| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.01.2013, 14:19
| #1 |
 |  verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet Hallo, ich bin neu hier. Letzte Woche Mittwoch habe habe eine E-Mail von einem, mir unbekannten, Absender erhalten. Inhalt war eine Zahlungsaufforderung für eine von mir nie bestellte Lieferung. An die E-Mail war eine Zip-Datei angehängt, die ich dummerweise geöffnet habe. Danach ist nichts passiert. Auch mein Antivirenprogramm (AVG Anti-Virus Free Edition 2013) hat nichts gemeldet. Hab meinen Laptop zugeklappt (ihn noch nicht runtergefahren) und ihn danach erstmal nicht mehr verwendet. Am Sonntag hat mein Vater meinen Rechner neugestartet und von einer Avira Professional Rescue CD gebooted. Das Programm hat weder infizierte, noch verdächtige Dateien gefunden. Über einen zweiten Rechner habe ich im Internet nach ähnlichen Problemen recherchiert und dabei gelesen, dass einige Trojaner, die durch solche Zip-Dateien verschickt werden können, sich auch von professionellen Virenprogrammen schwer finden lassen. Ich bin mir nicht sicher, ob sich durch das Öffnen der Datei überhaupt ein Trojaner oder ein Virus auf meinem Computer installiert hat. Es ist seitdem nichts Außergewöhnliches passiert, aber ich will sicher sein, dass mein Rechner auch wirklich nicht infiziert ist, bevor ich ihn wieder normal nutze und externe Geräte anschließe. Kann mir bitte jemand helfen? VG |
|
28.01.2013, 15:00
| #2 |
| /// Malware-holic   | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet hi
__________________bitte solche Mails immer an uns weiterleiten. wie das geht, steht in meiner signatur. Avira logs mit funden posten, lizenzangaben bitte streichen. welches Betriebssystem?
__________________ |
|
28.01.2013, 15:06
| #3 |
| | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet Hallo,
__________________ich hatte Ihnen gestern schon eine E-Mail deswegen geschickt. In ihrer Antwort schrieben Sie: Zitat: "die Mail wird uns nichts nützen, da sie bereits einige Tage alt ist sind die dort verwendeten server bereits offline. was ich anbieten kann, eröffne ein Thema bei uns [...]" Mein Betriebssystem ist Windows 7. Hier die Avira logs: configuration file:/etc/avira/scancl.conf WARNING: (Unexpected end of file)/media/Devices/sda2/User/***/AppData/Roaming/Move/Networks/uninstall.exe WARNING: (Error opening file.(Input/Output error))/media/Devices/sda2/ProgramData/AVG2013/Chjw/884624644624556a.dat WARNING: (Error opening file.(Input/Output error))/media/Devices/sda2/ProgramData/AVG2013/Chjw/ec8e215e8e212296.dat WARNING: (File is encrypted)/media/Devices/sda2/ProgramData/AVG2013/Ids/config/quarantinedList.zip WARNING: (File is encrypted)/media/Devices/sda2/ProgramData/AVG2013/Ids/config/quarantinedList.zip.bak Directories: 26712 Archives: 1557 Files: 437483 Infected: 0 Warnings: 5 Suspicious: 0 Bei der ersten Warnung hab ich meinen Namen durch drei Sternchen ersetzt. Geändert von Carrab17 (28.01.2013 um 15:44 Uhr) |
|
29.01.2013, 15:55
| #4 |
| /// Malware-holic | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet Hi, Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
29.01.2013, 16:32
| #5 |
| | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet hier sind die Logs: OTL Logfile: Code:
ATTFilter OTL logfile created on: 29.01.2013 16:09:29 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = E:\Daten\Carmen\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,87 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 59,48% Memory free 3,75 Gb Paging File | 2,26 Gb Available in Paging File | 60,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 74,89 Gb Total Space | 43,22 Gb Free Space | 57,71% Space Free | Partition Type: NTFS Drive D: | 7,20 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive E: | 72,68 Gb Total Space | 19,83 Gb Free Space | 27,28% Space Free | Partition Type: NTFS Computer Name: CARMEN | User Name: Carmen | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.29 16:03:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Daten\Carmen\Desktop\OTL.exe PRC - [2013.01.15 13:52:12 | 001,101,488 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe PRC - [2013.01.15 13:52:12 | 000,945,328 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe PRC - [2012.12.11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgui.exe PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgidsagent.exe PRC - [2012.10.30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgrsx.exe PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgwdsvc.exe PRC - [2012.10.22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgnsx.exe PRC - [2012.10.22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgemcx.exe PRC - [2012.10.22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgcsrvx.exe PRC - [2011.08.08 13:43:58 | 000,690,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe PRC - [2011.08.08 13:36:58 | 000,087,960 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe PRC - [2011.05.09 16:06:02 | 002,750,376 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe PRC - [2011.04.01 17:41:44 | 000,152,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.26 23:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBVolumeWatcher.exe PRC - [2010.11.26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2010.11.20 04:17:58 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.11.20 04:17:42 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2010.09.06 16:18:00 | 000,746,384 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe PRC - [2009.07.14 02:14:45 | 000,396,800 | -HS- | M] (Microsoft Corporation) -- C:\Programme\Windows Mail\WinMail.exe PRC - [2009.05.15 11:36:50 | 000,251,184 | R--- | M] (BUFFALO INC.) -- C:\Programme\BUFFALO\NASNAVI\nassvc.exe PRC - [2009.05.15 11:36:48 | 001,553,800 | R--- | M] (BUFFALO INC.) -- C:\Programme\BUFFALO\NASNAVI\NasNavi.exe PRC - [2009.05.15 11:36:48 | 000,206,128 | R--- | M] (BUFFALO INC.) -- C:\Programme\BUFFALO\NASNAVI\nassche.exe PRC - [2009.04.07 12:53:32 | 000,030,440 | ---- | M] () -- C:\Programme\dcmsvc\dcmsvc.exe PRC - [2008.02.22 04:25:21 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.6.0_05\bin\jusched.exe PRC - [2007.09.26 16:15:22 | 000,245,760 | ---- | M] (Dossin-Brade GbR) -- C:\Windows\System32\studnet\studnet.exe PRC - [2007.08.15 14:31:50 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPStart.exe PRC - [2007.08.15 13:58:02 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynToshiba.exe PRC - [2007.08.09 18:26:42 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007.08.01 13:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2007.06.27 11:28:40 | 000,436,088 | ---- | M] () -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe PRC - [2007.06.18 09:51:10 | 001,507,328 | ---- | M] (Interactive Digital Media) -- C:\Programme\IDM\Desktop SMS\DesktopSMS.exe PRC - [2007.06.11 12:10:04 | 004,762,624 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe PRC - [2007.05.22 16:32:52 | 000,538,744 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe PRC - [2007.05.22 10:50:02 | 000,413,696 | ---- | M] (Chicony) -- C:\Programme\Camera Assistant Software for Toshiba\traybar.exe PRC - [2007.04.03 16:52:22 | 000,509,496 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\SmoothView\SmoothView.exe PRC - [2007.03.29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe PRC - [2007.03.29 10:39:00 | 000,411,192 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe PRC - [2007.01.10 12:45:02 | 000,554,616 | ---- | M] (Symantec Corporation) -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2007.01.09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) -- C:\Programme\Common Files\Symantec Shared\ccSvcHst.exe PRC - [2007.01.05 01:19:28 | 000,047,712 | ---- | M] (Symantec Corporation) -- C:\Programme\Common Files\Symantec Shared\AppCore\AppSvc32.exe PRC - [2007.01.04 22:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Programme\Viewpoint\Common\ViewpointService.exe PRC - [2006.11.14 19:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2006.08.23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2006.05.25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe ========== Modules (No Company Name) ========== MOD - [2013.01.15 13:52:12 | 001,101,488 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe MOD - [2013.01.15 13:52:12 | 000,156,848 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\SiteSafety.dll MOD - [2013.01.11 23:49:20 | 000,519,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\a6536128c5f017a0352454c14966e855\TCrdMain.ni.exe MOD - [2013.01.11 13:21:18 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll MOD - [2013.01.11 13:19:50 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5f3769db958cc666dc98cb7748a84ac9\PresentationFramework.ni.dll MOD - [2013.01.11 13:18:18 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll MOD - [2013.01.11 13:18:13 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013.01.11 13:17:52 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\45e239d35a2c14b841dd4ef2c186ff2f\PresentationCore.ni.dll MOD - [2013.01.11 13:17:13 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll MOD - [2013.01.11 13:16:51 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013.01.11 13:16:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.01.11 13:16:07 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2010.11.13 01:02:21 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.07.14 09:47:20 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll MOD - [2009.04.07 12:53:32 | 000,030,440 | ---- | M] () -- C:\Programme\dcmsvc\dcmsvc.exe MOD - [2007.08.29 15:11:16 | 000,958,464 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\de\TCrdMain.resources.dll MOD - [2007.06.27 11:28:40 | 000,436,088 | ---- | M] () -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe MOD - [2007.06.11 12:10:04 | 004,762,624 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe MOD - [2007.01.18 08:30:00 | 000,094,208 | ---- | M] () -- C:\Programme\IDM\Desktop SMS\oehook.dll MOD - [2006.11.08 19:08:30 | 000,009,216 | ---- | M] () -- C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll MOD - [2006.10.10 10:44:16 | 000,009,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll MOD - [2006.10.07 11:57:04 | 000,053,248 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll MOD - [2003.07.11 02:09:28 | 000,048,192 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\Web Folders\1031\NSEXTINT.DLL ========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2013.01.15 13:52:12 | 000,945,328 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe -- (vToolbarUpdater14.0.1) SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2011.04.01 17:41:44 | 000,152,496 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2010.11.26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2010.11.20 04:17:58 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2009.08.06 22:32:20 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.06.22 03:13:57 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009.05.15 11:36:50 | 000,251,184 | R--- | M] (BUFFALO INC.) [Auto | Running] -- C:\Programme\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService) SRV - [2007.10.25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc) SRV - [2007.10.18 11:31:54 | 000,098,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Messenger\usnsvc.exe -- (usnjsvc) SRV - [2007.09.14 09:20:20 | 001,174,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC) SRV - [2007.08.01 13:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2007.03.29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2007.01.14 00:11:06 | 000,080,504 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc) SRV - [2007.01.12 20:40:58 | 000,049,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost) SRV - [2007.01.10 12:45:02 | 002,918,008 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate) SRV - [2007.01.10 12:45:02 | 000,554,616 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler) SRV - [2007.01.09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService) SRV - [2007.01.09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2007.01.09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2007.01.05 01:19:28 | 000,047,712 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore) SRV - [2007.01.04 22:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Programme\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service) SRV - [2006.11.14 19:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2006.08.23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2006.05.25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2005.11.17 13:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2013.01.15 13:52:12 | 000,031,576 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp) DRV - [2012.11.15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2012.10.22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2012.10.15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2012.10.02 02:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012.09.21 02:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2012.09.21 02:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx) DRV - [2012.09.21 02:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2012.09.14 02:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2011.08.05 10:21:52 | 000,236,728 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd) DRV - [2011.07.12 19:07:40 | 000,016,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec) DRV - [2011.01.27 15:26:16 | 000,056,888 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (tosrfusb) DRV - [2010.11.29 11:47:00 | 000,070,448 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2010.11.20 02:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.11 10:26:00 | 000,042,672 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp) DRV - [2010.08.30 10:48:00 | 000,080,064 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid) DRV - [2010.04.26 11:48:00 | 000,053,760 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd) DRV - [2009.12.07 15:59:09 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.07.24 11:31:00 | 000,021,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds) DRV - [2009.07.13 23:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2009.07.13 23:02:53 | 000,347,136 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B) DRV - [2009.06.17 11:59:00 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte) DRV - [2009.03.30 16:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2008.11.08 10:55:24 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2007.11.09 04:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ) DRV - [2007.09.14 09:21:48 | 000,115,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2007.09.13 01:00:00 | 000,865,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070913.017\NAVEX15.SYS -- (NAVEX15) DRV - [2007.09.13 01:00:00 | 000,081,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070913.017\NAVENG.SYS -- (NAVENG) DRV - [2007.07.27 22:36:40 | 002,929,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2007.04.16 10:19:10 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2007.03.21 21:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007.02.24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007.01.23 15:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007.01.18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10N.sys -- (KR10N) DRV - [2007.01.18 15:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10I.sys -- (KR10I) DRV - [2007.01.11 19:22:20 | 000,276,792 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL) DRV - [2007.01.11 19:22:18 | 000,025,400 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX) DRV - [2007.01.11 19:22:14 | 000,247,608 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP) DRV - [2007.01.09 15:32:14 | 000,191,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI) DRV - [2007.01.09 15:32:14 | 000,027,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV) DRV - [2007.01.03 08:05:02 | 000,417,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2006.12.27 23:48:26 | 000,212,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20070108.003\IDSvix86.sys -- (IDSvix86) DRV - [2006.11.20 13:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk) DRV - [2006.10.30 10:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {D0D95264-BF0E-4BB0-A607-C7E0A8A4AB92} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{D0D95264-BF0E-4BB0-A607-C7E0A8A4AB92}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7; IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1008082228\ICQToolBar.dll (ICQ) IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{3D41F773-C2A2-4541-8F58-DF94FA1311D3}: "URL" = hxxp://search.yahoo.com/search?ei=utf-8&FR=chr-vmn&type=oovoo2_0yach&q={searchTerms} IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={9121D0DD-B1D0-4507-B519-70177237FC12}&mid=0517661c2c8047d0a1cdd1e997726502-36ed5e2b35e1962daae7abf80e180f8b93f3b009&lang=de&ds=AVG&pr=fr&d=2012-09-09 15:38:01&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{D0D95264-BF0E-4BB0-A607-C7E0A8A4AB92}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNA_de IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Carmen\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll () FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Carmen\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Carmen\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Carmen\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.0.2.14 [2013.01.15 13:58:09 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Carmen\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Carmen\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Carmen\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.4.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\Carmen\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: AT_AnnaSui = C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjohejgigkmiclpgnilojffhiohcglib\3_0\ CHR - Extension: Google-Suche = C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: AVG Secure Search = C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.0.2.14_0\ CHR - Extension: Google Mail = C:\Users\Carmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (IE Toolbar) O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Reg Error: Value error.) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found. O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll () O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation) O2 - BHO: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1008082228\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1008082228\ICQToolBar.dll (ICQ) O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [dcmsvc] C:\Programme\dcmsvc\dcmsvc.exe () O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media) O4 - HKLM..\Run: [IS CfgWiz] C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe (Symantec Corporation) O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA) O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba) O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKCU..\Run: [studNET-Autologin] C:\Windows\System32\studnet\studnet.exe (Dossin-Brade GbR) O4 - HKCU..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe () O4 - Startup: C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator.lnk = C:\Programme\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.) O4 - Startup: C:\Users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk = C:\Programme\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation) O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} hxxp://www2.snapfish.com/SnapfishActivia.cab (Snapfish Activia) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{436CB8C7-7AD5-4C8B-9F18-D6752EFAA0A8}: NameServer = 139.18.25.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5A4C96C-3749-4E7D-80F7-4C4E5A982855}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll () O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{d99d1c2e-71cc-11e1-a097-00a0d1968cf1}\Shell - "" = AutoRun O33 - MountPoints2\{d99d1c2e-71cc-11e1-a097-00a0d1968cf1}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{d99d1c37-71cc-11e1-a097-00a0d1968cf1}\Shell - "" = AutoRun O33 - MountPoints2\{d99d1c37-71cc-11e1-a097-00a0d1968cf1}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{d99d1c3c-71cc-11e1-a097-00a0d1968cf1}\Shell - "" = AutoRun O33 - MountPoints2\{d99d1c3c-71cc-11e1-a097-00a0d1968cf1}\Shell\AutoRun\command - "" = G:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found ========== Files/Folders - Created Within 30 Days ========== [2013.01.29 16:03:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- E:\Daten\Carmen\Desktop\OTL.exe [2013.01.27 13:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.01.27 13:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2013.01.11 16:06:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [1 E:\Daten\Carmen\Documents\*.tmp files -> E:\Daten\Carmen\Documents\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.29 16:03:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Daten\Carmen\Desktop\OTL.exe [2013.01.29 15:24:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.01.29 13:01:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.28 15:11:15 | 000,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.28 15:11:15 | 000,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.28 13:57:10 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.01.28 13:57:10 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.01.28 13:57:10 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.01.28 13:57:10 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.01.27 18:45:53 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.01.27 18:45:45 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job [2013.01.27 18:45:34 | 000,382,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.27 18:44:39 | 1508,413,440 | -HS- | M] () -- C:\hiberfil.sys [2013.01.15 13:52:12 | 000,031,576 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys [2013.01.11 16:06:09 | 000,000,956 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk [2013.01.02 00:11:14 | 000,017,408 | ---- | M] () -- C:\Users\Carmen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [1 E:\Daten\Carmen\Documents\*.tmp files -> E:\Daten\Carmen\Documents\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.15 13:57:48 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job [2012.11.09 18:45:16 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2 [2012.10.01 21:07:24 | 000,684,916 | ---- | C] () -- C:\Windows\unins000.exe [2012.10.01 21:07:24 | 000,012,452 | ---- | C] () -- C:\Windows\unins000.dat [2012.07.29 18:54:25 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll [2012.07.29 18:31:45 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [2012.07.29 18:29:05 | 000,240,640 | ---- | C] () -- C:\Windows\System32\NMOCOD.DLL [2011.12.21 22:01:53 | 000,017,408 | ---- | C] () -- C:\Users\Carmen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.11.28 07:09:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.11.17 22:34:27 | 000,021,532 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat [2008.03.07 20:09:31 | 000,000,016 | -H-- | C] () -- C:\Users\Carmen\mxfilerelatedcache.mxc2 ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2011.11.17 21:59:35 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\Anvil-Soft [2012.09.09 14:42:54 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\AVG2013 [2012.05.07 19:09:19 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\Canon [2012.09.27 17:45:21 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1 [2011.11.17 21:59:37 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\Costco Photo Organizer [2011.11.17 21:59:37 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\Costco Photo Viewer US [2011.11.17 21:59:38 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\DesktopSMS [2011.11.17 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\ICQ [2008.03.08 18:21:01 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\ICQ Toolbar [2011.11.17 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\InterVideo [2011.11.17 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\IrfanView [2011.11.17 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\Kybtec Software [2011.11.17 22:02:17 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\MAGIX [2011.11.17 22:02:49 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\MipKukSoft [2011.11.17 22:02:49 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\NASNaviator2 [2012.09.01 10:36:57 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\ooVoo Details [2011.11.17 22:03:16 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\TOSHIBA [2012.09.09 14:39:53 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\TuneUp Software [2011.11.17 22:03:16 | 000,000,000 | ---D | M] -- C:\Users\Carmen\AppData\Roaming\Ulead Systems ========== Purity Check ========== < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 29.01.2013 16:09:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Daten\Carmen\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,87 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 59,48% Memory free
