAGING CORP (Sigma_10-20mm_F4-5.6_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Olympus\OLYMPUS IMAGING CORP (Sigma_105mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Olympus\OLYMPUS IMAGING CORP (Sigma_150mm_F2.8_APO_MACRO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Olympus\OLYMPUS IMAGING CORP (Sigma_18-50mm_F2.8_EX_DC_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Olympus\OLYMPUS IMAGING CORP (Sigma_24mm_F1.8_EX_DG_AS_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Olympus\OLYMPUS IMAGING CORP (Sigma_300-800mm_F5.6_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Olympus\OLYMPUS IMAGING CORP (Sigma_30mm_F1.4_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Olympus\OLYMPUS IMAGING CORP (Sigma_50-500mm_F4-6.3_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Olympus\OLYMPUS IMAGING CORP (Sigma_50mm_F1.4_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Olympus\OLYMPUS IMAGING CORP (Sigma_70-200mm_F2.8_II_APO_EX_DG_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Olympus\OLYMPUS IMAGING CORP. (Sigma30mm1.4 ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Olympus\OLYMPUS IMAGING CORP. (Sigma70-200mm2.8 ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_10-20mm_F3.5_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_10-20mm_F4-5.6_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_100-300mm_F4_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_105mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_12-24mm_F4.5-5.6_EX_DG_AS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_120-400mm_F4.5-5.6_APO_DG_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_150-500mm_F5-6.3_APO_DG_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_17-70mm_F2.8-4_DC_MACRO_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_18-125mm_F3.8-5.6_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_18-200mm_F3.5-6.3_DC_OS_HSM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_18-250mm_F3.5-6.3_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_18-50mm_F2.8-4.5_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_18-50mm_F2.8_EX_DC_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_180mm_F3.5_APO_MACRO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_200-500mm_F2.8_APO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_20mm_F1.8_EX_DG_AS_RF ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_24-70mm_F2.8_EX_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_24-70mm_F2.8_IF_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_24mm_F1.8_EX_DG_AS_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_28-300mm_F3.5-6.3_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_28-70mm_F2.8-4_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_28mm_F1.8_EX_DG_AS_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_300mm_F2.8_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_30mm_F1.4_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_50-150mm_F2.8_II_APO_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_50-200mm_F4-5.6_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_50-500mm_F4-6.3_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_500mm_F4.5_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_50mm_F1.4_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_50mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_70-200mm_F2.8_II_APO_EX_DG_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_70-300mm_F4-5.6 APO_DG_MACRO) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_70-300mm_F4-5.6_DG_OS ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_70mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Pentax\PENTAX (Sigma_800mm_F5.6_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_10-20mm_F3.5_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_10-20mm_F4-5.6_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_100-300mm_F4_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_105mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_12-24mm_F4.5-5.6_EX_DG_AS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_120-300mm_F2.8_APO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_120-400mm_F4.5-5.6_APO_DG_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_150-500mm_F5-6.3_APO_DG_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_150mm_F2.8_APO_MACRO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_17-70mm_F2.8-4.5_DC_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_17-70mm_F2.8-4_DC_MACRO_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_18-125mm_F3.8-5.6_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_18-200mm_F3.5-6.3_DC ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_18-200mm_F3.5-6.3_DC_OS_HSM) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_18-250mm_F3.5-6.3_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_18-50mm_F2.8-4.5_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_18-50mm_F2.8_EX_DC_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_180mm_F3.5_APO_MACRO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_200-500mm_F2.8_APO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_20mm_F1.8_EX_DG_AS_RF ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_24-70mm_F2.8_EX_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_24-70mm_F2.8_IF_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_24mm_F1.8_EX_DG_AS_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_28-300mm_F3.5-6.3_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_28-70mm_F2.8-4_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_28mm_F1.8_EX_DG_AS_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_300-800mm_F5.6_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_300mm_F2.8_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_30mm_F1.4_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_50-150mm_F2.8_II_APO_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_50-200mm_F4-5.6_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_50-500mm_F4-6.3_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\Sigma (Sigma_500mm_F4.5_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_50mm_F1.4_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_50mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_70-200mm_F2.8_II_APO_EX_DG_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_70-300mm_F4-5.6 APO_DG_MACRO) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_70-300mm_F4-5.6_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_70-300mm_F4-5.6_DG_OS ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_70mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sigma\SIGMA (Sigma_800mm_F5.6_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_10-20mm_F3.5_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_10-20mm_F4-5.6_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_100-300mm_F4_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_105mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_12-24mm_F4.5-5.6_EX_DG_AS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_120-400mm_F4.5-5.6_APO_DG_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_150-500mm_F5-6.3_APO_DG_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_17-70mm_F2.8-4_DC_MACRO_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_18-125mm_F3.8-5.6_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_18-250mm_F3.5-6.3_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_18-50mm_F2.8-4.5_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_18-50mm_F2.8_EX_DC_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_180mm_F3.5_APO_MACRO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_20mm_F1.8_EX_DG_AS_RF ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_24-70mm_F2.8_EX_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_24-70mm_F2.8_IF_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_24mm_F1.8_EX_DG_AS_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_28-300mm_F3.5-6.3_DG_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_28-70mm_F2.8-4_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_28mm_F1.8_EX_DG_AS_MACRO ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_300mm_F2.8_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_30mm_F1.4_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_50-150mm_F2.8_II_APO_EX_DC_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_50-200mm_F4-5.6_DC_OS_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_50-500mm_F4-6.3_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_500mm_F4.5_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_50mm_F1.4_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_50mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_70-200mm_F2.8_II_APO_EX_DG_MACRO_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_70-300mm_F4-5.6 APO_DG_MACRO) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_70-300mm_F4-5.6_DG_OS ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_70mm_F2.8_MACRO_EX_DG ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sigma\Sony\SONY (Sigma_800mm_F5.6_APO_EX_DG_HSM ) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sony\DSLR-A700 (Sony DT 18-200mm f3.5-6.3) - RAW.lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sony\DSLR-A700 (Sony DT 18-200mm f3.5-6.3).lcp
c:\programdata\adob\CameraRaw\LensProfiles\1.0\Sony\DSLR-A900 (Sony 50mm f1.4) - RAW.lcp
c:\programdata\adob\CS5\jre\bin\awt.dll
c:\programdata\adob\CS5\jre\bin\axbridge.dll
c:\programdata\adob\CS5\jre\bin\client\classes.jsa
c:\programdata\adob\CS5\jre\bin\client\jvm.dll
c:\programdata\adob\CS5\jre\bin\client\Xusage.txt
c:\programdata\adob\CS5\jre\bin\cmm.dll
c:\programdata\adob\CS5\jre\bin\dcpr.dll
c:\programdata\adob\CS5\jre\bin\deploy.dll
c:\programdata\adob\CS5\jre\bin\deploytk.dll
c:\programdata\adob\CS5\jre\bin\dt_shmem.dll
c:\programdata\adob\CS5\jre\bin\dt_socket.dll
c:\programdata\adob\CS5\jre\bin\eula.dll
c:\programdata\adob\CS5\jre\bin\fontmanager.dll
c:\programdata\adob\CS5\jre\bin\hpi.dll
c:\programdata\adob\CS5\jre\bin\hprof.dll
c:\programdata\adob\CS5\jre\bin\instrument.dll
c:\programdata\adob\CS5\jre\bin\ioser12.dll
c:\programdata\adob\CS5\jre\bin\j2pcsc.dll
c:\programdata\adob\CS5\jre\bin\j2pkcs11.dll
c:\programdata\adob\CS5\jre\bin\jaas_nt.dll
c:\programdata\adob\CS5\jre\bin\java-rmi.exe
c:\programdata\adob\CS5\jre\bin\java.dll
c:\programdata\adob\CS5\jre\bin\java.exe
c:\programdata\adob\CS5\jre\bin\java_crw_demo.dll
c:\programdata\adob\CS5\jre\bin\javacpl.cpl
c:\programdata\adob\CS5\jre\bin\javacpl.exe
c:\programdata\adob\CS5\jre\bin\javaw.exe
c:\programdata\adob\CS5\jre\bin\javaws.exe
c:\programdata\adob\CS5\jre\bin\jawt.dll
c:\programdata\adob\CS5\jre\bin\jbroker.exe
c:\programdata\adob\CS5\jre\bin\JdbcOdbc.dll
c:\programdata\adob\CS5\jre\bin\jdwp.dll
c:\programdata\adob\CS5\jre\bin\jkernel.dll
c:\programdata\adob\CS5\jre\bin\jli.dll
c:\programdata\adob\CS5\jre\bin\jp2iexp.dll
c:\programdata\adob\CS5\jre\bin\jp2launcher.exe
c:\programdata\adob\CS5\jre\bin\jp2native.dll
c:\programdata\adob\CS5\jre\bin\jp2ssv.dll
c:\programdata\adob\CS5\jre\bin\jpeg.dll
c:\programdata\adob\CS5\jre\bin\jpicom.dll
c:\programdata\adob\CS5\jre\bin\jpiexp.dll
c:\programdata\adob\CS5\jre\bin\jpinscp.dll
c:\programdata\adob\CS5\jre\bin\jpioji.dll
c:\programdata\adob\CS5\jre\bin\jpishare.dll
c:\programdata\adob\CS5\jre\bin\jqs.exe
c:\programdata\adob\CS5\jre\bin\jqsnotify.exe
c:\programdata\adob\CS5\jre\bin\jsound.dll
c:\programdata\adob\CS5\jre\bin\jsoundds.dll
c:\programdata\adob\CS5\jre\bin\jucheck.exe
c:\programdata\adob\CS5\jre\bin\jureg.exe
c:\programdata\adob\CS5\jre\bin\jusched.exe
c:\programdata\adob\CS5\jre\bin\keytool.exe
c:\programdata\adob\CS5\jre\bin\kinit.exe
c:\programdata\adob\CS5\jre\bin\klist.exe
c:\programdata\adob\CS5\jre\bin\ktab.exe
c:\programdata\adob\CS5\jre\bin\management.dll
c:\programdata\adob\CS5\jre\bin\mlib_image.dll
c:\programdata\adob\CS5\jre\bin\msvcr71.dll
c:\programdata\adob\CS5\jre\bin\msvcrt.dll
c:\programdata\adob\CS5\jre\bin\net.dll
c:\programdata\adob\CS5\jre\bin\new_plugin\msvcr71.dll
c:\programdata\adob\CS5\jre\bin\new_plugin\npdeploytk.dll
c:\programdata\adob\CS5\jre\bin\new_plugin\npjp2.dll
c:\programdata\adob\CS5\jre\bin\nio.dll
c:\programdata\adob\CS5\jre\bin\npdeploytk.dll
c:\programdata\adob\CS5\jre\bin\npjpi160_16.dll
c:\programdata\adob\CS5\jre\bin\npjpi160_18.dll
c:\programdata\adob\CS5\jre\bin\npoji610.dll
c:\programdata\adob\CS5\jre\bin\npt.dll
c:\programdata\adob\CS5\jre\bin\orbd.exe
c:\programdata\adob\CS5\jre\bin\pack200.exe
c:\programdata\adob\CS5\jre\bin\policytool.exe
c:\programdata\adob\CS5\jre\bin\regutils.dll
c:\programdata\adob\CS5\jre\bin\rmi.dll
c:\programdata\adob\CS5\jre\bin\rmid.exe
c:\programdata\adob\CS5\jre\bin\rmiregistry.exe
c:\programdata\adob\CS5\jre\bin\servertool.exe
c:\programdata\adob\CS5\jre\bin\splashscreen.dll
c:\programdata\adob\CS5\jre\bin\ssv.dll
c:\programdata\adob\CS5\jre\bin\ssvagent.exe
c:\programdata\adob\CS5\jre\bin\sunmscapi.dll
c:\programdata\adob\CS5\jre\bin\tnameserv.exe
c:\programdata\adob\CS5\jre\bin\unicows.dll
c:\programdata\adob\CS5\jre\bin\unpack.dll
c:\programdata\adob\CS5\jre\bin\unpack200.exe
c:\programdata\adob\CS5\jre\bin\verify.dll
c:\programdata\adob\CS5\jre\bin\w2k_lsa_auth.dll
c:\programdata\adob\CS5\jre\bin\wsdetect.dll
c:\programdata\adob\CS5\jre\bin\zip.dll
c:\programdata\adob\CS5\jre\COPYRIGHT
c:\programdata\adob\CS5\jre\lib\audio\soundbank.gm
c:\programdata\adob\CS5\jre\lib\calendars.properties
c:\programdata\adob\CS5\jre\lib\charsets.jar
c:\programdata\adob\CS5\jre\lib\classlist
c:\programdata\adob\CS5\jre\lib\cmm\CIEXYZ.pf
c:\programdata\adob\CS5\jre\lib\cmm\GRAY.pf
c:\programdata\adob\CS5\jre\lib\cmm\LINEAR_RGB.pf
c:\programdata\adob\CS5\jre\lib\cmm\PYCC.pf
c:\programdata\adob\CS5\jre\lib\cmm\sRGB.pf
c:\programdata\adob\CS5\jre\lib\content-types.properties
c:\programdata\adob\CS5\jre\lib\deploy.jar
c:\programdata\adob\CS5\jre\lib\deploy\ffjcext.zip
c:\programdata\adob\CS5\jre\lib\deploy\jqs\ff\chrome.manifest
c:\programdata\adob\CS5\jre\lib\deploy\jqs\ff\chrome\content\overlay.js
c:\programdata\adob\CS5\jre\lib\deploy\jqs\ff\chrome\content\overlay.xul
c:\programdata\adob\CS5\jre\lib\deploy\jqs\ff\install.rdf
c:\programdata\adob\CS5\jre\lib\deploy\jqs\ie\jqs_plugin.dll
c:\programdata\adob\CS5\jre\lib\deploy\jqs\jqs.conf
c:\programdata\adob\CS5\jre\lib\deploy\jqs\jqsmessages.properties
c:\programdata\adob\CS5\jre\lib\deploy\lzma.dll
c:\programdata\adob\CS5\jre\lib\deploy\messages.properties
c:\programdata\adob\CS5\jre\lib\deploy\messages_de.properties
c:\programdata\adob\CS5\jre\lib\deploy\messages_es.properties
c:\programdata\adob\CS5\jre\lib\deploy\messages_fr.properties
c:\programdata\adob\CS5\jre\lib\deploy\messages_it.properties
c:\programdata\adob\CS5\jre\lib\deploy\messages_ja.properties
c:\programdata\adob\CS5\jre\lib\deploy\messages_ko.properties
c:\programdata\adob\CS5\jre\lib\deploy\messages_sv.properties
c:\programdata\adob\CS5\jre\lib\deploy\messages_zh_CN.properties
c:\programdata\adob\CS5\jre\lib\deploy\messages_zh_HK.properties
c:\programdata\adob\CS5\jre\lib\deploy\messages_zh_TW.properties
c:\programdata\adob\CS5\jre\lib\deploy\splash.gif
c:\programdata\adob\CS5\jre\lib\ext\dnsns.jar
c:\programdata\adob\CS5\jre\lib\ext\localedata.jar
c:\programdata\adob\CS5\jre\lib\ext\meta-index
c:\programdata\adob\CS5\jre\lib\ext\sunjce_provider.jar
c:\programdata\adob\CS5\jre\lib\ext\sunmscapi.jar
c:\programdata\adob\CS5\jre\lib\ext\sunpkcs11.jar
c:\programdata\adob\CS5\jre\lib\flavormap.properties
c:\programdata\adob\CS5\jre\lib\fontconfig.98.bfc
c:\programdata\adob\CS5\jre\lib\fontconfig.98.properties.src
c:\programdata\adob\CS5\jre\lib\fontconfig.bfc
c:\programdata\adob\CS5\jre\lib\fontconfig.properties.src
c:\programdata\adob\CS5\jre\lib\fonts\LucidaBrightDemiBold.ttf
c:\programdata\adob\CS5\jre\lib\fonts\LucidaBrightDemiItalic.ttf
c:\programdata\adob\CS5\jre\lib\fonts\LucidaBrightItalic.ttf
c:\programdata\adob\CS5\jre\lib\fonts\LucidaBrightRegular.ttf
c:\programdata\adob\CS5\jre\lib\fonts\LucidaSansDemiBold.ttf
c:\programdata\adob\CS5\jre\lib\fonts\LucidaSansRegular.ttf
c:\programdata\adob\CS5\jre\lib\fonts\LucidaTypewriterBold.ttf
c:\programdata\adob\CS5\jre\lib\fonts\LucidaTypewriterRegular.ttf
c:\programdata\adob\CS5\jre\lib\i386\jvm.cfg
c:\programdata\adob\CS5\jre\lib\im\indicim.jar
c:\programdata\adob\CS5\jre\lib\im\thaiim.jar
c:\programdata\adob\CS5\jre\lib\images\cursors\cursors.properties
c:\programdata\adob\CS5\jre\lib\images\cursors\invalid32x32.gif
c:\programdata\adob\CS5\jre\lib\images\cursors\win32_CopyDrop32x32.gif
c:\programdata\adob\CS5\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif
c:\programdata\adob\CS5\jre\lib\images\cursors\win32_LinkDrop32x32.gif
c:\programdata\adob\CS5\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif
c:\programdata\adob\CS5\jre\lib\images\cursors\win32_MoveDrop32x32.gif
c:\programdata\adob\CS5\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif
c:\programdata\adob\CS5\jre\lib\javaws.jar
c:\programdata\adob\CS5\jre\lib\jce.jar
c:\programdata\adob\CS5\jre\lib\jsse.jar
c:\programdata\adob\CS5\jre\lib\jvm.hprof.txt
c:\programdata\adob\CS5\jre\lib\logging.properties
c:\programdata\adob\CS5\jre\lib\management-agent.jar
c:\programdata\adob\CS5\jre\lib\management\jmxremote.access
c:\programdata\adob\CS5\jre\lib\management\jmxremote.password.template
c:\programdata\adob\CS5\jre\lib\management\management.properties
c:\programdata\adob\CS5\jre\lib\management\snmp.acl.template
c:\programdata\adob\CS5\jre\lib\meta-index
c:\programdata\adob\CS5\jre\lib\net.properties
c:\programdata\adob\CS5\jre\lib\plugin.jar
c:\programdata\adob\CS5\jre\lib\psfont.properties.ja
c:\programdata\adob\CS5\jre\lib\psfontj2d.properties
c:\programdata\adob\CS5\jre\lib\resources.jar
c:\programdata\adob\CS5\jre\lib\rt.jar
c:\programdata\adob\CS5\jre\lib\security\blacklist
c:\programdata\adob\CS5\jre\lib\security\cacerts
c:\programdata\adob\CS5\jre\lib\security\java.policy
c:\programdata\adob\CS5\jre\lib\security\java.security
c:\programdata\adob\CS5\jre\lib\security\javaws.policy
c:\programdata\adob\CS5\jre\lib\security\local_policy.jar
c:\programdata\adob\CS5\jre\lib\security\US_export_policy.jar
c:\programdata\adob\CS5\jre\lib\servicetag\jdk_header.png
c:\programdata\adob\CS5\jre\lib\servicetag\registration.xml
c:\programdata\adob\CS5\jre\lib\sound.properties
c:\programdata\adob\CS5\jre\lib\task.xml
c:\programdata\adob\CS5\jre\lib\task64.xml
c:\programdata\adob\CS5\jre\lib\tzmappings
c:\programdata\adob\CS5\jre\lib\zi\Africa\Abidjan
c:\programdata\adob\CS5\jre\lib\zi\Africa\Accra
c:\programdata\adob\CS5\jre\lib\zi\Africa\Addis_Ababa
c:\programdata\adob\CS5\jre\lib\zi\Africa\Algiers
c:\programdata\adob\CS5\jre\lib\zi\Africa\Asmara
c:\programdata\adob\CS5\jre\lib\zi\Africa\Bamako
c:\programdata\adob\CS5\jre\lib\zi\Africa\Bangui
c:\programdata\adob\CS5\jre\lib\zi\Africa\Banjul
c:\programdata\adob\CS5\jre\lib\zi\Africa\Bissau
c:\programdata\adob\CS5\jre\lib\zi\Africa\Blantyre
c:\programdata\adob\CS5\jre\lib\zi\Africa\Brazzaville
c:\programdata\adob\CS5\jre\lib\zi\Africa\Bujumbura
c:\programdata\adob\CS5\jre\lib\zi\Africa\Cairo
c:\programdata\adob\CS5\jre\lib\zi\Africa\Casablanca
c:\programdata\adob\CS5\jre\lib\zi\Africa\Ceuta
c:\programdata\adob\CS5\jre\lib\zi\Africa\Conakry
c:\programdata\adob\CS5\jre\lib\zi\Africa\Dakar
c:\programdata\adob\CS5\jre\lib\zi\Africa\Dar_es_Salaam
c:\programdata\adob\CS5\jre\lib\zi\Africa\Djibouti
c:\programdata\adob\CS5\jre\lib\zi\Africa\Douala
c:\programdata\adob\CS5\jre\lib\zi\Africa\El_Aaiun
c:\programdata\adob\CS5\jre\lib\zi\Africa\Freetown
c:\programdata\adob\CS5\jre\lib\zi\Africa\Gaborone
c:\programdata\adob\CS5\jre\lib\zi\Africa\Harare
c:\programdata\adob\CS5\jre\lib\zi\Africa\Johannesburg
c:\programdata\adob\CS5\jre\lib\zi\Africa\Kampala
c:\programdata\adob\CS5\jre\lib\zi\Africa\Khartoum
c:\programdata\adob\CS5\jre\lib\zi\Africa\Kigali
c:\programdata\adob\CS5\jre\lib\zi\Africa\Kinshasa
c:\programdata\adob\CS5\jre\lib\zi\Africa\Lagos
c:\programdata\adob\CS5\jre\lib\zi\Africa\Libreville
c:\programdata\adob\CS5\jre\lib\zi\Africa\Lome
c:\programdata\adob\CS5\jre\lib\zi\Africa\Luanda
c:\programdata\adob\CS5\jre\lib\zi\Africa\Lubumbashi
c:\programdata\adob\CS5\jre\lib\zi\Africa\Lusaka
c:\programdata\adob\CS5\jre\lib\zi\Africa\Malabo
c:\programdata\adob\CS5\jre\lib\zi\Africa\Maputo
c:\programdata\adob\CS5\jre\lib\zi\Africa\Maseru
c:\programdata\adob\CS5\jre\lib\zi\Africa\Mbabane
c:\programdata\adob\CS5\jre\lib\zi\Africa\Mogadishu
c:\programdata\adob\CS5\jre\lib\zi\Africa\Monrovia
c:\programdata\adob\CS5\jre\lib\zi\Africa\Nairobi
c:\programdata\adob\CS5\jre\lib\zi\Africa\Ndjamena
c:\programdata\adob\CS5\jre\lib\zi\Africa\Niamey
c:\programdata\adob\CS5\jre\lib\zi\Africa\Nouakchott
c:\programdata\adob\CS5\jre\lib\zi\Africa\Ouagadougou
c:\programdata\adob\CS5\jre\lib\zi\Africa\Porto-Novo
c:\programdata\adob\CS5\jre\lib\zi\Africa\Sao_Tome
c:\programdata\adob\CS5\jre\lib\zi\Africa\Tripoli
c:\programdata\adob\CS5\jre\lib\zi\Africa\Tunis
c:\programdata\adob\CS5\jre\lib\zi\Africa\Windhoek
c:\programdata\adob\CS5\jre\lib\zi\America\Adak
c:\programdata\adob\CS5\jre\lib\zi\America\Anchorage
c:\programdata\adob\CS5\jre\lib\zi\America\Anguilla
c:\programdata\adob\CS5\jre\lib\zi\America\Antigua
c:\programdata\adob\CS5\jre\lib\zi\America\Araguaina
c:\programdata\adob\CS5\jre\lib\zi\America\Argentina\Buenos_Aires
c:\programdata\adob\CS5\jre\lib\zi\America\Argentina\Catamarca
c:\programdata\adob\CS5\jre\lib\zi\America\Argentina\Cordoba
c:\programdata\adob\CS5\jre\lib\zi\America\Argentina\Jujuy
c:\programdata\adob\CS5\jre\lib\zi\America\Argentina\La_Rioja
c:\programdata\adob\CS5\jre\lib\zi\America\Argentina\Mendoza
c:\programdata\adob\CS5\jre\lib\zi\America\Argentina\Rio_Gallegos
c:\programdata\adob\CS5\jre\lib\zi\America\Argentina\Salta
c:\programdata\adob\CS5\jre\lib\zi\America\Argentina\San_Juan
c:\programdata\adob\CS5\jre\lib\zi\America\Argentina\San_Luis
c:\programdata\adob\CS5\jre\lib\zi\America\Argentina\Tucuman
c:\programdata\adob\CS5\jre\lib\zi\America\Argentina\Ushuaia
c:\programdata\adob\CS5\jre\lib\zi\America\Aruba
c:\programdata\adob\CS5\jre\lib\zi\America\Asuncion
c:\programdata\adob\CS5\jre\lib\zi\America\Atikokan
c:\programdata\adob\CS5\jre\lib\zi\America\Bahia
c:\programdata\adob\CS5\jre\lib\zi\America\Barbados
c:\programdata\adob\CS5\jre\lib\zi\America\Belem
c:\programdata\adob\CS5\jre\lib\zi\America\Belize
c:\programdata\adob\CS5\jre\lib\zi\America\Blanc-Sablon
c:\programdata\adob\CS5\jre\lib\zi\America\Boa_Vista
c:\programdata\adob\CS5\jre\lib\zi\America\Bogota
c:\programdata\adob\CS5\jre\lib\zi\America\Boise
c:\programdata\adob\CS5\jre\lib\zi\America\Cambridge_Bay
c:\programdata\adob\CS5\jre\lib\zi\America\Campo_Grande
c:\programdata\adob\CS5\jre\lib\zi\America\Cancun
c:\programdata\adob\CS5\jre\lib\zi\America\Caracas
c:\programdata\adob\CS5\jre\lib\zi\America\Cayenne
c:\programdata\adob\CS5\jre\lib\zi\America\Cayman
c:\programdata\adob\CS5\jre\lib\zi\America\Chicago
c:\programdata\adob\CS5\jre\lib\zi\America\Chihuahua
c:\programdata\adob\CS5\jre\lib\zi\America\Costa_Rica
c:\programdata\adob\CS5\jre\lib\zi\America\Cuiaba
c:\programdata\adob\CS5\jre\lib\zi\America\Curacao
c:\programdata\adob\CS5\jre\lib\zi\America\Danmarkshavn
c:\programdata\adob\CS5\jre\lib\zi\America\Dawson
c:\programdata\adob\CS5\jre\lib\zi\America\Dawson_Creek
c:\programdata\adob\CS5\jre\lib\zi\America\Denver
c:\programdata\adob\CS5\jre\lib\zi\America\Detroit
c:\programdata\adob\CS5\jre\lib\zi\America\Dominica
c:\programdata\adob\CS5\jre\lib\zi\America\Edmonton
c:\programdata\adob\CS5\jre\lib\zi\America\Eirunepe
c:\programdata\adob\CS5\jre\lib\zi\America\El_Salvador
c:\programdata\adob\CS5\jre\lib\zi\America\Fortaleza
c:\programdata\adob\CS5\jre\lib\zi\America\Glace_Bay
c:\programdata\adob\CS5\jre\lib\zi\America\Godthab
c:\programdata\adob\CS5\jre\lib\zi\America\Goose_Bay
c:\programdata\adob\CS5\jre\lib\zi\America\Grand_Turk
c:\programdata\adob\CS5\jre\lib\zi\America\Grenada
c:\programdata\adob\CS5\jre\lib\zi\America\Guadeloupe
c:\programdata\adob\CS5\jre\lib\zi\America\Guatemala
c:\programdata\adob\CS5\jre\lib\zi\America\Guayaquil
c:\programdata\adob\CS5\jre\lib\zi\America\Guyana
c:\programdata\adob\CS5\jre\lib\zi\America\Halifax
c:\programdata\adob\CS5\jre\lib\zi\America\Havana
c:\programdata\adob\CS5\jre\lib\zi\America\Hermosillo
c:\programdata\adob\CS5\jre\lib\zi\America\Indiana\Indianapolis
c:\programdata\adob\CS5\jre\lib\zi\America\Indiana\Knox
c:\programdata\adob\CS5\jre\lib\zi\America\Indiana\Marengo
c:\programdata\adob\CS5\jre\lib\zi\America\Indiana\Petersburg
c:\programdata\adob\CS5\jre\lib\zi\America\Indiana\Tell_City