3,75 Gb Paging File | 2,26 Gb Available in Paging File | 60,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,89 Gb Total Space | 43,22 Gb Free Space | 57,71% Space Free | Partition Type: NTFS
Drive D: | 7,20 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 72,68 Gb Total Space | 19,83 Gb Free Space | 27,28% Space Free | Partition Type: NTFS
Computer Name: CARMEN | User Name: Carmen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1113CDEC-6064-4378-A5AC-B8088A49CCAC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{118E5FAA-BB30-4A8D-B0D1-8C295A05280C}" = lport=443 | protocol=17 | dir=in | name=oovoo udp port 443 |
"{1980C845-88F2-496F-80BD-FF39C8753F87}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{274B96D6-836D-43A6-86AC-BEA8750EAB16}" = lport=37674 | protocol=6 | dir=in | name=oovoo tcp port 37674 |
"{2A47AA31-0E20-46A8-8643-A2D85EE84C88}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{34ECE41D-892A-49F7-8A4E-B0B41FAB1338}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{354369E8-A78A-42A9-B1ED-4CC397D852BA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{42260C57-19B4-42E9-9439-741C185CDDB7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4B8EA568-F583-4142-838C-1AD71044FF3F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82E4389A-A732-456F-91F3-0202887EBC8E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9A0A20C8-BFF4-411B-8AD4-B0F7DEEC44E2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A87B6896-1AB4-4185-B873-9A61D6D8942D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CBC1BE0B-717F-429C-8E36-CCB59BB6E0BB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D1F172F3-8F22-432D-9E41-D387F0D8E305}" = lport=443 | protocol=6 | dir=in | name=oovoo tcp port 443 |
"{D26D169A-82DA-4408-B28A-B0CFA41D5C1B}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 |
"{E2026AF4-30DC-451A-B7A9-4B2BE9E1154E}" = lport=37674 | protocol=17 | dir=in | name=oovoo udp port 37674 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009DA4F7-31D6-43ED-8691-466A56CD0B28}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{02A5C51F-260A-4E5D-9BD8-656A1AB74D8E}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{0365E911-CB97-447F-9B1C-87761EE73D95}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{04208F37-1DB7-47C5-9E78-9B0BB21D6B6F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{04C1D435-3F5A-4F01-BBE6-E7E835FC1AAA}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{064813E0-0C14-4F53-9329-AF81EB5EE212}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{1F8DCCBD-C39F-491E-90D5-8E0872A4A1FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{21A017C9-0124-4B9A-B0EC-E2642DD030B7}" = protocol=17 | dir=in | app=c:\program files\buffalo\nasnavi\nasnavi.exe |
"{25AFFE1D-2CEC-43D4-888A-AA952D2292DD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{26F20B3D-65EA-445B-961F-A762F7D67A10}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{27CAEB48-D8E6-44D6-9275-E339C008CB36}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2B21D3F3-9D9D-4EA7-B560-FE77219E2D1D}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{3724AE9C-212E-49E3-A967-6DB07C2BCDC3}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3EE86B75-38D4-46DA-9A69-1AD646B248A9}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4404530B-ED0D-4386-B144-6D575AE137BA}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4BE207ED-0838-4CE9-BB31-3E534DEE887E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{4FC7E8AD-5609-4FC8-92AE-6C49C65F2EF3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{538BB92D-FB7A-4A89-AE87-B5164358130A}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{599BE9FD-2248-42AF-BD0E-BAD41B7E081C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6089468B-43B1-4575-AA1F-303640FF07C5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{6B986630-8F48-4645-83EE-24C938B10468}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6CD57249-517D-4CF0-9072-EB5F2F2576C1}" = protocol=6 | dir=in | app=c:\program files\buffalo\nasnavi\nasnavi.exe |
"{6FD18711-C7B9-4479-A64A-883B7C6EED9E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{705CB8B3-1FB1-4F50-AFAB-61CFCE906C16}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{7080B365-E8E1-4500-ABCC-859FC6A06820}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{71A31A35-7039-41BF-817E-98E59E03EC69}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{725E049E-7897-4E8C-8DCE-4CF67B9D3241}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{7F3D6139-C013-4F2F-9DA3-4A2D1B3236CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{857D8BE1-5294-43C0-A22D-596FC56D1D82}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{88B7D8B5-86C6-43AF-91B2-A787C62ACF75}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{8919227D-1D80-4D28-A7FC-11B444064236}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{8A9C1D0C-0710-4E94-8ECA-C42717D579C0}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{8D020263-83CC-4E94-B9BD-7D5CCAEAD423}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8EB52670-4822-4AF4-8AC8-03151B8531F4}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{91BFC2FD-13F5-451F-9F96-5DE0CB0B0519}" = protocol=17 | dir=in | app=c:\program files\buffalo\nasnavi\nasinst.exe |
"{956F815B-549C-4A6F-9933-0C3099EC0AF8}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{9C240A9B-AE56-4E57-8FF2-D0ED90316822}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{9CE2906E-DC79-4835-8D09-BAF34F49709A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AAF74F4D-381C-4FA5-80B8-C5775D895F64}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{AFC4BB5C-D805-4206-886D-56513138E550}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{B25C3801-091C-4A20-AFC9-5CAF73EF2F6C}" = protocol=6 | dir=out | app=system |
"{BC25236E-B825-4426-A18E-9CD856484A34}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C73D23B8-7321-42A2-AE99-050B8BF165CD}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{C8EA5963-491A-43E1-A09D-5036CAF9223B}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{CB7AEE43-AE01-4792-BD21-961E12CE4314}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D03AC29D-387D-482B-B364-D628BEA4D6AA}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{D317129C-4B13-482A-B179-9B5C50CE49B7}" = protocol=6 | dir=in | app=c:\program files\buffalo\nasnavi\nasinst.exe |
"{D42B672B-D835-4A1E-9A5E-9C1C756DF536}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{DB398679-F1EA-4963-8F10-0B4870A4D86C}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{DEBB2E25-0919-4E90-9686-629C42A2B9D4}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{E261A893-E8E9-4ED4-A4B8-102F02988607}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3775C24-A7F2-4C80-A9EE-D214D1C0DA96}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{E99AB90F-B454-41EC-9251-F0879F025C3E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"TCP Query User{0E2A66C7-8468-4C7E-8447-47353ACA3068}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{102C8A84-4A78-429A-B2F1-DC7EFC615F7E}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"TCP Query User{1A473795-3F7A-4731-92DF-8A40BD45EE24}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{1B6EB279-F49E-4647-9C3F-1BE4D0DB243B}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{4114CB49-1BCD-4F60-896F-92E6AAF450A4}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{5C94F5F3-66F3-4291-B9F8-89D06CBBEFB0}C:\program files\buffalo\nasnavi\nasnavi.exe" = protocol=6 | dir=in | app=c:\program files\buffalo\nasnavi\nasnavi.exe |
"TCP Query User{668E2DE6-3D65-449E-A13F-500D60C9A93D}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{672E00EF-FD5B-49AF-9FA6-632D10D86253}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{777FB0FC-B1B7-470B-A79E-BD77ADC52AB3}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{94DAA922-CC06-450B-BA81-3719FAB3B68E}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"TCP Query User{C9E68428-7E2D-47BC-8EF9-3A1A6A438144}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{0271A380-60D0-4CAC-8DDC-5B979072A657}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{1954CE25-9A66-4207-AB70-B26266081B29}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{1A15BF1D-D42C-486D-8F81-D51AD9E75957}C:\program files\buffalo\nasnavi\nasnavi.exe" = protocol=17 | dir=in | app=c:\program files\buffalo\nasnavi\nasnavi.exe |
"UDP Query User{3C51F3A0-A1B0-4583-AED2-0CA04352C7DE}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{5AFCD9BA-6106-403E-9E9C-78226B4C42F4}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{6D8ABB5E-E66E-4D29-901E-43223F6EF480}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{8E12EC77-48EB-454D-B00C-B3D187FA2425}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"UDP Query User{9A9DEAFD-C1EE-4C95-A106-815570E0C72A}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{B380DA08-BDC6-4B80-AC08-46E4ED7C1332}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{EE43040D-4B66-405C-A71D-2FBB9E858F4A}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"UDP Query User{F6DE6C1D-D5AD-4A11-A66B-4E8F9711B9B4}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{01244A94-5226-425B-84E0-E76839AD488B}" = PowerInfo und Zurück 2008
"{0221A397-962E-6D84-F786-64E445617999}" = CCC Help English
"{08CB1B3E-D42C-3ED5-7896-F8BC31839315}" = Catalyst Control Center Localization Czech
"{0AC49543-9CE2-4434-AD42-5AA6E2967FA5}" = Windows Live Toolbar
"{0C9B3E29-3B8B-295E-773B-82F3516F17DD}" = CCC Help Thai
"{0D99E1E9-D28C-6806-0820-13E10082CE7B}" = CCC Help Italian
"{0DC5B855-1CE2-9EA3-AA12-78C8939F68EF}" = Catalyst Control Center Core Implementation
"{0E2C948E-44D6-9A1C-54E7-05217E7DCC13}" = CCC Help Dutch
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1B5AB0D6-4F7C-9B93-5323-9037F1E61142}" = CCC Help Chinese Standard
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{21EA2A28-3146-E63D-16EE-0BF9FA3D6F5E}" = Catalyst Control Center Localization German
"{22543949-70E8-45D0-A938-F38143EB8BF8}" = Catalyst Control Center - Branding
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{25D4A6A6-BFBF-49AF-89CA-635A468B0515}" = Kybtec World Clock 3.3.1.1
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2BDF38E0-1A7F-4220-B4B7-118DD45E5E13}" = TOSHIBA Supervisor Password
"{2CCC5C78-20FF-478E-8B65-46B58CC5781B}" = AVG 2013
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{31C97472-E522-A760-F46D-FC0648F77E9C}" = CCC Help French
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40E3BE50-51A6-F8A0-DB5F-7C2698FA5E1F}" = CCC Help Spanish
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{432DC370-01EF-F2D8-34C3-27DCC9B13083}" = CCC Help Norwegian
"{44151656-ECAC-99DC-1AC5-1F06A1A62939}" = Catalyst Control Center Graphics Light
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{454AB369-FABF-EB84-FBC1-CA4E8FBD3926}" = Catalyst Control Center Localization Hungarian
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{497268C1-AE62-4A1D-1129-1D03183538B0}" = Catalyst Control Center Localization Portuguese
"{4CE6623E-C867-81B3-8B94-A4FE021782BF}" = CCC Help Portuguese
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{55FE1E6B-4E8A-0F2B-5B36-8F4363A0AEBC}" = Catalyst Control Center Localization Chinese Traditional
"{56995235-B76E-44A6-BA17-8FF13D3F907A}" = TOSHIBA Benutzerhandbücher
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{59DC42FB-13A7-45E1-BCC3-37CE5977951E}" = CCC Help Japanese
"{59DF97C6-3144-FA5A-4380-6B891BB44812}" = CCC Help German
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5BBE3EAB-D749-0560-2C39-53DC8531CB01}" = Catalyst Control Center Localization Korean
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{608738F2-51B4-CD53-C1CC-220363513ED7}" = CCC Help Czech
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{649C3B52-AA90-1F36-3D36-CE7F2BB1CB8C}" = Catalyst Control Center Localization Chinese Standard
"{654CABFA-4289-9EC0-F088-34BFCC84A798}" = Catalyst Control Center Localization Turkish
"{65CC9CE1-AAF1-866B-B07E-FECC0B53277E}" = Catalyst Control Center Localization Danish
"{6A9DF7EE-E7B9-E4F1-204A-FE72F47231CB}" = CCC Help Finnish
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{7095FD27-37F0-4750-9DE8-D37DC0043706}" = REALTEK RTL8187B Wireless LAN Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7163A2F1-2DED-9EF4-24FC-06D607D2A9C9}" = Catalyst Control Center Graphics Full New
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{731341F3-55AA-8488-A3F1-3D4C43412C87}" = CCC Help Russian
"{731E713B-C13E-4527-B624-8A6DF2D33DAF}" = AVG 2013
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7A929336-7D2E-C4E3-2AC9-CA80FBEB5701}" = Catalyst Control Center Localization Spanish
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{84C7D852-CDF6-7006-91C7-E6A54519E5D5}" = Catalyst Control Center Graphics Full Existing
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8E850D2A-F5E9-C322-ABFF-683C69686C13}" = Catalyst Control Center Localization Russian
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93FE0FBE-23F5-7BF4-9085-6E046D609F22}" = CCC Help Chinese Traditional
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A30EE8A6-6B9F-4973-B5ED-2A60B40576E4}_is1" = StudNET Login Client
"{A74BE9F1-1129-FB71-DA7B-96F5D99CA330}" = Catalyst Control Center Localization Finnish
"{A762A897-3E65-E264-5188-CBAD303064C2}" = Skins
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB79C30D-A920-D219-B4FD-C9552A0419D3}" = CCC Help Polish
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AD6A78C4-AD77-448D-4F9D-43AD80C8D8FF}" = Catalyst Control Center Localization French
"{AEE482BA-1731-499C-346D-B5F498B7DBF8}" = CCC Help Turkish
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B3E356C8-CEB3-467C-EA92-8FC2CA15AD51}" = Catalyst Control Center Localization Polish
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{BBD408BC-486B-9857-C805-945F8F083877}" = CCC Help Swedish
"{BE044C42-908B-4952-5140-E2B8FD67F267}" = CCC Help Danish
"{BFC85CDC-BD7C-4FDD-9507-8D74B5A79404}" = TOSHIBA Hardware Setup
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C29D1033-0247-FFC6-7895-204ABABA0F20}" = ccc-utility
"{C643EEE3-A55A-58D1-D543-ED46726288CB}" = CCC Help Greek
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C7B4B7FE-F49F-4954-A5F8-C8823B78CE93}" = Personal Translator 2008 Home German English
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0B87CB2-8599-4975-0E50-DB2F8E6B9AE6}" = Catalyst Control Center Localization Thai
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{DA401137-8791-F77A-591C-F0BC3E7ED04E}" = Catalyst Control Center Localization Greek
"{DC9B7572-50C6-180D-916D-3E2CBD00C0C7}" = Catalyst Control Center Localization Japanese
"{DFCFF0F1-005D-E317-733D-8D19D54FBF08}" = Catalyst Control Center Localization Swedish
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E748D6A5-D03D-BDE1-C094-DAE3F5BCEEF6}" = Catalyst Control Center Graphics Previews Vista
"{E8316038-8C38-52A8-9014-FD35536567E8}" = Catalyst Control Center Localization Dutch
"{E96A0335-C6EA-D11A-3A49-8586A8FED544}" = ccc-core-static
"{E9E6642B-0714-37B4-0248-D036B60F8F12}" = CCC Help Korean
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F05E0039-D2A7-198B-B79E-285395EBB5BB}" = Catalyst Control Center Localization Italian
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F734CA55-0939-1F1A-A8B5-19B91B3D4B1F}" = Catalyst Control Center Localization Norwegian
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FE4C0830-A0F3-B67E-93BC-21C4B0BB0267}" = CCC Help Hungarian
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AFPL Ghostscript 8.53" = AFPL Ghostscript 8.53
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"AVG" = AVG 2013
"AVG Secure Search" = AVG Security Toolbar
"CCleaner" = CCleaner
"CD Inlet&Label" = CD Inlet&Label
"dcmsvc_is1" = dcmsvc 1.0
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"ICQToolbar" = ICQ Toolbar
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{C7B4B7FE-F49F-4954-A5F8-C8823B78CE93}" = Personal Translator 2008 Home German English
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IrfanView" = IrfanView (remove only)
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"Micrografx Picture Publisher 8" = Micrografx Picture Publisher 8
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SuperTux_is1" = SuperTux 0.1.3
"Surf & E-Mail-Stick" = Surf & E-Mail-Stick
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"UN060501" = BUFFALO NAS Navigator
"UN070209" = Uninstall of File Security Tool
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.1.11
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = ooVoo toolbar, powered by Ask.com Updater
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.07.2011 10:08:18 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error - 25.07.2011 10:09:17 | Computer Name = Carmen | Source = Application Error
| ID = 1000
Error - 25.07.2011 10:09:50 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error - 25.07.2011 18:37:13 | Computer Name = Carmen | Source = Application Error
| ID = 1000
Error - 26.07.2011 19:50:07 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error - 27.07.2011 04:31:15 | Computer Name = Carmen | Source = Application Error
| ID = 1000
Error - 28.07.2011 06:02:46 | Computer Name = Carmen | Source = RasClient | ID = 20227
Description =
Error - 28.07.2011 06:03:46 | Computer Name = Carmen | Source = RasClient | ID = 20227
Description =
Error - 08.08.2011 03:41:25 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error - 08.08.2011 07:45:24 | Computer Name = Carmen | Source = WerSvc | ID = 5007
Description =
Error - 09.08.2011 05:56:00 | Computer Name = Carmen | Source = Application Hang
| ID = 1002
Error - 16.08.2011 15:01:38 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error - 21.08.2011 17:17:19 | Computer Name = Carmen | Source = WerSvc | ID = 5007
Description =
Error - 22.08.2011 07:26:23 | Computer Name = Carmen | Source = Application Error
| ID = 1000
Error - 28.08.2011 15:21:37 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error - 28.08.2011 15:32:18 | Computer Name = Carmen | Source = RasClient | ID =
20227
Description =
Error - 28.08.2011 15:34:13 | Computer Name = Carmen | Source = EventSystem | ID
= 4621
Description =
Error - 28.08.2011 16:07:39 | Computer Name = Carmen | Source = Application Error
| ID = 1000
Error - 28.08.2011 16:36:35 | Computer Name = Carmen | Source = WerSvc | ID = 5007
Description =
Error - 29.08.2011 18:50:41 | Computer Name = Carmen | Source = Application Error | ID = 1000
Error encountered while reading event logs.
< End of report >
Kann ich das Programm und die txt-Dateien jetzt schließen oder soll ich die Dateien abspeichern? |
|
29.01.2013, 16:38
| #6 |
| /// Malware-holic | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet hi öffne mal avira, verwaltung, quarantäne, poste die Fundmeldungen mit Pfadangabe bitte programm und txt schließen.
__________________ --> verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet |
|
29.01.2013, 16:42
| #7 |
| | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet hi, dazu hab ich ne Frage: Ich hab Avira nicht als Programm auf meinem PC gespeichert. Das war nur ne CD, die mein Vater benutzt hat. Mein Antivirenprogramm ist AVG, soll ich dir einfach die Fundmeldungen davon posten? |
|
29.01.2013, 19:02
| #8 |
| /// Malware-holic | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet hattest du mal avira, denn ich sehe einen treiber und service davon laufen. dann avg funde posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
29.01.2013, 19:14
| #9 |
| | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet kann sein, dass ich mal Avira hatte, muss aber schon ne ganze Weile her sein. Hab glaub ich irgendwann mal durch ne Version von Norton Internet Security ersetzt, die war dann aber abgelaufen und ich hab sie deinstalliert nachdem mir mein Freund AVG installiert hat, weil er gute Erfahrungen damit gemacht hat. Ich hab gerade bei AVG - Optionen - Virenquarantäne nachgesehen. Da steht: "Virenquarantäne ist leer." Nen anderen passenden Menüpunkt find ich nicht. Weißt du, wo ich nochmal schauen müsste oder kann es sein, dass die einfach leer ist? |
|
31.01.2013, 15:07
| #10 |
| /// Malware-holic | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet ok weiter hiermit: download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
31.01.2013, 15:48
| #11 |
| | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet danke, hab ich gemacht. hier der Inhalt: 15:43:22.0370 9136 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 15:43:22.0698 9136 ============================================================ 15:43:22.0698 9136 Current date / time: 2013/01/31 15:43:22.0698 15:43:22.0698 9136 SystemInfo: 15:43:22.0698 9136 15:43:22.0698 9136 OS Version: 6.1.7601 ServicePack: 1.0 15:43:22.0698 9136 Product type: Workstation 15:43:22.0698 9136 ComputerName: CARMEN 15:43:22.0698 9136 UserName: Carmen 15:43:22.0698 9136 Windows directory: C:\Windows 15:43:22.0698 9136 System windows directory: C:\Windows 15:43:22.0698 9136 Processor architecture: Intel x86 15:43:22.0698 9136 Number of processors: 2 15:43:22.0698 9136 Page size: 0x1000 15:43:22.0698 9136 Boot type: Normal boot 15:43:22.0698 9136 ============================================================ 15:43:29.0094 9136 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 15:43:29.0125 9136 ============================================================ 15:43:29.0125 9136 \Device\Harddisk0\DR0: 15:43:29.0125 9136 MBR partitions: 15:43:29.0125 9136 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x95CA000 15:43:29.0125 9136 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x98B8800, BlocksNum 0x915E800 15:43:29.0125 9136 ============================================================ 15:43:29.0156 9136 C: <-> \Device\Harddisk0\DR0\Partition1 15:43:29.0296 9136 E: <-> \Device\Harddisk0\DR0\Partition2 15:43:29.0296 9136 ============================================================ 15:43:29.0296 9136 Initialize success 15:43:29.0296 9136 ============================================================ 15:43:56.0534 7756 ============================================================ 15:43:56.0534 7756 Scan started 15:43:56.0534 7756 Mode: Manual; SigCheck; TDLFS; 15:43:56.0534 7756 ============================================================ 15:43:58.0999 7756 ================ Scan system memory ======================== 15:43:58.0999 7756 System memory - ok 15:43:59.0014 7756 ================ Scan services ============================= 15:43:59.0186 7756 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 15:43:59.0576 7756 1394ohci - ok 15:43:59.0623 7756 [ BEB5E6A8C17C3C7485563281E0F9E77E ] 61883 C:\Windows\system32\DRIVERS\61883.sys 15:43:59.0716 7756 61883 - ok 15:43:59.0779 7756 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys 15:43:59.0810 7756 ACPI - ok 15:43:59.0872 7756 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 15:43:59.0966 7756 AcpiPmi - ok 15:44:00.0013 7756 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 15:44:00.0075 7756 adp94xx - ok 15:44:00.0106 7756 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 15:44:00.0138 7756 adpahci - ok 15:44:00.0153 7756 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 15:44:00.0184 7756 adpu320 - ok 15:44:00.0216 7756 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 15:44:00.0294 7756 AeLookupSvc - ok 15:44:00.0325 7756 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys 15:44:00.0465 7756 AFD - ok 15:44:00.0840 7756 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys 15:44:00.0964 7756 AgereSoftModem - ok 15:44:00.0996 7756 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys 15:44:01.0027 7756 agp440 - ok 15:44:01.0074 7756 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys 15:44:01.0089 7756 aic78xx - ok 15:44:01.0152 7756 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 15:44:01.0214 7756 ALG - ok 15:44:01.0245 7756 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys 15:44:01.0261 7756 aliide - ok 15:44:01.0448 7756 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys 15:44:01.0479 7756 amdagp - ok 15:44:01.0495 7756 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys 15:44:01.0526 7756 amdide - ok 15:44:01.0573 7756 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 15:44:01.0635 7756 AmdK8 - ok 15:44:01.0666 7756 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 15:44:01.0713 7756 AmdPPM - ok 15:44:01.0744 7756 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys 15:44:01.0760 7756 amdsata - ok 15:44:01.0791 7756 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 15:44:01.0822 7756 amdsbs - ok 15:44:01.0838 7756 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys 15:44:01.0854 7756 amdxata - ok 15:44:01.0963 7756 [ 9015BC03F62940527EC92D45EE89E46F ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 15:44:02.0010 7756 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - warning 15:44:02.0010 7756 AntiVirSchedulerService - detected UnsignedFile.Multi.Generic (1) 15:44:02.0041 7756 [ B8720A787C1223492E6F319465E996CE ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 15:44:02.0072 7756 AntiVirService ( UnsignedFile.Multi.Generic ) - warning 15:44:02.0072 7756 AntiVirService - detected UnsignedFile.Multi.Generic (1) 15:44:02.0119 7756 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys 15:44:02.0228 7756 AppID - ok 15:44:02.0290 7756 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 15:44:02.0353 7756 AppIDSvc - ok 15:44:02.0384 7756 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll 15:44:02.0462 7756 Appinfo - ok 15:44:02.0571 7756 [ 1961CB10BB48EB4D97E37DB6373E9E63 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 15:44:02.0602 7756 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - warning 15:44:02.0602 7756 Apple Mobile Device - detected UnsignedFile.Multi.Generic (1) 15:44:02.0649 7756 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys 15:44:02.0680 7756 arc - ok 15:44:02.0696 7756 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 15:44:02.0727 7756 arcsas - ok 15:44:02.0758 7756 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 15:44:02.0899 7756 AsyncMac - ok 15:44:02.0930 7756 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys 15:44:02.0946 7756 atapi - ok 15:44:03.0024 7756 [ 581B9BE9E92A0F3856CC85EC011EDC6F ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe 15:44:03.0102 7756 Ati External Event Utility - ok 15:44:03.0211 7756 [ 22D300F835600C9C634860CF2912F9CF ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 15:44:03.0336 7756 atikmdag - ok 15:44:03.0382 7756 [ 4AA1EB65481C392955939E735D27118B ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys 15:44:03.0445 7756 AtiPcie - ok 15:44:03.0492 7756 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 15:44:03.0554 7756 AudioEndpointBuilder - ok 15:44:03.0570 7756 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll 15:44:03.0616 7756 Audiosrv - ok 15:44:03.0694 7756 [ C0E25BB0E6A159D332048AFAA2ED24CE ] Automatisches LiveUpdate - Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe 15:44:03.0726 7756 Automatisches LiveUpdate - Scheduler - ok 15:44:03.0757 7756 [ C44BDD77E06053CF5AFE046F3A47C16B ] Avc C:\Windows\system32\DRIVERS\avc.sys 15:44:03.0804 7756 Avc - ok 15:44:04.0100 7756 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe 15:44:04.0412 7756 AVGIDSAgent - ok 15:44:04.0474 7756 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys 15:44:04.0506 7756 AVGIDSDriver - ok 15:44:04.0537 7756 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys 15:44:04.0552 7756 AVGIDSHX - ok 15:44:04.0599 7756 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys 15:44:04.0615 7756 AVGIDSShim - ok 15:44:04.0662 7756 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys 15:44:04.0677 7756 Avgldx86 - ok 15:44:04.0724 7756 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys 15:44:04.0740 7756 Avglogx - ok 15:44:04.0771 7756 [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys 15:44:04.0786 7756 Avgmfx86 - ok 15:44:04.0833 7756 [ 14FE36D8F2C6A2435275338D061A0B66 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 15:44:04.0849 7756 avgntflt - ok 15:44:04.0880 7756 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys 15:44:04.0896 7756 Avgrkx86 - ok 15:44:04.0927 7756 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys 15:44:04.0958 7756 Avgtdix - ok 15:44:05.0005 7756 [ 740970262714E0575F23A917A2A53A31 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys 15:44:05.0052 7756 avgtp - ok 15:44:05.0083 7756 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe 15:44:05.0114 7756 avgwd - ok 15:44:05.0145 7756 [ 6D52060B59E7D79CD2A044B6ADD1F1EF ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 15:44:05.0176 7756 avipbb - ok 15:44:05.0208 7756 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll 15:44:05.0301 7756 AxInstSV - ok 15:44:05.0364 7756 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys 15:44:05.0426 7756 b06bdrv - ok 15:44:05.0473 7756 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 15:44:05.0566 7756 b57nd60x - ok 15:44:05.0629 7756 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 15:44:05.0707 7756 BDESVC - ok 15:44:05.0754 7756 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 15:44:05.0800 7756 Beep - ok 15:44:05.0863 7756 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll 15:44:05.0925 7756 BFE - ok 15:44:05.0956 7756 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll 15:44:06.0034 7756 BITS - ok 15:44:06.0050 7756 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 15:44:06.0097 7756 blbdrive - ok 15:44:06.0159 7756 [ CFD4C3352E29A8B729536648466E8DF5 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 15:44:06.0190 7756 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning 15:44:06.0190 7756 Bonjour Service - detected UnsignedFile.Multi.Generic (1) 15:44:06.0222 7756 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 15:44:06.0300 7756 bowser - ok 15:44:06.0331 7756 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 15:44:06.0362 7756 BrFiltLo - ok 15:44:06.0378 7756 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 15:44:06.0440 7756 BrFiltUp - ok 15:44:06.0487 7756 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll 15:44:06.0549 7756 Browser - ok 15:44:06.0612 7756 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 15:44:06.0658 7756 Brserid - ok 15:44:06.0674 7756 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 15:44:06.0721 7756 BrSerWdm - ok 15:44:06.0736 7756 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 15:44:06.0814 7756 BrUsbMdm - ok 15:44:06.0830 7756 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 15:44:06.0892 7756 BrUsbSer - ok 15:44:06.0924 7756 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 15:44:06.0955 7756 BTHMODEM - ok 15:44:07.0002 7756 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 15:44:07.0048 7756 bthserv - ok 15:44:07.0111 7756 [ FE69C498B922CE835E2E2123FBD0A272 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 15:44:07.0126 7756 ccEvtMgr - ok 15:44:07.0142 7756 [ FE69C498B922CE835E2E2123FBD0A272 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 15:44:07.0158 7756 ccSetMgr - ok 15:44:07.0189 7756 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 15:44:07.0267 7756 cdfs - ok 15:44:07.0314 7756 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys 15:44:07.0345 7756 cdrom - ok 15:44:07.0392 7756 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll 15:44:07.0454 7756 CertPropSvc - ok 15:44:07.0516 7756 [ C82162949BBA6CC5D006C7BD008F3CF1 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 15:44:07.0532 7756 CFSvcs ( UnsignedFile.Multi.Generic ) - warning 15:44:07.0532 7756 CFSvcs - detected UnsignedFile.Multi.Generic (1) 15:44:07.0579 7756 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 15:44:07.0626 7756 circlass - ok 15:44:07.0672 7756 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 15:44:07.0688 7756 CLFS - ok 15:44:07.0782 7756 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:44:07.0828 7756 clr_optimization_v2.0.50727_32 - ok 15:44:07.0891 7756 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:44:07.0984 7756 clr_optimization_v4.0.30319_32 - ok 15:44:08.0000 7756 [ FE69C498B922CE835E2E2123FBD0A272 ] CLTNetCnService C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 15:44:08.0016 7756 CLTNetCnService - ok 15:44:08.0047 7756 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 15:44:08.0125 7756 CmBatt - ok 15:44:08.0156 7756 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys 15:44:08.0187 7756 cmdide - ok 15:44:08.0218 7756 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys 15:44:08.0296 7756 CNG - ok 15:44:08.0343 7756 [ 3B38F3DEFD61DB294421993F969BC88F ] comHost C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe 15:44:08.0359 7756 comHost - ok 15:44:08.0406 7756 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 15:44:08.0421 7756 Compbatt - ok 15:44:08.0468 7756 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 15:44:08.0484 7756 CompositeBus - ok 15:44:08.0499 7756 COMSysApp - ok 15:44:08.0530 7756 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 15:44:08.0546 7756 crcdisk - ok 15:44:08.0593 7756 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll 15:44:08.0655 7756 CryptSvc - ok 15:44:08.0686 7756 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll 15:44:08.0749 7756 DcomLaunch - ok 15:44:08.0780 7756 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 15:44:08.0842 7756 defragsvc - ok 15:44:08.0889 7756 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 15:44:08.0952 7756 DfsC - ok 15:44:08.0998 7756 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll 15:44:09.0061 7756 Dhcp - ok 15:44:09.0092 7756 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 15:44:09.0154 7756 discache - ok 15:44:09.0186 7756 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys 15:44:09.0201 7756 Disk - ok 15:44:09.0232 7756 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 15:44:09.0264 7756 Dnscache - ok 15:44:09.0295 7756 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll 15:44:09.0357 7756 dot3svc - ok 15:44:09.0404 7756 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll 15:44:09.0451 7756 DPS - ok 15:44:09.0498 7756 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 15:44:09.0544 7756 drmkaud - ok 15:44:09.0591 7756 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 15:44:09.0638 7756 DXGKrnl - ok 15:44:09.0685 7756 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 15:44:09.0747 7756 EapHost - ok 15:44:09.0888 7756 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys 15:44:09.0997 7756 ebdrv - ok 15:44:10.0012 7756 eeCtrl - ok 15:44:10.0044 7756 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe 15:44:10.0527 7756 EFS - ok 15:44:11.0260 7756 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 15:44:12.0150 7756 ehRecvr - ok 15:44:12.0196 7756 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 15:44:12.0243 7756 ehSched - ok 15:44:12.0306 7756 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 15:44:12.0337 7756 elxstor - ok 15:44:12.0352 7756 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys 15:44:12.0399 7756 ErrDev - ok 15:44:12.0446 7756 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 15:44:12.0508 7756 EventSystem - ok 15:44:12.0540 7756 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 15:44:12.0586 7756 exfat - ok 15:44:12.0618 7756 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 15:44:12.0664 7756 fastfat - ok 15:44:12.0727 7756 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe 15:44:12.0789 7756 Fax - ok 15:44:12.0836 7756 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 