c:\programdata\adob\CS5\jre\lib\zi\America\Indiana\Vevay
c:\programdata\adob\CS5\jre\lib\zi\America\Indiana\Vincennes
c:\programdata\adob\CS5\jre\lib\zi\America\Indiana\Winamac
c:\programdata\adob\CS5\jre\lib\zi\America\Inuvik
c:\programdata\adob\CS5\jre\lib\zi\America\Iqaluit
c:\programdata\adob\CS5\jre\lib\zi\America\Jamaica
c:\programdata\adob\CS5\jre\lib\zi\America\Juneau
c:\programdata\adob\CS5\jre\lib\zi\America\Kentucky\Louisville
c:\programdata\adob\CS5\jre\lib\zi\America\Kentucky\Monticello
c:\programdata\adob\CS5\jre\lib\zi\America\La_Paz
c:\programdata\adob\CS5\jre\lib\zi\America\Lima
c:\programdata\adob\CS5\jre\lib\zi\America\Los_Angeles
c:\programdata\adob\CS5\jre\lib\zi\America\Maceio
c:\programdata\adob\CS5\jre\lib\zi\America\Managua
c:\programdata\adob\CS5\jre\lib\zi\America\Manaus
c:\programdata\adob\CS5\jre\lib\zi\America\Martinique
c:\programdata\adob\CS5\jre\lib\zi\America\Mazatlan
c:\programdata\adob\CS5\jre\lib\zi\America\Menominee
c:\programdata\adob\CS5\jre\lib\zi\America\Merida
c:\programdata\adob\CS5\jre\lib\zi\America\Mexico_City
c:\programdata\adob\CS5\jre\lib\zi\America\Miquelon
c:\programdata\adob\CS5\jre\lib\zi\America\Moncton
c:\programdata\adob\CS5\jre\lib\zi\America\Monterrey
c:\programdata\adob\CS5\jre\lib\zi\America\Montevideo
c:\programdata\adob\CS5\jre\lib\zi\America\Montreal
c:\programdata\adob\CS5\jre\lib\zi\America\Montserrat
c:\programdata\adob\CS5\jre\lib\zi\America\Nassau
c:\programdata\adob\CS5\jre\lib\zi\America\New_York
c:\programdata\adob\CS5\jre\lib\zi\America\Nipigon
c:\programdata\adob\CS5\jre\lib\zi\America\Nome
c:\programdata\adob\CS5\jre\lib\zi\America\Noronha
c:\programdata\adob\CS5\jre\lib\zi\America\North_Dakota\Center
c:\programdata\adob\CS5\jre\lib\zi\America\North_Dakota\New_Salem
c:\programdata\adob\CS5\jre\lib\zi\America\Panama
c:\programdata\adob\CS5\jre\lib\zi\America\Pangnirtung
c:\programdata\adob\CS5\jre\lib\zi\America\Paramaribo
c:\programdata\adob\CS5\jre\lib\zi\America\Phoenix
c:\programdata\adob\CS5\jre\lib\zi\America\Port-au-Prince
c:\programdata\adob\CS5\jre\lib\zi\America\Port_of_Spain
c:\programdata\adob\CS5\jre\lib\zi\America\Porto_Velho
c:\programdata\adob\CS5\jre\lib\zi\America\Puerto_Rico
c:\programdata\adob\CS5\jre\lib\zi\America\Rainy_River
c:\programdata\adob\CS5\jre\lib\zi\America\Rankin_Inlet
c:\programdata\adob\CS5\jre\lib\zi\America\Recife
c:\programdata\adob\CS5\jre\lib\zi\America\Regina
c:\programdata\adob\CS5\jre\lib\zi\America\Resolute
c:\programdata\adob\CS5\jre\lib\zi\America\Rio_Branco
c:\programdata\adob\CS5\jre\lib\zi\America\Santarem
c:\programdata\adob\CS5\jre\lib\zi\America\Santiago
c:\programdata\adob\CS5\jre\lib\zi\America\Santo_Domingo
c:\programdata\adob\CS5\jre\lib\zi\America\Sao_Paulo
c:\programdata\adob\CS5\jre\lib\zi\America\Scoresbysund
c:\programdata\adob\CS5\jre\lib\zi\America\St_Johns
c:\programdata\adob\CS5\jre\lib\zi\America\St_Kitts
c:\programdata\adob\CS5\jre\lib\zi\America\St_Lucia
c:\programdata\adob\CS5\jre\lib\zi\America\St_Thomas
c:\programdata\adob\CS5\jre\lib\zi\America\St_Vincent
c:\programdata\adob\CS5\jre\lib\zi\America\Swift_Current
c:\programdata\adob\CS5\jre\lib\zi\America\Tegucigalpa
c:\programdata\adob\CS5\jre\lib\zi\America\Thule
c:\programdata\adob\CS5\jre\lib\zi\America\Thunder_Bay
c:\programdata\adob\CS5\jre\lib\zi\America\Tijuana
c:\programdata\adob\CS5\jre\lib\zi\America\Toronto
c:\programdata\adob\CS5\jre\lib\zi\America\Tortola
c:\programdata\adob\CS5\jre\lib\zi\America\Vancouver
c:\programdata\adob\CS5\jre\lib\zi\America\Whitehorse
c:\programdata\adob\CS5\jre\lib\zi\America\Winnipeg
c:\programdata\adob\CS5\jre\lib\zi\America\Yakutat
c:\programdata\adob\CS5\jre\lib\zi\America\Yellowknife
c:\programdata\adob\CS5\jre\lib\zi\Antarctica\Casey
c:\programdata\adob\CS5\jre\lib\zi\Antarctica\Davis
c:\programdata\adob\CS5\jre\lib\zi\Antarctica\DumontDUrville
c:\programdata\adob\CS5\jre\lib\zi\Antarctica\Mawson
c:\programdata\adob\CS5\jre\lib\zi\Antarctica\McMurdo
c:\programdata\adob\CS5\jre\lib\zi\Antarctica\Palmer
c:\programdata\adob\CS5\jre\lib\zi\Antarctica\Rothera
c:\programdata\adob\CS5\jre\lib\zi\Antarctica\Syowa
c:\programdata\adob\CS5\jre\lib\zi\Antarctica\Vostok
c:\programdata\adob\CS5\jre\lib\zi\Asia\Aden
c:\programdata\adob\CS5\jre\lib\zi\Asia\Almaty
c:\programdata\adob\CS5\jre\lib\zi\Asia\Amman
c:\programdata\adob\CS5\jre\lib\zi\Asia\Anadyr
c:\programdata\adob\CS5\jre\lib\zi\Asia\Aqtau
c:\programdata\adob\CS5\jre\lib\zi\Asia\Aqtobe
c:\programdata\adob\CS5\jre\lib\zi\Asia\Ashgabat
c:\programdata\adob\CS5\jre\lib\zi\Asia\Baghdad
c:\programdata\adob\CS5\jre\lib\zi\Asia\Bahrain
c:\programdata\adob\CS5\jre\lib\zi\Asia\Baku
c:\programdata\adob\CS5\jre\lib\zi\Asia\Bangkok
c:\programdata\adob\CS5\jre\lib\zi\Asia\Beirut
c:\programdata\adob\CS5\jre\lib\zi\Asia\Bishkek
c:\programdata\adob\CS5\jre\lib\zi\Asia\Brunei
c:\programdata\adob\CS5\jre\lib\zi\Asia\Choibalsan
c:\programdata\adob\CS5\jre\lib\zi\Asia\Chongqing
c:\programdata\adob\CS5\jre\lib\zi\Asia\Colombo
c:\programdata\adob\CS5\jre\lib\zi\Asia\Damascus
c:\programdata\adob\CS5\jre\lib\zi\Asia\Dhaka
c:\programdata\adob\CS5\jre\lib\zi\Asia\Dili
c:\programdata\adob\CS5\jre\lib\zi\Asia\Dubai
c:\programdata\adob\CS5\jre\lib\zi\Asia\Dushanbe
c:\programdata\adob\CS5\jre\lib\zi\Asia\Gaza
c:\programdata\adob\CS5\jre\lib\zi\Asia\Harbin
c:\programdata\adob\CS5\jre\lib\zi\Asia\Ho_Chi_Minh
c:\programdata\adob\CS5\jre\lib\zi\Asia\Hong_Kong
c:\programdata\adob\CS5\jre\lib\zi\Asia\Hovd
c:\programdata\adob\CS5\jre\lib\zi\Asia\Irkutsk
c:\programdata\adob\CS5\jre\lib\zi\Asia\Jakarta
c:\programdata\adob\CS5\jre\lib\zi\Asia\Jayapura
c:\programdata\adob\CS5\jre\lib\zi\Asia\Jerusalem
c:\programdata\adob\CS5\jre\lib\zi\Asia\Kabul
c:\programdata\adob\CS5\jre\lib\zi\Asia\Kamchatka
c:\programdata\adob\CS5\jre\lib\zi\Asia\Karachi
c:\programdata\adob\CS5\jre\lib\zi\Asia\Kashgar
c:\programdata\adob\CS5\jre\lib\zi\Asia\Kathmandu
c:\programdata\adob\CS5\jre\lib\zi\Asia\Kolkata
c:\programdata\adob\CS5\jre\lib\zi\Asia\Krasnoyarsk
c:\programdata\adob\CS5\jre\lib\zi\Asia\Kuala_Lumpur
c:\programdata\adob\CS5\jre\lib\zi\Asia\Kuching
c:\programdata\adob\CS5\jre\lib\zi\Asia\Kuwait
c:\programdata\adob\CS5\jre\lib\zi\Asia\Macau
c:\programdata\adob\CS5\jre\lib\zi\Asia\Magadan
c:\programdata\adob\CS5\jre\lib\zi\Asia\Makassar
c:\programdata\adob\CS5\jre\lib\zi\Asia\Manila
c:\programdata\adob\CS5\jre\lib\zi\Asia\Muscat
c:\programdata\adob\CS5\jre\lib\zi\Asia\Nicosia
c:\programdata\adob\CS5\jre\lib\zi\Asia\Novokuznetsk
c:\programdata\adob\CS5\jre\lib\zi\Asia\Novosibirsk
c:\programdata\adob\CS5\jre\lib\zi\Asia\Omsk
c:\programdata\adob\CS5\jre\lib\zi\Asia\Oral
c:\programdata\adob\CS5\jre\lib\zi\Asia\Phnom_Penh
c:\programdata\adob\CS5\jre\lib\zi\Asia\Pontianak
c:\programdata\adob\CS5\jre\lib\zi\Asia\Pyongyang
c:\programdata\adob\CS5\jre\lib\zi\Asia\Qatar
c:\programdata\adob\CS5\jre\lib\zi\Asia\Qyzylorda
c:\programdata\adob\CS5\jre\lib\zi\Asia\Rangoon
c:\programdata\adob\CS5\jre\lib\zi\Asia\Riyadh
c:\programdata\adob\CS5\jre\lib\zi\Asia\Riyadh87
c:\programdata\adob\CS5\jre\lib\zi\Asia\Riyadh88
c:\programdata\adob\CS5\jre\lib\zi\Asia\Riyadh89
c:\programdata\adob\CS5\jre\lib\zi\Asia\Sakhalin
c:\programdata\adob\CS5\jre\lib\zi\Asia\Samarkand
c:\programdata\adob\CS5\jre\lib\zi\Asia\Seoul
c:\programdata\adob\CS5\jre\lib\zi\Asia\Shanghai
c:\programdata\adob\CS5\jre\lib\zi\Asia\Singapore
c:\programdata\adob\CS5\jre\lib\zi\Asia\Taipei
c:\programdata\adob\CS5\jre\lib\zi\Asia\Tashkent
c:\programdata\adob\CS5\jre\lib\zi\Asia\Tbilisi
c:\programdata\adob\CS5\jre\lib\zi\Asia\Tehran
c:\programdata\adob\CS5\jre\lib\zi\Asia\Thimphu
c:\programdata\adob\CS5\jre\lib\zi\Asia\Tokyo
c:\programdata\adob\CS5\jre\lib\zi\Asia\Ulaanbaatar
c:\programdata\adob\CS5\jre\lib\zi\Asia\Urumqi
c:\programdata\adob\CS5\jre\lib\zi\Asia\Vientiane
c:\programdata\adob\CS5\jre\lib\zi\Asia\Vladivostok
c:\programdata\adob\CS5\jre\lib\zi\Asia\Yakutsk
c:\programdata\adob\CS5\jre\lib\zi\Asia\Yekaterinburg
c:\programdata\adob\CS5\jre\lib\zi\Asia\Yerevan
c:\programdata\adob\CS5\jre\lib\zi\Atlantic\Azores
c:\programdata\adob\CS5\jre\lib\zi\Atlantic\Bermuda
c:\programdata\adob\CS5\jre\lib\zi\Atlantic\Canary
c:\programdata\adob\CS5\jre\lib\zi\Atlantic\Cape_Verde
c:\programdata\adob\CS5\jre\lib\zi\Atlantic\Faroe
c:\programdata\adob\CS5\jre\lib\zi\Atlantic\Madeira
c:\programdata\adob\CS5\jre\lib\zi\Atlantic\Reykjavik
c:\programdata\adob\CS5\jre\lib\zi\Atlantic\South_Georgia
c:\programdata\adob\CS5\jre\lib\zi\Atlantic\St_Helena
c:\programdata\adob\CS5\jre\lib\zi\Atlantic\Stanley
c:\programdata\adob\CS5\jre\lib\zi\Australia\Adelaide
c:\programdata\adob\CS5\jre\lib\zi\Australia\Brisbane
c:\programdata\adob\CS5\jre\lib\zi\Australia\Broken_Hill
c:\programdata\adob\CS5\jre\lib\zi\Australia\Currie
c:\programdata\adob\CS5\jre\lib\zi\Australia\Darwin
c:\programdata\adob\CS5\jre\lib\zi\Australia\Eucla
c:\programdata\adob\CS5\jre\lib\zi\Australia\Hobart
c:\programdata\adob\CS5\jre\lib\zi\Australia\Lindeman
c:\programdata\adob\CS5\jre\lib\zi\Australia\Lord_Howe
c:\programdata\adob\CS5\jre\lib\zi\Australia\Melbourne
c:\programdata\adob\CS5\jre\lib\zi\Australia\Perth
c:\programdata\adob\CS5\jre\lib\zi\Australia\Sydney
c:\programdata\adob\CS5\jre\lib\zi\CET
c:\programdata\adob\CS5\jre\lib\zi\CST6CDT
c:\programdata\adob\CS5\jre\lib\zi\EET
c:\programdata\adob\CS5\jre\lib\zi\EST
c:\programdata\adob\CS5\jre\lib\zi\EST5EDT
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-1
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-10
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-11
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-12
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-13
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-14
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-2
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-3
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-4
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-5
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-6
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-7
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-8
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT-9
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT+1
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT+10
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT+11
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT+12
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT+2
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT+3
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT+4
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT+5
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT+6
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT+7
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT+8
c:\programdata\adob\CS5\jre\lib\zi\Etc\GMT+9
c:\programdata\adob\CS5\jre\lib\zi\Etc\UCT
c:\programdata\adob\CS5\jre\lib\zi\Etc\UTC
c:\programdata\adob\CS5\jre\lib\zi\Europe\Amsterdam
c:\programdata\adob\CS5\jre\lib\zi\Europe\Andorra
c:\programdata\adob\CS5\jre\lib\zi\Europe\Athens
c:\programdata\adob\CS5\jre\lib\zi\Europe\Belgrade
c:\programdata\adob\CS5\jre\lib\zi\Europe\Berlin
c:\programdata\adob\CS5\jre\lib\zi\Europe\Brussels
c:\programdata\adob\CS5\jre\lib\zi\Europe\Bucharest
c:\programdata\adob\CS5\jre\lib\zi\Europe\Budapest
c:\programdata\adob\CS5\jre\lib\zi\Europe\Chisinau
c:\programdata\adob\CS5\jre\lib\zi\Europe\Copenhagen
c:\programdata\adob\CS5\jre\lib\zi\Europe\Dublin
c:\programdata\adob\CS5\jre\lib\zi\Europe\Gibraltar
c:\programdata\adob\CS5\jre\lib\zi\Europe\Helsinki
c:\programdata\adob\CS5\jre\lib\zi\Europe\Istanbul
c:\programdata\adob\CS5\jre\lib\zi\Europe\Kaliningrad
c:\programdata\adob\CS5\jre\lib\zi\Europe\Kiev
c:\programdata\adob\CS5\jre\lib\zi\Europe\Lisbon
c:\programdata\adob\CS5\jre\lib\zi\Europe\London
c:\programdata\adob\CS5\jre\lib\zi\Europe\Luxembourg
c:\programdata\adob\CS5\jre\lib\zi\Europe\Madrid
c:\programdata\adob\CS5\jre\lib\zi\Europe\Malta
c:\programdata\adob\CS5\jre\lib\zi\Europe\Minsk
c:\programdata\adob\CS5\jre\lib\zi\Europe\Monaco
c:\programdata\adob\CS5\jre\lib\zi\Europe\Moscow
c:\programdata\adob\CS5\jre\lib\zi\Europe\Oslo
c:\programdata\adob\CS5\jre\lib\zi\Europe\Paris
c:\programdata\adob\CS5\jre\lib\zi\Europe\Prague
c:\programdata\adob\CS5\jre\lib\zi\Europe\Riga
c:\programdata\adob\CS5\jre\lib\zi\Europe\Rome
c:\programdata\adob\CS5\jre\lib\zi\Europe\Samara
c:\programdata\adob\CS5\jre\lib\zi\Europe\Simferopol
c:\programdata\adob\CS5\jre\lib\zi\Europe\Sofia
c:\programdata\adob\CS5\jre\lib\zi\Europe\Stockholm
c:\programdata\adob\CS5\jre\lib\zi\Europe\Tallinn
c:\programdata\adob\CS5\jre\lib\zi\Europe\Tirane
c:\programdata\adob\CS5\jre\lib\zi\Europe\Uzhgorod
c:\programdata\adob\CS5\jre\lib\zi\Europe\Vaduz
c:\programdata\adob\CS5\jre\lib\zi\Europe\Vienna
c:\programdata\adob\CS5\jre\lib\zi\Europe\Vilnius
c:\programdata\adob\CS5\jre\lib\zi\Europe\Volgograd
c:\programdata\adob\CS5\jre\lib\zi\Europe\Warsaw
c:\programdata\adob\CS5\jre\lib\zi\Europe\Zaporozhye
c:\programdata\adob\CS5\jre\lib\zi\Europe\Zurich
c:\programdata\adob\CS5\jre\lib\zi\GMT
c:\programdata\adob\CS5\jre\lib\zi\HST
c:\programdata\adob\CS5\jre\lib\zi\Indian\Antananarivo
c:\programdata\adob\CS5\jre\lib\zi\Indian\Chagos
c:\programdata\adob\CS5\jre\lib\zi\Indian\Christmas
c:\programdata\adob\CS5\jre\lib\zi\Indian\Cocos
c:\programdata\adob\CS5\jre\lib\zi\Indian\Comoro
c:\programdata\adob\CS5\jre\lib\zi\Indian\Kerguelen
c:\programdata\adob\CS5\jre\lib\zi\Indian\Mahe
c:\programdata\adob\CS5\jre\lib\zi\Indian\Maldives
c:\programdata\adob\CS5\jre\lib\zi\Indian\Mauritius
c:\programdata\adob\CS5\jre\lib\zi\Indian\Mayotte
c:\programdata\adob\CS5\jre\lib\zi\Indian\Reunion
c:\programdata\adob\CS5\jre\lib\zi\MET
c:\programdata\adob\CS5\jre\lib\zi\MST
c:\programdata\adob\CS5\jre\lib\zi\MST7MDT
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Apia
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Auckland
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Chatham
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Easter
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Efate
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Enderbury
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Fakaofo
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Fiji
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Funafuti
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Galapagos
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Gambier
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Guadalcanal
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Guam
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Honolulu
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Johnston
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Kiritimati
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Kosrae
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Kwajalein
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Majuro
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Marquesas
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Midway
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Nauru
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Niue
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Norfolk
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Noumea
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Pago_Pago
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Palau
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Pitcairn
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Ponape
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Port_Moresby
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Rarotonga
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Saipan
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Tahiti
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Tarawa
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Tongatapu
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Truk
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Wake
c:\programdata\adob\CS5\jre\lib\zi\Pacific\Wallis
c:\programdata\adob\CS5\jre\lib\zi\PST8PDT
c:\programdata\adob\CS5\jre\lib\zi\SystemV\AST4
c:\programdata\adob\CS5\jre\lib\zi\SystemV\AST4ADT
c:\programdata\adob\CS5\jre\lib\zi\SystemV\CST6
c:\programdata\adob\CS5\jre\lib\zi\SystemV\CST6CDT
c:\programdata\adob\CS5\jre\lib\zi\SystemV\EST5
c:\programdata\adob\CS5\jre\lib\zi\SystemV\EST5EDT
c:\programdata\adob\CS5\jre\lib\zi\SystemV\HST10
c:\programdata\adob\CS5\jre\lib\zi\SystemV\MST7
c:\programdata\adob\CS5\jre\lib\zi\SystemV\MST7MDT
c:\programdata\adob\CS5\jre\lib\zi\SystemV\PST8
c:\programdata\adob\CS5\jre\lib\zi\SystemV\PST8PDT
c:\programdata\adob\CS5\jre\lib\zi\SystemV\YST9
c:\programdata\adob\CS5\jre\lib\zi\SystemV\YST9YDT
c:\programdata\adob\CS5\jre\lib\zi\WET
c:\programdata\adob\CS5\jre\lib\zi\ZoneInfoMappings
c:\programdata\adob\CS5\jre\LICENSE
c:\programdata\adob\CS5\jre\LICENSE.rtf
c:\programdata\adob\CS5\jre\LICENSE_de.rtf
c:\programdata\adob\CS5\jre\LICENSE_es.rtf
c:\programdata\adob\CS5\jre\LICENSE_fr.rtf
c:\programdata\adob\CS5\jre\LICENSE_it.rtf
c:\programdata\adob\CS5\jre\LICENSE_ja.rtf
c:\programdata\adob\CS5\jre\LICENSE_ko.rtf
c:\programdata\adob\CS5\jre\LICENSE_sv.rtf
c:\programdata\adob\CS5\jre\LICENSE_zh_CN.rtf
c:\programdata\adob\CS5\jre\LICENSE_zh_TW.rtf
c:\programdata\adob\CS5\jre\README.txt
c:\programdata\adob\CS5\jre\THIRDPARTYLICENSEREADME.txt
c:\programdata\adob\CS5\jre\Welcome.html
c:\programdata\adob\SLStore\177974589.lic
c:\programdata\adob\SLStore\4EC5BFB91664
c:\programdata\adob\SLStore\59CBA4B90764
c:\programdata\adob\SLStore\Adobe01.bmp
c:\programdata\czsuwjoensdagaa
c:\programdata\ntuser.dat
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-06-06 bis 2012-07-06  ))))))))))))))))))))))))))))))
.
.
2012-07-06 19:31 . 2012-07-06 19:31        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2012-07-06 18:35 . 2012-07-06 18:35        --------        d-----w-        C:\_OTL
2012-07-06 15:36 . 2012-07-06 15:36        --------        d-----w-        c:\program files (x86)\ESET
2012-07-06 12:00 . 2012-07-06 12:00        --------        d-----w-        c:\users\Nino\AppData\Roaming\SumatraPDF
2012-07-06 11:47 . 2012-07-06 11:47        --------        d-----w-        c:\users\Nino\AppData\Roaming\Malwarebytes
2012-07-06 11:42 . 2012-07-06 12:09        --------        d-----w-        c:\programdata\wjonzjvnfenvuqi
2012-07-01 14:48 . 2012-07-01 14:48        --------        d-----w-        c:\users\Steffi\AppData\Roaming\ParetoLogic
2012-07-01 14:48 . 2012-07-01 14:48        --------        d-----w-        c:\users\Steffi\AppData\Roaming\DriverCure
2012-07-01 14:48 . 2012-07-01 14:53        --------        d-----w-        c:\programdata\ParetoLogic
2012-06-30 00:40 . 2012-05-31 04:04        9013136        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{17E76B9D-C17F-484B-8972-3FB6486452EF}\mpengine.dll
2012-06-23 20:40 . 2012-06-23 20:40        --------        d-----w-        c:\program files\iTunes
2012-06-23 20:40 . 2012-06-23 20:40        --------        d-----w-        c:\program files\iPod
2012-06-19 13:05 . 2012-06-19 13:05        --------        d-----w-        c:\programdata\Garmin
2012-06-19 11:30 . 2012-06-19 11:30        --------        d-----w-        c:\users\Steffi\AppData\Roaming\Talkback
2012-06-19 11:30 . 2012-06-19 11:30        --------        d-----w-        c:\users\Steffi\AppData\Roaming\SharePod
2012-06-19 11:30 . 2012-06-19 11:30        --------        d-----w-        c:\users\Steffi\AppData\Roaming\OpenOffice.org
2012-06-19 11:30 . 2012-06-19 11:30        --------        d-----w-        c:\users\Steffi\AppData\Roaming\NVIDIA
2012-06-19 11:30 . 2012-06-19 11:30        --------        d-----w-        c:\users\Steffi\AppData\Roaming\Media Center Programs
2012-06-19 11:30 . 2012-06-19 11:30        --------        d-----w-        c:\users\Steffi\AppData\Roaming\DisplayTune
2012-06-18 14:16 . 2012-06-18 14:16        --------        d-----w-        c:\program files\DIFX
2012-06-16 11:44 . 2012-06-16 11:44        --------        d-----w-        c:\users\Steffi\AppData\Roaming\SumatraPDF
2012-06-14 18:10 . 2012-05-01 05:40        209920        ----a-w-        c:\windows\system32\profsvc.dll
2012-06-14 18:10 . 2012-05-15 01:32        3146752        ----a-w-        c:\windows\system32\win32k.sys
2012-06-14 18:10 . 2012-04-28 03:55        210944        ----a-w-        c:\windows\system32\drivers\rdpwd.sys
2012-06-14 18:10 . 2012-04-24 05:37        184320        ----a-w-        c:\windows\system32\cryptsvc.dll
2012-06-14 18:10 . 2012-04-24 05:37        140288        ----a-w-        c:\windows\system32\cryptnet.dll
2012-06-14 18:10 . 2012-04-24 05:37        1462272        ----a-w-        c:\windows\system32\crypt32.dll
2012-06-14 18:10 . 2012-04-24 04:36        140288        ----a-w-        c:\windows\SysWow64\cryptsvc.dll
2012-06-14 18:10 . 2012-04-24 04:36        1158656        ----a-w-        c:\windows\SysWow64\crypt32.dll
2012-06-14 18:10 . 2012-04-24 04:36        103936        ----a-w-        c:\windows\SysWow64\cryptnet.dll
2012-06-14 18:06 . 2012-06-14 18:06        --------        d-----w-        c:\users\Nino\AppData\Local\Macromedia
2012-06-10 18:05 . 2012-06-10 18:05        --------        d-----w-        c:\users\Steffi\AppData\Local\Macromedia
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-06 19:33 . 2011-04-09 09:44        25640        ----a-w-        c:\windows\gdrv.sys
2012-07-01 12:12 . 2011-03-09 19:18        782336        ----a-w-        c:\windows\SysWow64\webservices.dll
2012-06-10 18:03 . 2012-04-01 09:31        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-10 18:03 . 2011-05-14 10:50        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 17:06 . 2012-04-01 10:06        8744608        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Xvid"="d:\programme\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"HW_OPENEYE_OUC_Mobile Partner"="d:\programme\Mobile Partner\UpdateDog\ouc.exe" [2009-07-27 110592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 571392]
"PivotSoftware"="c:\program files (x86)\Portrait Displays\Pivot Software\wpctrl.exe" [2009-09-24 850544]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Malwarebytes' Anti-Malware"="d:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Garmin Lifetime Updater"="d:\programme\Garmin\Lifetime Updater\GarminLifetime.exe" [2012-01-06 1446760]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"iTunesHelper"="d:\programme\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
c:\users\Nino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - d:\programme\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 136176]
R2 MBAMService;MBAMService;d:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [2010-12-23 421376]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 136176]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-09 1255736]
S0 Si3124r5;SiI-3124 SoftRaid 5 Controller;c:\windows\system32\DRIVERS\Si3124r5.sys [2010-04-13 340008]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2010-11-16 339456]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-07-15 109168]
S2 SDLService;SDLService;c:\program files (x86)\Realtek\Smart Dual Lan\SDLService.exe [2010-02-24 88064]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-01-30 86016]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-11-20 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-11-20 177152]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
S3 rtkio;rtkio;c:\program files (x86)\Realtek\Smart Dual Lan\rtkio.sys [2010-01-21 17392]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 01:14]
.
2012-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 01:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-06 10144288]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
Trusted Zone: microsoft.com
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: windowsupdate.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\e5zmxj5s.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: network.proxy.http - 211.76.97.152
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Tomb Raider II - c:\windows\IsUn0407.exe
AddRemove-Tomb Raider II Gold - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-06  21:36:07 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-07-06 19:36
.
Vor Suchlauf: 1.701.056.512 Bytes frei
Nach Suchlauf: 2.115.649.536 Bytes frei
.
- - End Of File - - DED525F79E8D6201A0D37A08C3EB2B7F
Hier der combofix.txt:

123click 11.07.2012 13:08
Hallo Markus,

klar, dass ihr das hier freiwillig und ohne Entgelt tut. Aber sag mir doch bitte wenigstens, ob es noch weitergeht, oder ob der Support beendet ist, damit ich meinen Computer wieder aufräumen kann.

Gruß Stefan

markusg 11.07.2012 21:04
sorry habs übersehen
ist so viel los, da kommt das leider schon mal vor.

lade den CCleaner standard:
CCleaner Download - CCleaner 3.20.1750
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

123click 12.07.2012 13:53
Hallo Markus,

klar, verstehe ich. Man kommt sich nur plötzlich so alleingelassen vor :heulen:
Im Anhang ist die Text-Datei.
Ich weiß nicht, ob du damit etwas anfangen kannst, aber seit geraumer Zeit kann ich keine Windows Updates mehr machen. Es kommt dann die Meldung, dass zuerst "Windows-Update" upgedatet werden muss, was aber nicht funktioniert mit unbekannten Fehlercode 800700C1. Ebenfalls angezeigt wird: letzte Updates: nie usw.
Vielleicht hast du ja einen tip, wo ich mich hinwenden kann, weil ich im Netz keine Lösung für das Problem finde, auch nicht bei MS.

Gruß Stefan

markusg 13.07.2012 20:02
verstehst du englisch?
https://answers.microsoft.com/en-us/...4-8328f438315c

123click 15.07.2012 14:03
Hallo Markus,

das was da steht habe ich alles schon versucht. Die Tatsache, dass 800700C1 ein "unbekannter Fehler" ist, zeigt ja auch schon, dass man mit den bisherigen Fixes etc. nicht vorankommt. Im abgesicherten Modus (mit Netzwerk) kann ich zum Beispiel Windows Update gar nicht starten.
Davon abgesehen: was ist denn mit dem Bundespolizeikram? Glaubst du der Fall ist erledigt, oder wie soll ich weiter vorgehen?

Gruß Stefan

markusg 15.07.2012 14:20
hi
trotzdem können solche fixes durchaus funktionieren.
du brauchst schon nen aktuelles windows, sonst infizierst du dich evtl. erneut.
sicherheitshalber ausführen:
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

123click 15.07.2012 14:29
Hier ist ein Auszug aus dem CBS-Log. Ich habe versucht, die beiden Treiber im Netz zu finden und zu ersetzen, allerdings ohne Erfolg. Lustigerweise stößt man dabei auf Seiten, die alles andere als seriös wirken.
Code:
2012-07-15 15:14:00, Info                  CSI    000002f9 [SR] Verify complete
2012-07-15 15:14:00, Info                  CSI    000002fa [SR] Repairing 3 components
2012-07-15 15:14:00, Info                  CSI    000002fb [SR] Beginning Verify and Repair transaction
2012-07-15 15:14:00, Info                  CSI    000002fc Hashes for file member \SystemRoot\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smiengine.dll do not match actual file [l:26{13}]"smiengine.dll" :
  Found: {l:32 b:47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=} Expected: {l:32 b:hUjeo19U0cGcX5o2lkN+D1LBHOG2Xuq9j2SvbAs1PCo=}
2012-07-15 15:14:00, Info                  CSI    000002fd [SR] Cannot repair member file [l:26{13}]"smiengine.dll" of Microsoft-Windows-ServicingStack, Version = 6.1.7601.17592, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-07-15 15:14:00, Info                  CSI    000002fe Hashes for file member \SystemRoot\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\smiengine.dll do not match actual file [l:26{13}]"smiengine.dll" :
  Found: {l:32 b:0CVxy/ZS4YifSt1xWtLkChd4f8LZsqksOvakiAX/SEM=} Expected: {l:32 b:DXLIs/GwWp0Io0MWucLGm+kI0dOuZ5izuZ47VA5f0L0=}
2012-07-15 15:14:00, Info                  CSI    000002ff [SR] Cannot repair member file [l:26{13}]"smiengine.dll" of Microsoft-Windows-ServicingStack, Version = 6.1.7601.17592, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-07-15 15:14:00, Info                  CSI    00000300 Hashes for file member \SystemRoot\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90FRA.DLL do not match actual file [l:24{12}]"MFC90FRA.DLL" :
  Found: {l:20 b:PnOSIgT4Zdl21v/c6mOJI55oglI=} Expected: {l:20 b:e2/rJ4h/du74ThsUZ4A4JS8lsMw=}
  Found: {l:20 b:PnOSIgT4Zdl21v/c6mOJI55oglI=} Expected: {l:20 b:iNSk0kZk7Nr9n678/7JkEwWuWgw=}
2012-07-15 15:14:00, Info                  CSI    00000301 [SR] Cannot repair member file [l:24{12}]"MFC90FRA.DLL" of Microsoft.VC90.MFCLOC, Version = 9.0.30729.6161, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope neutral, PublicKeyToken = {l:8 b:1fc8b3b9a1e18e3b}, Type = [l:10{5}]"win32", TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-07-15 15:14:00, Info                  CSI    00000302 Hashes for file member \SystemRoot\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\smiengine.dll do not match actual file [l:26{13}]"smiengine.dll" :
  Found: {l:32 b:0CVxy/ZS4YifSt1xWtLkChd4f8LZsqksOvakiAX/SEM=} Expected: {l:32 b:DXLIs/GwWp0Io0MWucLGm+kI0dOuZ5izuZ47VA5f0L0=}
2012-07-15 15:14:00, Info                  CSI    00000303 [SR] Cannot repair member file [l:26{13}]"smiengine.dll" of Microsoft-Windows-ServicingStack, Version = 6.1.7601.17592, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-07-15 15:14:00, Info                  CSI    00000304 [SR] This component was referenced by [l:154{77}]"Package_2_for_KB2533552~31bf3856ad364e35~amd64~~6.1.1.1.2533552-3_neutral_GDR"
2012-07-15 15:14:00, Info                  CSI    00000305 Hashes for file member \SystemRoot\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smiengine.dll do not match actual file [l:26{13}]"smiengine.dll" :
  Found: {l:32 b:47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=} Expected: {l:32 b:hUjeo19U0cGcX5o2lkN+D1LBHOG2Xuq9j2SvbAs1PCo=}
2012-07-15 15:14:00, Info                  CSI    00000306 [SR] Cannot repair member file [l:26{13}]"smiengine.dll" of Microsoft-Windows-ServicingStack, Version = 6.1.7601.17592, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-07-15 15:14:00, Info                  CSI    00000307 [SR] This component was referenced by [l:154{77}]"Package_2_for_KB2533552~31bf3856ad364e35~amd64~~6.1.1.1.2533552-4_neutral_GDR"
2012-07-15 15:14:00, Info                  CSI    00000308 Repair results created:
POQ 125 starts:
    0: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\dc45fbb28b62cd012037000038076403.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
    1: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\623901b38b62cd012137000038076403.$$_syswow64_21ffbdd2a2dd92e0.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_syswow64_21ffbdd2a2dd92e0.cdf-ms"
    2: Move File: Source = [l:252{126}]"\SystemRoot\WinSxS\Temp\PendingRenames\b5fc01b38b62cd012237000038076403.$$_syswow64_advancedinstallers_0c6bb4866bff02f7.cdf-ms", Destination = [l:164{82}]"\SystemRoot\WinSxS\FileMaps\$$_syswow64_advancedinstallers_0c6bb4866bff02f7.cdf-ms"
    3: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\e26723b38b62cd012337000038076403.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
    4: Move File: Source = [l:252{126}]"\SystemRoot\WinSxS\Temp\PendingRenames\465224b38b62cd012437000038076403.$$_system32_advancedinstallers_dfe2cf200b391371.cdf-ms", Destination = [l:164{82}]"\SystemRoot\WinSxS\FileMaps\$$_system32_advancedinstallers_dfe2cf200b391371.cdf-ms"
Wenn du weißt, wo man die Treiber bekommt und mir auch noch sagst, wie ich sie am einfachsten ersetzen kann, sprich: ohne den ganzen Kuddelmuddel mit Besitzübernahme und so, wäre ich dir sehr dankbar. Die Tips im Netz, von wegen "Windows repariert sich selbst" funktionieren einfach nicht bei mir. Hab die Win7 CD eingelegt und gar nichts ist passiert.

Gruß Stefan

markusg 15.07.2012 14:33
hast du einen fertig pc, schon mal beim hersteller deines gerätes geschaut?

123click 15.07.2012 14:52
Hallo Markus,

das mit dem Killer mach ich gleich. Nur vorab: Es ist kein Fertig-PC, sondern Eigenbau.

markusg 15.07.2012 14:54
hi, dann mal auf den seiten der jeweiligen hersteller nach drivern suchen.