15:44:12.0867 7756 fdc - ok 15:44:12.0898 7756 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 15:44:12.0961 7756 fdPHost - ok 15:44:12.0976 7756 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 15:44:13.0039 7756 FDResPub - ok 15:44:13.0054 7756 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 15:44:13.0086 7756 FileInfo - ok 15:44:13.0101 7756 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 15:44:13.0148 7756 Filetrace - ok 15:44:13.0257 7756 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe 15:44:13.0304 7756 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning 15:44:13.0304 7756 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1) 15:44:13.0335 7756 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 15:44:13.0366 7756 flpydisk - ok 15:44:13.0413 7756 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 15:44:13.0444 7756 FltMgr - ok 15:44:13.0491 7756 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll 15:44:13.0554 7756 FontCache - ok 15:44:13.0632 7756 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 15:44:13.0663 7756 FontCache3.0.0.0 - ok 15:44:13.0678 7756 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 15:44:13.0694 7756 FsDepends - ok 15:44:13.0710 7756 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 15:44:13.0741 7756 Fs_Rec - ok 15:44:13.0772 7756 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 15:44:13.0803 7756 fvevol - ok 15:44:13.0850 7756 [ CBC22823628544735625B280665E434E ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys 15:44:13.0897 7756 FwLnk - ok 15:44:13.0928 7756 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 15:44:13.0959 7756 gagp30kx - ok 15:44:13.0990 7756 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll 15:44:14.0068 7756 gpsvc - ok 15:44:14.0146 7756 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 15:44:14.0162 7756 gupdate - ok 15:44:14.0178 7756 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 15:44:14.0193 7756 gupdatem - ok 15:44:14.0240 7756 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 15:44:14.0302 7756 hcw85cir - ok 15:44:14.0334 7756 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 15:44:14.0365 7756 HDAudBus - ok 15:44:14.0396 7756 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 15:44:14.0427 7756 HidBatt - ok 15:44:14.0443 7756 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 15:44:14.0490 7756 HidBth - ok 15:44:14.0536 7756 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 15:44:14.0568 7756 HidIr - ok 15:44:14.0614 7756 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll 15:44:14.0661 7756 hidserv - ok 15:44:14.0708 7756 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys 15:44:14.0739 7756 HidUsb - ok 15:44:14.0770 7756 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll 15:44:14.0817 7756 hkmsvc - ok 15:44:14.0864 7756 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 15:44:14.0958 7756 HomeGroupListener - ok 15:44:14.0989 7756 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 15:44:15.0020 7756 HomeGroupProvider - ok 15:44:15.0067 7756 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 15:44:15.0082 7756 HpSAMD - ok 15:44:15.0145 7756 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys 15:44:15.0192 7756 HTTP - ok 15:44:15.0238 7756 [ 1720966D9C7EA5E2D78B6DB92D2F9171 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys 15:44:15.0301 7756 hwdatacard - ok 15:44:15.0316 7756 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 15:44:15.0348 7756 hwpolicy - ok 15:44:15.0394 7756 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 15:44:15.0441 7756 i8042prt - ok 15:44:15.0472 7756 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 15:44:15.0504 7756 iaStorV - ok 15:44:15.0566 7756 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 15:44:15.0613 7756 idsvc - ok 15:44:15.0722 7756 [ 67070D3859BDE8EF7DBC995EBD49227E ] IDSvix86 C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20070108.003\IDSvix86.sys 15:44:15.0753 7756 IDSvix86 - ok 15:44:15.0800 7756 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 15:44:15.0816 7756 iirsp - ok 15:44:15.0862 7756 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll 15:44:15.0940 7756 IKEEXT - ok 15:44:16.0050 7756 [ 97CAC2A7E92FFCB30C15101AB002ED30 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 15:44:16.0128 7756 IntcAzAudAddService - ok 15:44:16.0159 7756 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys 15:44:16.0174 7756 intelide - ok 15:44:16.0206 7756 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 15:44:16.0252 7756 intelppm - ok 15:44:16.0284 7756 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 15:44:16.0330 7756 IPBusEnum - ok 15:44:16.0362 7756 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:44:16.0424 7756 IpFilterDriver - ok 15:44:16.0455 7756 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 15:44:16.0502 7756 iphlpsvc - ok 15:44:16.0533 7756 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 15:44:16.0580 7756 IPMIDRV - ok 15:44:16.0596 7756 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 15:44:16.0658 7756 IPNAT - ok 15:44:16.0705 7756 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 15:44:16.0783 7756 IRENUM - ok 15:44:16.0798 7756 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys 15:44:16.0830 7756 isapnp - ok 15:44:16.0861 7756 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 15:44:16.0876 7756 iScsiPrt - ok 15:44:16.0923 7756 [ 31E4D7875FF05D9F81C2ABDF48F51B11 ] ISPwdSvc C:\Program Files\Norton Internet Security\isPwdSvc.exe 15:44:16.0954 7756 ISPwdSvc - ok 15:44:17.0001 7756 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 15:44:17.0017 7756 kbdclass - ok 15:44:17.0064 7756 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 15:44:17.0095 7756 kbdhid - ok 15:44:17.0126 7756 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe 15:44:17.0142 7756 KeyIso - ok 15:44:17.0204 7756 [ A383F2CEA0A8F4E76E71ABC869BD5748 ] KR10I C:\Windows\system32\drivers\kr10i.sys 15:44:17.0282 7756 KR10I - ok 15:44:17.0313 7756 [ 6E9922332386C2A49936B30B2B6FD298 ] KR10N C:\Windows\system32\drivers\kr10n.sys 15:44:17.0360 7756 KR10N - ok 15:44:17.0391 7756 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 15:44:17.0407 7756 KSecDD - ok 15:44:17.0438 7756 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 15:44:17.0454 7756 KSecPkg - ok 15:44:17.0516 7756 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 15:44:17.0578 7756 KtmRm - ok 15:44:17.0625 7756 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll 15:44:17.0688 7756 LanmanServer - ok 15:44:17.0719 7756 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 15:44:17.0781 7756 LanmanWorkstation - ok 15:44:17.0890 7756 [ F3CB12A5791761EBCA4C7BA5FC89F5C2 ] LiveUpdate C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE 15:44:17.0984 7756 LiveUpdate - ok 15:44:18.0031 7756 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 15:44:18.0093 7756 lltdio - ok 15:44:18.0140 7756 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 15:44:18.0171 7756 lltdsvc - ok 15:44:18.0202 7756 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 15:44:18.0249 7756 lmhosts - ok 15:44:18.0296 7756 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 15:44:18.0312 7756 LSI_FC - ok 15:44:18.0327 7756 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 15:44:18.0358 7756 LSI_SAS - ok 15:44:18.0390 7756 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 15:44:18.0405 7756 LSI_SAS2 - ok 15:44:18.0421 7756 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 15:44:18.0452 7756 LSI_SCSI - ok 15:44:18.0468 7756 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 15:44:18.0514 7756 luafv - ok 15:44:18.0546 7756 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 15:44:18.0577 7756 Mcx2Svc - ok 15:44:18.0592 7756 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 15:44:18.0624 7756 megasas - ok 15:44:18.0655 7756 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 15:44:18.0686 7756 MegaSR - ok 15:44:18.0717 7756 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 15:44:18.0764 7756 MMCSS - ok 15:44:18.0795 7756 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 15:44:18.0842 7756 Modem - ok 15:44:18.0889 7756 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 15:44:18.0936 7756 monitor - ok 15:44:18.0967 7756 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys 15:44:18.0982 7756 mouclass - ok 15:44:19.0014 7756 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 15:44:19.0045 7756 mouhid - ok 15:44:19.0076 7756 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 15:44:19.0092 7756 mountmgr - ok 15:44:19.0123 7756 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys 15:44:19.0154 7756 mpio - ok 15:44:19.0185 7756 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 15:44:19.0248 7756 mpsdrv - ok 15:44:19.0294 7756 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll 15:44:19.0357 7756 MpsSvc - ok 15:44:19.0404 7756 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 15:44:19.0435 7756 MRxDAV - ok 15:44:19.0482 7756 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 15:44:19.0513 7756 mrxsmb - ok 15:44:19.0544 7756 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:44:19.0575 7756 mrxsmb10 - ok 15:44:19.0606 7756 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:44:19.0622 7756 mrxsmb20 - ok 15:44:19.0653 7756 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys 15:44:19.0669 7756 msahci - ok 15:44:19.0669 7756 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys 15:44:19.0700 7756 msdsm - ok 15:44:19.0731 7756 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 15:44:19.0778 7756 MSDTC - ok 15:44:19.0825 7756 [ 114B67C324D64C8195FD3BF93B4DF02A ] MSDV C:\Windows\system32\DRIVERS\msdv.sys 15:44:19.0872 7756 MSDV - ok 15:44:19.0903 7756 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 15:44:19.0950 7756 Msfs - ok 15:44:19.0965 7756 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 15:44:20.0012 7756 mshidkmdf - ok 15:44:20.0043 7756 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 15:44:20.0074 7756 msisadrv - ok 15:44:20.0121 7756 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 15:44:20.0168 7756 MSiSCSI - ok 15:44:20.0184 7756 msiserver - ok 15:44:20.0215 7756 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 15:44:20.0262 7756 MSKSSRV - ok 15:44:20.0308 7756 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 15:44:20.0371 7756 MSPCLOCK - ok 15:44:20.0402 7756 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 15:44:20.0449 7756 MSPQM - ok 15:44:20.0464 7756 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 15:44:20.0496 7756 MsRPC - ok 15:44:20.0527 7756 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 15:44:20.0542 7756 mssmbios - ok 15:44:20.0574 7756 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 15:44:20.0620 7756 MSTEE - ok 15:44:20.0636 7756 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 15:44:20.0667 7756 MTConfig - ok 15:44:20.0698 7756 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 15:44:20.0714 7756 Mup - ok 15:44:20.0761 7756 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll 15:44:20.0823 7756 napagent - ok 15:44:20.0870 7756 NasPmService - ok 15:44:20.0917 7756 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 15:44:20.0948 7756 NativeWifiP - ok 15:44:21.0010 7756 [ A6F5AB84104412CD9742E7EE942EA08D ] NAVENG C:\ProgramData\Symantec\Definitions\VirusDefs\20070913.017\NAVENG.SYS 15:44:21.0042 7756 NAVENG - ok 15:44:21.0088 7756 [ C8069BF95363A58441CB33E4B989DD4F ] NAVEX15 C:\ProgramData\Symantec\Definitions\VirusDefs\20070913.017\NAVEX15.SYS 15:44:21.0135 7756 NAVEX15 - ok 15:44:21.0463 7756 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys 15:44:21.0494 7756 NDIS - ok 15:44:21.0556 7756 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 15:44:21.0588 7756 NdisCap - ok 15:44:21.0619 7756 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 15:44:21.0681 7756 NdisTapi - ok 15:44:21.0697 7756 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 15:44:21.0759 7756 Ndisuio - ok 15:44:21.0790 7756 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 15:44:21.0853 7756 NdisWan - ok 15:44:21.0900 7756 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 15:44:21.0962 7756 NDProxy - ok 15:44:21.0993 7756 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 15:44:22.0056 7756 NetBIOS - ok 15:44:22.0087 7756 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 15:44:22.0149 7756 NetBT - ok 15:44:22.0180 7756 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe 15:44:22.0196 7756 Netlogon - ok 15:44:22.0758 7756 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 15:44:23.0335 7756 Netman - ok 15:44:23.0382 7756 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 15:44:23.0428 7756 netprofm - ok 15:44:23.0460 7756 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:44:23.0475 7756 NetTcpPortSharing - ok 15:44:23.0522 7756 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 15:44:23.0553 7756 nfrd960 - ok 15:44:23.0694 7756 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll 15:44:23.0740 7756 NlaSvc - ok 15:44:23.0787 7756 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 15:44:23.0834 7756 Npfs - ok 15:44:23.0865 7756 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 15:44:23.0896 7756 nsi - ok 15:44:23.0912 7756 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 15:44:23.0974 7756 nsiproxy - ok 15:44:24.0037 7756 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 15:44:24.0099 7756 Ntfs - ok 15:44:24.0130 7756 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 15:44:24.0193 7756 Null - ok 15:44:24.0240 7756 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys 15:44:24.0255 7756 nvraid - ok 15:44:24.0286 7756 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys 15:44:24.0302 7756 nvstor - ok 15:44:24.0333 7756 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 15:44:24.0349 7756 nv_agp - ok 15:44:24.0380 7756 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 15:44:24.0411 7756 ohci1394 - ok 15:44:24.0458 7756 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:44:24.0474 7756 ose - ok 15:44:24.0723 7756 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 15:44:24.0801 7756 p2pimsvc - ok 15:44:24.0817 7756 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 15:44:24.0848 7756 p2psvc - ok 15:44:24.0895 7756 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 15:44:24.0942 7756 Parport - ok 15:44:24.0973 7756 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys 15:44:25.0004 7756 partmgr - ok 15:44:25.0020 7756 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 15:44:25.0051 7756 Parvdm - ok 15:44:25.0082 7756 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 15:44:25.0113 7756 PcaSvc - ok 15:44:25.0144 7756 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys 15:44:25.0176 7756 pci - ok 15:44:25.0191 7756 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys 15:44:25.0207 7756 pciide - ok 15:44:25.0254 7756 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 15:44:25.0285 7756 pcmcia - ok 15:44:25.0300 7756 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 15:44:25.0316 7756 pcw - ok 15:44:25.0347 7756 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 15:44:25.0425 7756 PEAUTH - ok 15:44:25.0519 7756 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll 15:44:25.0597 7756 pla - ok 15:44:25.0659 7756 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll 15:44:25.0722 7756 PlugPlay - ok 15:44:25.0800 7756 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe 15:44:25.0909 7756 PMBDeviceInfoProvider - ok 15:44:25.0940 7756 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 15:44:25.0987 7756 PNRPAutoReg - ok 15:44:26.0018 7756 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 15:44:26.0034 7756 PNRPsvc - ok 15:44:26.0080 7756 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 15:44:26.0158 7756 PolicyAgent - ok 15:44:26.0190 7756 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll 15:44:26.0236 7756 Power - ok 15:44:26.0283 7756 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 15:44:26.0346 7756 PptpMiniport - ok 15:44:26.0361 7756 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys 15:44:26.0408 7756 Processor - ok 15:44:26.0439 7756 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll 15:44:26.0502 7756 ProfSvc - ok 15:44:26.0517 7756 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe 15:44:26.0533 7756 ProtectedStorage - ok 15:44:26.0564 7756 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 15:44:26.0611 7756 Psched - ok 15:44:26.0673 7756 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 15:44:26.0736 7756 ql2300 - ok 15:44:26.0751 7756 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 15:44:26.0767 7756 ql40xx - ok 15:44:26.0814 7756 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 15:44:26.0845 7756 QWAVE - ok 15:44:26.0860 7756 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 15:44:26.0892 7756 QWAVEdrv - ok 15:44:26.0907 7756 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 15:44:26.0970 7756 RasAcd - ok 15:44:27.0001 7756 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 15:44:27.0063 7756 RasAgileVpn - ok 15:44:27.0079 7756 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 15:44:27.0126 7756 RasAuto - ok 15:44:27.0173 7756 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 15:44:27.0219 7756 Rasl2tp - ok 15:44:27.0282 7756 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll 15:44:27.0344 7756 RasMan - ok 15:44:27.0516 7756 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 15:44:27.0578 7756 RasPppoe - ok 15:44:27.0594 7756 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 15:44:27.0641 7756 RasSstp - ok 15:44:27.0687 7756 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 15:44:27.0734 7756 rdbss - ok 15:44:27.0765 7756 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 15:44:27.0797 7756 rdpbus - ok 15:44:27.0828 7756 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 15:44:27.0859 7756 RDPCDD - ok 15:44:27.0890 7756 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 15:44:27.0953 7756 RDPENCDD - ok 15:44:27.0984 7756 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 15:44:28.0015 7756 RDPREFMP - ok 15:44:28.0046 7756 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 15:44:28.0109 7756 RDPWD - ok 15:44:28.0140 7756 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 15:44:28.0171 7756 rdyboost - ok 15:44:28.0218 7756 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 15:44:28.0280 7756 RemoteAccess - ok 15:44:28.0311 7756 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 15:44:28.0811 7756 RemoteRegistry - ok 15:44:29.0247 7756 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys 15:44:29.0325 7756 rimmptsk - ok 15:44:29.0840 7756 [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys 15:44:29.0887 7756 rimsptsk - ok 15:44:29.0934 7756 [ D231B577024AA324AF13A42F3A807D10 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys 15:44:29.0965 7756 rismxdp - ok 15:44:30.0012 7756 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys 15:44:30.0059 7756 ROOTMODEM - ok 15:44:30.0090 7756 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 15:44:30.0152 7756 RpcEptMapper - ok 15:44:30.0183 7756 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 15:44:30.0230 7756 RpcLocator - ok 15:44:30.0261 7756 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll 15:44:30.0308 7756 RpcSs - ok 15:44:30.0324 7756 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 15:44:30.0371 7756 rspndr - ok 15:44:30.0417 7756 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys 15:44:30.0449 7756 RTL8167 - ok 15:44:30.0511 7756 [ CA5A4FBFE341F13733955B8AAC98F0B5 ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys 15:44:30.0558 7756 RTL8187B - ok 15:44:30.0589 7756 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe 15:44:30.0605 7756 SamSs - ok 15:44:30.0636 7756 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 15:44:30.0667 7756 sbp2port - ok 15:44:30.0714 7756 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 15:44:30.0776 7756 SCardSvr - ok 15:44:30.0807 7756 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 15:44:30.0854 7756 scfilter - ok 15:44:30.0917 7756 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll 15:44:30.0979 7756 Schedule - ok 15:44:31.0010 7756 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll 15:44:31.0041 7756 SCPolicySvc - ok 15:44:31.0073 7756 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys 15:44:31.0119 7756 sdbus - ok 15:44:31.0151 7756 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll 15:44:31.0229 7756 SDRSVC - ok 15:44:31.0275 7756 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 15:44:31.0322 7756 secdrv - ok 15:44:31.0650 7756 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 15:44:31.0712 7756 seclogon - ok 15:44:31.0759 7756 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll 15:44:31.0790 7756 SENS - ok 15:44:31.0837 7756 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 15:44:31.0884 7756 SensrSvc - ok 15:44:31.0899 7756 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 15:44:31.0931 7756 Serenum - ok 15:44:31.0946 7756 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 15:44:31.0993 7756 Serial - ok 15:44:32.0024 7756 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 15:44:32.0071 7756 sermouse - ok 15:44:32.0118 7756 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll 15:44:32.0180 7756 SessionEnv - ok 15:44:32.0196 7756 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys 15:44:32.0258 7756 sffdisk - ok 15:44:32.0274 7756 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 15:44:32.0305 7756 sffp_mmc - ok 15:44:32.0321 7756 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys 15:44:32.0352 7756 sffp_sd - ok 15:44:32.0383 7756 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 15:44:32.0399 7756 sfloppy - ok 15:44:32.0445 7756 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll 15:44:32.0508 7756 SharedAccess - ok 15:44:32.0539 7756 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 15:44:32.0601 7756 ShellHWDetection - ok 15:44:32.0648 7756 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys 15:44:32.0664 7756 sisagp - ok 15:44:32.0711 7756 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 15:44:32.0726 7756 SiSRaid2 - ok 15:44:32.0742 7756 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 15:44:32.0773 7756 SiSRaid4 - ok 15:44:32.0835 7756 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 15:44:32.0867 7756 SkypeUpdate - ok 15:44:32.0898 7756 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 15:44:32.0945 7756 Smb - ok 15:44:32.0991 7756 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 15:44:33.0023 7756 SNMPTRAP - ok 15:44:33.0101 7756 [ 0FDE4B4895D4691C4482CA67FA532BE0 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 15:44:33.0132 7756 SPBBCDrv - ok 15:44:33.0179 7756 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys 15:44:33.0194 7756 spldr - ok 15:44:33.0225 7756 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe 15:44:33.0272 7756 Spooler - ok 15:44:33.0397 7756 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe 15:44:33.0506 7756 sppsvc - ok 15:44:33.0537 7756 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll 15:44:33.0600 7756 sppuinotify - ok 15:44:33.0631 7756 [ ED5E9F3BF11D0BB770F652B22EC26465 ] SRTSP C:\Windows\system32\Drivers\SRTSP.SYS 15:44:33.0662 7756 SRTSP - ok 15:44:33.0678 7756 [ C70A2581E35E03C85F29AA1BC723659A ] SRTSPL C:\Windows\system32\Drivers\SRTSPL.SYS 15:44:33.0709 7756 SRTSPL - ok 15:44:33.0725 7756 [ 05F2DB228922E6B8A001ED83EE4D1153 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX.SYS 15:44:33.0756 7756 SRTSPX - ok 15:44:33.0771 7756 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys 15:44:33.0834 7756 srv - ok 15:44:33.0849 7756 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 15:44:33.0896 7756 srv2 - ok 15:44:33.0912 7756 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 15:44:33.0943 7756 srvnet - ok 15:44:33.0990 7756 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 15:44:34.0037 7756 SSDPSRV - ok 15:44:34.0052 7756 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 15:44:34.0115 7756 SstpSvc - ok 15:44:34.0146 7756 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 15:44:34.0161 7756 stexstor - ok 15:44:34.0208 7756 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll 15:44:34.0255 7756 StiSvc - ok 15:44:34.0271 7756 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys 15:44:34.0302 7756 swenum - ok 15:44:34.0349 7756 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 15:44:34.0395 7756 swprv - ok 15:44:34.0458 7756 [ 43CFCA936D211BF7F1CDE1DDF807CB76 ] Symantec Core LC C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe 15:44:34.0505 7756 Symantec Core LC - ok 15:44:34.0551 7756 [ EFF5C2A0A06BCBFC5CF931C00CF6146D ] SymAppCore C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe 15:44:34.0567 7756 SymAppCore - ok 15:44:34.0598 7756 [ 403BD24FA5C55FC648ABDD039629A954 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS 15:44:34.0629 7756 SymEvent - ok 15:44:34.0645 7756 [ 829830A3CA1C5E329D68E26C9CD2DE8D ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS 15:44:34.0661 7756 SYMREDRV - ok 15:44:34.0692 7756 [ B1AA9704124B494C34E8D372E6654196 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS 15:44:34.0707 7756 SYMTDI - ok 15:44:34.0754 7756 [ 11F730BF0D0AA4FE7DE7138A32A52422 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 15:44:34.0785 7756 SynTP - ok 15:44:35.0097 7756 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll 15:44:35.0160 7756 SysMain - ok 15:44:35.0175 7756 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll 15:44:35.0207 7756 TabletInputService - ok 15:44:35.0253 7756 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll 15:44:35.0316 7756 TapiSrv - ok 15:44:35.0347 7756 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 15:44:35.0409 7756 TBS - ok 15:44:35.0487 7756 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys 15:44:35.0534 7756 Tcpip - ok 15:44:35.0581 7756 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 15:44:35.0628 7756 TCPIP6 - ok 15:44:35.0659 7756 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 15:44:35.0721 7756 tcpipreg - ok 15:44:35.0753 7756 [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys 15:44:35.0815 7756 tdcmdpst - ok 15:44:35.0846 7756 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 15:44:35.0924 7756 TDPIPE - ok 15:44:35.0924 7756 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 15:44:35.0955 7756 TDTCP - ok 15:44:35.0987 7756 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 15:44:36.0033 7756 tdx - ok 15:44:36.0065 7756 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys 15:44:36.0080 7756 TermDD - ok 15:44:36.0127 7756 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll 15:44:36.0189 7756 TermService - ok 15:44:36.0221 7756 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 15:44:36.0252 7756 Themes - ok 15:44:36.0267 7756 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 15:44:36.0314 7756 THREADORDER - ok 15:44:36.0408 7756 [ 804FED244FC47642CC635236D47A67D4 ] TNaviSrv C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe 15:44:36.0423 7756 TNaviSrv ( UnsignedFile.Multi.Generic ) - warning 15:44:36.0423 7756 TNaviSrv - detected UnsignedFile.Multi.Generic (1) 15:44:36.0470 7756 [ D540858E65BFA6FDED41AD2495ECE344 ] TODDSrv C:\Windows\system32\TODDSrv.exe 15:44:36.0486 7756 TODDSrv ( UnsignedFile.Multi.Generic ) - warning 15:44:36.0486 7756 TODDSrv - detected UnsignedFile.Multi.Generic (1) 15:44:36.0548 7756 [ 6A54C28B53C6B50D333C8EE974C6B208 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 15:44:36.0579 7756 TosCoSrv - ok 15:44:36.0813 7756 [ F95208D35A9667C58CF8122EE22805A6 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe 15:44:36.0829 7756 TOSHIBA Bluetooth Service - ok 15:44:36.0860 7756 [ 90AFA1A4451BBBEE87C9F18A665D8121 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys 15:44:36.0876 7756 tosporte - ok 15:44:36.0938 7756 [ 490A76AB428F34EA676A23E429DD6DA4 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys 15:44:36.0969 7756 tosrfbd - ok 15:44:36.0985 7756 [ 75CD3C238A0FFC66C4581C3870C09314 ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys 15:44:37.0001 7756 tosrfbnp - ok 15:44:37.0032 7756 [ B551D3F266DDA311256F963E8CFD1E9B ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys 15:44:37.0047 7756 Tosrfcom - ok 15:44:37.0079 7756 [ 51BAA142744E236C3A886479CAD99A06 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys 15:44:37.0094 7756 tosrfec - ok 15:44:37.0094 7756 [ F3E8762163EE87F3AC95537584CF5B4F ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys 15:44:37.0125 7756 Tosrfhid - ok 15:44:37.0141 7756 [ B2A1A6538245FD69578224BBF2FD4677 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys 15:44:37.0172 7756 tosrfnds - ok 15:44:37.0188 7756 [ 3DE5CBB4F8EB64563CE08E8EC7458D03 ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys 15:44:37.0250 7756 TosRfSnd - ok 15:44:37.0266 7756 [ AF5126FB6E9ED41C99AB7A10E98729CD ] tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys 15:44:37.0281 7756 tosrfusb - ok 15:44:37.0328 7756 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 15:44:37.0359 7756 TrkWks - ok 15:44:37.0422 7756 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 15:44:37.0469 7756 TrustedInstaller - ok 15:44:37.0500 7756 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 15:44:37.0562 7756 tssecsrv - ok 15:44:37.0609 7756 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 15:44:37.0656 7756 TsUsbFlt - ok 15:44:37.0718 7756 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 15:44:37.0765 7756 tunnel - ok 15:44:37.0827 7756 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS 15:44:37.0843 7756 TVALZ - ok 15:44:37.0874 7756 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 15:44:37.0905 7756 uagp35 - ok 15:44:37.0921 7756 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys 15:44:37.0983 7756 udfs - ok 15:44:38.0030 7756 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 15:44:38.0077 7756 UI0Detect - ok 15:44:38.0124 7756 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 15:44:38.0139 7756 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning 15:44:38.0139 7756 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1) 15:44:38.0171 7756 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 15:44:38.0186 7756 uliagpkx - ok 15:44:38.0233 7756 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys 15:44:38.0264 7756 umbus - ok 15:44:38.0295 7756 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 15:44:38.0327 7756 UmPass - ok 15:44:38.0358 7756 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 15:44:38.0420 7756 upnphost - ok 15:44:38.0451 7756 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 15:44:38.0514 7756 usbccgp - ok 15:44:38.0561 7756 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys 15:44:38.0592 7756 usbcir - ok 15:44:38.0607 7756 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 15:44:38.0639 7756 usbehci - ok 15:44:38.0685 7756 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 15:44:38.0717 7756 usbhub - ok 15:44:38.0748 7756 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 15:44:38.0795 7756 usbohci - ok 15:44:38.0826 7756 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 15:44:38.0841 7756 usbprint - ok 15:44:38.0888 7756 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 15:44:38.0935 7756 usbscan - ok 15:44:38.0951 7756 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:44:39.0029 7756 USBSTOR - ok 15:44:39.0044 7756 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 15:44:39.0075 7756 usbuhci - ok 15:44:39.0107 7756 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 15:44:39.0153 7756 usbvideo - ok 15:44:39.0200 7756 [ 9D19B042A4FD5C02195071EA2FE0C821 ] usnjsvc C:\Program Files\Windows Live\Messenger\usnsvc.exe 15:44:39.0231 7756 usnjsvc - ok 15:44:39.0247 7756 [ 3B929A72AAEA96DC0150D3A6DA268C89 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS 15:44:39.0294 7756 UVCFTR - ok 15:44:39.0356 7756 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 15:44:39.0403 7756 UxSms - ok 15:44:39.0419 7756 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe 15:44:39.0450 7756 VaultSvc - ok 15:44:39.0465 7756 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 15:44:39.0481 7756 vdrvroot - ok 15:44:39.0528 7756 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe 15:44:39.0606 7756 vds - ok 15:44:39.0637 7756 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 15:44:39.0653 7756 vga - ok 15:44:39.0668 7756 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 15:44:39.0715 7756 VgaSave - ok 15:44:39.0746 7756 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 15:44:39.0762 7756 vhdmp - ok 15:44:39.0809 7756 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys 15:44:39.0824 7756 viaagp - ok 15:44:39.0855 7756 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys 15:44:39.0887 7756 ViaC7 - ok 15:44:39.0933 7756 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys 15:44:39.0949 7756 viaide - ok 15:44:39.0996 7756 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe 15:44:40.0011 7756 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - warning 15:44:40.0011 7756 Viewpoint Manager Service - detected UnsignedFile.Multi.Generic (1) 15:44:40.0043 7756 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys 15:44:40.0058 7756 volmgr - ok 15:44:40.0105 7756 