123click 15.07.2012 15:01
Hier das Killer-Log:
Code:
15:56:09.0355 2472        TDSS rootkit removing tool 2.7.45.0 Jul  9 2012 12:46:35
15:56:09.0422 2472        ============================================================
15:56:09.0422 2472        Current date / time: 2012/07/15 15:56:09.0422
15:56:09.0422 2472        SystemInfo:
15:56:09.0422 2472       
15:56:09.0422 2472        OS Version: 6.1.7601 ServicePack: 1.0
15:56:09.0422 2472        Product type: Workstation
15:56:09.0423 2472        ComputerName: STEFFI-PC
15:56:09.0423 2472        UserName: Steffi
15:56:09.0423 2472        Windows directory: C:\Windows
15:56:09.0423 2472        System windows directory: C:\Windows
15:56:09.0423 2472        Running under WOW64
15:56:09.0423 2472        Processor architecture: Intel x64
15:56:09.0423 2472        Number of processors: 4
15:56:09.0423 2472        Page size: 0x1000
15:56:09.0423 2472        Boot type: Normal boot
15:56:09.0423 2472        ============================================================
15:56:09.0592 2472        Drive \Device\Harddisk1\DR1 - Size: 0x1BF31C0000 (111.80 Gb), SectorSize: 0x200, Cylinders: 0x3902, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
15:56:09.0614 2472        Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:56:09.0616 2472        Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:56:09.0623 2472        Drive \Device\Harddisk3\DR3 - Size: 0x0 (0.00 Gb), SectorSize: 0x200, Cylinders: 0x0, SectorsPerTrack: 0x0, TracksPerCylinder: 0x0, Type 'W'
15:56:09.0623 2472        ============================================================
15:56:09.0623 2472        \Device\Harddisk1\DR1:
15:56:09.0623 2472        MBR partitions:
15:56:09.0623 2472        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:56:09.0624 2472        \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6175800
15:56:09.0624 2472        \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x61A8000, BlocksNum 0x7DF0000
15:56:09.0624 2472        \Device\Harddisk0\DR0:
15:56:09.0624 2472        MBR partitions:
15:56:09.0624 2472        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x61A8000
15:56:09.0624 2472        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A8800, BlocksNum 0xC870800
15:56:09.0624 2472        \Device\Harddisk2\DR2:
15:56:09.0624 2472        MBR partitions:
15:56:09.0624 2472        \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
15:56:09.0624 2472        ============================================================
15:56:09.0625 2472        C: <-> \Device\Harddisk1\DR1\Partition1
15:56:09.0625 2472        D: <-> \Device\Harddisk1\DR1\Partition2
15:56:09.0631 2472        G: <-> \Device\Harddisk0\DR0\Partition0
15:56:09.0646 2472        H: <-> \Device\Harddisk0\DR0\Partition1
15:56:09.0669 2472        I: <-> \Device\Harddisk2\DR2\Partition0
15:56:09.0669 2472        ============================================================
15:56:09.0669 2472        Initialize success
15:56:09.0669 2472        ============================================================
15:57:34.0103 3204        ============================================================
15:57:34.0103 3204        Scan started
15:57:34.0103 3204        Mode: Manual; SigCheck; TDLFS;
15:57:34.0103 3204        ============================================================
15:57:34.0477 3204        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:57:34.0509 3204        1394ohci - ok
15:57:34.0524 3204        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:57:34.0524 3204        ACPI - ok
15:57:34.0540 3204        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:57:34.0540 3204        AcpiPmi - ok
15:57:34.0571 3204        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:57:34.0571 3204        AdobeFlashPlayerUpdateSvc - ok
15:57:34.0587 3204        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:57:34.0602 3204        adp94xx - ok
15:57:34.0618 3204        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:57:34.0633 3204        adpahci - ok
15:57:34.0633 3204        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:57:34.0649 3204        adpu320 - ok
15:57:34.0649 3204        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:57:34.0665 3204        AeLookupSvc - ok
15:57:34.0696 3204        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:57:34.0696 3204        AFD - ok
15:57:34.0696 3204        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:57:34.0711 3204        agp440 - ok
15:57:34.0711 3204        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:57:34.0727 3204        ALG - ok
15:57:34.0727 3204        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:57:34.0727 3204        aliide - ok
15:57:34.0727 3204        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:57:34.0743 3204        amdide - ok
15:57:34.0743 3204        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:57:34.0743 3204        AmdK8 - ok
15:57:34.0758 3204        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:57:34.0758 3204        AmdPPM - ok
15:57:34.0758 3204        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:57:34.0774 3204        amdsata - ok
15:57:34.0774 3204        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:57:34.0789 3204        amdsbs - ok
15:57:34.0789 3204        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:57:34.0789 3204        amdxata - ok
15:57:34.0805 3204        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:57:34.0821 3204        AppID - ok
15:57:34.0821 3204        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:57:34.0852 3204        AppIDSvc - ok
15:57:34.0852 3204        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:57:34.0867 3204        Appinfo - ok
15:57:34.0883 3204        Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:57:34.0883 3204        Apple Mobile Device - ok
15:57:34.0883 3204        AppleCharger    (301aa64f9643bc453d90a66c4c0e7204) C:\Windows\system32\DRIVERS\AppleCharger.sys
15:57:34.0899 3204        AppleCharger - ok
15:57:34.0899 3204        AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
15:57:34.0899 3204        AppleChargerSrv - ok
15:57:34.0914 3204        AppMgmt        (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
15:57:34.0914 3204        AppMgmt - ok
15:57:34.0930 3204        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:57:34.0930 3204        arc - ok
15:57:34.0930 3204        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:57:34.0945 3204        arcsas - ok
15:57:34.0945 3204        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:57:34.0961 3204        AsyncMac - ok
15:57:34.0977 3204        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:57:34.0977 3204        atapi - ok
15:57:34.0992 3204        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:57:35.0023 3204        AudioEndpointBuilder - ok
15:57:35.0023 3204        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:57:35.0055 3204        AudioSrv - ok
15:57:35.0055 3204        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:57:35.0070 3204        AxInstSV - ok
15:57:35.0086 3204        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:57:35.0101 3204        b06bdrv - ok
15:57:35.0117 3204        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:57:35.0117 3204        b57nd60a - ok
15:57:35.0133 3204        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:57:35.0133 3204        BDESVC - ok
15:57:35.0133 3204        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:57:35.0164 3204        Beep - ok
15:57:35.0179 3204        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:57:35.0211 3204        BFE - ok
15:57:35.0242 3204        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
15:57:35.0257 3204        BITS - ok
15:57:35.0273 3204        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:57:35.0273 3204        blbdrive - ok
15:57:35.0289 3204        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:57:35.0304 3204        Bonjour Service - ok
15:57:35.0304 3204        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:57:35.0320 3204        bowser - ok
15:57:35.0320 3204        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:57:35.0320 3204        BrFiltLo - ok
15:57:35.0320 3204        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:57:35.0335 3204        BrFiltUp - ok
15:57:35.0335 3204        BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:57:35.0367 3204        BridgeMP - ok
15:57:35.0367 3204        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:57:35.0382 3204        Browser - ok
15:57:35.0398 3204        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:57:35.0413 3204        Brserid - ok
15:57:35.0413 3204        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:57:35.0429 3204        BrSerWdm - ok
15:57:35.0429 3204        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:57:35.0429 3204        BrUsbMdm - ok
15:57:35.0429 3204        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:57:35.0445 3204        BrUsbSer - ok
15:57:35.0445 3204        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:57:35.0460 3204        BTHMODEM - ok
15:57:35.0460 3204        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:57:35.0476 3204        bthserv - ok
15:57:35.0476 3204        catchme - ok
15:57:35.0491 3204        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:57:35.0507 3204        cdfs - ok
15:57:35.0523 3204        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:57:35.0523 3204        cdrom - ok
15:57:35.0523 3204        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:57:35.0554 3204        CertPropSvc - ok
15:57:35.0554 3204        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:57:35.0569 3204        circlass - ok
15:57:35.0569 3204        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:57:35.0585 3204        CLFS - ok
15:57:35.0585 3204        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:57:35.0601 3204        clr_optimization_v2.0.50727_32 - ok
15:57:35.0601 3204        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:57:35.0616 3204        clr_optimization_v2.0.50727_64 - ok
15:57:35.0616 3204        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:57:35.0632 3204        clr_optimization_v4.0.30319_32 - ok
15:57:35.0632 3204        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:57:35.0647 3204        clr_optimization_v4.0.30319_64 - ok
15:57:35.0647 3204        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:57:35.0647 3204        CmBatt - ok
15:57:35.0647 3204        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:57:35.0663 3204        cmdide - ok
15:57:35.0679 3204        CNG            (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:57:35.0694 3204        CNG - ok
15:57:35.0694 3204        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:57:35.0694 3204        Compbatt - ok
15:57:35.0710 3204        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:57:35.0710 3204        CompositeBus - ok
15:57:35.0710 3204        COMSysApp - ok
15:57:35.0710 3204        cpuz135        (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
15:57:35.0725 3204        cpuz135 - ok
15:57:35.0725 3204        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:57:35.0725 3204        crcdisk - ok
15:57:35.0741 3204        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
15:57:35.0741 3204        CryptSvc - ok
15:57:35.0772 3204        CSC            (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
15:57:35.0772 3204        CSC - ok
15:57:35.0803 3204        CscService      (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
15:57:35.0803 3204        CscService - ok
15:57:35.0835 3204        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:57:35.0850 3204        DcomLaunch - ok
15:57:35.0866 3204        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:57:35.0881 3204        defragsvc - ok
15:57:35.0897 3204        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:57:35.0913 3204        DfsC - ok
15:57:35.0928 3204        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:57:35.0959 3204        Dhcp - ok
15:57:35.0959 3204        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:57:35.0975 3204        discache - ok
15:57:35.0975 3204        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:57:35.0991 3204        Disk - ok
15:57:35.0991 3204        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:57:36.0006 3204        Dnscache - ok
15:57:36.0022 3204        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:57:36.0037 3204        dot3svc - ok
15:57:36.0037 3204        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:57:36.0069 3204        DPS - ok
15:57:36.0069 3204        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:57:36.0069 3204        drmkaud - ok
15:57:36.0115 3204        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:57:36.0131 3204        DXGKrnl - ok
15:57:36.0131 3204        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:57:36.0147 3204        EapHost - ok
15:57:36.0240 3204        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:57:36.0287 3204        ebdrv - ok
15:57:36.0303 3204        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:57:36.0318 3204        EFS - ok
15:57:36.0334 3204        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:57:36.0349 3204        ehRecvr - ok
15:57:36.0349 3204        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:57:36.0365 3204        ehSched - ok
15:57:36.0381 3204        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:57:36.0396 3204        elxstor - ok
15:57:36.0396 3204        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:57:36.0396 3204        ErrDev - ok
15:57:36.0412 3204        ES lite Service (b8fa96995726d1fa58476e352c02ad82) C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
15:57:36.0412 3204        ES lite Service - ok
15:57:36.0427 3204        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:57:36.0459 3204        EventSystem - ok
15:57:36.0474 3204        ewusbmbb        (334c907536e815e56cd13108a6d5fb9d) C:\Windows\system32\DRIVERS\ewusbwwan.sys
15:57:36.0474 3204        ewusbmbb - ok
15:57:36.0474 3204        ewusbnet - ok
15:57:36.0490 3204        ew_hwusbdev    (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
15:57:36.0490 3204        ew_hwusbdev - ok
15:57:36.0505 3204        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:57:36.0521 3204        exfat - ok
15:57:36.0537 3204        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:57:36.0552 3204        fastfat - ok
15:57:36.0583 3204        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:57:36.0583 3204        Fax - ok
15:57:36.0599 3204        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:57:36.0599 3204        fdc - ok
15:57:36.0599 3204        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:57:36.0615 3204        fdPHost - ok
15:57:36.0630 3204        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:57:36.0646 3204        FDResPub - ok
15:57:36.0646 3204        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:57:36.0661 3204        FileInfo - ok
15:57:36.0661 3204        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:57:36.0677 3204        Filetrace - ok
15:57:36.0677 3204        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:57:36.0693 3204        flpydisk - ok
15:57:36.0708 3204        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:57:36.0708 3204        FltMgr - ok
15:57:36.0739 3204        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:57:36.0755 3204        FontCache - ok
15:57:36.0771 3204        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:57:36.0771 3204        FontCache3.0.0.0 - ok
15:57:36.0771 3204        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:57:36.0786 3204        FsDepends - ok
15:57:36.0786 3204        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:57:36.0786 3204        Fs_Rec - ok
15:57:36.0802 3204        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:57:36.0817 3204        fvevol - ok
15:57:36.0817 3204        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:57:36.0817 3204        gagp30kx - ok
15:57:36.0833 3204        gdrv            (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
15:57:36.0833 3204        gdrv - ok
15:57:36.0833 3204        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:57:36.0833 3204        GEARAspiWDM - ok
15:57:36.0864 3204        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:57:36.0895 3204        gpsvc - ok
15:57:36.0895 3204        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:57:36.0911 3204        gupdate - ok
15:57:36.0911 3204        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:57:36.0911 3204        gupdatem - ok
15:57:36.0911 3204        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:57:36.0927 3204        hcw85cir - ok
15:57:36.0942 3204        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:57:36.0942 3204        HdAudAddService - ok
15:57:36.0958 3204        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:57:36.0958 3204        HDAudBus - ok
15:57:36.0958 3204        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:57:36.0973 3204        HidBatt - ok
15:57:36.0973 3204        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:57:36.0989 3204        HidBth - ok
15:57:36.0989 3204        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:57:36.0989 3204        HidIr - ok
15:57:36.0989 3204        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:57:37.0020 3204        hidserv - ok
15:57:37.0020 3204        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:57:37.0036 3204        HidUsb - ok
15:57:37.0036 3204        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:57:37.0051 3204        hkmsvc - ok
15:57:37.0067 3204        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:57:37.0067 3204        HomeGroupListener - ok
15:57:37.0083 3204        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:57:37.0083 3204        HomeGroupProvider - ok
15:57:37.0098 3204        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:57:37.0098 3204        HpSAMD - ok
15:57:37.0129 3204        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:57:37.0145 3204        HTTP - ok
15:57:37.0161 3204        huawei_enumerator (1642c62f1fd5e1ff44608283994a7bb8) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
15:57:37.0161 3204        huawei_enumerator - ok
15:57:37.0176 3204        hwdatacard      (04d1de1e8ace40ca396502c90524e945) C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:57:37.0192 3204        hwdatacard - ok
15:57:37.0192 3204        HWDeviceService64.exe - ok
15:57:37.0192 3204        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:57:37.0192 3204        hwpolicy - ok
15:57:37.0207 3204        hwusbdev - ok
15:57:37.0207 3204        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:57:37.0223 3204        i8042prt - ok
15:57:37.0239 3204        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:57:37.0239 3204        iaStorV - ok
15:57:37.0254 3204        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:57:37.0254 3204        IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:57:37.0254 3204        IDriverT - detected UnsignedFile.Multi.Generic (1)
15:57:37.0270 3204        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:57:37.0285 3204        idsvc - ok
15:57:37.0317 3204        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:57:37.0317 3204        iirsp - ok
15:57:37.0348 3204        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:57:37.0379 3204        IKEEXT - ok
15:57:37.0488 3204        IntcAzAudAddService (0adf714079ae174a39d69036143e4c50) C:\Windows\system32\drivers\RTKVHD64.sys
15:57:37.0519 3204        IntcAzAudAddService - ok
15:57:37.0551 3204        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:57:37.0551 3204        intelide - ok
15:57:37.0551 3204        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:57:37.0566 3204        intelppm - ok
15:57:37.0566 3204        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:57:37.0597 3204        IPBusEnum - ok
15:57:37.0597 3204        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:57:37.0613 3204        IpFilterDriver - ok
15:57:37.0629 3204        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:57:37.0660 3204        iphlpsvc - ok
15:57:37.0660 3204        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:57:37.0675 3204        IPMIDRV - ok
15:57:37.0675 3204        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:57:37.0691 3204        IPNAT - ok
15:57:37.0722 3204        iPod Service    (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
15:57:37.0738 3204        iPod Service - ok
15:57:37.0738 3204        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:57:37.0753 3204        IRENUM - ok
15:57:37.0769 3204        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:57:37.0769 3204        isapnp - ok
15:57:37.0785 3204        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:57:37.0785 3204        iScsiPrt - ok
15:57:37.0785 3204        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:57:37.0800 3204        kbdclass - ok
15:57:37.0800 3204        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:57:37.0800 3204        kbdhid - ok
15:57:37.0816 3204        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:37.0816 3204        KeyIso - ok
15:57:37.0816 3204        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:57:37.0831 3204        KSecDD - ok
15:57:37.0831 3204        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:57:37.0847 3204        KSecPkg - ok
15:57:37.0847 3204        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:57:37.0863 3204        ksthunk - ok
15:57:37.0878 3204        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:57:37.0909 3204        KtmRm - ok
15:57:37.0909 3204        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:57:37.0941 3204        LanmanServer - ok
15:57:37.0941 3204        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:57:37.0956 3204        LanmanWorkstation - ok
15:57:37.0972 3204        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:57:37.0987 3204        lltdio - ok
15:57:38.0003 3204        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:57:38.0019 3204        lltdsvc - ok
15:57:38.0034 3204        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:57:38.0050 3204        lmhosts - ok
15:57:38.0050 3204        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:57:38.0065 3204        LSI_FC - ok
15:57:38.0065 3204        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:57:38.0081 3204        LSI_SAS - ok
15:57:38.0081 3204        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:57:38.0081 3204        LSI_SAS2 - ok
15:57:38.0097 3204        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:57:38.0097 3204        LSI_SCSI - ok
15:57:38.0112 3204        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:57:38.0128 3204        luafv - ok
15:57:38.0128 3204        MBAMProtector  (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
15:57:38.0143 3204        MBAMProtector - ok
15:57:38.0159 3204        MBAMService    (ba400ed640bca1eae5c727ae17c10207) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
15:57:38.0175 3204        MBAMService - ok
15:57:38.0175 3204        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:57:38.0190 3204        Mcx2Svc - ok
15:57:38.0190 3204        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:57:38.0190 3204        megasas - ok
15:57:38.0206 3204        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:57:38.0206 3204        MegaSR - ok
15:57:38.0221 3204        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:57:38.0237 3204        MMCSS - ok
15:57:38.0237 3204        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:57:38.0268 3204        Modem - ok
15:57:38.0268 3204        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:57:38.0268 3204        monitor - ok
15:57:38.0284 3204        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:57:38.0284 3204        mouclass - ok
15:57:38.0284 3204        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:57:38.0299 3204        mouhid - ok
15:57:38.0299 3204        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:57:38.0299 3204        mountmgr - ok
15:57:38.0315 3204        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:57:38.0315 3204        mpio - ok
15:57:38.0331 3204        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:57:38.0346 3204        mpsdrv - ok
15:57:38.0377 3204        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:57:38.0393 3204        MpsSvc - ok
15:57:38.0409 3204        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:57:38.0424 3204        MRxDAV - ok
15:57:38.0424 3204        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:57:38.0424 3204        mrxsmb - ok
15:57:38.0440 3204        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:57:38.0455 3204        mrxsmb10 - ok
15:57:38.0455 3204        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:57:38.0471 3204        mrxsmb20 - ok
15:57:38.0471 3204        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:57:38.0471 3204        msahci - ok
15:57:38.0487 3204        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:57:38.0487 3204        msdsm - ok
15:57:38.0487 3204        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:57:38.0502 3204        MSDTC - ok
15:57:38.0502 3204        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:57:38.0533 3204        Msfs - ok
15:57:38.0533 3204        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:57:38.0549 3204        mshidkmdf - ok
15:57:38.0549 3204        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:57:38.0565 3204        msisadrv - ok
15:57:38.0565 3204        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:57:38.0580 3204        MSiSCSI - ok
15:57:38.0596 3204        msiserver - ok
15:57:38.0596 3204        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:57:38.0611 3204        MSKSSRV - ok
15:57:38.0611 3204        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:57:38.0643 3204        MSPCLOCK - ok
15:57:38.0643 3204        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:57:38.0658 3204        MSPQM - ok
15:57:38.0674 3204        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:57:38.0689 3204        MsRPC - ok
15:57:38.0689 3204        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:57:38.0689 3204        mssmbios - ok
15:57:38.0689 3204        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:57:38.0721 3204        MSTEE - ok
15:57:38.0721 3204        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:57:38.0721 3204        MTConfig - ok
15:57:38.0736 3204        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:57:38.0736 3204        Mup - ok
15:57:38.0752 3204        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:57:38.0783 3204        napagent - ok
15:57:38.0783 3204        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:57:38.0799 3204        NativeWifiP - ok
15:57:38.0830 3204        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:57:38.0845 3204        NDIS - ok
15:57:38.0845 3204        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:57:38.0877 3204        NdisCap - ok
15:57:38.0877 3204        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:57:38.0892 3204        NdisTapi - ok
15:57:38.0908 3204        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:57:38.0923 3204        Ndisuio - ok
15:57:38.0923 3204        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:57:38.0955 3204        NdisWan - ok
15:57:38.0955 3204        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:57:38.0970 3204        NDProxy - ok
15:57:38.0986 3204        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:57:39.0001 3204        NetBIOS - ok
15:57:39.0017 3204        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:57:39.0033 3204        NetBT - ok
15:57:39.0033 3204        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:39.0048 3204        Netlogon - ok
15:57:39.0064 3204        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:57:39.0079 3204        Netman - ok
15:57:39.0079 3204        NetMsmqActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:57:39.0095 3204        NetMsmqActivator - ok
15:57:39.0095 3204        NetPipeActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:57:39.0095 3204        NetPipeActivator - ok
15:57:39.0111 3204        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:57:39.0142 3204        netprofm - ok
15:57:39.0142 3204        NetTcpActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:57:39.0142 3204        NetTcpActivator - ok
15:57:39.0157 3204        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:57:39.0157 3204        NetTcpPortSharing - ok
15:57:39.0157 3204        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:57:39.0173 3204        nfrd960 - ok
15:57:39.0173 3204        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:57:39.0204 3204        NlaSvc - ok
15:57:39.0204 3204        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:57:39.0220 3204        Npfs - ok
15:57:39.0235 3204        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:57:39.0251 3204        nsi - ok
15:57:39.0251 3204        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:57:39.0282 3204        nsiproxy - ok
15:57:39.0345 3204        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:57:39.0391 3204        Ntfs - ok
15:57:39.0407 3204        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:57:39.0423 3204        Null - ok
15:57:39.0438 3204        nusb3hub        (785298579b5f9b4032152dfbb992fdb6) C:\Windows\system32\DRIVERS\nusb3hub.sys
15:57:39.0438 3204        nusb3hub - ok
15:57:39.0454 3204        nusb3xhc        (df2750481b4964814467c974f2b0eef1) C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:57:39.0454 3204        nusb3xhc - ok
15:57:39.0469 3204        NVHDA          (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
15:57:39.0469 3204        NVHDA - ok
15:57:39.0922 3204        nvlddmkm        (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:57:40.0093 3204        nvlddmkm - ok
15:57:40.0125 3204        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:57:40.0140 3204        nvraid - ok
15:57:40.0140 3204        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:57:40.0156 3204        nvstor - ok
15:57:40.0187 3204        nvsvc          (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
15:57:40.0203 3204        nvsvc - ok
15:57:40.0265 3204        nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:57:40.0296 3204        nvUpdatusService - ok
15:57:40.0327 3204        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:57:40.0327 3204        nv_agp - ok
15:57:40.0343 3204        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:57:40.0343 3204        ohci1394 - ok
15:57:40.0343 3204        ose            (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:57:40.0359 3204        ose - ok
15:57:40.0374 3204        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:57:40.0374 3204        p2pimsvc - ok
15:57:40.0390 3204        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:57:40.0405 3204        p2psvc - ok
15:57:40.0405 3204        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:57:40.0421 3204        Parport - ok
15:57:40.0421 3204        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:57:40.0421 3204        partmgr - ok
15:57:40.0437 3204        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:57:40.0452 3204        PcaSvc - ok
15:57:40.0452 3204        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:57:40.0468 3204        pci - ok
15:57:40.0468 3204        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:57:40.0468 3204        pciide - ok
15:57:40.0483 3204        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:57:40.0483 3204        pcmcia - ok
15:57:40.0483 3204        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:57:40.0499 3204        pcw - ok
15:57:40.0499 3204        PdiPorts        (25fd4d8109114266a610fd1088bfd522) C:\Windows\system32\DRIVERS\PdiPorts.sys
15:57:40.0499 3204        PdiPorts - ok
15:57:40.0515 3204        PdiService      (fed28c565de5f73b7c5b32841229e496) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
15:57:40.0515 3204        PdiService - ok
15:57:40.0546 3204        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:57:40.0561 3204        PEAUTH - ok
15:57:40.0624 3204        PeerDistSvc    (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
15:57:40.0655 3204        PeerDistSvc - ok
15:57:40.0671 3204        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:57:40.0686 3204        PerfHost - ok
15:57:40.0749 3204        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:57:40.0780 3204        pla - ok
15:57:40.0795 3204        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:57:40.0795 3204        PlugPlay - ok
15:57:40.0811 3204        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:57:40.0811 3204        PNRPAutoReg - ok
15:57:40.0827 3204        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:57:40.0827 3204        PNRPsvc - ok
15:57:40.0842 3204        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:57:40.0873 3204        PolicyAgent - ok
15:57:40.0873 3204        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:57:40.0905 3204        Power - ok
15:57:40.0905 3204        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:57:40.0936 3204        PptpMiniport - ok
15:57:40.0936 3204        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:57:40.0951 3204        Processor - ok
15:57:40.0951 3204        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
15:57:40.0967 3204        ProfSvc - ok
15:57:40.0967 3204        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:40.0967 3204        ProtectedStorage - ok
15:57:40.0983 3204        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:57:40.0998 3204        Psched - ok
15:57:41.0045 3204        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:57:41.0076 3204        ql2300 - ok
15:57:41.0092 3204        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:57:41.0107 3204        ql40xx - ok
15:57:41.0107 3204        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:57:41.0123 3204        QWAVE - ok
15:57:41.0123 3204        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:57:41.0139 3204        QWAVEdrv - ok
15:57:41.0139 3204        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:57:41.0170 3204        RasAcd - ok
15:57:41.0170 3204        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:57:41.0185 3204        RasAgileVpn - ok
15:57:41.0201 3204        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:57:41.0217 3204        RasAuto - ok
15:57:41.0217 3204        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:57:41.0248 3204        Rasl2tp - ok
15:57:41.0263 3204        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:57:41.0279 3204        RasMan - ok
15:57:41.0279 3204        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:57:41.0310 3204        RasPppoe - ok
15:57:41.0310 3204        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:57:41.0326 3204        RasSstp - ok
15:57:41.0341 3204        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:57:41.0373 3204        rdbss - ok
15:57:41.0373 3204        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:57:41.0373 3204        rdpbus - ok
15:57:41.0373 3204        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:57:41.0404 3204        RDPCDD - ok
15:57:41.0404 3204        RDPDR          (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
15:57:41.0419 3204        RDPDR - ok
15:57:41.0419 3204        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:57:41.0435 3204        RDPENCDD - ok
15:57:41.0451 3204        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:57:41.0466 3204        RDPREFMP - ok
15:57:41.0482 3204        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
15:57:41.0482 3204        RDPWD - ok
15:57:41.0497 3204        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:57:41.0497 3204        rdyboost - ok
15:57:41.0497 3204        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:57:41.0529 3204        RemoteAccess - ok
15:57:41.0529 3204        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:57:41.0560 3204        RemoteRegistry - ok
15:57:41.0560 3204        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:57:41.0575 3204        RpcEptMapper - ok
15:57:41.0591 3204        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:57:41.0591 3204        RpcLocator - ok
15:57:41.0607 3204        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:57:41.0638 3204        RpcSs - ok
15:57:41.0638 3204        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:57:41.0653 3204        rspndr - ok
15:57:41.0669 3204        rtkio          (5dc26837e5af8244233f78cb9c3ac988) C:\Program Files (x86)\Realtek\Smart Dual Lan\rtkio.sys
15:57:41.0669 3204        rtkio - ok
15:57:41.0685 3204        RTL8167        (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:57:41.0685 3204        RTL8167 - ok
15:57:41.0700 3204        s3cap          (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
15:57:41.0700 3204        s3cap - ok
15:57:41.0700 3204        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:41.0700 3204        SamSs - ok
15:57:41.0716 3204        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:57:41.0716 3204        sbp2port - ok
15:57:41.0731 3204        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:57:41.0747 3204        SCardSvr - ok
15:57:41.0747 3204        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:57:41.0778 3204        scfilter - ok
15:57:41.0809 3204        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:57:41.0841 3204        Schedule - ok
15:57:41.0841 3204        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:57:41.0872 3204        SCPolicySvc - ok
15:57:41.0872 3204        SDLService      (b0e6ca5d36dc5f0019a73b8aab35c5dc) C:\Program Files (x86)\Realtek\Smart Dual Lan\SDLService.exe
15:57:41.0872 3204        SDLService ( UnsignedFile.Multi.Generic ) - warning
15:57:41.0872 3204        SDLService - detected UnsignedFile.Multi.Generic (1)
15:57:41.0887 3204        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:57:41.0887 3204        SDRSVC - ok
15:57:41.0887 3204        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:57:41.0919 3204        secdrv - ok
15:57:41.0919 3204        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:57:41.0934 3204        seclogon - ok
15:57:41.0950 3204        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:57:41.0965 3204        SENS - ok
15:57:41.0965 3204        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:57:41.0981 3204        SensrSvc - ok
15:57:41.0981 3204        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:57:41.0981 3204        Serenum - ok
15:57:41.0997 3204        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:57:41.0997 3204        Serial - ok
15:57:41.0997 3204        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:57:42.0012 3204        sermouse - ok
15:57:42.0012 3204        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:57:42.0043 3204        SessionEnv - ok
15:57:42.0043 3204        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:57:42.0043 3204        sffdisk - ok
15:57:42.0043 3204        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:57:42.0059 3204        sffp_mmc - ok
15:57:42.0059 3204        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:57:42.0059 3204        sffp_sd - ok
15:57:42.0059 3204        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:57:42.0075 3204        sfloppy - ok
15:57:42.0090 3204        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:57:42.0106 3204        SharedAccess - ok
15:57:42.0121 3204        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:57:42.0153 3204        ShellHWDetection - ok
15:57:42.0153 3204        Si3124r5        (da492c8305434ec6f9bdd60c8b83b10e) C:\Windows\system32\DRIVERS\Si3124r5.sys
15:57:42.0168 3204        Si3124r5 - ok
15:57:42.0168 3204        SiFilter        (8d10887a1699cf61e74467694b929b09) C:\Windows\system32\DRIVERS\SiWinAcc.sys
15:57:42.0168 3204        SiFilter - ok
15:57:42.0184 3204        SiRemFil        (94e1eda9a0b305a67ee1bbd0a68ce21a) C:\Windows\system32\DRIVERS\SiRemFil.sys
15:57:42.0184 3204        SiRemFil - ok
15:57:42.0184 3204        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:57:42.0199 3204        SiSRaid2 - ok
15:57:42.0199 3204        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:57:42.0199 3204        SiSRaid4 - ok
15:57:42.0215 3204        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:57:42.0231 3204        Smb - ok
15:57:42.0231 3204        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:57:42.0246 3204        SNMPTRAP - ok
15:57:42.0246 3204        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:57:42.0246 3204        spldr - ok
15:57:42.0277 3204        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:57:42.0293 3204        Spooler - ok
15:57:42.0449 3204        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:57:42.0496 3204        sppsvc - ok
15:57:42.0527 3204        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:57:42.0543 3204        sppuinotify - ok
15:57:42.0558 3204        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:57:42.0574 3204        srv - ok
15:57:42.0589 3204        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:57:42.0605 3204        srv2 - ok
15:57:42.0605 3204        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:57:42.0621 3204        srvnet - ok
15:57:42.0621 3204        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:57:42.0652 3204        SSDPSRV - ok
15:57:42.0652 3204        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:57:42.0667 3204        SstpSvc - ok
15:57:42.0683 3204        Stereo Service  (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:57:42.0699 3204        Stereo Service - ok
15:57:42.0699 3204        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:57:42.0714 3204        stexstor - ok
15:57:42.0730 3204        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:57:42.0745 3204        stisvc - ok
15:57:42.0745 3204        storflt        (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
15:57:42.0745 3204        storflt - ok
15:57:42.0761 3204        StorSvc        (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
15:57:42.0761 3204        StorSvc - ok
15:57:42.0761 3204        storvsc        (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
15:57:42.0777 3204        storvsc - ok
15:57:42.0777 3204        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:57:42.0777 3204        swenum - ok
15:57:42.0792 3204        SwitchBoard    (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:57:42.0808 3204        SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
15:57:42.0808 3204        SwitchBoard - detected UnsignedFile.Multi.Generic (1)
15:57:42.0823 3204        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:57:42.0855 3204        swprv - ok
15:57:42.0933 3204        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:57:42.0948 3204        SysMain - ok
15:57:42.0979 3204        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:57:42.0995 3204        TabletInputService - ok
15:57:42.0995 3204        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:57:43.0026 3204        TapiSrv - ok
15:57:43.0026 3204        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:57:43.0042 3204        TBS - ok
15:57:43.0104 3204        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:57:43.0135 3204        Tcpip - ok
15:57:43.0213 3204        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:57:43.0245 3204        TCPIP6 - ok
15:57:43.0260 3204        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:57:43.0291 3204        tcpipreg - ok
15:57:43.0291 3204        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:57:43.0291 3204        TDPIPE - ok
15:57:43.0307 3204        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:57:43.0307 3204        TDTCP - ok
15:57:43.0307 3204        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:57:43.0338 3204        tdx - ok
15:57:43.0338 3204        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:57:43.0338 3204        TermDD - ok
15:57:43.0369 3204        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:57:43.0385 3204        TermService - ok
15:57:43.0401 3204        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:57:43.0401 3204        Themes - ok
15:57:43.0416 3204        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:57:43.0432 3204        THREADORDER - ok
15:57:43.0432 3204        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:57:43.0463 3204        TrkWks - ok
15:57:43.0463 3204        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:57:43.0494 3204        TrustedInstaller - ok
15:57:43.0494 3204        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:57:43.0510 3204        tssecsrv - ok
15:57:43.0525 3204        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:57:43.0525 3204        TsUsbFlt - ok
15:57:43.0525 3204        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:57:43.0557 3204        tunnel - ok
15:57:43.0557 3204        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:57:43.0557 3204        uagp35 - ok
15:57:43.0572 3204        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:57:43.0603 3204        udfs - ok
15:57:43.0603 3204        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:57:43.0619 3204        UI0Detect - ok
15:57:43.0619 3204        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:57:43.0619 3204        uliagpkx - ok
15:57:43.0635 3204        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:57:43.0635 3204        umbus - ok
15:57:43.0635 3204        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:57:43.0650 3204        UmPass - ok
15:57:43.0650 3204        UmRdpService    (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
15:57:43.0666 3204        UmRdpService - ok
15:57:43.0681 3204        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:57:43.0697 3204        upnphost - ok
15:57:43.0697 3204        USBAAPL64      (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
15:57:43.0713 3204        USBAAPL64 - ok
15:57:43.0713 3204        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:57:43.0728 3204        usbccgp - ok
15:57:43.0728 3204        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:57:43.0744 3204        usbcir - ok
15:57:43.0744 3204        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:57:43.0744 3204        usbehci - ok
15:57:43.0759 3204        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:57:43.0759 3204        usbhub - ok
15:57:43.0775 3204        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
15:57:43.0775 3204        usbohci - ok
15:57:43.0775 3204        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:57:43.0791 3204        usbprint - ok
15:57:43.0791 3204        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:57:43.0791 3204        USBSTOR - ok
15:57:43.0806 3204        usbuhci        (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:57:43.0806 3204        usbuhci - ok
15:57:43.0806 3204        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:57:43.0837 3204        UxSms - ok
15:57:43.0837 3204        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:43.0837 3204        VaultSvc - ok
15:57:43.0837 3204        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:57:43.0853 3204        vdrvroot - ok
15:57:43.0869 3204        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:57:43.0900 3204        vds - ok
15:57:43.0900 3204        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:57:43.0900 3204        vga - ok
15:57:43.0900 3204        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:57:43.0931 3204        VgaSave - ok
15:57:43.0931 3204        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:57:43.0947 3204        vhdmp - ok
15:57:43.0947 3204        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:57:43.0947 3204        viaide - ok
15:57:43.0962 3204        vmbus          (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
15:57:43.0978 3204        vmbus - ok
15:57:43.0978 3204        VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
15:57:43.0978 3204        VMBusHID - ok
15:57:43.0978 3204        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:57:43.0993 3204        volmgr - ok
15:57:44.0009 3204        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:57:44.0009 3204        volmgrx - ok
15:57:44.0025 3204        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:57:44.0040 3204        volsnap - ok
15:57:44.0040 3204        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:57:44.0056 3204        vsmraid - ok
15:57:44.0118 3204        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:57:44.0149 3204        VSS - ok
15:57:44.0181 3204        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:57:44.0181 3204        vwifibus - ok
15:57:44.0196 3204        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:57:44.0227 3204        W32Time - ok
15:57:44.0227 3204        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:57:44.0227 3204        WacomPen - ok
15:57:44.0243 3204        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:57:44.0259 3204        WANARP - ok
15:57:44.0259 3204        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:57:44.0290 3204        Wanarpv6 - ok
15:57:44.0321 3204        WatAdminSvc    (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:57:44.0352 3204        WatAdminSvc - ok
15:57:44.0415 3204        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:57:44.0446 3204        wbengine - ok
15:57:44.0477 3204        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:57:44.0477 3204        WbioSrvc - ok
15:57:44.0493 3204        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:57:44.0508 3204        wcncsvc - ok
15:57:44.0508 3204        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:57:44.0524 3204        WcsPlugInService - ok
15:57:44.0524 3204        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:57:44.0524 3204        Wd - ok
15:57:44.0555 3204        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:57:44.0571 3204        Wdf01000 - ok
15:57:44.0571 3204        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:57:44.0586 3204        WdiServiceHost - ok
15:57:44.0586 3204        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:57:44.0602 3204        WdiSystemHost - ok
15:57:44.0617 3204        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:57:44.0617 3204        WebClient - ok
15:57:44.0633 3204        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:57:44.0664 3204        Wecsvc - ok
15:57:44.0664 3204        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:57:44.0680 3204        wercplsupport - ok
15:57:44.0695 3204        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:57:44.0711 3204        WerSvc - ok
15:57:44.0711 3204        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:57:44.0742 3204        WfpLwf - ok
15:57:44.0742 3204        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:57:44.0742 3204        WIMMount - ok
15:57:44.0742 3204        WinDefend - ok
15:57:44.0758 3204        WinHttpAutoProxySvc - ok
15:57:44.0758 3204        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:57:44.0789 3204        Winmgmt - ok
15:57:44.0851 3204        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:57:44.0883 3204        WinRM - ok
15:57:44.0914 3204        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:57:44.0929 3204        WinUsb - ok
15:57:44.0945 3204        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:57:44.0976 3204        Wlansvc - ok
15:57:44.0976 3204        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:57:44.0976 3204        WmiAcpi - ok
15:57:44.0992 3204        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:57:44.0992 3204        wmiApSrv - ok
15:57:45.0007 3204        WMPNetworkSvc - ok
15:57:45.0007 3204        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:57:45.0007 3204        WPCSvc - ok
15:57:45.0023 3204        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:57:45.0023 3204        WPDBusEnum - ok
15:57:45.0039 3204        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:57:45.0054 3204        ws2ifsl - ok
15:57:45.0054 3204        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:57:45.0070 3204        wscsvc - ok
15:57:45.0070 3204        WSearch - ok
15:57:45.0179 3204        wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:57:45.0226 3204        wuauserv - ok
15:57:45.0241 3204        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:57:45.0273 3204        WudfPf - ok
15:57:45.0273 3204        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:57:45.0304 3204        WUDFRd - ok
15:57:45.0304 3204        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:57:45.0319 3204        wudfsvc - ok
15:57:45.0335 3204        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:57:45.0351 3204        WwanSvc - ok
15:57:45.0351 3204        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
15:57:45.0475 3204        \Device\Harddisk1\DR1 - ok
15:57:45.0491 3204        MBR (0x1B8)    (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk0\DR0
15:57:45.0507 3204        \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:57:45.0507 3204        \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:57:45.0522 3204        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
15:57:45.0585 3204        \Device\Harddisk2\DR2 - ok
15:57:45.0585 3204        Boot (0x1200)  (0d73b2af4ecc292ce8e6c047e8b15d90) \Device\Harddisk1\DR1\Partition0
15:57:45.0600 3204        \Device\Harddisk1\DR1\Partition0 - ok
15:57:45.0600 3204        Boot (0x1200)  (d24332b2d8897728f512deb0076e707c) \Device\Harddisk1\DR1\Partition1
15:57:45.0600 3204        \Device\Harddisk1\DR1\Partition1 - ok
15:57:45.0616 3204        Boot (0x1200)  (29d66b9199e8e2f665759041c375e59f) \Device\Harddisk1\DR1\Partition2
15:57:45.0616 3204        \Device\Harddisk1\DR1\Partition2 - ok
15:57:45.0616 3204        Boot (0x1200)  (383fb4de964492816f1a75903b47ab9f) \Device\Harddisk0\DR0\Partition0
15:57:45.0631 3204        \Device\Harddisk0\DR0\Partition0 - ok
15:57:45.0631 3204        Boot (0x1200)  (4c328a704b24d56b0ccee729b19864b4) \Device\Harddisk0\DR0\Partition1
15:57:45.0631 3204        \Device\Harddisk0\DR0\Partition1 - ok
15:57:45.0631 3204        Boot (0x1200)  (6437db7024f5cdba5c5f8d5140089dab) \Device\Harddisk2\DR2\Partition0
15:57:45.0631 3204        \Device\Harddisk2\DR2\Partition0 - ok
15:57:45.0631 3204        ============================================================
15:57:45.0631 3204        Scan finished
15:57:45.0631 3204        ============================================================
15:57:45.0647 1932        Detected object count: 4
15:57:45.0647 1932        Actual detected object count: 4
15:58:17.0674 1932        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:17.0674 1932        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:17.0674 1932        SDLService ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:17.0674 1932        SDLService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:17.0674 1932        SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
15:58:17.0674 1932        SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:17.0690 1932        \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:58:17.0690 1932        \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
Von welchen Geräten soll ich denn Treiber suchen?

markusg 15.07.2012 15:06
ne, meine zweite, schlimmere vermutung hat sich bestätigt
15:58:17.0690 1932 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
bei diesem eintrag erst mal cure wählen, dann neustart und neues log erstellen.