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 15:44:40.0370 7756 volmgrx - ok 15:44:40.0776 7756 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys 15:44:41.0010 7756 volsnap - ok 15:44:41.0478 7756 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 15:44:41.0509 7756 vsmraid - ok 15:44:41.0883 7756 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe 15:44:41.0977 7756 VSS - ok 15:44:42.0102 7756 [ 50D3941555FEFDF46424431702EC5FB6 ] vToolbarUpdater14.0.1 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe 15:44:42.0149 7756 vToolbarUpdater14.0.1 - ok 15:44:42.0164 7756 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 15:44:42.0195 7756 vwifibus - ok 15:44:42.0242 7756 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 15:44:42.0305 7756 W32Time - ok 15:44:42.0336 7756 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 15:44:42.0367 7756 WacomPen - ok 15:44:42.0414 7756 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 15:44:42.0476 7756 WANARP - ok 15:44:42.0476 7756 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 15:44:42.0523 7756 Wanarpv6 - ok 15:44:42.0585 7756 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe 15:44:42.0695 7756 wbengine - ok 15:44:42.0726 7756 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 15:44:42.0773 7756 WbioSrvc - ok 15:44:42.0819 7756 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll 15:44:42.0866 7756 wcncsvc - ok 15:44:42.0897 7756 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 15:44:42.0960 7756 WcsPlugInService - ok 15:44:42.0991 7756 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys 15:44:43.0007 7756 Wd - ok 15:44:43.0053 7756 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 15:44:43.0085 7756 Wdf01000 - ok 15:44:43.0116 7756 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 15:44:43.0209 7756 WdiServiceHost - ok 15:44:43.0209 7756 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 15:44:43.0241 7756 WdiSystemHost - ok 15:44:43.0272 7756 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll 15:44:43.0303 7756 WebClient - ok 15:44:43.0319 7756 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 15:44:43.0365 7756 Wecsvc - ok 15:44:43.0381 7756 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 15:44:43.0428 7756 wercplsupport - ok 15:44:43.0475 7756 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 15:44:43.0537 7756 WerSvc - ok 15:44:43.0568 7756 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 15:44:43.0599 7756 WfpLwf - ok 15:44:43.0615 7756 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 15:44:43.0646 7756 WIMMount - ok 15:44:43.0724 7756 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 15:44:43.0787 7756 WinDefend - ok 15:44:43.0802 7756 WinHttpAutoProxySvc - ok 15:44:43.0896 7756 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 15:44:43.0927 7756 Winmgmt - ok 15:44:43.0989 7756 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll 15:44:44.0083 7756 WinRM - ok 15:44:44.0161 7756 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 15:44:44.0208 7756 Wlansvc - ok 15:44:44.0270 7756 [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc C:\Program Files\Windows Live\installer\WLSetupSvc.exe 15:44:44.0286 7756 WLSetupSvc ( UnsignedFile.Multi.Generic ) - warning 15:44:44.0286 7756 WLSetupSvc - detected UnsignedFile.Multi.Generic (1) 15:44:44.0333 7756 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 15:44:44.0348 7756 WmiAcpi - ok 15:44:44.0395 7756 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 15:44:44.0426 7756 wmiApSrv - ok 15:44:44.0551 7756 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 15:44:44.0645 7756 WMPNetworkSvc - ok 15:44:44.0676 7756 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 15:44:44.0754 7756 WPCSvc - ok 15:44:44.0769 7756 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 15:44:44.0832 7756 WPDBusEnum - ok 15:44:44.0879 7756 WPFFontCache_v0400 - ok 15:44:44.0910 7756 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 15:44:44.0972 7756 ws2ifsl - ok 15:44:45.0003 7756 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll 15:44:45.0050 7756 wscsvc - ok 15:44:45.0066 7756 WSearch - ok 15:44:45.0159 7756 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 15:44:45.0222 7756 wuauserv - ok 15:44:45.0253 7756 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 15:44:45.0300 7756 WudfPf - ok 15:44:45.0331 7756 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 15:44:45.0378 7756 WUDFRd - ok 15:44:45.0393 7756 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 15:44:45.0456 7756 wudfsvc - ok 15:44:45.0487 7756 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll 15:44:45.0518 7756 WwanSvc - ok 15:44:45.0549 7756 ================ Scan global =============================== 15:44:45.0581 7756 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll 15:44:45.0612 7756 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll 15:44:45.0627 7756 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll 15:44:45.0674 7756 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 15:44:45.0705 7756 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 15:44:45.0721 7756 [Global] - ok 15:44:45.0721 7756 ================ Scan MBR ================================== 15:44:45.0737 7756 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 15:44:46.0142 7756 \Device\Harddisk0\DR0 - ok 15:44:46.0142 7756 ================ Scan VBR ================================== 15:44:46.0142 7756 [ A004D365BEDFFAB321DB5EC6255868C2 ] \Device\Harddisk0\DR0\Partition1 15:44:46.0142 7756 \Device\Harddisk0\DR0\Partition1 - ok 15:44:46.0173 7756 [ 079B7AF248A5C624F5B42F471C79D45D ] \Device\Harddisk0\DR0\Partition2 15:44:46.0173 7756 \Device\Harddisk0\DR0\Partition2 - ok 15:44:46.0173 7756 ============================================================ 15:44:46.0173 7756 Scan finished 15:44:46.0173 7756 ============================================================ 15:44:46.0189 9156 Detected object count: 11 15:44:46.0189 9156 Actual detected object count: 11 15:45:18.0809 9156 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - skipped by user 15:45:18.0809 9156 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:45:18.0809 9156 AntiVirService ( UnsignedFile.Multi.Generic ) - skipped by user 15:45:18.0809 9156 AntiVirService ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:45:18.0809 9156 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - skipped by user 15:45:18.0809 9156 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:45:18.0824 9156 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user 15:45:18.0824 9156 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:45:18.0824 9156 CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user 15:45:18.0824 9156 CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:45:18.0824 9156 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user 15:45:18.0824 9156 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:45:18.0824 9156 TNaviSrv ( UnsignedFile.Multi.Generic ) - skipped by user 15:45:18.0824 9156 TNaviSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:45:18.0824 9156 TODDSrv ( UnsignedFile.Multi.Generic ) - skipped by user 15:45:18.0824 9156 TODDSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:45:18.0840 9156 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user 15:45:18.0840 9156 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:45:18.0840 9156 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - skipped by user 15:45:18.0840 9156 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:45:18.0840 9156 WLSetupSvc ( UnsignedFile.Multi.Generic ) - skipped by user 15:45:18.0840 9156 WLSetupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip muss ich den Rechner noch neustarten oder kann ich das Programm einfach wieder schließen? |
|
31.01.2013, 18:03
| #12 | |
| /// Malware-holic | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet programm schließen bitte combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
31.01.2013, 18:56
| #13 |
| | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet hab meinen Virenschutz wieder aktiviert, hier ist die Logfile: Combofix Logfile: Code:
ATTFilter ComboFix 13-01-31.01 - Carmen 31.01.2013 18:21:37.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.1918.989 [GMT 1:00]
ausgeführt von:: e:\daten\Carmen\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Carmen\AppData\Local\Temp\ppcrlui_6036_2
c:\users\Public\Favorites\mxfilerelatedcache.mxc2
c:\users\Public\invokesi.exe
c:\windows\system32\pt
c:\windows\system32\pt\toscdspd.cpl.mui
e:\daten\Carmen\Documents\~WRL3402.tmp
e:\daten\Carmen\Favorites\mxfilerelatedcache.mxc2
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_usnjsvc
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-28 bis 2013-01-31 ))))))))))))))))))))))))))))))
.
.
2013-01-31 17:32 . 2013-01-31 17:32 -------- d-----w- c:\users\Gast\AppData\Local\temp
2013-01-27 12:28 . 2013-01-27 12:28 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-15 12:52 . 2012-09-09 13:37 31576 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-12-16 14:13 . 2012-12-31 09:49 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-31 09:49 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-04 16:48 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-11-23 02:56 . 2013-01-09 22:36 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-23 02:48 . 2013-01-09 16:03 49152 ----a-w- c:\windows\system32\taskhost.exe
2012-11-20 04:51 . 2013-01-09 16:03 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-15 22:33 . 2012-11-15 22:33 94048 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2012-11-14 02:09 . 2012-12-13 16:19 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-13 16:19 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 16:19 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-13 16:19 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 16:19 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-13 16:19 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:43 . 2013-01-09 22:34 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-11-09 04:42 . 2012-12-13 16:16 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\system32\msxml4.dll
2007-05-14 00:03 . 2007-05-14 00:03 159744 ----a-w- c:\program files\internet explorer\plugins\pluginhostctrl.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-01-15 12:52 1883824 ----a-w- c:\program files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll" [2013-01-15 1883824]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2007-06-27 436088]
"studNET-Autologin"="c:\windows\System32\studnet\studnet.exe" [2007-09-26 245760]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-15 102400]
"RtHDVCpl"="RtHDVCpl.exe" [2007-08-09 4702208]
"Skytel"="Skytel.exe" [2007-08-03 1826816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-05-22 413696]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816]
"Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 1507328]
"IS CfgWiz"="c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [2007-01-12 431752]
"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-31 385024]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-04-03 509496]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2011-04-01 80840]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-05-04 1561768]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-01-15 1101488]
"dcmsvc"="c:\program files\dcmsvc\dcmsvc.exe" [2009-04-07 30440]
.
c:\users\Carmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
BUFFALO NAS Navigator.lnk - c:\program files\BUFFALO\NASNAVI\NasNavi.exe [2010-3-2 1553800]
NAS Scheduler.lnk - c:\program files\BUFFALO\NASNAVI\nassche.exe [2010-3-2 206128]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2009-8-6 439648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"StartCCC"=c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [x]
R3 IDSvix86;Symantec Intrusion Prevention Driver;c:\programdata\Symantec\Definitions\SymcData\idsdefs\20070108.003\IDSvix86.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [x]
S2 NasPmService;NAS PM Service;c:\program files\BUFFALO\NASNAVI\nassvc.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [x]
S2 vToolbarUpdater14.0.1;vToolbarUpdater14.0.1;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 RTL8187B;RTL8187B Drahtlos-802.11b/g-USB 2.0-Netzwerkadapter (54 MBit/s) von Realtek;c:\windows\system32\DRIVERS\RTL8187B.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - COMHOST
*NewlyCreated* - WS2IFSL
*Deregistered* - avgio
*Deregistered* - ssmdrv
.
Inhalt des "geplante Tasks" Ordners
.
2008-03-09 c:\windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
2013-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 10:55]
.
2013-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 10:55]
.
2012-09-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107629863-3530946852-433808793-1001Core1cd970a5b2e0af1.job
- c:\users\Carmen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-23 02:13]
.
2010-12-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2107629863-3530946852-433808793-1001UA.job
- c:\users\Carmen\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-23 02:13]
.
2013-01-31 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job
- c:\program files\AVG Secure Search\PostInstall\ROC.exe [2013-01-15 12:52]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: Interfaces\{436CB8C7-7AD5-4C8B-9F18-D6752EFAA0A8}: NameServer = 139.18.25.3
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-SuperTux_is1 - e:\daten\Carmen\Downloads\SuperTux\unins000.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Àù ÉZÍv£ÐvþÿÿÿR~Ðv·ÄÎu\ç Ðç ¹ÃÎuÀÄÎu*]
"7040110900063D11C8EF10054038389C"="C?\\Windows\\system32\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\software\Symantec\Common Client\ccService\Channels]
@Denied: (C D) (Everyone)
"{00BA7C15-234B-4F2A-B9E7-C945EC8C1D38}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{2C8FD4DC-AD29-422D-8D68-73D7E6D6F417}"="{22BFA560-055F-4CD5-B14F-324A39069086}"
"{37DF08EC-2631-41E6-A52F-A5AAD1AAFACD}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{57104FE6-8BCF-44F8-B31B-0DB18744DCE2}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{6321BB3D-5821-46C8-9966-73AD6AE66D2A}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{75350A12-176A-4482-9FB3-81ADD75D2F20}"="{22BFA560-055F-4CD5-B14F-324A39069086}"
"{A4DB23FA-E6A6-4951-A1FD-D28754D1D970}"="{C213CCF9-EAD8-41D0-880A-58DCBEE68FF4}"
"{AF61DCCC-4420-491E-92FC-653E02738A2D}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{C9C0C83A-8B96-4024-A30B-153615E49F50}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{CBE2032A-F719-4189-9393-C9481519A019}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{E2BEAB59-2B2B-42DA-98E3-1EAEBDC762B1}"="{C213CCF9-EAD8-41D0-880A-58DCBEE68FF4}"
"{EDCB62E6-8CC2-45B5-BD39-9B872AFB016C}"="{22BFA560-055F-4CD5-B14F-324A39069086}"
"{FE8016F9-86E3-4F52-B53A-968BB58811CC}"="{9D27FC31-DBFD-4279-A6CD-5C92B77BD838}"
"{7ECCFB31-E92E-4627-A84C-7C4DBEF2560E}"="{4A275407-E8CD-4D0A-9286-93BDBCA4194B}"
"{2534DDB7-56E2-474A-8A98-24399943CF29}"="{BDD92022-B8FC-4AF0-86B6-E748C373149F}"
"{7E3AF02B-AE9C-4FBF-BC69-6E317EE330F8}"="{BDD92022-B8FC-4AF0-86B6-E748C373149F}"
"{1E289833-1116-47BD-801B-769B7BB12E37}"="{4A275407-E8CD-4D0A-9286-93BDBCA4194B}"
"{9F540492-0A84-4CE5-8D84-E26861CC023E}"="{4A275407-E8CD-4D0A-9286-93BDBCA4194B}"
"{6B0D006F-AE03-46D8-8431-82590F7B5C8E}"="{557F6955-90E7-48DB-9D05-89B730D5C93D}"
"{6C27C50C-F309-4BAC-8871-9FCBC194EC4C}"="{557F6955-90E7-48DB-9D05-89B730D5C93D}"
"{A9E70EB5-1F8D-480C-8729-546407BE1759}"="{557F6955-90E7-48DB-9D05-89B730D5C93D}"
"{381C619F-1051-4E89-B70F-A8325AF10EE4}"="{557F6955-90E7-48DB-9D05-89B730D5C93D}"
"{02BD7174-9C92-455A-BB1A-11A19EF34152}"="{150FE274-D0B7-49A5-A422-1FB8CEA5EED2}"
"{F97297B8-DAEC-49F5-A0C5-D1F092000E66}"="{150FE274-D0B7-49A5-A422-1FB8CEA5EED2}"
"{C9348AFF-5DE1-469B-9A87-D952F6ABCC4B}"="{1A7D9155-E047-48A9-98B9-60336092969F}"
"{B5D35D62-A6CA-4F9F-8F8D-D7CE9ACCC163}"="{1A7D9155-E047-48A9-98B9-60336092969F}"
"{69523131-0F4E-4800-860E-0C2C8A8B2110}"="{8F7B2831-B002-4033-BA6C-F4CF922C5851}"
"{4C1B3FF0-0ED5-4EB1-B44A-7F2B55AA9DAF}"="{8F7B2831-B002-4033-BA6C-F4CF922C5851}"
"{4E67473A-430C-4837-90B6-C171F7A2AC31}"="{8F7B2831-B002-4033-BA6C-F4CF922C5851}"
"{776F0871-AE3F-4BDE-8E91-6AB6C082F880}"="{8F7B2831-B002-4033-BA6C-F4CF922C5851}"
"{D28957FE-8448-4DF8-9C20-E59E8EE280A5}"="{8F7B2831-B002-4033-BA6C-F4CF922C5851}"
"{8CF7BA07-E428-4186-8665-DFE5057080C0}"="{E53EAA41-1685-4547-9657-F929817E5461}"
"{1712DF7B-C826-4FC0-9391-5E95250AA165}"="{E53EAA41-1685-4547-9657-F929817E5461}"
"{F1ED4950-C045-4739-AA4D-F01FF7CA9212}"="{E53EAA41-1685-4547-9657-F929817E5461}"
"{E3091DAA-EA7D-4626-81CE-2DB82508C4F3}"="{E53EAA41-1685-4547-9657-F929817E5461}"
"{58053B97-E3CB-4664-858F-D5EF7541B098}"="{A8B138D0-2628-478E-A8AD-FB7F5F974CF4}"
"{5B8DCA79-6A6A-4093-9050-3A0832ED3CA7}"="{A8B138D0-2628-478E-A8AD-FB7F5F974CF4}"
"{96C06601-3282-4903-B0D6-70D4D8D66DB6}"="{8C245FA1-2471-4879-BE86-15C26FB0BE1E}"
"{1747E4AB-3A1F-4FB5-B42D-87454635E4EF}"="{8C245FA1-2471-4879-BE86-15C26FB0BE1E}"
"{39B8A175-B93B-4473-A39A-A26D07AA474E}"="{8C245FA1-2471-4879-BE86-15C26FB0BE1E}"
"{6D01831C-30A9-48C7-9836-74AE1355D6A5}"="{8C245FA1-2471-4879-BE86-15C26FB0BE1E}"
"{A8CF5287-95E2-45C1-97B4-909B0CDD0ED5}"="{8C245FA1-2471-4879-BE86-15C26FB0BE1E}"
"{A88139BC-B844-4EDC-8537-22D0CDE2CB19}"="{11DC4D48-CB91-4E3D-B035-8F64416169E9}"
"{D38783C8-170A-451B-B63A-09CE46619C74}"="{CD3F3BB8-B871-4C1D-8DA3-3C622E422CC6}"
"{07AEE749-56FB-4501-A749-2952FCD38FE5}"="{CD3F3BB8-B871-4C1D-8DA3-3C622E422CC6}"
"{2E0C2AF8-79A4-4DBF-B59C-6811CF4E02BF}"="{0DE2C928-5B82-4634-847F-80616ED491FC}"
"{930A1927-60BD-4416-B391-A5050293D819}"="{D8DD111D-01EB-462A-80AA-09520D68D32A}"
"{C65698B2-A97C-48EA-84CE-A50AE26EEE1C}"="{D8DD111D-01EB-462A-80AA-09520D68D32A}"
"{97252A45-0217-4B59-8623-4E1FF5A64CC4}"="{49E588D4-7DA4-4BA1-9593-4A92D146C3D5}"
"{FAA85A58-116F-452E-9A15-C4ED4608A1F6}"="{49E588D4-7DA4-4BA1-9593-4A92D146C3D5}"
"{42B9A997-C4AB-467F-8A4D-6F9A585ADA01}"="{49E588D4-7DA4-4BA1-9593-4A92D146C3D5}"
"{0BB506FB-3C69-4B8B-AEFB-C63DA6AF293A}"="{49E588D4-7DA4-4BA1-9593-4A92D146C3D5}"
"{E4ECAF51-2923-426B-A168-FDF1FE11E97F}"="{49E588D4-7DA4-4BA1-9593-4A92D146C3D5}"
"{993F8CD0-C136-4101-947D-BF34A0B71A57}"="{DAE877DE-A00F-4992-B78B-38800CBD31BD}"
"{3CD58812-8545-48CB-AD89-EFDACED2B8D8}"="{DAE877DE-A00F-4992-B78B-38800CBD31BD}"
"{AF79100D-1021-49C4-A99F-6D89CAD48165}"="{349874FA-504B-42F0-8F20-972F60F9AA1D}"
"{AD61943D-2CD8-4CD7-A9F5-7EDEBCD65755}"="{349874FA-504B-42F0-8F20-972F60F9AA1D}"
"{2842139B-BC43-4246-82C7-BD45E88F8DE2}"="{56194707-8D09-40CA-80E8-12557B7D0FEA}"
"{8EA72189-BD90-4EAC-B4FB-87C6D17BFBA8}"="{56194707-8D09-40CA-80E8-12557B7D0FEA}"
"{46905F9B-56BE-444A-92C6-339CBA46B2DB}"="{56194707-8D09-40CA-80E8-12557B7D0FEA}"
"{F94CD8B5-EE38-414E-A1CD-D4E75299A59A}"="{56194707-8D09-40CA-80E8-12557B7D0FEA}"
"{B9052112-9E3F-4928-B00E-91FBAA67CB08}"="{56194707-8D09-40CA-80E8-12557B7D0FEA}"
"{11CBEE1D-F7CE-456C-9483-314B0C556734}"="{CF90F225-8A8F-4390-B160-660853C32EBC}"
"{030598A7-6C91-40D9-B91B-9337E6902552}"="{CF90F225-8A8F-4390-B160-660853C32EBC}"
"{A238F65C-5A5A-4279-ACBB-9B195CD52C69}"="{CF90F225-8A8F-4390-B160-660853C32EBC}"
"{CF2D2786-C4A1-48AE-8E02-43B998A2D739}"="{CF90F225-8A8F-4390-B160-660853C32EBC}"
"{407C3B8F-41CE-40BA-98D2-6AB5513D7492}"="{4BFCAD7F-4770-4E66-9AFC-15909C0BEE88}"
"{891B4437-8D4E-4EBB-ACC0-C01244B28093}"="{4BFCAD7F-4770-4E66-9AFC-15909C0BEE88}"
"{D33A5217-803A-4ADB-B81C-716D98B250A2}"="{52450474-24C1-43E3-B7F7-BF2452AD760F}"
"{E1F762E7-590F-4072-94AC-87DDF3C1C775}"="{52450474-24C1-43E3-B7F7-BF2452AD760F}"
"{2D6946D4-CA60-41F9-B4D0-2D2123578AA6}"="{52450474-24C1-43E3-B7F7-BF2452AD760F}"
"{2E1E0B4A-8395-494C-883A-96DFF4641A98}"="{52450474-24C1-43E3-B7F7-BF2452AD760F}"
"{8B291428-1F97-4419-BC42-813A6C6DCAAE}"="{52450474-24C1-43E3-B7F7-BF2452AD760F}"
"{97F48B16-4220-403F-9209-032D8911C359}"="{03F30F79-6AA2-4F6A-A355-49C9BDDA882A}"
"{CE394C96-38B0-495F-A4E7-88721866722C}"="{03F30F79-6AA2-4F6A-A355-49C9BDDA882A}"
"{12371CE3-A7B9-4DD1-8055-9712B7F32770}"="{608B6C3F-185D-4E38-9141-5CE28ACBD1AB}"
"{C8B4A885-8DB7-4E58-A000-A441E75CA17A}"="{608B6C3F-185D-4E38-9141-5CE28ACBD1AB}"
"{490F9699-4289-45F5-BFE5-53FC1598B5E6}"="{608B6C3F-185D-4E38-9141-5CE28ACBD1AB}"
"{23D69B1E-4453-4BF8-88C3-C7F92E153EAA}"="{608B6C3F-185D-4E38-9141-5CE28ACBD1AB}"
"{7ED0EF18-A4C5-42E7-8C56-52E6D83FF276}"="{608B6C3F-185D-4E38-9141-5CE28ACBD1AB}"
"{C6E07E92-BAB5-4143-8AF7-502F61D8ACBD}"="{ABED9656-1B13-4C92-989C-60AF08451C9F}"
"{8F4A892B-74BA-46DB-A8AD-D2F876572366}"="{ABED9656-1B13-4C92-989C-60AF08451C9F}"
"{4E905571-3402-4005-A790-C3A0A7F12BBC}"="{20523FA6-CBDC-475F-9769-197F919D2260}"
"{E7BB783D-8F97-4F18-B596-296756B58CF0}"="{20523FA6-CBDC-475F-9769-197F919D2260}"
"{F031E52E-E5DD-476C-A799-6D8A79A2A2F6}"="{20523FA6-CBDC-475F-9769-197F919D2260}"
"{264A4FAB-8269-4F1A-AFF5-8636ADC32923}"="{20523FA6-CBDC-475F-9769-197F919D2260}"
"{ACC5B198-A24C-4CE3-A02D-AABC453A527C}"="{20523FA6-CBDC-475F-9769-197F919D2260}"
"{8AE9F9F5-BB53-4F9E-A9F8-3A419A21F8C2}"="{37AB619F-B517-41DA-96E2-9501A1CB7D3A}"
"{5FA1325D-5412-47CA-935A-E7B007DE6FED}"="{37AB619F-B517-41DA-96E2-9501A1CB7D3A}"
"{D8541E5C-39C0-4FD2-8AF5-EE01A68AB69F}"="{37AB619F-B517-41DA-96E2-9501A1CB7D3A}"
"{3AB46120-00B7-4336-ABDF-DC4014B537BB}"="{7D2BD4B8-1539-4ED4-8AD9-8189A050E6C8}"
"{3594EB6A-D2FF-4BD7-AC55-D23785713892}"="{7D2BD4B8-1539-4ED4-8AD9-8189A050E6C8}"
"{BDCD084E-F65D-40BA-95D6-89D9C0AE47BB}"="{98C2AF2C-2BA6-46D6-AC8C-6DB7EE4C4EBA}"
"{A26B0ECF-B57D-4961-ACE8-763758EC4E75}"="{98C2AF2C-2BA6-46D6-AC8C-6DB7EE4C4EBA}"
"{0461D39C-2B59-4899-9ED0-ABADF4FDB707}"="{98C2AF2C-2BA6-46D6-AC8C-6DB7EE4C4EBA}"
"{11B410BE-0065-4FFD-966A-4C0A5A3706B7}"="{98C2AF2C-2BA6-46D6-AC8C-6DB7EE4C4EBA}"
"{10EE6E91-3755-41F5-8DEB-CC3F34756845}"="{98C2AF2C-2BA6-46D6-AC8C-6DB7EE4C4EBA}"
"{DDD5B9A9-61DC-43EF-8027-03AFDF9FFF0D}"="{F3A0B6BD-F38B-41AA-A1C0-2CB1F23E5E82}"
"{9621A483-C913-4DE7-8026-BF74EF63CD8F}"="{F3A0B6BD-F38B-41AA-A1C0-2CB1F23E5E82}"
"{31B1F6A1-A6E0-40A1-8FBA-39EF03A1C459}"="{F3A0B6BD-F38B-41AA-A1C0-2CB1F23E5E82}"
"{D724C2FB-F225-4EF8-9528-8686297CABD7}"="{76764220-24F1-4C71-A69D-B6EF7F7B7761}"
"{B449643D-0B24-4690-9A2D-3FD24B723D85}"="{76764220-24F1-4C71-A69D-B6EF7F7B7761}"
"{0820A5B1-459A-425B-874E-5EBBC0B06559}"="{BE01BA7F-A3D2-48C5-8173-9C875A2B635D}"
"{D913DACA-0E12-4668-B704-06E0505D93C7}"="{BE01BA7F-A3D2-48C5-8173-9C875A2B635D}"
"{C66C6029-B361-4279-8832-5E7AB7A81937}"="{BE01BA7F-A3D2-48C5-8173-9C875A2B635D}"
"{9E178987-385C-49A6-AB91-35FB0155753E}"="{BE01BA7F-A3D2-48C5-8173-9C875A2B635D}"
"{58408D67-F832-4894-9956-A2E99A5EFA31}"="{BE01BA7F-A3D2-48C5-8173-9C875A2B635D}"
"{CF5DBCEE-B9E0-44AA-B3E8-E34B57BEA782}"="{127223C3-90EA-4EBC-8388-AF35F9D2ACB1}"
"{9FB6BE33-BEA7-43A6-B971-237A216D26B9}"="{127223C3-90EA-4EBC-8388-AF35F9D2ACB1}"
"{EBCC6D0D-5583-4DA1-A4C9-865C1C58C8A7}"="{127223C3-90EA-4EBC-8388-AF35F9D2ACB1}"
"{2D5E947E-AAEE-47ED-A5EE-6380C3689078}"="{127223C3-90EA-4EBC-8388-AF35F9D2ACB1}"
"{1BD921F9-DFDC-41FC-AFC3-074887FA832C}"="{127223C3-90EA-4EBC-8388-AF35F9D2ACB1}"
"{91FAA476-8AAC-449C-9029-D6499534D595}"="{B1E4224B-C96F-47FD-91C7-16569DAAEE74}"
"{461D80BF-E6CE-487E-AD72-9AB87FAFD436}"="{B1E4224B-C96F-47FD-91C7-16569DAAEE74}"
"{0DDCD530-766D-40BD-B532-97C3B6520259}"="{B1E4224B-C96F-47FD-91C7-16569DAAEE74}"
"{AEEB3E2F-1C9E-4CB4-88C2-8C3990C7E0F1}"="{B1E4224B-C96F-47FD-91C7-16569DAAEE74}"
"{B82617D2-D8BC-4D1A-A58C-C3102122CDD5}"="{B1E4224B-C96F-47FD-91C7-16569DAAEE74}"
"{A30ED02F-4DE5-4057-8CCD-E1B35D33F458}"="{647DBAA7-F5D9-4777-AED8-320B47A84EEA}"
"{E62E4E73-8FAC-4004-B7CD-E0CD5F513A34}"="{647DBAA7-F5D9-4777-AED8-320B47A84EEA}"
"{2002BA6D-5163-47B4-84B4-E15AD691E4B3}"="{E47440B5-4CF1-4313-9CB4-138BD859A585}"
"{7F241564-E73F-4F95-BBE8-47F0FF830406}"="{E47440B5-4CF1-4313-9CB4-138BD859A585}"
"{5CFA49C7-77CE-4D88-9F71-D36ADDCEACBD}"="{E47440B5-4CF1-4313-9CB4-138BD859A585}"
"{1D1AB864-1DCF-4FC5-BDA1-9E1ECA704D01}"="{E47440B5-4CF1-4313-9CB4-138BD859A585}"
"{67CBAEA8-A0B9-4EEE-A925-1D067D518F1C}"="{E47440B5-4CF1-4313-9CB4-138BD859A585}"
"{7FAABE0A-0273-4287-B3DF-E1773C2FF95C}"="{B88B6777-598C-4F8B-80BA-BF67D7B2ADE3}"
"{8C7B9599-A537-4D47-8214-AEBC1A2B9876}"="{B88B6777-598C-4F8B-80BA-BF67D7B2ADE3}"
"{574D371B-102D-4E0D-A394-AAEBD6BA49B7}"="{B88B6777-598C-4F8B-80BA-BF67D7B2ADE3}"
"{8EFD10FD-3152-4C75-A613-F774E91ACCB6}"="{053CCBF4-F7FC-44C8-A5F3-8BE7D5F02C2B}"
"{D19CCEE0-D334-44A2-81EA-B1E4D007CDFF}"="{053CCBF4-F7FC-44C8-A5F3-8BE7D5F02C2B}"
"{E21B47ED-527F-4EAB-8707-8C1DEFB0CB64}"="{1DCFF5AD-48E4-4167-ABDA-BA95BB775AF7}"
"{6D62DBAA-BF56-4220-A46F-D3CE931CD33C}"="{1DCFF5AD-48E4-4167-ABDA-BA95BB775AF7}"
"{12488F7E-DDCD-45FB-93BE-821E705D3861}"="{1DCFF5AD-48E4-4167-ABDA-BA95BB775AF7}"
"{351B4642-A2F7-4A12-A9D3-AB8B9E87FB4C}"="{1DCFF5AD-48E4-4167-ABDA-BA95BB775AF7}"
"{224DB475-E13B-4A08-A340-9C5CB6858F91}"="{1DCFF5AD-48E4-4167-ABDA-BA95BB775AF7}"
"{9E2D154B-3D92-4365-A65E-B29A5D4E5FD4}"="{44F5F1EC-9397-4EB3-8C82-3E767A295242}"
"{605A31FF-F71D-45B0-BB1F-AF0263CDFBAF}"="{44F5F1EC-9397-4EB3-8C82-3E767A295242}"
"{76850FB6-4D34-462E-B741-2C68A87FE36C}"="{44F5F1EC-9397-4EB3-8C82-3E767A295242}"
"{A5CBC696-FC25-4AAC-AD91-8781B54E2D47}"="{3B4173EB-4D12-47AD-8E9C-29F026ABFD6A}"
"{34DDCB7C-CB3D-4DC9-A6A4-7148B78B96B0}"="{3B4173EB-4D12-47AD-8E9C-29F026ABFD6A}"
"{80A59354-E92B-4C89-88DC-E535C7495BA0}"="{AF46402A-D1E2-4003-8A81-E83C79A9D4A5}"
"{4CAC1715-CCC9-4DDC-857F-326530E64569}"="{AF46402A-D1E2-4003-8A81-E83C79A9D4A5}"
"{4343C915-C43C-41F0-B7A3-172B566F494D}"="{AF46402A-D1E2-4003-8A81-E83C79A9D4A5}"
"{FF2A9B62-DF6A-4A2D-8965-8F9B101F48B6}"="{AF46402A-D1E2-4003-8A81-E83C79A9D4A5}"
"{138B4B0B-D36F-46DB-8A10-0053E06F6481}"="{5194BF8B-A401-459A-B7C0-3040CC7FAB60}"
"{01EF34AD-87F2-4BB9-A8BE-D5F5F4E76867}"="{5194BF8B-A401-459A-B7C0-3040CC7FAB60}"
"{B059F3BE-5C5F-49E1-A3C3-C63886160545}"="{5194BF8B-A401-459A-B7C0-3040CC7FAB60}"
"{34242076-2CF1-4C42-B1E6-57996B9C51B4}"="{44764C08-C2B0-4C5F-B990-4BEBA02A9071}"
"{17C627E3-C7E9-4BB1-8DE2-C26AB47CD181}"="{44764C08-C2B0-4C5F-B990-4BEBA02A9071}"
"{A6B39590-C892-41ED-95CD-186E7AA36DE5}"="{44764C08-C2B0-4C5F-B990-4BEBA02A9071}"
"{B0C831EA-B2E9-44C8-9049-3461913A8B31}"="{44764C08-C2B0-4C5F-B990-4BEBA02A9071}"
"{20A304ED-88A7-46D8-AB7A-7B6B0C902B5E}"="{44764C08-C2B0-4C5F-B990-4BEBA02A9071}"
"{01100039-4484-4992-8C5C-B186C0A07A57}"="{407D2C76-81AA-4024-B70B-A9DFF8652F17}"
"{36F42E03-7B34-4FEC-B995-221E2B9DA1BA}"="{407D2C76-81AA-4024-B70B-A9DFF8652F17}"
"{964EBAC9-1A36-4053-9E62-15FB42AE0B27}"="{CD0B4FDC-25ED-4F25-B3BB-BB1BD2300B48}"
"{1FAE42F1-18B5-42DE-AE6B-37530201CE94}"="{CD0B4FDC-25ED-4F25-B3BB-BB1BD2300B48}"
"{BD079197-1A43-4BC6-AEDA-6E8DABA7910E}"="{E1C83E5C-B242-4D07-AE0E-5A334B4ACA40}"
"{85080D01-0F7C-4824-932C-9675514E8D53}"="{E1C83E5C-B242-4D07-AE0E-5A334B4ACA40}"
"{9A0F07BC-6CCF-4883-AB6B-DCD694C54799}"="{E1C83E5C-B242-4D07-AE0E-5A334B4ACA40}"
"{75B66DB5-3BB7-4222-94B2-3C6A6B95D397}"="{E1C83E5C-B242-4D07-AE0E-5A334B4ACA40}"
"{0439FC4D-5387-4FC3-AD4D-C7E4E526C59F}"="{E1C83E5C-B242-4D07-AE0E-5A334B4ACA40}"
"{28450187-0497-44C6-8EAB-BB7237FA7E7A}"="{18DE2631-38FB-45DC-8060-8239531C3D69}"
"{9F0C044D-E679-4520-A6EA-1A00F532D96B}"="{18DE2631-38FB-45DC-8060-8239531C3D69}"
"{F27FAADE-5581-459A-9EFE-0234E1EE7EA2}"="{C7AE81F0-0739-4EA7-97BD-1B518D0B957A}"
"{6CEF45A6-8DDC-4855-B84D-FC0807F5171B}"="{C7AE81F0-0739-4EA7-97BD-1B518D0B957A}"
"{0B2C42D2-F6C9-4B0E-8D83-A86ED90008D8}"="{C7AE81F0-0739-4EA7-97BD-1B518D0B957A}"
"{BF16C338-4E79-4453-AC73-8406946160D6}"="{C7AE81F0-0739-4EA7-97BD-1B518D0B957A}"
"{73849DB7-09DE-400C-A0D3-087B9AE7B68F}"="{C7AE81F0-0739-4EA7-97BD-1B518D0B957A}"
"{2B5177E6-DD03-4198-B3EE-EFD0990C4779}"="{CC5FB538-5353-4EA1-A7F0-0DD33DEDEB1C}"
"{E1A6C061-6A23-4C97-B7C5-CEE119D4E42F}"="{CC5FB538-5353-4EA1-A7F0-0DD33DEDEB1C}"
"{0E3F7B30-2AF3-4089-8C56-50BF0918665D}"="{CAA21266-BD1A-4E5E-93F1-965D7F3A8C20}"
"{7197EF19-3C23-404F-B025-0671523D28C9}"="{CAA21266-BD1A-4E5E-93F1-965D7F3A8C20}"
"{EDCB15F4-7F7C-4676-B50F-92BAD6A0079C}"="{CAA21266-BD1A-4E5E-93F1-965D7F3A8C20}"
"{9C2FDD96-8BC7-4CD0-98E4-24A19A2605C6}"="{CAA21266-BD1A-4E5E-93F1-965D7F3A8C20}"
"{3844EDBC-A126-453C-9C7D-4A921DCD2145}"="{CAA21266-BD1A-4E5E-93F1-965D7F3A8C20}"
"{5AF3675D-2904-4A1A-B1B5-6231A414BB5E}"="{A98EAFC5-2810-4AF9-B6FD-53F2AB7A9D78}"
"{1ED168BC-6CD8-4EF2-9A69-996FDA83CDA8}"="{A98EAFC5-2810-4AF9-B6FD-53F2AB7A9D78}"
"{FE6238DA-2ED6-4384-AB45-FC0E26CF88BF}"="{A98EAFC5-2810-4AF9-B6FD-53F2AB7A9D78}"
"{B6CAF94C-B4DF-4ED2-ADD9-133F7592520A}"="{A98EAFC5-2810-4AF9-B6FD-53F2AB7A9D78}"
"{9281BF34-D695-4F74-BB81-583C380C074E}"="{BADB0A03-850A-4D4E-B7EA-47977EE6409A}"
"{E97E341E-065D-4B2A-85EA-AE453A10CD4D}"="{BADB0A03-850A-4D4E-B7EA-47977EE6409A}"
"{DB029EEB-E5BC-47C3-AB77-B08E7D8A887B}"="{6B0B8ED3-BD1E-4239-A37A-CED5FB8B6502}"
"{362C793A-D936-4BD8-B988-66F90A8A125D}"="{6B0B8ED3-BD1E-4239-A37A-CED5FB8B6502}"
"{B45F1A8D-752A-45A7-AD28-FA00A93C9455}"="{6B0B8ED3-BD1E-4239-A37A-CED5FB8B6502}"
"{BBCEAD87-BC68-4C9A-969F-4400A024573A}"="{6B0B8ED3-BD1E-4239-A37A-CED5FB8B6502}"
"{6AA43571-9AD2-47A1-8AB3-A47B2E0262A1}"="{6B0B8ED3-BD1E-4239-A37A-CED5FB8B6502}"
"{8418134B-AC78-423B-B865-236105D075E0}"="{40DB2EFA-F461-4722-A173-B0DAB109B992}"
"{9622F0D0-589D-4ADE-9D21-124BBB6FCFA3}"="{40DB2EFA-F461-4722-A173-B0DAB109B992}"
"{12FA23D4-DB9E-4DA0-824F-7B95D42BE814}"="{DD8BF7ED-912B-4255-9012-03E2AD76321A}"
"{E9B26BD5-1BDD-48C1-A52E-E9402FB1D910}"="{DD8BF7ED-912B-4255-9012-03E2AD76321A}"
"{D154FB60-2E21-4223-9779-4F43CE6EFF45}"="{DD8BF7ED-912B-4255-9012-03E2AD76321A}"
"{F8FFA0E4-99B6-49DA-91B9-929B166BA00E}"="{DD8BF7ED-912B-4255-9012-03E2AD76321A}"
"{1BE29AE9-2ACD-4122-A642-459D0A66661F}"="{DD8BF7ED-912B-4255-9012-03E2AD76321A}"
"{664C0CC8-E425-40DC-96C8-5070AF5BEBFB}"="{EC65B621-B250-442B-9FF3-F74518703135}"
"{C02CB8EA-3BA0-47B4-A1C3-17DD7222A5CD}"="{EC65B621-B250-442B-9FF3-F74518703135}"
"{1879080D-5584-4944-8C9C-D2843DA42E02}"="{EC65B621-B250-442B-9FF3-F74518703135}"
"{8B101892-3A1B-4566-9A10-4C62B04A00EB}"="{585CC6ED-6406-4BF2-8D6E-891069C9DFD5}"
"{950FC2D5-D4B2-4894-9E3C-DFB426067F01}"="{585CC6ED-6406-4BF2-8D6E-891069C9DFD5}"
"{154B9158-0B22-4626-BAA1-86A0E3FC25C4}"="{FCF3FD62-FD70-4829-BA94-A0FAA0910FBA}"
"{396DDFA1-968E-4AAC-8F64-26D59194AEDD}"="{FCF3FD62-FD70-4829-BA94-A0FAA0910FBA}"
"{4C112C3A-201A-4467-A5F1-3CF3D4375399}"="{FCF3FD62-FD70-4829-BA94-A0FAA0910FBA}"
"{E8CB0F1B-F66B-4E1F-808A-30D9D77CF05C}"="{FCF3FD62-FD70-4829-BA94-A0FAA0910FBA}"
"{4CD611AB-E12B-422E-8C1F-D7848974C114}"="{FCF3FD62-FD70-4829-BA94-A0FAA0910FBA}"
"{8A25026A-153F-4075-B558-1E92C104DAB2}"="{E323003C-9AE5-4B79-BA8A-D5023395A0F1}"
"{0B753F8D-7C52-4415-B9CB-5A2797C915E1}"="{E323003C-9AE5-4B79-BA8A-D5023395A0F1}"
"{F96D8024-AABD-4C71-AA00-C228CB0A3A4B}"="{9BC085E3-7574-4167-8780-3F3B7415B2DF}"
"{37A8A0AB-7710-4BA3-BC57-D68936A1A608}"="{9BC085E3-7574-4167-8780-3F3B7415B2DF}"
"{74D55FA7-B14A-4764-925C-D5EB6FDE7955}"="{9BC085E3-7574-4167-8780-3F3B7415B2DF}"
"{22966731-45D7-46E1-A5B2-DE82A5B051CF}"="{9BC085E3-7574-4167-8780-3F3B7415B2DF}"
"{29C172A6-714E-4E58-AFB0-8C2CDEDBE1DD}"="{9BC085E3-7574-4167-8780-3F3B7415B2DF}"
"{96E6E7D7-9F7D-4615-ADCD-A1A24224F690}"="{9C8514E4-860C-42C4-AE4F-676F97522D07}"
"{DB109FC6-30DA-428B-B530-9392CD0C4C7C}"="{9C8514E4-860C-42C4-AE4F-676F97522D07}"
"{95AE751F-E98B-4B1A-ABFA-A4021613ABA0}"="{FFE9C493-EA72-447C-B471-B3309B4B3371}"
"{E1B528B8-83B1-4883-9CE1-BA0240C9B9CD}"="{FFE9C493-EA72-447C-B471-B3309B4B3371}"
"{29914B7B-0E90-47CE-A7C9-E68631FB2E15}"="{FFE9C493-EA72-447C-B471-B3309B4B3371}"
"{5DE5EA2B-BE28-43D0-8EA6-76008B52D1C4}"="{FFE9C493-EA72-447C-B471-B3309B4B3371}"
"{5AD4E4DD-94B8-4F0D-9EB8-33FDDB2139CD}"="{FFE9C493-EA72-447C-B471-B3309B4B3371}"
"{606E321A-6C6E-41BD-82D7-71751AC367CF}"="{B8E263D8-FC40-4985-8F74-B83702A60B69}"
"{91B1B987-44D5-4AEB-8226-FD886BEFF48C}"="{B8E263D8-FC40-4985-8F74-B83702A60B69}"
"{01747634-5F95-41F6-A52D-D8DCB3324148}"="{B8E263D8-FC40-4985-8F74-B83702A60B69}"
"{E2A53CF4-71A1-495C-BAEB-F6DD5AB357C2}"="{29FD54DE-DBBD-4A79-8C34-DBD96F899340}"
"{D3168915-B34A-4533-9CD1-EC96CFF34AFF}"="{29FD54DE-DBBD-4A79-8C34-DBD96F899340}"
"{9AC8105E-7AAB-4458-B462-0D1E19408329}"="{8AF95A74-1308-4E8E-B886-1C73F8388E0F}"
"{7E981DB0-8DED-46EC-8056-B9F5B3289A3D}"="{8AF95A74-1308-4E8E-B886-1C73F8388E0F}"
"{707F2FC3-60B5-47C7-A767-2B784B45CDF5}"="{8AF95A74-1308-4E8E-B886-1C73F8388E0F}"
"{962C9323-7834-4618-AC40-97A2009D0110}"="{8AF95A74-1308-4E8E-B886-1C73F8388E0F}"
"{DAE85353-4F7D-478C-A174-146B01C326AD}"="{8AF95A74-1308-4E8E-B886-1C73F8388E0F}"
"{7739DE69-5188-448F-8F88-EB88B0CA5F35}"="{D28F4AAE-5AD2-4BEB-8FE7-989C6E66238C}"
"{F411120A-DE9E-475F-A045-63F67BDF21D6}"="{D28F4AAE-5AD2-4BEB-8FE7-989C6E66238C}"
"{21EEE00B-220B-4754-B59D-B22FBF3F6837}"="{D28F4AAE-5AD2-4BEB-8FE7-989C6E66238C}"
"{EE6B6921-5A9A-4B08-9717-5B895451A530}"="{19D56D81-D149-4009-9687-C71433E363F0}"
"{AF1CC895-A577-42F5-A536-6FEB26882B72}"="{19D56D81-D149-4009-9687-C71433E363F0}"
"{D04561E9-55B1-4EAC-9A9E-825157CCB439}"="{19D56D81-D149-4009-9687-C71433E363F0}"
"{E1E8E0F4-EB17-4F36-913E-AD56A6A31ED1}"="{19D56D81-D149-4009-9687-C71433E363F0}"
"{29B5D28E-7985-4DF0-852C-461C84DC6123}"="{19D56D81-D149-4009-9687-C71433E363F0}"
"{B96EBD1A-28C9-43C5-9468-7733B7F8DEB3}"="{B7AD334A-8977-43AB-A7A6-7190548B1ABE}"
"{05F087F7-5B48-48E4-9F71-C1AB007C66F1}"="{B7AD334A-8977-43AB-A7A6-7190548B1ABE}"
"{4E3EF772-4563-42A2-B129-8E6A3A03FB10}"="{77F8CE9F-0773-4096-92FF-A435D67D294D}"
"{B5C985A8-2D81-4273-BAB8-D058F76B5168}"="{77F8CE9F-0773-4096-92FF-A435D67D294D}"
"{71A1A6CE-0453-4588-A79E-E0B30273CE4B}"="{F02AAF25-782A-480D-94BC-D9301E21A2E4}"
"{69CC6A47-FAE9-44C1-AF98-C5FFD0515607}"="{F02AAF25-782A-480D-94BC-D9301E21A2E4}"
"{887E7106-B72D-40FB-A49E-A7CAC46A34E4}"="{F02AAF25-782A-480D-94BC-D9301E21A2E4}"