123click 15.07.2012 15:18
Ich habe nur die Möglichkeiten "Skip", "Copy to quarantine" und "Delete".

Hallo Markus,

"Cure" wird wohl nur angeboten bei schädllichen Objekten. Bei mir hat er aber nur "verdächtige" gefunden. Was soll ich nun mit dem Fund anfangen?

123click 16.07.2012 17:57
Hallo Markus,

vermutlich hast du mich wieder aus den Augen verloren. Ich wüsste doch gerne, wie ich nun weiter verfahren soll. Leider bin ich wegen der vielen Dinge, die gerade nebeneinander verlaufen, etwas unsicher und vermutlich auch wehleidig, aber ich würde die Sache gerne zeitnah abschließen, sofern das überhaupt möglich ist. Man bekommt ja auch nicht mit, wie der Status Quo gerade ist. An der Unmöglichkeit Windows Update auszuführen hat sich nichts geändert. Was mit dem TDSS passieren soll, ist auch nicht geklärt. Und der ursprüngliche Bundespolizei-Trojaner schlendert womöglich auch noch irgendwo umher. Es wäre wirklich super, wenn du nochmal etwas Zeit investieren könntest. Ich würde mir dann ebenfalls die Zeit nehmen, bei der Sache zu bleiben.

Gruß Stefan

markusg 17.07.2012 19:16
hi, ich wartete eigendlich auf das tdss killer log, auf c: zu finden.

123click 17.07.2012 19:34
Hallo Markus,

das Log hatte ich dir schon am 15. um 16 Uhr gepostet. Daraufhin sollte ich die Option "cure" wählen, die es nicht gab. Siehe die letzten Postings von mir.

123click 18.07.2012 23:41
Hallo Markus,

falls du keine Zeit hast, mir deine Ratschläge weiterhin zur Verfügung zu stellen, dann empfehle mir doch bitte einen Kollegen. Ich habe nicht die Zeit und die Nerven, tagelang suf Antworten zu warten, und wenn Sie dann kommen, feststellen zu müssen, dass du die letzten Postings gar nicht gelesen hast. Ich habe die Forenregeln gelesen und weiß, dass Crosspostings oder Parallelthreads verpönt sind, sonst hätte ich schon längst jemand anderen gebeten, mit zu helfen. Der Thread wurde am 6. Juli eröffnet, das war vor zwei Wochen. Bis jetzt hat sich an meinem System NICHTS verändert. Als ich 2010 ein Problem mit einem Trojaner hatte, hat mir Arne innerhalb dieser Zeit alles in Ordnung gebracht. Ich möchte natürlich niemanden verurteilen, dessen Beweggründe ich nicht kenne, und es ist auch nicht persönlich gemeint, aber ich möchte gene mein System säubern, und ich hatte mir von dir, respektive dem TB Hilfe erhofft. Falls du noch eine Möglichkeit siehst, meinen Karren aus dem Dreck zu ziehen, melde dich bitte, ansonsten werde ich wohl oder übel einen neuen Thread starten müssen.

Gruß Stefan

markusg 19.07.2012 15:04
hi
malwrre entwickelt sich innerhalb von 2 jahren sie wird komplexxer und kann sich dadurch besser im system verstecken.
ichhatte dir auf der vorhergehenen seite ein rootkit eintrag gezeigt, dies ist eine versteckte partition des tdss rootkits.
deswegen führe den scan noch mal mit den selben einstellungen aus.
dann müsste dir der tdss killer eine "cure" option ausgeben.
prüfe dies bitte erneut.
außerdem solltest du dir überlegen, dass wir jetzt sicher das doppelte an anfragen im vergleich zu früher haben, was einiges an mehr aufwand bedeutet, nen privat leben und arbeitsleben haben wir zusätzlich zu bestreiten...

123click 19.07.2012 16:21
Hallo Markus,

wie gesagt, hatte ich mich nur gewundert, dass du das Log nicht bemerkt hast, bzw. die Postings übersehen. Habe nochmals das aktuelle Killer-Log, wobei sich nichts geändert hat. Eine "cure"-Option wird nicht angeboten.
Code:
17:13:56.0857 0576        TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
17:13:57.0339 0576        ============================================================
17:13:57.0339 0576        Current date / time: 2012/07/19 17:13:57.0339
17:13:57.0339 0576        SystemInfo:
17:13:57.0339 0576       
17:13:57.0339 0576        OS Version: 6.1.7601 ServicePack: 1.0
17:13:57.0339 0576        Product type: Workstation
17:13:57.0339 0576        ComputerName: STEFFI-PC
17:13:57.0340 0576        UserName: Steffi
17:13:57.0340 0576        Windows directory: C:\Windows
17:13:57.0340 0576        System windows directory: C:\Windows
17:13:57.0340 0576        Running under WOW64
17:13:57.0340 0576        Processor architecture: Intel x64
17:13:57.0340 0576        Number of processors: 4
17:13:57.0340 0576        Page size: 0x1000
17:13:57.0340 0576        Boot type: Normal boot
17:13:57.0340 0576        ============================================================
17:13:57.0511 0576        Drive \Device\Harddisk2\DR2 - Size: 0x1BF31C0000 (111.80 Gb), SectorSize: 0x200, Cylinders: 0x3902, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
17:13:57.0981 0576        Drive \Device\Harddisk0\DR0 - Size: 0x950AC4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13000, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:13:57.0990 0576        Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:13:57.0999 0576        Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:13:58.0008 0576        Drive \Device\Harddisk4\DR5 - Size: 0x3BA815A00 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:13:58.0012 0576        ============================================================
17:13:58.0012 0576        \Device\Harddisk2\DR2:
17:13:58.0012 0576        MBR partitions:
17:13:58.0012 0576        \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:13:58.0012 0576        \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6175800
17:13:58.0012 0576        \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x61A8000, BlocksNum 0x7DEF800
17:13:58.0012 0576        \Device\Harddisk0\DR0:
17:13:58.0013 0576        MBR partitions:
17:13:58.0013 0576        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856231
17:13:58.0013 0576        \Device\Harddisk1\DR1:
17:13:58.0013 0576        MBR partitions:
17:13:58.0013 0576        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18000
17:13:58.0013 0576        \Device\Harddisk3\DR3:
17:13:58.0013 0576        MBR partitions:
17:13:58.0013 0576        \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
17:13:58.0013 0576        \Device\Harddisk4\DR5:
17:13:58.0014 0576        MBR partitions:
17:13:58.0014 0576        \Device\Harddisk4\DR5\Partition0: MBR, Type 0xC, StartLBA 0xCC, BlocksNum 0x1DD3FE4
17:13:58.0014 0576        ============================================================
17:13:58.0015 0576        C: <-> \Device\Harddisk2\DR2\Partition1
17:13:58.0016 0576        D: <-> \Device\Harddisk2\DR2\Partition2
17:13:58.0037 0576        I: <-> \Device\Harddisk3\DR3\Partition0
17:13:58.0051 0576        F: <-> \Device\Harddisk0\DR0\Partition0
17:13:58.0057 0576        S: <-> \Device\Harddisk1\DR1\Partition0
17:13:58.0057 0576        G: <-> \Device\Harddisk4\DR5\Partition0
17:13:58.0058 0576        ============================================================
17:13:58.0058 0576        Initialize success
17:13:58.0058 0576        ============================================================
17:14:39.0344 4728        ============================================================
17:14:39.0344 4728        Scan started
17:14:39.0344 4728        Mode: Manual; SigCheck; TDLFS;
17:14:39.0344 4728        ============================================================
17:14:39.0532 4728        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:14:39.0563 4728        1394ohci - ok
17:14:39.0576 4728        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:14:39.0586 4728        ACPI - ok
17:14:39.0588 4728        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:14:39.0603 4728        AcpiPmi - ok
17:14:39.0627 4728        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:14:39.0635 4728        AdobeFlashPlayerUpdateSvc - ok
17:14:39.0652 4728        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:14:39.0665 4728        adp94xx - ok
17:14:39.0677 4728        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:14:39.0687 4728        adpahci - ok
17:14:39.0694 4728        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:14:39.0703 4728        adpu320 - ok
17:14:39.0709 4728        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:14:39.0754 4728        AeLookupSvc - ok
17:14:39.0770 4728        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:14:39.0782 4728        AFD - ok
17:14:39.0787 4728        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:14:39.0794 4728        agp440 - ok
17:14:39.0798 4728        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:14:39.0807 4728        ALG - ok
17:14:39.0809 4728        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:14:39.0816 4728        aliide - ok
17:14:39.0818 4728        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:14:39.0825 4728        amdide - ok
17:14:39.0829 4728        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:14:39.0838 4728        AmdK8 - ok
17:14:39.0842 4728        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:14:39.0849 4728        AmdPPM - ok
17:14:39.0854 4728        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:14:39.0861 4728        amdsata - ok
17:14:39.0869 4728        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:14:39.0878 4728        amdsbs - ok
17:14:39.0881 4728        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:14:39.0888 4728        amdxata - ok
17:14:39.0892 4728        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:14:39.0939 4728        AppID - ok
17:14:39.0942 4728        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:14:39.0965 4728        AppIDSvc - ok
17:14:39.0969 4728        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:14:39.0990 4728        Appinfo - ok
17:14:39.0995 4728        Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:14:40.0001 4728        Apple Mobile Device - ok
17:14:40.0005 4728        AppleCharger    (ba957e7acd2b44fa3b01faa64f6a9060) C:\Windows\system32\DRIVERS\AppleCharger.sys
17:14:40.0272 4728        AppleCharger - ok
17:14:40.0275 4728        AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
17:14:40.0284 4728        AppleChargerSrv - ok
17:14:40.0293 4728        AppMgmt        (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
17:14:40.0307 4728        AppMgmt - ok
17:14:40.0312 4728        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:14:40.0322 4728        arc - ok
17:14:40.0326 4728        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:14:40.0334 4728        arcsas - ok
17:14:40.0338 4728        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:14:40.0360 4728        AsyncMac - ok
17:14:40.0363 4728        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:14:40.0370 4728        atapi - ok
17:14:40.0392 4728        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:14:40.0420 4728        AudioEndpointBuilder - ok
17:14:40.0425 4728        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:14:40.0450 4728        AudioSrv - ok
17:14:40.0455 4728        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:14:40.0472 4728        AxInstSV - ok
17:14:40.0487 4728        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:14:40.0499 4728        b06bdrv - ok
17:14:40.0508 4728        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:14:40.0518 4728        b57nd60a - ok
17:14:40.0524 4728        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:14:40.0533 4728        BDESVC - ok
17:14:40.0535 4728        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:14:40.0557 4728        Beep - ok
17:14:40.0579 4728        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:14:40.0607 4728        BFE - ok
17:14:40.0636 4728        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
17:14:40.0666 4728        BITS - ok
17:14:40.0672 4728        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:14:40.0679 4728        blbdrive - ok
17:14:40.0695 4728        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
17:14:40.0705 4728        Bonjour Service - ok
17:14:40.0711 4728        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:14:40.0718 4728        bowser - ok
17:14:40.0720 4728        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:14:40.0735 4728        BrFiltLo - ok
17:14:40.0737 4728        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:14:40.0746 4728        BrFiltUp - ok
17:14:40.0752 4728        Bridge          (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:14:40.0775 4728        Bridge - ok
17:14:40.0777 4728        BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:14:40.0798 4728        BridgeMP - ok
17:14:40.0805 4728        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:14:40.0827 4728        Browser - ok
17:14:40.0841 4728        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:14:40.0851 4728        Brserid - ok
17:14:40.0855 4728        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:14:40.0864 4728        BrSerWdm - ok
17:14:40.0867 4728        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:14:40.0875 4728        BrUsbMdm - ok
17:14:40.0877 4728        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:14:40.0885 4728        BrUsbSer - ok
17:14:40.0889 4728        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:14:40.0898 4728        BTHMODEM - ok
17:14:40.0904 4728        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:14:40.0926 4728        bthserv - ok
17:14:40.0928 4728        catchme - ok
17:14:40.0935 4728        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:14:40.0957 4728        cdfs - ok
17:14:40.0964 4728        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:14:40.0972 4728        cdrom - ok
17:14:40.0977 4728        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:14:40.0999 4728        CertPropSvc - ok
17:14:41.0003 4728        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:14:41.0012 4728        circlass - ok
17:14:41.0025 4728        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:14:41.0036 4728        CLFS - ok
17:14:41.0042 4728        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:14:41.0049 4728        clr_optimization_v2.0.50727_32 - ok
17:14:41.0054 4728        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:14:41.0060 4728        clr_optimization_v2.0.50727_64 - ok
17:14:41.0070 4728        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:14:41.0077 4728        clr_optimization_v4.0.30319_32 - ok
17:14:41.0086 4728        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:14:41.0092 4728        clr_optimization_v4.0.30319_64 - ok
17:14:41.0095 4728        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:14:41.0102 4728        CmBatt - ok
17:14:41.0104 4728        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:14:41.0111 4728        cmdide - ok
17:14:41.0126 4728        CNG            (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:14:41.0142 4728        CNG - ok
17:14:41.0145 4728        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:14:41.0153 4728        Compbatt - ok
17:14:41.0156 4728        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:14:41.0164 4728        CompositeBus - ok
17:14:41.0166 4728        COMSysApp - ok
17:14:41.0171 4728        cpuz135        (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
17:14:41.0176 4728        cpuz135 - ok
17:14:41.0178 4728        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:14:41.0185 4728        crcdisk - ok
17:14:41.0193 4728        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:14:41.0202 4728        CryptSvc - ok
17:14:41.0221 4728        CSC            (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
17:14:41.0234 4728        CSC - ok
17:14:41.0257 4728        CscService      (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
17:14:41.0274 4728        CscService - ok
17:14:41.0292 4728        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:14:41.0318 4728        DcomLaunch - ok
17:14:41.0329 4728        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:14:41.0354 4728        defragsvc - ok
17:14:41.0361 4728        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:14:41.0383 4728        DfsC - ok
17:14:41.0395 4728        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:14:41.0419 4728        Dhcp - ok
17:14:41.0423 4728        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:14:41.0445 4728        discache - ok
17:14:41.0449 4728        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:14:41.0456 4728        Disk - ok
17:14:41.0464 4728        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:14:41.0473 4728        Dnscache - ok
17:14:41.0482 4728        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:14:41.0505 4728        dot3svc - ok
17:14:41.0512 4728        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:14:41.0535 4728        DPS - ok
17:14:41.0537 4728        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:14:41.0545 4728        drmkaud - ok
17:14:41.0585 4728        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:14:41.0642 4728        DXGKrnl - ok
17:14:41.0648 4728        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:14:41.0682 4728        EapHost - ok
17:14:41.0778 4728        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:14:41.0827 4728        ebdrv - ok
17:14:41.0850 4728        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:14:41.0861 4728        EFS - ok
17:14:41.0884 4728        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:14:41.0904 4728        ehRecvr - ok
17:14:41.0911 4728        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:14:41.0921 4728        ehSched - ok
17:14:41.0940 4728        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:14:41.0952 4728        elxstor - ok
17:14:41.0955 4728        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:14:41.0962 4728        ErrDev - ok
17:14:41.0967 4728        ES lite Service (b8fa96995726d1fa58476e352c02ad82) C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
17:14:41.0972 4728        ES lite Service - ok
17:14:41.0988 4728        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:14:42.0013 4728        EventSystem - ok
17:14:42.0028 4728        ewusbmbb        (334c907536e815e56cd13108a6d5fb9d) C:\Windows\system32\DRIVERS\ewusbwwan.sys
17:14:42.0038 4728        ewusbmbb - ok
17:14:42.0040 4728        ewusbnet - ok
17:14:42.0047 4728        ew_hwusbdev    (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
17:14:42.0056 4728        ew_hwusbdev - ok
17:14:42.0064 4728        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:14:42.0087 4728        exfat - ok
17:14:42.0096 4728        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:14:42.0120 4728        fastfat - ok
17:14:42.0141 4728        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:14:42.0154 4728        Fax - ok
17:14:42.0158 4728        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:14:42.0165 4728        fdc - ok
17:14:42.0167 4728        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:14:42.0189 4728        fdPHost - ok
17:14:42.0193 4728        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:14:42.0215 4728        FDResPub - ok
17:14:42.0219 4728        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:14:42.0226 4728        FileInfo - ok
17:14:42.0229 4728        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:14:42.0250 4728        Filetrace - ok
17:14:42.0253 4728        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:14:42.0260 4728        flpydisk - ok
17:14:42.0270 4728        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:14:42.0280 4728        FltMgr - ok
17:14:42.0316 4728        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:14:42.0334 4728        FontCache - ok
17:14:42.0339 4728        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:14:42.0344 4728        FontCache3.0.0.0 - ok
17:14:42.0350 4728        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:14:42.0357 4728        FsDepends - ok
17:14:42.0360 4728        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:14:42.0366 4728        Fs_Rec - ok
17:14:42.0375 4728        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:14:42.0386 4728        fvevol - ok
17:14:42.0390 4728        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:14:42.0398 4728        gagp30kx - ok
17:14:42.0400 4728        gdrv            (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
17:14:42.0405 4728        gdrv - ok
17:14:42.0408 4728        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:14:42.0413 4728        GEARAspiWDM - ok
17:14:42.0439 4728        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:14:42.0467 4728        gpsvc - ok
17:14:42.0475 4728        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:14:42.0481 4728        gupdate - ok
17:14:42.0483 4728        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:14:42.0489 4728        gupdatem - ok
17:14:42.0492 4728        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:14:42.0500 4728        hcw85cir - ok
17:14:42.0513 4728        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:14:42.0525 4728        HdAudAddService - ok
17:14:42.0531 4728        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:14:42.0541 4728        HDAudBus - ok
17:14:42.0543 4728        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:14:42.0551 4728        HidBatt - ok
17:14:42.0556 4728        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:14:42.0565 4728        HidBth - ok
17:14:42.0568 4728        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:14:42.0577 4728        HidIr - ok
17:14:42.0580 4728        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
17:14:42.0603 4728        hidserv - ok
17:14:42.0606 4728        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:14:42.0613 4728        HidUsb - ok
17:14:42.0617 4728        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:14:42.0640 4728        hkmsvc - ok
17:14:42.0650 4728        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:14:42.0660 4728        HomeGroupListener - ok
17:14:42.0668 4728        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:14:42.0677 4728        HomeGroupProvider - ok
17:14:42.0681 4728        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:14:42.0689 4728        HpSAMD - ok
17:14:42.0715 4728        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:14:42.0743 4728        HTTP - ok
17:14:42.0749 4728        huawei_enumerator (1642c62f1fd5e1ff44608283994a7bb8) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
17:14:42.0757 4728        huawei_enumerator - ok
17:14:42.0768 4728        hwdatacard      (04d1de1e8ace40ca396502c90524e945) C:\Windows\system32\DRIVERS\ewusbmdm.sys
17:14:42.0779 4728        hwdatacard - ok
17:14:42.0781 4728        HWDeviceService64.exe - ok
17:14:42.0785 4728        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:14:42.0791 4728        hwpolicy - ok
17:14:42.0794 4728        hwusbdev - ok
17:14:42.0804 4728        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:14:42.0812 4728        i8042prt - ok
17:14:42.0825 4728        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:14:42.0837 4728        iaStorV - ok
17:14:42.0842 4728        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:14:42.0845 4728        IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:14:42.0845 4728        IDriverT - detected UnsignedFile.Multi.Generic (1)
17:14:42.0870 4728        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:14:42.0885 4728        idsvc - ok
17:14:42.0908 4728        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:14:42.0915 4728        iirsp - ok
17:14:42.0943 4728        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:14:42.0972 4728        IKEEXT - ok
17:14:43.0050 4728        IntcAzAudAddService (0adf714079ae174a39d69036143e4c50) C:\Windows\system32\drivers\RTKVHD64.sys
17:14:43.0077 4728        IntcAzAudAddService - ok
17:14:43.0100 4728        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:14:43.0106 4728        intelide - ok
17:14:43.0111 4728        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:14:43.0118 4728        intelppm - ok
17:14:43.0123 4728        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:14:43.0146 4728        IPBusEnum - ok
17:14:43.0150 4728        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:14:43.0172 4728        IpFilterDriver - ok
17:14:43.0190 4728        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:14:43.0216 4728        iphlpsvc - ok
17:14:43.0220 4728        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:14:43.0228 4728        IPMIDRV - ok
17:14:43.0234 4728        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:14:43.0257 4728        IPNAT - ok
17:14:43.0285 4728        iPod Service    (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
17:14:43.0299 4728        iPod Service - ok
17:14:43.0302 4728        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:14:43.0311 4728        IRENUM - ok
17:14:43.0314 4728        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:14:43.0321 4728        isapnp - ok
17:14:43.0331 4728        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:14:43.0340 4728        iScsiPrt - ok
17:14:43.0344 4728        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
17:14:43.0351 4728        kbdclass - ok
17:14:43.0354 4728        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:14:43.0361 4728        kbdhid - ok
17:14:43.0364 4728        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:14:43.0371 4728        KeyIso - ok
17:14:43.0376 4728        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:14:43.0383 4728        KSecDD - ok
17:14:43.0390 4728        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:14:43.0398 4728        KSecPkg - ok
17:14:43.0401 4728        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:14:43.0423 4728        ksthunk - ok
17:14:43.0434 4728        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:14:43.0459 4728        KtmRm - ok
17:14:43.0469 4728        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
17:14:43.0492 4728        LanmanServer - ok
17:14:43.0498 4728        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:14:43.0520 4728        LanmanWorkstation - ok
17:14:43.0526 4728        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:14:43.0548 4728        lltdio - ok
17:14:43.0559 4728        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:14:43.0584 4728        lltdsvc - ok
17:14:43.0587 4728        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:14:43.0610 4728        lmhosts - ok
17:14:43.0617 4728        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:14:43.0625 4728        LSI_FC - ok
17:14:43.0630 4728        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:14:43.0637 4728        LSI_SAS - ok
17:14:43.0642 4728        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:14:43.0649 4728        LSI_SAS2 - ok
17:14:43.0655 4728        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:14:43.0662 4728        LSI_SCSI - ok
17:14:43.0667 4728        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:14:43.0690 4728        luafv - ok
17:14:43.0694 4728        MBAMProtector  (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
17:14:43.0700 4728        MBAMProtector - ok
17:14:43.0720 4728        MBAMService    (43683e970f008c93c9429ef428147a54) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
17:14:43.0731 4728        MBAMService - ok
17:14:43.0736 4728        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:14:43.0744 4728        Mcx2Svc - ok
17:14:43.0747 4728        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:14:43.0754 4728        megasas - ok
17:14:43.0764 4728        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:14:43.0773 4728        MegaSR - ok
17:14:43.0778 4728        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:14:43.0801 4728        MMCSS - ok
17:14:43.0804 4728        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:14:43.0826 4728        Modem - ok
17:14:43.0829 4728        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:14:43.0838 4728        monitor - ok
17:14:43.0842 4728        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
17:14:43.0848 4728        mouclass - ok
17:14:43.0851 4728        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:14:43.0858 4728        mouhid - ok
17:14:43.0864 4728        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:14:43.0871 4728        mountmgr - ok
17:14:43.0878 4728        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:14:43.0886 4728        mpio - ok
17:14:43.0891 4728        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:14:43.0913 4728        mpsdrv - ok
17:14:43.0940 4728        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:14:43.0969 4728        MpsSvc - ok
17:14:43.0975 4728        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:14:43.0987 4728        MRxDAV - ok
17:14:43.0994 4728        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:14:44.0002 4728        mrxsmb - ok
17:14:44.0013 4728        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:14:44.0022 4728        mrxsmb10 - ok
17:14:44.0029 4728        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:14:44.0036 4728        mrxsmb20 - ok
17:14:44.0039 4728        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:14:44.0046 4728        msahci - ok
17:14:44.0052 4728        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:14:44.0060 4728        msdsm - ok
17:14:44.0066 4728        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:14:44.0075 4728        MSDTC - ok
17:14:44.0080 4728        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:14:44.0102 4728        Msfs - ok
17:14:44.0105 4728        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:14:44.0126 4728        mshidkmdf - ok
17:14:44.0129 4728        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:14:44.0135 4728        msisadrv - ok
17:14:44.0142 4728        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:14:44.0165 4728        MSiSCSI - ok
17:14:44.0167 4728        msiserver - ok
17:14:44.0171 4728        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:14:44.0192 4728        MSKSSRV - ok
17:14:44.0195 4728        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:14:44.0217 4728        MSPCLOCK - ok
17:14:44.0219 4728        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:14:44.0241 4728        MSPQM - ok
17:14:44.0254 4728        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:14:44.0264 4728        MsRPC - ok
17:14:44.0269 4728        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:14:44.0276 4728        mssmbios - ok
17:14:44.0278 4728        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:14:44.0300 4728        MSTEE - ok
17:14:44.0303 4728        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:14:44.0310 4728        MTConfig - ok
17:14:44.0314 4728        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:14:44.0321 4728        Mup - ok
17:14:44.0338 4728        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:14:44.0364 4728        napagent - ok
17:14:44.0376 4728        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:14:44.0389 4728        NativeWifiP - ok
17:14:44.0420 4728        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:14:44.0439 4728        NDIS - ok
17:14:44.0442 4728        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:14:44.0464 4728        NdisCap - ok
17:14:44.0467 4728        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:14:44.0489 4728        NdisTapi - ok
17:14:44.0493 4728        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:14:44.0514 4728        Ndisuio - ok
17:14:44.0521 4728        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:14:44.0544 4728        NdisWan - ok
17:14:44.0548 4728        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:14:44.0569 4728        NDProxy - ok
17:14:44.0573 4728        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:14:44.0594 4728        NetBIOS - ok
17:14:44.0605 4728        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:14:44.0629 4728        NetBT - ok
17:14:44.0634 4728        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:14:44.0644 4728        Netlogon - ok
17:14:44.0657 4728        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:14:44.0682 4728        Netman - ok
17:14:44.0688 4728        NetMsmqActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:14:44.0695 4728        NetMsmqActivator - ok
17:14:44.0697 4728        NetPipeActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:14:44.0703 4728        NetPipeActivator - ok
17:14:44.0718 4728        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:14:44.0744 4728        netprofm - ok
17:14:44.0747 4728        NetTcpActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:14:44.0753 4728        NetTcpActivator - ok
17:14:44.0755 4728        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:14:44.0761 4728        NetTcpPortSharing - ok
17:14:44.0765 4728        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:14:44.0772 4728        nfrd960 - ok
17:14:44.0783 4728        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:14:44.0808 4728        NlaSvc - ok
17:14:44.0811 4728        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:14:44.0833 4728        Npfs - ok
17:14:44.0836 4728        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:14:44.0859 4728        nsi - ok
17:14:44.0862 4728        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:14:44.0884 4728        nsiproxy - ok
17:14:44.0941 4728        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:14:44.0968 4728        Ntfs - ok
17:14:44.0990 4728        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:14:45.0012 4728        Null - ok
17:14:45.0017 4728        nusb3hub        (785298579b5f9b4032152dfbb992fdb6) C:\Windows\system32\DRIVERS\nusb3hub.sys
17:14:45.0023 4728        nusb3hub - ok
17:14:45.0031 4728        nusb3xhc        (df2750481b4964814467c974f2b0eef1) C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:14:45.0038 4728        nusb3xhc - ok
17:14:45.0046 4728        NVHDA          (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
17:14:45.0053 4728        NVHDA - ok
17:14:45.0608 4728        nvlddmkm        (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:14:45.0747 4728        nvlddmkm - ok
17:14:45.0776 4728        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:14:45.0784 4728        nvraid - ok
17:14:45.0791 4728        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:14:45.0799 4728        nvstor - ok
17:14:45.0826 4728        nvsvc          (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
17:14:45.0842 4728        nvsvc - ok
17:14:45.0930 4728        nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:14:45.0972 4728        nvUpdatusService - ok
17:14:45.0999 4728        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:14:46.0010 4728        nv_agp - ok
17:14:46.0016 4728        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:14:46.0025 4728        ohci1394 - ok
17:14:46.0030 4728        ose            (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:14:46.0036 4728        ose - ok
17:14:46.0049 4728        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:14:46.0059 4728        p2pimsvc - ok
17:14:46.0074 4728        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:14:46.0085 4728        p2psvc - ok
17:14:46.0091 4728        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:14:46.0098 4728        Parport - ok
17:14:46.0103 4728        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:14:46.0110 4728        partmgr - ok
17:14:46.0117 4728        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:14:46.0130 4728        PcaSvc - ok
17:14:46.0137 4728        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:14:46.0145 4728        pci - ok
17:14:46.0148 4728        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:14:46.0154 4728        pciide - ok
17:14:46.0162 4728        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:14:46.0171 4728        pcmcia - ok
17:14:46.0175 4728        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:14:46.0182 4728        pcw - ok
17:14:46.0185 4728        PdiPorts        (25fd4d8109114266a610fd1088bfd522) C:\Windows\system32\DRIVERS\PdiPorts.sys
17:14:46.0190 4728        PdiPorts - ok
17:14:46.0196 4728        PdiService      (fed28c565de5f73b7c5b32841229e496) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
17:14:46.0202 4728        PdiService - ok
17:14:46.0228 4728        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:14:46.0256 4728        PEAUTH - ok
17:14:46.0314 4728        PeerDistSvc    (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
17:14:46.0345 4728        PeerDistSvc - ok
17:14:46.0364 4728        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:14:46.0375 4728        PerfHost - ok
17:14:46.0455 4728        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:14:46.0506 4728        pla - ok
17:14:46.0521 4728        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:14:46.0532 4728        PlugPlay - ok
17:14:46.0535 4728        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:14:46.0543 4728        PNRPAutoReg - ok
17:14:46.0555 4728        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:14:46.0564 4728        PNRPsvc - ok
17:14:46.0580 4728        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:14:46.0606 4728        PolicyAgent - ok
17:14:46.0615 4728        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:14:46.0639 4728        Power - ok
17:14:46.0647 4728        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:14:46.0669 4728        PptpMiniport - ok
17:14:46.0673 4728        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:14:46.0681 4728        Processor - ok
17:14:46.0689 4728        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:14:46.0699 4728        ProfSvc - ok
17:14:46.0702 4728        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:14:46.0709 4728        ProtectedStorage - ok
17:14:46.0715 4728        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:14:46.0737 4728        Psched - ok
17:14:46.0781 4728        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:14:46.0805 4728        ql2300 - ok
17:14:46.0831 4728        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:14:46.0839 4728        ql40xx - ok
17:14:46.0848 4728        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:14:46.0860 4728        QWAVE - ok
17:14:46.0864 4728        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:14:46.0874 4728        QWAVEdrv - ok
17:14:46.0876 4728        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:14:46.0898 4728        RasAcd - ok
17:14:46.0902 4728        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:14:46.0925 4728        RasAgileVpn - ok
17:14:46.0930 4728        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:14:46.0954 4728        RasAuto - ok
17:14:46.0961 4728        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:14:46.0983 4728        Rasl2tp - ok
17:14:46.0995 4728        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:14:47.0020 4728        RasMan - ok
17:14:47.0026 4728        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:14:47.0048 4728        RasPppoe - ok
17:14:47.0053 4728        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:14:47.0075 4728        RasSstp - ok
17:14:47.0087 4728        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:14:47.0111 4728        rdbss - ok
17:14:47.0114 4728        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:14:47.0123 4728        rdpbus - ok
17:14:47.0125 4728        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:14:47.0147 4728        RDPCDD - ok
17:14:47.0155 4728        RDPDR          (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
17:14:47.0164 4728        RDPDR - ok
17:14:47.0166 4728        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:14:47.0187 4728        RDPENCDD - ok
17:14:47.0191 4728        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:14:47.0213 4728        RDPREFMP - ok
17:14:47.0221 4728        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:14:47.0230 4728        RDPWD - ok
17:14:47.0239 4728        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:14:47.0248 4728        rdyboost - ok
17:14:47.0253 4728        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:14:47.0276 4728        RemoteAccess - ok
17:14:47.0282 4728        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:14:47.0306 4728        RemoteRegistry - ok
17:14:47.0311 4728        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:14:47.0334 4728        RpcEptMapper - ok
17:14:47.0336 4728        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:14:47.0344 4728        RpcLocator - ok
17:14:47.0360 4728        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:14:47.0385 4728        RpcSs - ok
17:14:47.0390 4728        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:14:47.0413 4728        rspndr - ok
17:14:47.0416 4728        rtkio          (5dc26837e5af8244233f78cb9c3ac988) C:\Program Files (x86)\Realtek\Smart Dual Lan\rtkio.sys
17:14:47.0421 4728        rtkio - ok
17:14:47.0434 4728        RTL8167        (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:14:47.0442 4728        RTL8167 - ok
17:14:47.0446 4728        RtNdPt60        (2b38c905492f36fe42b59da52d6b4eb7) C:\Windows\system32\DRIVERS\RtNdPt60.sys
17:14:47.0451 4728        RtNdPt60 - ok
17:14:47.0455 4728        RTTEAMPT        (3fb2fd668fa4cd4aed1953f85f916cf1) C:\Windows\system32\DRIVERS\RtTeam60.sys
17:14:47.0462 4728        RTTEAMPT - ok
17:14:47.0465 4728        RTVLANPT        (8b6b42d782202363a562f82b0e13b1c0) C:\Windows\system32\DRIVERS\RtVlan60.sys
17:14:47.0470 4728        RTVLANPT - ok
17:14:47.0472 4728        s3cap          (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
17:14:47.0479 4728        s3cap - ok
17:14:47.0482 4728        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:14:47.0489 4728        SamSs - ok
17:14:47.0494 4728        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:14:47.0502 4728        sbp2port - ok
17:14:47.0509 4728        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:14:47.0533 4728        SCardSvr - ok
17:14:47.0536 4728        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:14:47.0558 4728        scfilter - ok
17:14:47.0592 4728        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:14:47.0625 4728        Schedule - ok
17:14:47.0629 4728        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:14:47.0650 4728        SCPolicySvc - ok
17:14:47.0656 4728        SDLService      (b0e6ca5d36dc5f0019a73b8aab35c5dc) C:\Program Files (x86)\Realtek\Smart Dual Lan\SDLService.exe
17:14:47.0659 4728        SDLService ( UnsignedFile.Multi.Generic ) - warning
17:14:47.0659 4728        SDLService - detected UnsignedFile.Multi.Generic (1)
17:14:47.0666 4728        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:14:47.0675 4728        SDRSVC - ok
17:14:47.0680 4728        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:14:47.0702 4728        secdrv - ok
17:14:47.0705 4728        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:14:47.0727 4728        seclogon - ok
17:14:47.0731 4728        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
17:14:47.0755 4728        SENS - ok
17:14:47.0758 4728        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:14:47.0765 4728        SensrSvc - ok
17:14:47.0768 4728        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:14:47.0775 4728        Serenum - ok
17:14:47.0780 4728        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:14:47.0787 4728        Serial - ok
17:14:47.0791 4728        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:14:47.0798 4728        sermouse - ok
17:14:47.0808 4728        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:14:47.0830 4728        SessionEnv - ok
17:14:47.0833 4728        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:14:47.0840 4728        sffdisk - ok
17:14:47.0842 4728        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:14:47.0849 4728        sffp_mmc - ok
17:14:47.0851 4728        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:14:47.0859 4728        sffp_sd - ok
17:14:47.0862 4728        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:14:47.0868 4728        sfloppy - ok
17:14:47.0881 4728        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:14:47.0906 4728        SharedAccess - ok
17:14:47.0918 4728        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:14:47.0943 4728        ShellHWDetection - ok
17:14:47.0956 4728        Si3124r5        (da492c8305434ec6f9bdd60c8b83b10e) C:\Windows\system32\DRIVERS\Si3124r5.sys
17:14:47.0965 4728        Si3124r5 - ok
17:14:47.0968 4728        SiFilter        (8d10887a1699cf61e74467694b929b09) C:\Windows\system32\DRIVERS\SiWinAcc.sys
17:14:47.0972 4728        SiFilter - ok
17:14:47.0975 4728        SiRemFil        (94e1eda9a0b305a67ee1bbd0a68ce21a) C:\Windows\system32\DRIVERS\SiRemFil.sys
17:14:47.0980 4728        SiRemFil - ok
17:14:47.0983 4728        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:14:47.0990 4728        SiSRaid2 - ok
17:14:47.0995 4728        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:14:48.0002 4728        SiSRaid4 - ok
17:14:48.0007 4728        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:14:48.0030 4728        Smb - ok
17:14:48.0036 4728        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:14:48.0044 4728        SNMPTRAP - ok
17:14:48.0047 4728        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:14:48.0053 4728        spldr - ok
17:14:48.0071 4728        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:14:48.0098 4728        Spooler - ok
17:14:48.0265 4728        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:14:48.0347 4728        sppsvc - ok
17:14:48.0371 4728        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:14:48.0394 4728        sppuinotify - ok
17:14:48.0412 4728        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:14:48.0424 4728        srv - ok
17:14:48.0438 4728        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:14:48.0448 4728        srv2 - ok
17:14:48.0456 4728        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:14:48.0464 4728        srvnet - ok
17:14:48.0471 4728        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:14:48.0495 4728        SSDPSRV - ok
17:14:48.0500 4728        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:14:48.0523 4728        SstpSvc - ok
17:14:48.0538 4728        Stereo Service  (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:14:48.0548 4728        Stereo Service - ok
17:14:48.0551 4728        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:14:48.0558 4728        stexstor - ok
17:14:48.0576 4728        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:14:48.0593 4728        stisvc - ok
17:14:48.0596 4728        storflt        (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
17:14:48.0603 4728        storflt - ok
17:14:48.0606 4728        StorSvc        (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
17:14:48.0613 4728        StorSvc - ok
17:14:48.0617 4728        storvsc        (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
17:14:48.0624 4728        storvsc - ok
17:14:48.0626 4728        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:14:48.0633 4728        swenum - ok
17:14:48.0650 4728        SwitchBoard    (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:14:48.0661 4728        SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
17:14:48.0661 4728        SwitchBoard - detected UnsignedFile.Multi.Generic (1)
17:14:48.0679 4728        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:14:48.0707 4728        swprv - ok
17:14:48.0780 4728        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:14:48.0815 4728        SysMain - ok
17:14:48.0839 4728        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:14:48.0850 4728        TabletInputService - ok
17:14:48.0862 4728        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:14:48.0886 4728        TapiSrv - ok
17:14:48.0891 4728        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:14:48.0914 4728        TBS - ok
17:14:48.0991 4728        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:14:49.0028 4728        Tcpip - ok
17:14:49.0133 4728        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:14:49.0171 4728        TCPIP6 - ok
17:14:49.0196 4728        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:14:49.0218 4728        tcpipreg - ok
17:14:49.0222 4728        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:14:49.0229 4728        TDPIPE - ok
17:14:49.0232 4728        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:14:49.0238 4728        TDTCP - ok
17:14:49.0244 4728        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:14:49.0266 4728        tdx - ok
17:14:49.0270 4728        TEAM            (3fb2fd668fa4cd4aed1953f85f916cf1) C:\Windows\system32\DRIVERS\RtTeam60.sys
17:14:49.0275 4728        TEAM - ok
17:14:49.0279 4728        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:14:49.0286 4728        TermDD - ok
17:14:49.0308 4728        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:14:49.0337 4728        TermService - ok
17:14:49.0341 4728        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:14:49.0351 4728        Themes - ok
17:14:49.0356 4728        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:14:49.0378 4728        THREADORDER - ok
17:14:49.0383 4728        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:14:49.0406 4728        TrkWks - ok
17:14:49.0414 4728        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:14:49.0436 4728        TrustedInstaller - ok
17:14:49.0441 4728        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:14:49.0462 4728        tssecsrv - ok
17:14:49.0467 4728        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:14:49.0474 4728        TsUsbFlt - ok
17:14:49.0480 4728        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:14:49.0502 4728        tunnel - ok
17:14:49.0506 4728        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:14:49.0513 4728        uagp35 - ok
17:14:49.0525 4728        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:14:49.0549 4728        udfs - ok
17:14:49.0555 4728        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:14:49.0564 4728        UI0Detect - ok
17:14:49.0568 4728        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:14:49.0575 4728        uliagpkx - ok
17:14:49.0579 4728        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:14:49.0586 4728        umbus - ok
17:14:49.0588 4728        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:14:49.0595 4728        UmPass - ok
17:14:49.0603 4728        UmRdpService    (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
17:14:49.0612 4728        UmRdpService - ok
17:14:49.0625 4728        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:14:49.0651 4728        upnphost - ok
17:14:49.0658 4728        USBAAPL64      (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
17:14:49.0664 4728        USBAAPL64 - ok
17:14:49.0670 4728        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:14:49.0677 4728        usbccgp - ok
17:14:49.0682 4728        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:14:49.0692 4728        usbcir - ok
17:14:49.0695 4728        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:14:49.0702 4728        usbehci - ok
17:14:49.0714 4728        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:14:49.0724 4728        usbhub - ok
17:14:49.0727 4728        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:14:49.0734 4728        usbohci - ok
17:14:49.0736 4728        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:14:49.0745 4728        usbprint - ok
17:14:49.0750 4728        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:14:49.0758 4728        USBSTOR - ok
17:14:49.0761 4728        usbuhci        (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
17:14:49.0769 4728        usbuhci - ok
17:14:49.0772 4728        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:14:49.0794 4728        UxSms - ok
17:14:49.0797 4728        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:14:49.0804 4728        VaultSvc - ok
17:14:49.0807 4728        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:14:49.0814 4728        vdrvroot - ok
17:14:49.0833 4728        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:14:49.0861 4728        vds - ok
17:14:49.0865 4728        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:14:49.0873 4728        vga - ok
17:14:49.0877 4728        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:14:49.0899 4728        VgaSave - ok
17:14:49.0907 4728        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:14:49.0916 4728        vhdmp - ok
17:14:49.0919 4728        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:14:49.0925 4728        viaide - ok
17:14:49.0928 4728        VLAN            (8b6b42d782202363a562f82b0e13b1c0) C:\Windows\system32\DRIVERS\RtVLAN60.sys
17:14:49.0933 4728        VLAN - ok
17:14:49.0942 4728        vmbus          (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
17:14:49.0950 4728        vmbus - ok
17:14:49.0953 4728        VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
17:14:49.0960 4728        VMBusHID - ok
17:14:49.0964 4728        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:14:49.0971 4728        volmgr - ok
17:14:49.0984 4728        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:14:49.0995 4728        volmgrx - ok
17:14:50.0006 4728        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:14:50.0016 4728        volsnap - ok
17:14:50.0022 4728        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:14:50.0031 4728        vsmraid - ok
17:14:50.0099 4728        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:14:50.0185 4728        VSS - ok
17:14:50.0209 4728        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
17:14:50.0217 4728        vwifibus - ok
17:14:50.0230 4728        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:14:50.0255 4728        W32Time - ok
17:14:50.0260 4728        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:14:50.0267 4728        WacomPen - ok
17:14:50.0272 4728        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:14:50.0294 4728        WANARP - ok
17:14:50.0296 4728        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:14:50.0318 4728        Wanarpv6 - ok
17:14:50.0361 4728        WatAdminSvc    (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:14:50.0383 4728        WatAdminSvc - ok
17:14:50.0445 4728        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:14:50.0517 4728        wbengine - ok
17:14:50.0546 4728        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:14:50.0563 4728        WbioSrvc - ok
17:14:50.0577 4728        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:14:50.0592 4728        wcncsvc - ok
17:14:50.0595 4728        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:14:50.0603 4728        WcsPlugInService - ok
17:14:50.0608 4728        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:14:50.0615 4728        Wd - ok
17:14:50.0637 4728        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:14:50.0651 4728        Wdf01000 - ok
17:14:50.0656 4728        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:14:50.0678 4728        WdiServiceHost - ok
17:14:50.0680 4728        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:14:50.0691 4728        WdiSystemHost - ok
17:14:50.0701 4728        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:14:50.0713 4728        WebClient - ok
17:14:50.0723 4728        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:14:50.0747 4728        Wecsvc - ok
17:14:50.0752 4728        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:14:50.0776 4728        wercplsupport - ok
17:14:50.0781 4728        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:14:50.0804 4728        WerSvc - ok
17:14:50.0809 4728        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:14:50.0831 4728        WfpLwf - ok
17:14:50.0834 4728        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:14:50.0840 4728        WIMMount - ok
17:14:50.0842 4728        WinDefend - ok
17:14:50.0847 4728        WinHttpAutoProxySvc - ok
17:14:50.0859 4728        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:14:50.0883 4728        Winmgmt - ok
17:14:50.0942 4728        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:14:50.0983 4728        WinRM - ok
17:14:51.0010 4728        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:14:51.0019 4728        WinUsb - ok
17:14:51.0048 4728        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:14:51.0066 4728        Wlansvc - ok
17:14:51.0069 4728        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:14:51.0075 4728        WmiAcpi - ok
17:14:51.0087 4728        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:14:51.0096 4728        wmiApSrv - ok
17:14:51.0098 4728        WMPNetworkSvc - ok
17:14:51.0102 4728        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:14:51.0110 4728        WPCSvc - ok
17:14:51.0115 4728        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:14:51.0125 4728        WPDBusEnum - ok
17:14:51.0128 4728        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:14:51.0149 4728        ws2ifsl - ok
17:14:51.0155 4728        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
17:14:51.0166 4728        wscsvc - ok
17:14:51.0168 4728        WSearch - ok
17:14:51.0270 4728        wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:14:51.0332 4728        wuauserv - ok
17:14:51.0357 4728        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:14:51.0380 4728        WudfPf - ok
17:14:51.0387 4728        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:14:51.0409 4728        WUDFRd - ok
17:14:51.0414 4728        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:14:51.0435 4728        wudfsvc - ok
17:14:51.0445 4728        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:14:51.0457 4728        WwanSvc - ok
17:14:51.0465 4728        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
17:14:51.0596 4728        \Device\Harddisk2\DR2 - ok
17:14:52.0072 4728        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:14:52.0165 4728        \Device\Harddisk0\DR0 - ok
17:14:52.0171 4728        MBR (0x1B8)    (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk1\DR1
17:14:52.0201 4728        \Device\Harddisk1\DR1 ( TDSS File System ) - warning
17:14:52.0201 4728        \Device\Harddisk1\DR1 - detected TDSS File System (1)
17:14:52.0208 4728        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk3\DR3
17:14:52.0280 4728        \Device\Harddisk3\DR3 - ok
17:14:52.0287 4728        MBR (0x1B8)    (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk4\DR5
17:14:52.0440 4728        \Device\Harddisk4\DR5 - ok
17:14:52.0447 4728        Boot (0x1200)  (0d73b2af4ecc292ce8e6c047e8b15d90) \Device\Harddisk2\DR2\Partition0
17:14:52.0450 4728        \Device\Harddisk2\DR2\Partition0 - ok
17:14:52.0458 4728        Boot (0x1200)  (d24332b2d8897728f512deb0076e707c) \Device\Harddisk2\DR2\Partition1
17:14:52.0461 4728        \Device\Harddisk2\DR2\Partition1 - ok
17:14:52.0469 4728        Boot (0x1200)  (c5c35e74f15558173a239b3b66521b3b) \Device\Harddisk2\DR2\Partition2
17:14:52.0472 4728        \Device\Harddisk2\DR2\Partition2 - ok
17:14:52.0479 4728        Boot (0x1200)  (9a612828ccaff8f4176a0ee72f68167d) \Device\Harddisk0\DR0\Partition0
17:14:52.0482 4728        \Device\Harddisk0\DR0\Partition0 - ok
17:14:52.0489 4728        Boot (0x1200)  (9a23352c3f96ac06b162c402a277d079) \Device\Harddisk1\DR1\Partition0
17:14:52.0493 4728        \Device\Harddisk1\DR1\Partition0 - ok
17:14:52.0501 4728        Boot (0x1200)  (6437db7024f5cdba5c5f8d5140089dab) \Device\Harddisk3\DR3\Partition0
17:14:52.0504 4728        \Device\Harddisk3\DR3\Partition0 - ok
17:14:52.0512 4728        Boot (0x1200)  (a586c8f341b52f2fea6645cc991749f6) \Device\Harddisk4\DR5\Partition0
17:14:52.0514 4728        \Device\Harddisk4\DR5\Partition0 - ok
17:14:52.0517 4728        ============================================================
17:14:52.0517 4728        Scan finished
17:14:52.0517 4728        ============================================================
17:14:52.0534 4160        Detected object count: 4
17:14:52.0534 4160        Actual detected object count: 4
17:15:18.0967 4160        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:18.0967 4160        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:18.0970 4160        SDLService ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:18.0971 4160        SDLService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:18.0974 4160        SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
17:15:18.0974 4160        SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:15:18.0978 4160        \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
17:15:18.0978 4160        \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
Ich benutze für Banking das Chip-Tan verfahren. Genügt das?

Gruß Stefan

markusg 19.07.2012 23:37
ja, lasse es trotzdem sperren.
ich hatte das log schon gesehen, war vllt missverständlich ausgedrückt

17:15:18.0978 4160 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
eigendlich müsste kaspersky für das hier ein cure anbieten
da ist dass rootkit
befor du fragst, das kann man nicht mit den bisherigen logs erkennen, sondern nur über den tdss killer. :-)
wir entfernen das noch, dann muss aber neu aufgesetzt werden.
lade hitmanpro:
http://www.trojaner-board.de/99424-c...o-scannen.html
settings, license, activate test license
dann scan, funde entfernen lassen, am ende das log als xml exportieren und posten.

123click 20.07.2012 11:48
Hallo Markus,

hier ist das hitmanlog. Anschließend habe ich nochmal den TDSS-Killer laufen lassen mit dem gleichen Ergebnis wie vorher.
Code:
- <Log computer="STEFFI-PC" scan="Normal" version="3.6.0.160" date="2012-07-20T12:29:02" timeSpentInSecs="173" filesProcessed="21267">
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:2o7.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.360yield.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.ad-srv.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.adc-serv.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.adserver01.de" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.beepworld.de" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.yieldmanager.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ad.zanox.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:adbrite.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ads.creative-serving.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ads.immobilienscout24.de" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ads.intergi.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ads.pubmatic.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ads.quartermedia.de" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:adtech.de" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:advertising.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:adviva.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:aka-cdn-ns.adtech.de" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:apmebf.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:atdmt.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:bs.serving-sys.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:casalemedia.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:collective-media.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:doubleclick.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:eas.apm.emediate.eu" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:fastclick.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:interclick.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:invitemedia.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:media6degrees.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:mediaplex.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:nikonmypicturetown.122.2o7.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:questionmarket.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:revsci.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:ru4.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:serving-sys.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:smartadserver.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:specificclick.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:statse.webtrendslive.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:track.adform.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:tradedoubler.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:tribalfusion.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:tvtv.122.2o7.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:wolverineworldwide.112.2o7.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:www.etracker.de" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:www.googleadservices.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:xiti.com" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:yadro.ru" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:yieldmanager.net" />
  </Item>
- <Item type="Repair" score="0.0" status="Deleted">
  <File path="C:\Users\Nino\AppData\Roaming\Mozilla\Firefox\Profiles\ib0ls0qc.default\cookies.sqlite:zedo.com" />
  </Item>
  </Log>
und nochmal das neue Killer-Log
Code:
12:34:04.0967 4380        TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
12:34:05.0210 4380        ============================================================
12:34:05.0210 4380        Current date / time: 2012/07/20 12:34:05.0210
12:34:05.0210 4380        SystemInfo:
12:34:05.0210 4380       
12:34:05.0210 4380        OS Version: 6.1.7601 ServicePack: 1.0
12:34:05.0210 4380        Product type: Workstation
12:34:05.0210 4380        ComputerName: STEFFI-PC
12:34:05.0210 4380        UserName: Steffi
12:34:05.0210 4380        Windows directory: C:\Windows
12:34:05.0210 4380        System windows directory: C:\Windows
12:34:05.0210 4380        Running under WOW64
12:34:05.0210 4380        Processor architecture: Intel x64
12:34:05.0210 4380        Number of processors: 4
12:34:05.0210 4380        Page size: 0x1000
12:34:05.0210 4380        Boot type: Normal boot
12:34:05.0210 4380        ============================================================
12:34:05.0374 4380        Drive \Device\Harddisk2\DR2 - Size: 0x1BF31C0000 (111.80 Gb), SectorSize: 0x200, Cylinders: 0x3902, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
12:34:05.0835 4380        Drive \Device\Harddisk0\DR0 - Size: 0x950AC4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13000, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:34:05.0853 4380        Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:34:05.0855 4380        Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:34:05.0868 4380        Drive \Device\Harddisk4\DR4 - Size: 0x3BA815A00 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:34:05.0869 4380        ============================================================
12:34:05.0869 4380        \Device\Harddisk2\DR2:
12:34:05.0869 4380        MBR partitions:
12:34:05.0869 4380        \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:34:05.0869 4380        \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6175800
12:34:05.0869 4380        \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x61A8000, BlocksNum 0x7DEF800
12:34:05.0869 4380        \Device\Harddisk0\DR0:
12:34:05.0869 4380        MBR partitions:
12:34:05.0869 4380        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856231
12:34:05.0870 4380        \Device\Harddisk1\DR1:
12:34:05.0870 4380        MBR partitions:
12:34:05.0870 4380        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18000
12:34:05.0870 4380        \Device\Harddisk3\DR3:
12:34:05.0870 4380        MBR partitions:
12:34:05.0870 4380        \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:34:05.0870 4380        \Device\Harddisk4\DR4:
12:34:05.0870 4380        MBR partitions:
12:34:05.0870 4380        \Device\Harddisk4\DR4\Partition0: MBR, Type 0xC, StartLBA 0xCC, BlocksNum 0x1DD3FE4
12:34:05.0870 4380        ============================================================
12:34:05.0871 4380        C: <-> \Device\Harddisk2\DR2\Partition1
12:34:05.0872 4380        D: <-> \Device\Harddisk2\DR2\Partition2
12:34:05.0873 4380        I: <-> \Device\Harddisk3\DR3\Partition0
12:34:05.0882 4380        F: <-> \Device\Harddisk0\DR0\Partition0
12:34:05.0883 4380        S: <-> \Device\Harddisk1\DR1\Partition0
12:34:05.0884 4380        G: <-> \Device\Harddisk4\DR4\Partition0
12:34:05.0884 4380        ============================================================
12:34:05.0884 4380        Initialize success
12:34:05.0884 4380        ============================================================
12:35:13.0056 1196        ============================================================
12:35:13.0056 1196        Scan started
12:35:13.0056 1196        Mode: Manual; SigCheck; TDLFS;
12:35:13.0056 1196        ============================================================
12:35:13.0181 1196        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:35:13.0243 1196        1394ohci - ok
12:35:13.0243 1196        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:35:13.0259 1196        ACPI - ok
12:35:13.0259 1196        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:35:13.0274 1196        AcpiPmi - ok
12:35:13.0305 1196        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:35:13.0305 1196        AdobeFlashPlayerUpdateSvc - ok
12:35:13.0321 1196        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:35:13.0337 1196        adp94xx - ok
12:35:13.0352 1196        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:35:13.0352 1196        adpahci - ok
12:35:13.0368 1196        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:35:13.0368 1196        adpu320 - ok
12:35:13.0383 1196        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:35:13.0430 1196        AeLookupSvc - ok
12:35:13.0446 1196        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:35:13.0446 1196        AFD - ok
12:35:13.0461 1196        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:35:13.0461 1196        agp440 - ok
12:35:13.0461 1196        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:35:13.0477 1196        ALG - ok
12:35:13.0477 1196        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:35:13.0477 1196        aliide - ok
12:35:13.0477 1196        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:35:13.0493 1196        amdide - ok
12:35:13.0493 1196        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:35:13.0508 1196        AmdK8 - ok
12:35:13.0508 1196        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:35:13.0508 1196        AmdPPM - ok
12:35:13.0524 1196        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:35:13.0524 1196        amdsata - ok
12:35:13.0524 1196        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:35:13.0539 1196        amdsbs - ok
12:35:13.0539 1196        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:35:13.0555 1196        amdxata - ok
12:35:13.0555 1196        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:35:13.0602 1196        AppID - ok
12:35:13.0602 1196        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:35:13.0617 1196        AppIDSvc - ok
12:35:13.0633 1196        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:35:13.0649 1196        Appinfo - ok
12:35:13.0649 1196        Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:35:13.0664 1196        Apple Mobile Device - ok
12:35:13.0664 1196        AppleCharger    (ba957e7acd2b44fa3b01faa64f6a9060) C:\Windows\system32\DRIVERS\AppleCharger.sys
12:35:13.0680 1196        AppleCharger - ok
12:35:13.0680 1196        AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
12:35:13.0680 1196        AppleChargerSrv - ok
12:35:13.0695 1196        AppMgmt        (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
12:35:13.0695 1196        AppMgmt - ok
12:35:13.0711 1196        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:35:13.0711 1196        arc - ok
12:35:13.0711 1196        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:35:13.0727 1196        arcsas - ok
12:35:13.0727 1196        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:35:13.0742 1196        AsyncMac - ok
12:35:13.0758 1196        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:35:13.0758 1196        atapi - ok
12:35:13.0773 1196        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:35:13.0805 1196        AudioEndpointBuilder - ok
12:35:13.0805 1196        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:35:13.0836 1196        AudioSrv - ok
12:35:13.0836 1196        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:35:13.0851 1196        AxInstSV - ok
12:35:13.0867 1196        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:35:13.0883 1196        b06bdrv - ok
12:35:13.0898 1196        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:35:13.0898 1196        b57nd60a - ok
12:35:13.0914 1196        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:35:13.0914 1196        BDESVC - ok
12:35:13.0914 1196        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:35:13.0945 1196        Beep - ok
12:35:13.0961 1196        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
12:35:13.0992 1196        BFE - ok
12:35:14.0023 1196        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
12:35:14.0039 1196        BITS - ok
12:35:14.0054 1196        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:35:14.0054 1196        blbdrive - ok
12:35:14.0070 1196        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:35:14.0085 1196        Bonjour Service - ok
12:35:14.0085 1196        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:35:14.0085 1196        bowser - ok
12:35:14.0101 1196        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:35:14.0117 1196        BrFiltLo - ok
12:35:14.0117 1196        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:35:14.0117 1196        BrFiltUp - ok
12:35:14.0132 1196        Bridge          (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:35:14.0148 1196        Bridge - ok
12:35:14.0148 1196        BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:35:14.0163 1196        BridgeMP - ok
12:35:14.0179 1196        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:35:14.0195 1196        Browser - ok
12:35:14.0210 1196        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:35:14.0210 1196        Brserid - ok
12:35:14.0226 1196        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:35:14.0226 1196        BrSerWdm - ok
12:35:14.0226 1196        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:35:14.0241 1196        BrUsbMdm - ok
12:35:14.0241 1196        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:35:14.0241 1196        BrUsbSer - ok
12:35:14.0257 1196        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:35:14.0257 1196        BTHMODEM - ok
12:35:14.0273 1196        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:35:14.0288 1196        bthserv - ok
12:35:14.0288 1196        catchme - ok
12:35:14.0304 1196        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:35:14.0319 1196        cdfs - ok
12:35:14.0319 1196        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:35:14.0335 1196        cdrom - ok
12:35:14.0335 1196        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:35:14.0351 1196        CertPropSvc - ok
12:35:14.0366 1196        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:35:14.0366 1196        circlass - ok
12:35:14.0382 1196        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:35:14.0397 1196        CLFS - ok
12:35:14.0397 1196        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:35:14.0413 1196        clr_optimization_v2.0.50727_32 - ok
12:35:14.0413 1196        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:35:14.0413 1196        clr_optimization_v2.0.50727_64 - ok
12:35:14.0429 1196        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:35:14.0429 1196        clr_optimization_v4.0.30319_32 - ok
12:35:14.0444 1196        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:35:14.0444 1196        clr_optimization_v4.0.30319_64 - ok
12:35:14.0444 1196        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:35:14.0460 1196        CmBatt - ok
12:35:14.0460 1196        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:35:14.0460 1196        cmdide - ok
12:35:14.0475 1196        CNG            (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
12:35:14.0491 1196        CNG - ok
12:35:14.0507 1196        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:35:14.0507 1196        Compbatt - ok
12:35:14.0507 1196        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:35:14.0522 1196        CompositeBus - ok
12:35:14.0522 1196        COMSysApp - ok
12:35:14.0522 1196        cpuz135        (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
12:35:14.0522 1196        cpuz135 - ok
12:35:14.0538 1196        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:35:14.0538 1196        crcdisk - ok
12:35:14.0538 1196        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
12:35:14.0553 1196        CryptSvc - ok
12:35:14.0569 1196        CSC            (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
12:35:14.0585 1196        CSC - ok
12:35:14.0600 1196        CscService      (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
12:35:14.0616 1196        CscService - ok
12:35:14.0631 1196        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:35:14.0663 1196        DcomLaunch - ok
12:35:14.0678 1196        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:35:14.0694 1196        defragsvc - ok
12:35:14.0709 1196        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:35:14.0725 1196        DfsC - ok
12:35:14.0741 1196        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:35:14.0756 1196        Dhcp - ok
12:35:14.0756 1196        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:35:14.0787 1196        discache - ok
12:35:14.0787 1196        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:35:14.0787 1196        Disk - ok
12:35:14.0803 1196        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:35:14.0803 1196        Dnscache - ok
12:35:14.0819 1196        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:35:14.0850 1196        dot3svc - ok
12:35:14.0850 1196        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:35:14.0865 1196        DPS - ok
12:35:14.0881 1196        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:35:14.0881 1196        drmkaud - ok
12:35:14.0912 1196        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:35:14.0928 1196        DXGKrnl - ok
12:35:14.0943 1196        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:35:14.0959 1196        EapHost - ok
12:35:15.0053 1196        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:35:15.0099 1196        ebdrv - ok
12:35:15.0131 1196        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:35:15.0131 1196        EFS - ok
12:35:15.0146 1196        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:35:15.0162 1196        ehRecvr - ok
12:35:15.0177 1196        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:35:15.0177 1196        ehSched - ok
12:35:15.0193 1196        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:35:15.0209 1196        elxstor - ok
12:35:15.0209 1196        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:35:15.0224 1196        ErrDev - ok
12:35:15.0224 1196        ES lite Service (b8fa96995726d1fa58476e352c02ad82) C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
12:35:15.0224 1196        ES lite Service - ok
12:35:15.0240 1196        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:35:15.0271 1196        EventSystem - ok
12:35:15.0287 1196        ewusbmbb        (334c907536e815e56cd13108a6d5fb9d) C:\Windows\system32\DRIVERS\ewusbwwan.sys
12:35:15.0287 1196        ewusbmbb - ok
12:35:15.0302 1196        ewusbnet - ok
12:35:15.0302 1196        ew_hwusbdev    (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
12:35:15.0318 1196        ew_hwusbdev - ok
12:35:15.0318 1196        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:35:15.0349 1196        exfat - ok
12:35:15.0349 1196        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:35:15.0380 1196        fastfat - ok
12:35:15.0396 1196        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:35:15.0411 1196        Fax - ok
12:35:15.0411 1196        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:35:15.0411 1196        fdc - ok
12:35:15.0427 1196        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:35:15.0443 1196        fdPHost - ok
12:35:15.0443 1196        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:35:15.0458 1196        FDResPub - ok
12:35:15.0474 1196        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:35:15.0474 1196        FileInfo - ok
12:35:15.0474 1196        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:35:15.0505 1196        Filetrace - ok
12:35:15.0505 1196        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:35:15.0505 1196        flpydisk - ok
12:35:15.0521 1196        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:35:15.0536 1196        FltMgr - ok
12:35:15.0567 1196        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:35:15.0583 1196        FontCache - ok
12:35:15.0583 1196        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:35:15.0599 1196        FontCache3.0.0.0 - ok
12:35:15.0599 1196        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:35:15.0599 1196        FsDepends - ok
12:35:15.0599 1196        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:35:15.0614 1196        Fs_Rec - ok
12:35:15.0614 1196        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:35:15.0630 1196        fvevol - ok
12:35:15.0630 1196        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:35:15.0645 1196        gagp30kx - ok
12:35:15.0645 1196        gdrv            (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
12:35:15.0645 1196        gdrv - ok
12:35:15.0661 1196        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:35:15.0661 1196        GEARAspiWDM - ok
12:35:15.0677 1196        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:35:15.0708 1196        gpsvc - ok
12:35:15.0723 1196        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:35:15.0723 1196        gupdate - ok
12:35:15.0723 1196        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:35:15.0739 1196        gupdatem - ok
12:35:15.0739 1196        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:35:15.0739 1196        hcw85cir - ok
12:35:15.0755 1196        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:35:15.0770 1196        HdAudAddService - ok
12:35:15.0770 1196        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:35:15.0786 1196        HDAudBus - ok
12:35:15.0786 1196        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:35:15.0786 1196        HidBatt - ok
12:35:15.0801 1196        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:35:15.0801 1196        HidBth - ok
12:35:15.0801 1196        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:35:15.0817 1196        HidIr - ok
12:35:15.0817 1196        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
12:35:15.0833 1196        hidserv - ok
12:35:15.0848 1196        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:35:15.0848 1196        HidUsb - ok
12:35:15.0848 1196        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:35:15.0879 1196        hkmsvc - ok
12:35:15.0879 1196        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:35:15.0895 1196        HomeGroupListener - ok
12:35:15.0895 1196        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:35:15.0911 1196        HomeGroupProvider - ok
12:35:15.0911 1196        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:35:15.0926 1196        HpSAMD - ok
12:35:15.0942 1196        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:35:15.0973 1196        HTTP - ok
12:35:15.0973 1196        huawei_enumerator (1642c62f1fd5e1ff44608283994a7bb8) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
12:35:15.0989 1196        huawei_enumerator - ok
12:35:16.0004 1196        hwdatacard      (04d1de1e8ace40ca396502c90524e945) C:\Windows\system32\DRIVERS\ewusbmdm.sys
12:35:16.0004 1196        hwdatacard - ok
12:35:16.0004 1196        HWDeviceService64.exe - ok
12:35:16.0020 1196        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:35:16.0020 1196        hwpolicy - ok
12:35:16.0020 1196        hwusbdev - ok
12:35:16.0035 1196        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:35:16.0035 1196        i8042prt - ok
12:35:16.0051 1196        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:35:16.0067 1196        iaStorV - ok
12:35:16.0067 1196        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:35:16.0067 1196        IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:35:16.0067 1196        IDriverT - detected UnsignedFile.Multi.Generic (1)
12:35:16.0098 1196        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:35:16.0113 1196        idsvc - ok
12:35:16.0129 1196        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:35:16.0145 1196        iirsp - ok
12:35:16.0176 1196        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:35:16.0191 1196        IKEEXT - ok
12:35:16.0301 1196        IntcAzAudAddService (0adf714079ae174a39d69036143e4c50) C:\Windows\system32\drivers\RTKVHD64.sys
12:35:16.0332 1196        IntcAzAudAddService - ok
12:35:16.0363 1196        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:35:16.0363 1196        intelide - ok
12:35:16.0363 1196        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:35:16.0379 1196        intelppm - ok
12:35:16.0379 1196        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:35:16.0394 1196        IPBusEnum - ok
12:35:16.0410 1196        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:35:16.0425 1196        IpFilterDriver - ok
12:35:16.0441 1196        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
12:35:16.0472 1196        iphlpsvc - ok
12:35:16.0472 1196        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:35:16.0488 1196        IPMIDRV - ok
12:35:16.0488 1196        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:35:16.0503 1196        IPNAT - ok
12:35:16.0535 1196        iPod Service    (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
12:35:16.0550 1196        iPod Service - ok
12:35:16.0550 1196        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:35:16.0566 1196        IRENUM - ok
12:35:16.0566 1196        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:35:16.0566 1196        isapnp - ok
12:35:16.0581 1196        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:35:16.0597 1196        iScsiPrt - ok
12:35:16.0597 1196        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:35:16.0597 1196        kbdclass - ok
12:35:16.0597 1196        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:35:16.0613 1196        kbdhid - ok
12:35:16.0613 1196        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:35:16.0613 1196        KeyIso - ok
12:35:16.0628 1196        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
12:35:16.0628 1196        KSecDD - ok
12:35:16.0644 1196        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
12:35:16.0644 1196        KSecPkg - ok
12:35:16.0644 1196        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:35:16.0675 1196        ksthunk - ok
12:35:16.0675 1196        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:35:16.0706 1196        KtmRm - ok
12:35:16.0706 1196        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
12:35:16.0737 1196        LanmanServer - ok
12:35:16.0737 1196        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:35:16.0769 1196        LanmanWorkstation - ok
12:35:16.0769 1196        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:35:16.0784 1196        lltdio - ok
12:35:16.0800 1196        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:35:16.0831 1196        lltdsvc - ok
12:35:16.0831 1196        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:35:16.0847 1196        lmhosts - ok
12:35:16.0862 1196        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:35:16.0862 1196        LSI_FC - ok
12:35:16.0862 1196        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:35:16.0878 1196        LSI_SAS - ok
12:35:16.0878 1196        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:35:16.0893 1196        LSI_SAS2 - ok
12:35:16.0893 1196        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:35:16.0893 1196        LSI_SCSI - ok
12:35:16.0909 1196        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:35:16.0925 1196        luafv - ok
12:35:16.0925 1196        MBAMProtector  (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
12:35:16.0940 1196        MBAMProtector - ok
12:35:16.0956 1196        MBAMService    (43683e970f008c93c9429ef428147a54) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
12:35:16.0971 1196        MBAMService - ok
12:35:16.0971 1196        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:35:16.0987 1196        Mcx2Svc - ok
12:35:16.0987 1196        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:35:17.0003 1196        megasas - ok
12:35:17.0003 1196        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:35:17.0018 1196        MegaSR - ok
12:35:17.0018 1196        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:35:17.0034 1196        MMCSS - ok
12:35:17.0049 1196        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:35:17.0065 1196        Modem - ok
12:35:17.0065 1196        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:35:17.0081 1196        monitor - ok
12:35:17.0081 1196        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
12:35:17.0081 1196        mouclass - ok
12:35:17.0096 1196        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:35:17.0096 1196        mouhid - ok
12:35:17.0096 1196        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:35:17.0112 1196        mountmgr - ok
12:35:17.0112 1196        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:35:17.0127 1196        mpio - ok
12:35:17.0127 1196        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:35:17.0143 1196        mpsdrv - ok
12:35:17.0174 1196        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
12:35:17.0205 1196        MpsSvc - ok
12:35:17.0205 1196        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:35:17.0221 1196        MRxDAV - ok
12:35:17.0221 1196        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:35:17.0237 1196        mrxsmb - ok
12:35:17.0252 1196        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:35:17.0252 1196        mrxsmb10 - ok
12:35:17.0268 1196        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:35:17.0268 1196        mrxsmb20 - ok
12:35:17.0268 1196        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:35:17.0283 1196        msahci - ok
12:35:17.0283 1196        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:35:17.0283 1196        msdsm - ok
12:35:17.0299 1196        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:35:17.0299 1196        MSDTC - ok
12:35:17.0315 1196        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:35:17.0330 1196        Msfs - ok
12:35:17.0330 1196        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:35:17.0361 1196        mshidkmdf - ok
12:35:17.0361 1196        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:35:17.0361 1196        msisadrv - ok
12:35:17.0377 1196        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:35:17.0393 1196        MSiSCSI - ok
12:35:17.0393 1196        msiserver - ok
12:35:17.0393 1196        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:35:17.0424 1196        MSKSSRV - ok
12:35:17.0424 1196        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:35:17.0439 1196        MSPCLOCK - ok
12:35:17.0439 1196        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:35:17.0471 1196        MSPQM - ok
12:35:17.0486 1196        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:35:17.0486 1196        MsRPC - ok
12:35:17.0486 1196        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:35:17.0502 1196        mssmbios - ok
12:35:17.0502 1196        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:35:17.0517 1196        MSTEE - ok
12:35:17.0517 1196        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:35:17.0533 1196        MTConfig - ok
12:35:17.0533 1196        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:35:17.0549 1196        Mup - ok
12:35:17.0564 1196        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:35:17.0580 1196        napagent - ok
12:35:17.0595 1196        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:35:17.0611 1196        NativeWifiP - ok
12:35:17.0642 1196        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:35:17.0658 1196        NDIS - ok
12:35:17.0658 1196        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:35:17.0689 1196        NdisCap - ok
12:35:17.0689 1196        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:35:17.0705 1196        NdisTapi - ok
12:35:17.0705 1196        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:35:17.0736 1196        Ndisuio - ok
12:35:17.0736 1196        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:35:17.0751 1196        NdisWan - ok
12:35:17.0767 1196        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:35:17.0783 1196        NDProxy - ok
12:35:17.0783 1196        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:35:17.0814 1196        NetBIOS - ok
12:35:17.0814 1196        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:35:17.0845 1196        NetBT - ok
12:35:17.0845 1196        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:35:17.0845 1196        Netlogon - ok
12:35:17.0861 1196        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:35:17.0892 1196        Netman - ok
12:35:17.0892 1196        NetMsmqActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:35:17.0907 1196        NetMsmqActivator - ok
12:35:17.0907 1196        NetPipeActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:35:17.0907 1196        NetPipeActivator - ok
12:35:17.0923 1196        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:35:17.0954 1196        netprofm - ok
12:35:17.0954 1196        NetTcpActivator (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:35:17.0954 1196        NetTcpActivator - ok
12:35:17.0954 1196        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:35:17.0970 1196        NetTcpPortSharing - ok
12:35:17.0970 1196        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:35:17.0970 1196        nfrd960 - ok
12:35:17.0985 1196        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:35:18.0017 1196        NlaSvc - ok
12:35:18.0017 1196        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:35:18.0032 1196        Npfs - ok
12:35:18.0032 1196        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:35:18.0063 1196        nsi - ok
12:35:18.0063 1196        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:35:18.0079 1196        nsiproxy - ok
12:35:18.0157 1196        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:35:18.0204 1196        Ntfs - ok
12:35:18.0235 1196        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:35:18.0251 1196        Null - ok
12:35:18.0251 1196        nusb3hub        (785298579b5f9b4032152dfbb992fdb6) C:\Windows\system32\DRIVERS\nusb3hub.sys
12:35:18.0266 1196        nusb3hub - ok
12:35:18.0266 1196        nusb3xhc        (df2750481b4964814467c974f2b0eef1) C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:35:18.0282 1196        nusb3xhc - ok
12:35:18.0282 1196        NVHDA          (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
12:35:18.0282 1196        NVHDA - ok
12:35:18.0812 1196        nvlddmkm        (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:35:18.0953 1196        nvlddmkm - ok
12:35:18.0984 1196        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:35:18.0984 1196        nvraid - ok
12:35:18.0999 1196        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:35:18.0999 1196        nvstor - ok
12:35:19.0031 1196        nvsvc          (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
12:35:19.0046 1196        nvsvc - ok
12:35:19.0140 1196        nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:35:19.0171 1196        nvUpdatusService - ok
12:35:19.0202 1196        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:35:19.0202 1196        nv_agp - ok
12:35:19.0202 1196        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:35:19.0218 1196        ohci1394 - ok
12:35:19.0218 1196        ose            (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:35:19.0233 1196        ose - ok
12:35:19.0233 1196        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:35:19.0249 1196        p2pimsvc - ok
12:35:19.0265 1196        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:35:19.0280 1196        p2psvc - ok
12:35:19.0280 1196        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:35:19.0280 1196        Parport - ok
12:35:19.0296 1196        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
12:35:19.0296 1196        partmgr - ok
12:35:19.0311 1196        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:35:19.0311 1196        PcaSvc - ok
12:35:19.0327 1196        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:35:19.0327 1196        pci - ok
12:35:19.0327 1196        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:35:19.0343 1196        pciide - ok
12:35:19.0343 1196        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:35:19.0358 1196        pcmcia - ok
12:35:19.0358 1196        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:35:19.0358 1196        pcw - ok
12:35:19.0374 1196        PdiPorts        (25fd4d8109114266a610fd1088bfd522) C:\Windows\system32\DRIVERS\PdiPorts.sys
12:35:19.0374 1196        PdiPorts - ok
12:35:19.0374 1196        PdiService      (fed28c565de5f73b7c5b32841229e496) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
12:35:19.0389 1196        PdiService - ok
12:35:19.0405 1196        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:35:19.0436 1196        PEAUTH - ok
12:35:19.0499 1196        PeerDistSvc    (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
12:35:19.0530 1196        PeerDistSvc - ok
12:35:19.0545 1196        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:35:19.0545 1196        PerfHost - ok
12:35:19.0639 1196        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:35:19.0686 1196        pla - ok
12:35:19.0701 1196        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:35:19.0701 1196        PlugPlay - ok
12:35:19.0717 1196        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:35:19.0717 1196        PNRPAutoReg - ok
12:35:19.0733 1196        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:35:19.0733 1196        PNRPsvc - ok
12:35:19.0748 1196        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:35:19.0779 1196        PolicyAgent - ok
12:35:19.0795 1196        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:35:19.0811 1196        Power - ok
12:35:19.0826 1196        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:35:19.0842 1196        PptpMiniport - ok
12:35:19.0842 1196        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:35:19.0857 1196        Processor - ok
12:35:19.0857 1196        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
12:35:19.0873 1196        ProfSvc - ok
12:35:19.0873 1196        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:35:19.0873 1196        ProtectedStorage - ok
12:35:19.0889 1196        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:35:19.0904 1196        Psched - ok
12:35:19.0967 1196        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:35:19.0998 1196        ql2300 - ok
12:35:20.0029 1196        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:35:20.0029 1196        ql40xx - ok
12:35:20.0045 1196        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:35:20.0060 1196        QWAVE - ok
12:35:20.0060 1196        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:35:20.0076 1196        QWAVEdrv - ok
12:35:20.0076 1196        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:35:20.0091 1196        RasAcd - ok
12:35:20.0091 1196        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:35:20.0123 1196        RasAgileVpn - ok
12:35:20.0123 1196        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:35:20.0154 1196        RasAuto - ok
12:35:20.0154 1196        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:35:20.0169 1196        Rasl2tp - ok
12:35:20.0185 1196        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:35:20.0216 1196        RasMan - ok
12:35:20.0216 1196        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:35:20.0232 1196        RasPppoe - ok
12:35:20.0247 1196        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:35:20.0263 1196        RasSstp - ok
12:35:20.0279 1196        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:35:20.0294 1196        rdbss - ok
12:35:20.0294 1196        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:35:20.0310 1196        rdpbus - ok
12:35:20.0310 1196        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:35:20.0325 1196        RDPCDD - ok
12:35:20.0341 1196        RDPDR          (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
12:35:20.0357 1196        RDPDR - ok
12:35:20.0357 1196        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:35:20.0372 1196        RDPENCDD - ok
12:35:20.0372 1196        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:35:20.0403 1196        RDPREFMP - ok
12:35:20.0403 1196        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
12:35:20.0419 1196        RDPWD - ok
12:35:20.0419 1196        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:35:20.0435 1196        rdyboost - ok
12:35:20.0435 1196        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:35:20.0450 1196        RemoteAccess - ok
12:35:20.0466 1196        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:35:20.0481 1196        RemoteRegistry - ok
12:35:20.0497 1196        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:35:20.0513 1196        RpcEptMapper - ok
12:35:20.0513 1196        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:35:20.0528 1196        RpcLocator - ok
12:35:20.0544 1196        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:35:20.0559 1196        RpcSs - ok
12:35:20.0575 1196        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:35:20.0591 1196        rspndr - ok
12:35:20.0591 1196        rtkio          (5dc26837e5af8244233f78cb9c3ac988) C:\Program Files (x86)\Realtek\Smart Dual Lan\rtkio.sys
12:35:20.0591 1196        rtkio - ok
12:35:20.0606 1196        RTL8167        (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys
12:35:20.0622 1196        RTL8167 - ok
12:35:20.0622 1196        RtNdPt60        (2b38c905492f36fe42b59da52d6b4eb7) C:\Windows\system32\DRIVERS\RtNdPt60.sys
12:35:20.0622 1196        RtNdPt60 - ok
12:35:20.0637 1196        RTTEAMPT        (3fb2fd668fa4cd4aed1953f85f916cf1) C:\Windows\system32\DRIVERS\RtTeam60.sys
12:35:20.0637 1196        RTTEAMPT - ok
12:35:20.0637 1196        RTVLANPT        (8b6b42d782202363a562f82b0e13b1c0) C:\Windows\system32\DRIVERS\RtVlan60.sys
12:35:20.0637 1196        RTVLANPT - ok
12:35:20.0653 1196        s3cap          (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
12:35:20.0653 1196        s3cap - ok
12:35:20.0653 1196        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:35:20.0653 1196        SamSs - ok
12:35:20.0669 1196        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:35:20.0669 1196        sbp2port - ok
12:35:20.0684 1196        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:35:20.0700 1196        SCardSvr - ok
12:35:20.0700 1196        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:35:20.0731 1196        scfilter - ok
12:35:20.0762 1196        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:35:20.0793 1196        Schedule - ok
12:35:20.0793 1196        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:35:20.0825 1196        SCPolicySvc - ok
12:35:20.0825 1196        SDLService      (b0e6ca5d36dc5f0019a73b8aab35c5dc) C:\Program Files (x86)\Realtek\Smart Dual Lan\SDLService.exe
12:35:20.0825 1196        SDLService ( UnsignedFile.Multi.Generic ) - warning
12:35:20.0825 1196        SDLService - detected UnsignedFile.Multi.Generic (1)
12:35:20.0840 1196        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:35:20.0840 1196        SDRSVC - ok
12:35:20.0840 1196        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:35:20.0871 1196        secdrv - ok
12:35:20.0871 1196        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:35:20.0887 1196        seclogon - ok
12:35:20.0903 1196        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
12:35:20.0918 1196        SENS - ok
12:35:20.0918 1196        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:35:20.0934 1196        SensrSvc - ok
12:35:20.0934 1196        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:35:20.0934 1196        Serenum - ok
12:35:20.0949 1196        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:35:20.0949 1196        Serial - ok
12:35:20.0949 1196        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:35:20.0965 1196        sermouse - ok
12:35:20.0965 1196        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:35:20.0996 1196        SessionEnv - ok
12:35:20.0996 1196        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:35:20.0996 1196        sffdisk - ok
12:35:20.0996 1196        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:35:21.0012 1196        sffp_mmc - ok
12:35:21.0012 1196        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:35:21.0012 1196        sffp_sd - ok
12:35:21.0012 1196        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:35:21.0027 1196        sfloppy - ok
12:35:21.0043 1196        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:35:21.0059 1196        SharedAccess - ok
12:35:21.0074 1196        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:35:21.0105 1196        ShellHWDetection - ok
12:35:21.0105 1196        Si3124r5        (da492c8305434ec6f9bdd60c8b83b10e) C:\Windows\system32\DRIVERS\Si3124r5.sys
12:35:21.0121 1196        Si3124r5 - ok
12:35:21.0121 1196        SiFilter        (8d10887a1699cf61e74467694b929b09) C:\Windows\system32\DRIVERS\SiWinAcc.sys
12:35:21.0121 1196        SiFilter - ok
12:35:21.0137 1196        SiRemFil        (94e1eda9a0b305a67ee1bbd0a68ce21a) C:\Windows\system32\DRIVERS\SiRemFil.sys
12:35:21.0137 1196        SiRemFil - ok
12:35:21.0137 1196        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:35:21.0152 1196        SiSRaid2 - ok
12:35:21.0152 1196        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:35:21.0152 1196        SiSRaid4 - ok
12:35:21.0168 1196        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:35:21.0183 1196        Smb - ok
12:35:21.0183 1196        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:35:21.0199 1196        SNMPTRAP - ok
12:35:21.0199 1196        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:35:21.0199 1196        spldr - ok
12:35:21.0230 1196        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:35:21.0246 1196        Spooler - ok
12:35:21.0402 1196        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:35:21.0464 1196        sppsvc - ok
12:35:21.0480 1196        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:35:21.0511 1196        sppuinotify - ok
12:35:21.0527 1196        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:35:21.0542 1196        srv - ok
12:35:21.0558 1196        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:35:21.0558 1196        srv2 - ok
12:35:21.0573 1196        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:35:21.0573 1196        srvnet - ok
12:35:21.0589 1196        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:35:21.0605 1196        SSDPSRV - ok
12:35:21.0605 1196        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:35:21.0636 1196        SstpSvc - ok
12:35:21.0651 1196        Stereo Service  (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:35:21.0651 1196        Stereo Service - ok
12:35:21.0667 1196        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:35:21.0667 1196        stexstor - ok
12:35:21.0683 1196        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:35:21.0698 1196        stisvc - ok
12:35:21.0698 1196        storflt        (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
12:35:21.0714 1196        storflt - ok
12:35:21.0714 1196        StorSvc        (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
12:35:21.0714 1196        StorSvc - ok
12:35:21.0729 1196        storvsc        (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
12:35:21.0729 1196        storvsc - ok
12:35:21.0729 1196        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:35:21.0745 1196        swenum - ok
12:35:21.0761 1196        SwitchBoard    (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:35:21.0761 1196        SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
12:35:21.0761 1196        SwitchBoard - detected UnsignedFile.Multi.Generic (1)
12:35:21.0776 1196        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:35:21.0807 1196        swprv - ok
12:35:21.0885 1196        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:35:21.0932 1196        SysMain - ok
12:35:21.0948 1196        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:35:21.0963 1196        TabletInputService - ok
12:35:21.0963 1196        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:35:21.0995 1196        TapiSrv - ok
12:35:21.0995 1196        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:35:22.0026 1196        TBS - ok
12:35:22.0088 1196        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:35:22.0104 1196        Tcpip - ok
12:35:22.0213 1196        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:35:22.0244 1196        TCPIP6 - ok
12:35:22.0260 1196        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:35:22.0291 1196        tcpipreg - ok
12:35:22.0291 1196        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:35:22.0291 1196        TDPIPE - ok
12:35:22.0307 1196        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:35:22.0307 1196        TDTCP - ok
12:35:22.0307 1196        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:35:22.0338 1196        tdx - ok
12:35:22.0338 1196        TEAM            (3fb2fd668fa4cd4aed1953f85f916cf1) C:\Windows\system32\DRIVERS\RtTeam60.sys
12:35:22.0338 1196        TEAM - ok
12:35:22.0338 1196        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:35:22.0353 1196        TermDD - ok
12:35:22.0369 1196        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:35:22.0400 1196        TermService - ok
12:35:22.0400 1196        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:35:22.0416 1196        Themes - ok
12:35:22.0416 1196        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:35:22.0447 1196        THREADORDER - ok
12:35:22.0447 1196        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:35:22.0463 1196        TrkWks - ok
12:35:22.0478 1196        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:35:22.0494 1196        TrustedInstaller - ok
12:35:22.0509 1196        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:35:22.0525 1196        tssecsrv - ok
12:35:22.0525 1196        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:35:22.0541 1196        TsUsbFlt - ok
12:35:22.0541 1196        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:35:22.0556 1196        tunnel - ok
12:35:22.0572 1196        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:35:22.0572 1196        uagp35 - ok
12:35:22.0587 1196        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:35:22.0603 1196        udfs - ok
12:35:22.0619 1196        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:35:22.0619 1196        UI0Detect - ok
12:35:22.0619 1196        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:35:22.0634 1196        uliagpkx - ok
12:35:22.0634 1196        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:35:22.0650 1196        umbus - ok
12:35:22.0650 1196        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:35:22.0650 1196        UmPass - ok
12:35:22.0665 1196        UmRdpService    (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
12:35:22.0665 1196        UmRdpService - ok
12:35:22.0681 1196        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:35:22.0712 1196        upnphost - ok
12:35:22.0712 1196        USBAAPL64      (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
12:35:22.0712 1196        USBAAPL64 - ok
12:35:22.0728 1196        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:35:22.0728 1196        usbccgp - ok
12:35:22.0728 1196        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:35:22.0743 1196        usbcir - ok
12:35:22.0743 1196        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
12:35:22.0759 1196        usbehci - ok
12:35:22.0759 1196        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:35:22.0775 1196        usbhub - ok
12:35:22.0775 1196        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
12:35:22.0790 1196        usbohci - ok
12:35:22.0790 1196        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:35:22.0790 1196        usbprint - ok
12:35:22.0806 1196        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:35:22.0806 1196        USBSTOR - ok
12:35:22.0806 1196        usbuhci        (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
12:35:22.0821 1196        usbuhci - ok
12:35:22.0821 1196        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:35:22.0837 1196        UxSms - ok
12:35:22.0837 1196        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:35:22.0853 1196        VaultSvc - ok
12:35:22.0853 1196        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:35:22.0853 1196        vdrvroot - ok
12:35:22.0884 1196        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:35:22.0899 1196        vds - ok
12:35:22.0915 1196        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:35:22.0915 1196        vga - ok
12:35:22.0915 1196        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:35:22.0946 1196        VgaSave - ok
12:35:22.0946 1196        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:35:22.0962 1196        vhdmp - ok
12:35:22.0962 1196        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:35:22.0962 1196        viaide - ok
12:35:22.0962 1196        VLAN            (8b6b42d782202363a562f82b0e13b1c0) C:\Windows\system32\DRIVERS\RtVLAN60.sys
12:35:22.0977 1196        VLAN - ok
12:35:22.0977 1196        vmbus          (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
12:35:22.0993 1196        vmbus - ok
12:35:22.0993 1196        VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
12:35:22.0993 1196        VMBusHID - ok
12:35:23.0009 1196        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:35:23.0009 1196        volmgr - ok
12:35:23.0024 1196        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:35:23.0024 1196        volmgrx - ok
12:35:23.0040 1196        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:35:23.0055 1196        volsnap - ok
12:35:23.0055 1196        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:35:23.0071 1196        vsmraid - ok
12:35:23.0118 1196        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:35:23.0149 1196        VSS - ok
12:35:23.0180 1196        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
12:35:23.0180 1196        vwifibus - ok
12:35:23.0196 1196        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:35:23.0227 1196        W32Time - ok
12:35:23.0227 1196        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:35:23.0227 1196        WacomPen - ok
12:35:23.0243 1196        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:35:23.0258 1196        WANARP - ok
12:35:23.0258 1196        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:35:23.0274 1196        Wanarpv6 - ok
12:35:23.0336 1196        WatAdminSvc    (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:35:23.0367 1196        WatAdminSvc - ok
12:35:23.0430 1196        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:35:23.0461 1196        wbengine - ok
12:35:23.0477 1196        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:35:23.0492 1196        WbioSrvc - ok
12:35:23.0508 1196        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:35:23.0523 1196        wcncsvc - ok
12:35:23.0523 1196        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:35:23.0523 1196        WcsPlugInService - ok
12:35:23.0539 1196        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:35:23.0539 1196        Wd - ok
12:35:23.0570 1196        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:35:23.0570 1196        Wdf01000 - ok
12:35:23.0586 1196        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:35:23.0601 1196        WdiServiceHost - ok
12:35:23.0601 1196        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:35:23.0617 1196        WdiSystemHost - ok
12:35:23.0633 1196        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:35:23.0633 1196        WebClient - ok
12:35:23.0648 1196        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:35:23.0664 1196        Wecsvc - ok
12:35:23.0679 1196        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:35:23.0695 1196        wercplsupport - ok
12:35:23.0695 1196        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:35:23.0726 1196        WerSvc - ok
12:35:23.0726 1196        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:35:23.0757 1196        WfpLwf - ok
12:35:23.0757 1196        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:35:23.0757 1196        WIMMount - ok
12:35:23.0757 1196        WinDefend - ok
12:35:23.0773 1196        WinHttpAutoProxySvc - ok
12:35:23.0773 1196        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:35:23.0804 1196        Winmgmt - ok
12:35:23.0882 1196        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:35:23.0929 1196        WinRM - ok
12:35:23.0945 1196        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:35:23.0960 1196        WinUsb - ok
12:35:23.0991 1196        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:35:24.0007 1196        Wlansvc - ok
12:35:24.0007 1196        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:35:24.0007 1196        WmiAcpi - ok
12:35:24.0023 1196        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:35:24.0038 1196        wmiApSrv - ok
12:35:24.0038 1196        WMPNetworkSvc - ok
12:35:24.0038 1196        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:35:24.0054 1196        WPCSvc - ok
12:35:24.0054 1196        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:35:24.0054 1196        WPDBusEnum - ok
12:35:24.0069 1196        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:35:24.0085 1196        ws2ifsl - ok
12:35:24.0085 1196        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
12:35:24.0101 1196        wscsvc - ok
12:35:24.0101 1196        WSearch - ok
12:35:24.0210 1196        wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
12:35:24.0257 1196        wuauserv - ok
12:35:24.0272 1196        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:35:24.0303 1196        WudfPf - ok
12:35:24.0303 1196        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:35:24.0335 1196        WUDFRd - ok
12:35:24.0335 1196        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:35:24.0350 1196        wudfsvc - ok
12:35:24.0366 1196        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:35:24.0381 1196        WwanSvc - ok
12:35:24.0381 1196        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
12:35:24.0522 1196        \Device\Harddisk2\DR2 - ok
12:35:24.0990 1196        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:35:25.0083 1196        \Device\Harddisk0\DR0 - ok
12:35:25.0083 1196        MBR (0x1B8)    (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk1\DR1
12:35:25.0115 1196        \Device\Harddisk1\DR1 ( TDSS File System ) - warning
12:35:25.0115 1196        \Device\Harddisk1\DR1 - detected TDSS File System (1)
12:35:25.0115 1196        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk3\DR3
12:35:25.0193 1196        \Device\Harddisk3\DR3 - ok
12:35:25.0208 1196        MBR (0x1B8)    (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk4\DR4
12:35:25.0349 1196        \Device\Harddisk4\DR4 - ok
12:35:25.0364 1196        Boot (0x1200)  (0d73b2af4ecc292ce8e6c047e8b15d90) \Device\Harddisk2\DR2\Partition0
12:35:25.0364 1196        \Device\Harddisk2\DR2\Partition0 - ok
12:35:25.0364 1196        Boot (0x1200)  (d24332b2d8897728f512deb0076e707c) \Device\Harddisk2\DR2\Partition1
12:35:25.0380 1196        \Device\Harddisk2\DR2\Partition1 - ok
12:35:25.0380 1196        Boot (0x1200)  (c5c35e74f15558173a239b3b66521b3b) \Device\Harddisk2\DR2\Partition2
12:35:25.0380 1196        \Device\Harddisk2\DR2\Partition2 - ok
12:35:25.0380 1196        Boot (0x1200)  (9a612828ccaff8f4176a0ee72f68167d) \Device\Harddisk0\DR0\Partition0
12:35:25.0380 1196        \Device\Harddisk0\DR0\Partition0 - ok
12:35:25.0380 1196        Boot (0x1200)  (9a23352c3f96ac06b162c402a277d079) \Device\Harddisk1\DR1\Partition0
12:35:25.0380 1196        \Device\Harddisk1\DR1\Partition0 - ok
12:35:25.0380 1196        Boot (0x1200)  (6437db7024f5cdba5c5f8d5140089dab) \Device\Harddisk3\DR3\Partition0
12:35:25.0395 1196        \Device\Harddisk3\DR3\Partition0 - ok
12:35:25.0395 1196        Boot (0x1200)  (a586c8f341b52f2fea6645cc991749f6) \Device\Harddisk4\DR4\Partition0
12:35:25.0395 1196        \Device\Harddisk4\DR4\Partition0 - ok
12:35:25.0395 1196        ============================================================
12:35:25.0395 1196        Scan finished
12:35:25.0395 1196        ============================================================
12:35:25.0395 4844        Detected object count: 4
12:35:25.0395 4844        Actual detected object count: 4
12:36:06.0486 4844        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:36:06.0486 4844        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:36:06.0486 4844        SDLService ( UnsignedFile.Multi.Generic ) - skipped by user
12:36:06.0486 4844        SDLService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:36:06.0501 4844        SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
12:36:06.0501 4844        SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:36:06.0501 4844        \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
12:36:06.0501 4844        \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
Heute kommt eine neue Festplatte fürs System. Wie gehe ich am besten vor, damit ich alle meine Daten, Dokumente, Firefox- und Thunderbird-Einstellungen, etc. übernehmen kann? Kann in den Eigenen Dateien etwas Schädliches versteckt sein, was bisher nicht gefunden wurde?

Gruß Stefan

Nachtrag,

zu allem Überfluss verlangt MS, dass ich einen neuen Produktschlüssel kaufe, da meine Hardware geändert wurde (ist natürlich quatsch). Ich verstehe jetzt gar nicht mehr.

Das mit der Windows-Aktivierung hat sich erledigt. Die neue Systemplatte ist angekommen. Was soll ich vor dem installieren von Win7 noch tun?

123click 23.07.2012 20:15
Hallo Markus,

wann können wir weiter machen. Ich möchte wie gesagt das System neu aufsetzen und sicher gehen, dass ich nichts Bösartiges mitnehme. Bitte frag mich nicht mehr nach dem TDSS-Log, das ist immer noch das alte, obwohl ich die Platte formatiert und mit Nullen beschrieben habe!
Ich muss aber mal langsam zu Potte kommen, weil ich mit dem PC vernünftig arbeiten können muss. Seit drei Tagen liegt die Platte hier rum und brennt darauf eingebaut zu werden. Ich bin sicher, dass wir das schaffen, wenn du dir kurz Zeit nimmst.

Gruß Stefan

markusg 24.07.2012 18:21
hi,
1. was willst du mit der betroffenen platte machen, formatieren oder nicht mehr behalten?
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.

123click 24.07.2012 18:44
Hallo Markus,

die betroffene Platte, welche zur Sicherung gedacht war, hat 160 GB und ist bis auf das TDSS o.k., siehe Killer-Log Harddisk1. Leider bekomme ich das nicht weg. Ich habe die Platte mehrfach formatiert (unter Win) und mit HD-Tune Pro mit Nullen beschrieben. Der TDSS-Killer zeigt aber das TDSS immer noch an. Deshalb habe ich die Platte nun abgeklemmt. Wenn du mir aber sagen kannst, wie ich sie wieder zum laufen bringe, wäre ich dankbar. Die wichtigsten Daten habe ich extern gesichert. Ich habe vor mit dem Windows ISO X17-59885 neu aufzusetzen. Hierzu habe ich eine neue Platte. Die alte Systemplatte (nicht die mit dem TDSS) soll für Programme und vielbenutzte Daten herhalten. Wie säubere ich die am besten? Auch wieder Nullen? Wie prüfe ich die Daten, die jetzt extern liegen auf Sicherheit?

Gruß Stefan

markusg 25.07.2012 17:02
hi
über die win7 cd mal fixmbr und fixbot nutzen:
Tipparchiv - MBR unter Vista oder Windows 7 reparieren - WinTotal.de
alle partitionen bei der formatierung löschen und neu erstellen.
wie siehts dann aus?

123click 26.07.2012 14:21
Hallo Markus,

möglicherweise liegt hier ein Missverständnis vor: der beschädigte MBR (und auch das TDSS-System) liegt nicht auf der Systemplatte, sondern auf einer anderen Festplatte, auf der keine Daten mehr vorhanden sind. Der MBR stammt vermutlich noch von einer alten Windowsinstallation. Vermutlich funktioniert die Geschichte mit der Systemreparatur dann nicht, oder?

markusg 26.07.2012 16:30
ok, aber du müsstest über die konsole trotzdem die platte auswählen können
fixmbr \Device\HardDisk1
(nummer könnte evtl. ne andere sein)
fixboot d:
(evtl. laufwerksbuchstaben anpassen)

123click 30.07.2012 22:17
Hallo Markus,

fixmbr mit der Device-Erweiterung hat nicht funktioniert. Der Befehl wurde schlichtweg nicht erkannt. Ich habe die betroffene Platte jetzt demontiert und Win7 neu aufgesetzt (das hat etwas gedauert). Der TDSS-Killer findet nun nichts mehr. Gibt es abgesehen von Mbam noch eine sinnvolle Methode, die alten Daten auf der externen Platte zu prüfen?

Gruß Stefan

markusg 01.08.2012 21:13
pc nach anleitung absichern, dann die festplatten mit dem instaliertem av- + mbam scannen
als antimalware programm würde ich emsisoft empfehlen.
diese haben für mich den besten schutz kostet aber etwas.
http://www.trojaner-board.de/103809-...i-malware.html
testversion:
Meine Antivirus-Empfehlung: Emsisoft Anti-Malware
insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren.
vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen.

kostenlos, aber eben nicht ganz so gut wäre avast zu empfehlen.
http://www.trojaner-board.de/110895-...antivirus.html

sag mir welches du nutzt, dann gebe ich konfigurationshinweise.
bitte dein bisheriges av deinstalieren
die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.
aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen.
als browser rate ich dir zu chrome:
Installation von Google Chrome für mehrere Nutzerkonten - Google Chrome-Hilfe
anleitung lesen bitte
falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung


Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie Download - Sandboxie 3.72

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser

passwort sicherheit:
jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort
bei der passwort verwaltung und erstellung hilft roboform
Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager
anleitung:
RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:47 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27