"{7C2C1C33-303B-4A13-8C95-5E75E4682903}"="{A59534E3-12D5-4768-AB98-AD8E4149051D}"
"{290084E9-1361-4CB8-AF14-00997DB2D68F}"="{A59534E3-12D5-4768-AB98-AD8E4149051D}"
"{1EF89E45-D19F-47C2-969A-404D1CD17C03}"="{35B3BEDD-4275-4513-803C-F3F885336CE7}"
"{A329DB41-5AAA-49C7-9DB8-7C4AE9CC3990}"="{35B3BEDD-4275-4513-803C-F3F885336CE7}"
"{38FCB080-9CE4-4A6F-B436-8585D570EAA8}"="{35B3BEDD-4275-4513-803C-F3F885336CE7}"
"{96C786D3-195D-4731-B6E7-A89B24EDD1A3}"="{35B3BEDD-4275-4513-803C-F3F885336CE7}"
"{A1AE5B84-9CC4-4AC5-8E24-40102A0FE704}"="{35B3BEDD-4275-4513-803C-F3F885336CE7}"
"{3CEFE3E5-7FE2-4212-B81E-77DFF3AE7373}"="{FBFA814F-625F-4764-8FD2-359E53058079}"
"{C1B0C570-BD0A-4124-A2C7-B8A547CAD2BA}"="{FBFA814F-625F-4764-8FD2-359E53058079}"
"{099EC8B8-0C26-4367-BD27-C0A9289556FD}"="{FBFA814F-625F-4764-8FD2-359E53058079}"
"{BADF1974-C12F-4A46-AAFD-38D04F1DBACB}"="{6E54F4BE-EC49-44F1-ADAE-1448E9F84D24}"
"{FC2B4B00-18C1-4F41-AF93-3E97340BDE0E}"="{6E54F4BE-EC49-44F1-ADAE-1448E9F84D24}"
"{641D1A2B-462D-4790-9933-1BE3BD152139}"="{E6C1C450-F7CC-491B-964D-81550F861AF3}"
"{33518933-C81E-4657-B454-AFBF1A751AC7}"="{E6C1C450-F7CC-491B-964D-81550F861AF3}"
"{4374B6C6-929E-4EB7-AD3F-56DDAA4AD37A}"="{E6C1C450-F7CC-491B-964D-81550F861AF3}"
"{108D1D30-EECD-4DD6-B813-3A2E724D4104}"="{E6C1C450-F7CC-491B-964D-81550F861AF3}"
"{E5D09878-E364-418D-926B-44EA09793044}"="{E6C1C450-F7CC-491B-964D-81550F861AF3}"
"{6FA3E990-3C75-415B-8987-71C16AA08159}"="{36B44FB8-BDE5-4684-BC08-68926A0F081F}"
"{150FF62E-32BA-45F3-A3AB-E080F9659A39}"="{36B44FB8-BDE5-4684-BC08-68926A0F081F}"
"{71101991-09DA-4C82-BCAD-7193D3F3CB02}"="{F96F1035-BA09-4F8E-8340-8AF89B1299C7}"
"{405D28D1-17F3-440E-8272-C126B53C06C5}"="{F96F1035-BA09-4F8E-8340-8AF89B1299C7}"
"{1403A2EC-CEFB-408D-81A7-48294DA75C6C}"="{F96F1035-BA09-4F8E-8340-8AF89B1299C7}"
"{06A47049-5AF5-441C-B48D-80EB376C41CC}"="{F96F1035-BA09-4F8E-8340-8AF89B1299C7}"
"{B2F4C374-5091-494E-B297-1A223AFB41F6}"="{F96F1035-BA09-4F8E-8340-8AF89B1299C7}"
"{2C037389-FD02-41E3-83A7-166C5838C0D1}"="{4EBEFC0B-2001-40A1-A281-7F94EECB21CD}"
"{8E876AC5-D19F-461E-89E7-7016247B639F}"="{4EBEFC0B-2001-40A1-A281-7F94EECB21CD}"
"{FDB9A4F8-D865-425A-BE30-2B282F027D0F}"="{4EBEFC0B-2001-40A1-A281-7F94EECB21CD}"
"{BEE91319-BB0F-4EA9-B213-2D11383C43C1}"="{15128307-2852-468C-B2ED-4CC6A7E26EBB}"
"{5C416256-3013-445A-B959-3843892A59F9}"="{15128307-2852-468C-B2ED-4CC6A7E26EBB}"
"{465D44BD-8B52-48F1-A1A0-F6BC1D260563}"="{FF39B7BA-E655-446C-926F-1E48C2392A1F}"
"{FF55FBB0-3574-4D49-BA54-8374F64055C8}"="{FF39B7BA-E655-446C-926F-1E48C2392A1F}"
"{FBCD7986-133D-46A9-962D-77FB5F4C0F82}"="{FF39B7BA-E655-446C-926F-1E48C2392A1F}"
"{854CC9A5-927D-4B02-865B-A8510846CE09}"="{FF39B7BA-E655-446C-926F-1E48C2392A1F}"
"{CA385699-F645-4C16-950E-5B7080296A6D}"="{FF39B7BA-E655-446C-926F-1E48C2392A1F}"
"{77C919AE-E524-48C6-B583-5FE92FEE3495}"="{94FDC60D-4CE0-40B6-88A4-5379B5583CFA}"
"{B82928F6-83AA-4CF8-86B1-AB165476033C}"="{94FDC60D-4CE0-40B6-88A4-5379B5583CFA}"
"{672243B7-BA0F-4764-8110-87EF8C8A2CAC}"="{94FDC60D-4CE0-40B6-88A4-5379B5583CFA}"
"{0C164810-3AB5-45C4-9EE7-986DE9338D76}"="{E46EDD86-4F98-4C1D-BA00-0BF36C54E5E6}"
"{D209F05A-CE8E-4005-8A1A-1D9220387EF9}"="{E46EDD86-4F98-4C1D-BA00-0BF36C54E5E6}"
"{67077AEB-AAD9-4990-8A93-747E0FDF0675}"="{E46EDD86-4F98-4C1D-BA00-0BF36C54E5E6}"
"{5E668D55-AB9C-4D3E-AD74-8A4B2CC34718}"="{103683CE-FD19-42C3-89D7-6C4C8E1C86C1}"
"{9FF96D87-C59C-4919-AE51-A83595579E6C}"="{103683CE-FD19-42C3-89D7-6C4C8E1C86C1}"
"{5AC92435-8A3B-43EE-8C00-F94299CD4B3B}"="{E59A070F-2826-457C-AD82-F56790F95DC0}"
"{FD5A6530-77A3-4100-8F34-D250F3AD5A36}"="{E59A070F-2826-457C-AD82-F56790F95DC0}"
"{EDD573D8-E737-47D3-BF55-444E8B512906}"="{E59A070F-2826-457C-AD82-F56790F95DC0}"
"{9E426CE3-099C-4122-95CA-721E35347C34}"="{E59A070F-2826-457C-AD82-F56790F95DC0}"
"{27F147F8-EC00-4EB4-B4CD-97D040CE27FB}"="{E59A070F-2826-457C-AD82-F56790F95DC0}"
"{628241F3-ACFE-407C-A094-81CE3ECF5153}"="{52EFB4D2-A10C-46D9-A696-1888655A7B1F}"
"{31AD35D6-B206-4942-83A5-CC5A19F7AF37}"="{52EFB4D2-A10C-46D9-A696-1888655A7B1F}"
"{5E87ED2D-9A39-4F61-A11F-69D9C61BCE9B}"="{52EFB4D2-A10C-46D9-A696-1888655A7B1F}"
"{6C462417-FFC4-4B89-BE6D-B93A178EE2AA}"="{428C2EF9-8B65-4E24-BE89-973C61EA2398}"
"{00BB0AB6-F89F-4C70-B2DF-B2D700590169}"="{428C2EF9-8B65-4E24-BE89-973C61EA2398}"
"{FA34C4C9-4090-43E3-A378-665C9DA401BA}"="{9C55453C-8B25-4946-BCCC-B0145BA4903E}"
"{C42576C1-DFD2-47D7-888D-B0437F4A9EAC}"="{9C55453C-8B25-4946-BCCC-B0145BA4903E}"
"{00E6378F-529D-4739-A5CA-DECA264C50E0}"="{9C55453C-8B25-4946-BCCC-B0145BA4903E}"
"{FE70E08C-B0C6-432F-A3F3-4B2510B63794}"="{9C55453C-8B25-4946-BCCC-B0145BA4903E}"
"{E1DA4B75-60DB-47BC-BF1D-7947BD90E28D}"="{9C55453C-8B25-4946-BCCC-B0145BA4903E}"
"{A0893328-CA93-462D-95FD-6C44AA10B5BF}"="{54D28B01-F3F6-4340-98F6-651BCF2C52FC}"
"{403DEFA3-088D-49D2-AC56-755A456A81EB}"="{54D28B01-F3F6-4340-98F6-651BCF2C52FC}"
"{F03AB299-F4DF-44CA-9562-42D55AA5B521}"="{54D28B01-F3F6-4340-98F6-651BCF2C52FC}"
"{7F1C76D3-B74C-4ED0-B764-67F89C780257}"="{6C9C0E88-308D-4CD6-B219-9FA8470052B8}"
"{185E77D5-B0B3-45B7-9A6D-B20552F1D6BE}"="{6C9C0E88-308D-4CD6-B219-9FA8470052B8}"
"{ED15E5EC-4BAA-42B7-938B-663CED6D75A7}"="{1301BA0C-0957-487F-97A2-997272CA787F}"
"{C158A5B1-39E7-42A2-B464-B49139772454}"="{1301BA0C-0957-487F-97A2-997272CA787F}"
"{C0992FFB-075D-4E02-A29D-558FFFE1A081}"="{1301BA0C-0957-487F-97A2-997272CA787F}"
"{5AE92176-31CE-4E0B-B5FB-73BCB9A57ADE}"="{1301BA0C-0957-487F-97A2-997272CA787F}"
"{123729C4-DA7A-4972-B04E-C88893663986}"="{1301BA0C-0957-487F-97A2-997272CA787F}"
"{1CC60299-49A2-4110-B19B-08F7605B3534}"="{FA84112A-6162-4A27-9798-6656099A07D5}"
"{A76EB7C8-186D-471E-8623-C694E4CC9DA1}"="{FA84112A-6162-4A27-9798-6656099A07D5}"
"{9338A227-0A0D-472D-8705-D3A2786418C1}"="{997F3565-9273-4ADE-ACE4-61E260484290}"
"{6434968E-3D91-43B8-BBF6-40863DD27594}"="{997F3565-9273-4ADE-ACE4-61E260484290}"
"{9D51ABA6-94E9-4226-89F3-84673491DE7F}"="{997F3565-9273-4ADE-ACE4-61E260484290}"
"{C799BF36-3BB5-451D-B0ED-B966390FDAB6}"="{997F3565-9273-4ADE-ACE4-61E260484290}"
"{41DB2D02-F6B9-4B9C-A0CF-657A97FFFB33}"="{997F3565-9273-4ADE-ACE4-61E260484290}"
"{3F8F3AD9-98E5-454C-B99F-96E6656FE6B0}"="{CD142757-C2F6-4A3F-A73D-F9620C20AE40}"
"{587EF3EA-E8AF-4640-9863-05525748DCA6}"="{CD142757-C2F6-4A3F-A73D-F9620C20AE40}"
"{2B45F4BC-C9FA-45B4-8224-DA29D9EACB01}"="{051710BD-28BD-422D-8802-C72BA19F4460}"
"{D51D544F-E493-4A25-9786-750136BAB57A}"="{051710BD-28BD-422D-8802-C72BA19F4460}"
"{86991D91-A0EA-4755-8352-96BD63152B4C}"="{051710BD-28BD-422D-8802-C72BA19F4460}"
"{0BBE3C57-7EE3-4AA3-AE54-5714B2E5E37B}"="{051710BD-28BD-422D-8802-C72BA19F4460}"
"{394DAA91-4FE6-4FD7-A045-A4873E609AFD}"="{051710BD-28BD-422D-8802-C72BA19F4460}"
"{65E23ADC-D545-438E-B699-37258E44ABAB}"="{57541540-FA22-46E9-B429-868609C2C9E8}"
"{810402D9-E675-4B77-B518-CE27066FC7B4}"="{57541540-FA22-46E9-B429-868609C2C9E8}"
"{933DA7DC-7930-407B-8EA2-BC563DAE8247}"="{36C480CA-A28D-4A50-8E24-B4A15D6144B0}"
"{AD0102B8-2CBE-41C3-A81C-9275AAD61B9F}"="{36C480CA-A28D-4A50-8E24-B4A15D6144B0}"
"{35490AE1-AFC5-4EF1-B9A9-9C2DE1D378CA}"="{36C480CA-A28D-4A50-8E24-B4A15D6144B0}"
"{0FBDAA3A-0958-474B-A907-D89CE0050E64}"="{36C480CA-A28D-4A50-8E24-B4A15D6144B0}"
"{2C383EBB-A3B5-42E6-907F-63DF7445F28C}"="{36C480CA-A28D-4A50-8E24-B4A15D6144B0}"
"{4DAD7678-926F-463A-861E-4BB63D30B39D}"="{87C20754-93F4-41D3-8F7E-293B2711F49C}"
"{A74A9CF0-D0F4-453D-B296-57C4FB3DB668}"="{BAAAE749-96EA-4AD9-9062-9EFDA7545258}"
"{80ACC720-178F-418F-B6E3-CC3E8C083B25}"="{BAAAE749-96EA-4AD9-9062-9EFDA7545258}"
"{9E6D673C-E182-4695-A25E-75EF32541960}"="{FEC49275-26C7-4389-95AF-C00D0E8C3087}"
"{D2F03F6C-3AD0-43C2-BE76-8BC26079FD06}"="{FEC49275-26C7-4389-95AF-C00D0E8C3087}"
"{E9CDA016-818D-45DD-9850-5F7425E78B75}"="{FEC49275-26C7-4389-95AF-C00D0E8C3087}"
"{3ECB9FB9-945C-4E9B-A5E5-2CBE3077C8EE}"="{FEC49275-26C7-4389-95AF-C00D0E8C3087}"
"{0419272A-22F6-45E1-873A-B0A509302A88}"="{FEC49275-26C7-4389-95AF-C00D0E8C3087}"
"{B9DA4D00-CD44-400C-BA55-499DF593E10A}"="{528D9FFE-AEB5-4426-97D9-DC11B8B6EB84}"
"{EED38255-1D42-48F8-BB7F-9BA98649A570}"="{528D9FFE-AEB5-4426-97D9-DC11B8B6EB84}"
"{F1C3775E-EDEF-41EC-8B1A-F073DEBED40E}"="{528D9FFE-AEB5-4426-97D9-DC11B8B6EB84}"
"{42738E05-4036-4089-9557-C1B7648BDB1C}"="{017EFC09-E379-4140-B30A-997C8E3403F4}"
"{469CDF8E-AA5B-43D3-8095-4C20BA0F578B}"="{017EFC09-E379-4140-B30A-997C8E3403F4}"
"{35511123-12EF-41F6-B3DE-67B04F7BD8AC}"="{EF6D6A12-37FB-4779-ADAF-75A5AB200C36}"
"{2D27B5BC-B951-41C4-82B0-83817A9FFCDD}"="{EF6D6A12-37FB-4779-ADAF-75A5AB200C36}"
"{0D5AC8FD-B0C9-4AC3-B8B9-0D0A0581DF2C}"="{EF6D6A12-37FB-4779-ADAF-75A5AB200C36}"
"{139C57C3-BF59-438A-8CC7-706C9A4339A6}"="{EF6D6A12-37FB-4779-ADAF-75A5AB200C36}"
"{8F17073E-2193-44F4-9820-29387F13C427}"="{EF6D6A12-37FB-4779-ADAF-75A5AB200C36}"
"{F1A2E8AF-8BFF-4BFF-B1AE-6EFBA714EA0B}"="{2E3BD869-AED6-4D51-8895-3501DAB462CE}"
"{FEDF70E1-67BF-42F3-B8D3-289E72C81EC1}"="{2E3BD869-AED6-4D51-8895-3501DAB462CE}"
"{019B2FFC-79F5-4BDA-B9E2-294A5F99B5E7}"="{DD52E9DF-5287-4C8E-BB07-2BB95E13298E}"
"{042499B3-AF22-4950-8A23-89DA730E3E76}"="{DD52E9DF-5287-4C8E-BB07-2BB95E13298E}"
"{517F9090-D703-4FD5-AD6B-2EB3E49DE642}"="{DD52E9DF-5287-4C8E-BB07-2BB95E13298E}"
"{D79F59E8-479A-4BDC-B0F3-97D095BC894C}"="{DD52E9DF-5287-4C8E-BB07-2BB95E13298E}"
"{E4D04FC1-2D57-4261-811C-332847531AA0}"="{DD52E9DF-5287-4C8E-BB07-2BB95E13298E}"
"{DF865DC1-ED7E-40D5-BB47-E643B190D33C}"="{DD52E9DF-5287-4C8E-BB07-2BB95E13298E}"
"{F8E9E686-D79E-4FC2-9373-9B1413E29617}"="{C96B6CA3-E210-4749-86F2-0D3A58009230}"
"{A16AB67A-183F-4DF5-9802-62F639774E97}"="{C96B6CA3-E210-4749-86F2-0D3A58009230}"
"{838D81FA-801E-4FBD-9FE7-06FCB246ED75}"="{C96B6CA3-E210-4749-86F2-0D3A58009230}"
"{186FE2CC-876D-4EBE-86C8-4F8F08592093}"="{75755467-B832-43FE-99A0-0DC523DE863C}"
"{91ED20F1-F76F-431B-94DE-E5E41B60BA55}"="{75755467-B832-43FE-99A0-0DC523DE863C}"
"{0C80D95E-FA9B-4F5C-B014-83E3DAA3D210}"="{FE798561-759B-4105-A49C-695553287514}"
"{C3F00C1A-9B5F-4638-9E9D-D5D4B4D218EF}"="{FE798561-759B-4105-A49C-695553287514}"
"{F183A3B6-381E-41A9-8B93-B6DABB8211EE}"="{FE798561-759B-4105-A49C-695553287514}"
"{91836B63-53D9-4DEE-8F28-B5BC7CD93B27}"="{FE798561-759B-4105-A49C-695553287514}"
"{AE00176F-4610-4218-A88E-93B14498C459}"="{FE798561-759B-4105-A49C-695553287514}"
"{B14EBBE2-053D-4B96-B97C-B4EF0B3CE745}"="{FBAFEA1A-4399-42C4-A9A7-1C177AF10C61}"
"{5DF6E975-7C7F-4012-9BDA-21429BA12077}"="{FBAFEA1A-4399-42C4-A9A7-1C177AF10C61}"
"{3A2F8D98-5CAC-4EE1-B127-6C8E3F4BA970}"="{FBAFEA1A-4399-42C4-A9A7-1C177AF10C61}"
"{60AC5190-905E-4921-B865-7AAEF5C6BC05}"="{5C694D94-E773-45E3-84E6-80C3E7F9C124}"
"{875C719E-8DE8-4BE7-846E-A1CD92FB6E8D}"="{5C694D94-E773-45E3-84E6-80C3E7F9C124}"
"{C99CA9B8-BFCE-4622-8118-9C7FF78B6365}"="{E9C2A512-5B13-47CA-97BE-2E203D3E7927}"
"{D35B32D6-55E7-4991-9696-1AC59BA31C91}"="{E9C2A512-5B13-47CA-97BE-2E203D3E7927}"
"{4BE342A4-345D-4FEE-B592-465A47FE113F}"="{E9C2A512-5B13-47CA-97BE-2E203D3E7927}"
"{A201EA8F-E847-4023-9EF5-2A5DAA30526B}"="{E9C2A512-5B13-47CA-97BE-2E203D3E7927}"
"{191189C7-5FCD-4DCB-8815-97DAA22C70E6}"="{E9C2A512-5B13-47CA-97BE-2E203D3E7927}"
"{5D064DAE-DC5C-47C3-B32C-72B13D2BC3C8}"="{0094CE62-79BB-45C4-92F4-F3000463D318}"
"{4CD4FCB3-E077-43BC-AF4B-55D1620D54DF}"="{0094CE62-79BB-45C4-92F4-F3000463D318}"
"{EC13DE5A-7793-4C8D-B400-ADE9D287A3CE}"="{0094CE62-79BB-45C4-92F4-F3000463D318}"
"{E7A718F6-923F-4D63-8602-BB44926D484A}"="{948C8BEC-15A7-4E08-ABED-0C5E751B1D09}"
"{7C124753-A8A8-4B13-B2C0-768B4293DBD2}"="{948C8BEC-15A7-4E08-ABED-0C5E751B1D09}"
"{682C23E1-2D26-4B22-80B1-10AD4D4DA1C6}"="{948C8BEC-15A7-4E08-ABED-0C5E751B1D09}"
"{A8AE0AA4-7C01-4F92-88E8-7835CE93D49D}"="{948C8BEC-15A7-4E08-ABED-0C5E751B1D09}"
"{8F72DE12-4B06-4ED9-8978-DC9EDD523D18}"="{948C8BEC-15A7-4E08-ABED-0C5E751B1D09}"
"{ED40F62B-6558-4322-AF44-4150C637DCA5}"="{98294DD7-7D92-4E57-AA8C-55B6C0D4C78A}"
"{45F086E5-6FA5-412E-BC0C-FF7B5694DA0D}"="{98294DD7-7D92-4E57-AA8C-55B6C0D4C78A}"
"{ED5B5377-348F-4631-B009-D518CA6315DA}"="{2D936A6C-9607-4746-A5DE-9AC4D3FC105E}"
"{DBDC30A5-1BF9-43F6-B0A3-3093DA15B59C}"="{2D936A6C-9607-4746-A5DE-9AC4D3FC105E}"
"{A00A59FC-701F-4290-9105-3275F63606D8}"="{2D936A6C-9607-4746-A5DE-9AC4D3FC105E}"
"{207B0E7C-DA15-4EDF-9AC3-54A3FE0DF051}"="{E575BF64-20BD-49A8-B4C0-74E4404F1FA2}"
"{867111D5-8E55-496C-B71C-42F5A1B77C22}"="{E575BF64-20BD-49A8-B4C0-74E4404F1FA2}"
"{4E523946-E353-42FE-8547-CA649C617AC1}"="{E575BF64-20BD-49A8-B4C0-74E4404F1FA2}"
"{7628A297-B444-45A4-B698-87BBB6D2DCC0}"="{E575BF64-20BD-49A8-B4C0-74E4404F1FA2}"
"{D9AFE2E4-752C-4500-8BED-EDB2ED9999F6}"="{E575BF64-20BD-49A8-B4C0-74E4404F1FA2}"
"{C8DB05C5-D602-4971-807D-0BE120C9E723}"="{E575BF64-20BD-49A8-B4C0-74E4404F1FA2}"
"{C71E62B4-07CE-4F5D-AC6F-5453E0F3FD4C}"="{614127FA-B6F6-458F-95E1-BE6A64FF964C}"
"{7D972825-F5F8-40DC-9493-29CB80481C19}"="{614127FA-B6F6-458F-95E1-BE6A64FF964C}"
"{4AA53011-991C-4E1F-B908-EC8C6B256185}"="{A0036D84-0D3F-44EF-8386-3C52C204D445}"
"{B0C1693E-F095-472A-AF94-FF20CA23C0CC}"="{A0036D84-0D3F-44EF-8386-3C52C204D445}"
"{2CE068C0-C5E0-4B18-B011-0DF253DD3437}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{7E7F2EE1-3F21-4DB1-8E28-4D1777D655D2}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{3879AB14-7493-4755-B60D-B696741A3B44}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{377DD732-4609-4017-A7F0-7CEA8FB61904}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{0DF61948-73D6-4A83-AA10-DA62F694A19D}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{3893FF00-DDDE-4B22-82E8-74AA7C4565FE}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{D06CF57D-DC2D-499C-AD98-DFAE14BF97A3}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{770B1719-EA34-4DBC-8E9A-C0C95D456930}"="{0AE3A244-6BC7-4249-870D-E6EB7EEE0C3A}"
"{D660869A-DE16-4D1E-A255-FA2AB2339F6B}"="{BB8F791F-4FE7-41E7-A265-5F95DC4295DF}"
"{D43E8652-6873-4E55-9338-D9D1FD63F3E5}"="{BB8F791F-4FE7-41E7-A265-5F95DC4295DF}"
"{0D8F5CD1-3682-4390-AEB8-E7F4551B87C5}"="{BB8F791F-4FE7-41E7-A265-5F95DC4295DF}"
"{53E6669D-DEC7-4AB5-94EA-732954C58843}"="{BB8F791F-4FE7-41E7-A265-5F95DC4295DF}"
"{19FC04B6-44D9-4B5C-8888-F23A5376B89E}"="{BB8F791F-4FE7-41E7-A265-5F95DC4295DF}"
"{824B1D1E-3C24-4C8A-B480-9914050D908C}"="{E5AC69A9-8414-421C-96EC-8B87D82070A2}"
"{DD9B56AB-B698-4930-A4F2-68C1812DAD60}"="{6AFE8BFE-7468-4C06-962A-1CE9AFACA446}"
"{647BEF2D-A54B-4EFB-AD65-A2616F0067BB}"="{6AFE8BFE-7468-4C06-962A-1CE9AFACA446}"
"{82CEDF35-E131-4549-85E9-732BD3C9D3EB}"="{E7E76A21-6E5A-4662-B40E-A4975B7898B8}"
"{73953AD9-0CE3-439E-86B4-EE6F2FBD998A}"="{E7E76A21-6E5A-4662-B40E-A4975B7898B8}"
"{0CF607D1-E448-4968-80A8-5F7B740C644F}"="{6AFE8BFE-7468-4C06-962A-1CE9AFACA446}"
"{51D5A7E5-4E01-46F9-A9D5-C02D5C856E46}"="{6AFE8BFE-7468-4C06-962A-1CE9AFACA446}"
"{E999F83F-91B5-4D40-9127-C620B82A4E29}"="{6AFE8BFE-7468-4C06-962A-1CE9AFACA446}"
"{05ADB82A-A723-4BE9-B25B-FB1CAD8A4EF1}"="{1B0FCD74-5D6B-43C5-AE97-F365BEA81805}"
"{97025A50-B365-4468-8F06-D52EC1574303}"="{1B0FCD74-5D6B-43C5-AE97-F365BEA81805}"
"{DB2473EC-C66D-4A5F-922C-4FFF4579D7BA}"="{1B0FCD74-5D6B-43C5-AE97-F365BEA81805}"
"{676989C8-7DB3-4874-932B-76F494AC8F0D}"="{9F5E6236-5B5D-43EA-9585-3ADAC77CDA3F}"
"{17400A54-C858-4000-835C-716A05732BB5}"="{9F5E6236-5B5D-43EA-9585-3ADAC77CDA3F}"
"{77D2078D-DF5E-4191-B3EC-1075B1BF7861}"="{9F5E6236-5B5D-43EA-9585-3ADAC77CDA3F}"
"{56CF2E59-0FFE-4141-AA90-A9C930A116CD}"="{9F5E6236-5B5D-43EA-9585-3ADAC77CDA3F}"
"{32242B87-749B-49E8-9A41-9CE9CE2C8D87}"="{9F5E6236-5B5D-43EA-9585-3ADAC77CDA3F}"
"{2D82B246-CD3B-4D5A-A907-C5D26E6CF2ED}"="{27490EB8-8677-43C0-9B26-14B5A99940C0}"
"{7F185544-087D-41CF-8E1C-A56B6118D90E}"="{27490EB8-8677-43C0-9B26-14B5A99940C0}"
"{38C4A361-7B07-4D7A-B6A5-6AA27B051375}"="{FAD49C4D-55E3-40CF-80CE-F1523C2BC039}"
"{37566B75-AB65-4094-8172-29F5ABA66A8E}"="{FAD49C4D-55E3-40CF-80CE-F1523C2BC039}"
"{C2114544-D3F1-42F4-B4F5-9DAE1C4D6BC5}"="{AC697A5E-9793-4B28-8825-D77D8A99F08C}"
"{BA5EE57B-1069-474D-A843-EC3ABEEF53A1}"="{AC697A5E-9793-4B28-8825-D77D8A99F08C}"
"{646D097E-FF10-42EA-8A92-04A58184F108}"="{AC697A5E-9793-4B28-8825-D77D8A99F08C}"
"{FF070484-31A3-46DD-9110-A843C4ECD57C}"="{AC697A5E-9793-4B28-8825-D77D8A99F08C}"
"{EBFD756A-B895-4237-B310-F601C95E5669}"="{AC697A5E-9793-4B28-8825-D77D8A99F08C}"
"{47006AD7-3C3E-4177-B8A0-D8005A900275}"="{67160C80-5C38-4E5D-BA06-7731793EB3F0}"
"{BBD176FE-0FCC-4723-921F-F67FC8ACB185}"="{67160C80-5C38-4E5D-BA06-7731793EB3F0}"
"{F714FB6C-7E30-4441-8C78-DC978C4630FD}"="{67160C80-5C38-4E5D-BA06-7731793EB3F0}"
"{1C6B8D51-CD2D-4861-ACB8-3E670187B81E}"="{02F454FA-6D4C-440F-BAA0-D9FBBED57462}"
"{05943DDF-C0F0-4A2F-98EF-70E26EB7E4C1}"="{02F454FA-6D4C-440F-BAA0-D9FBBED57462}"
"{49E77C0A-A1E5-4887-8B1F-F20788848448}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{D2706F53-C27D-4E4C-BD53-13D1EDA011CB}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{4AF8E1D6-6B7B-4C84-9F6A-2A5E3BDDD079}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{CEBDABB7-0263-42C1-B760-1C065F60FAA5}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{A0221D97-0023-4D8E-89AA-FFBFB8A355D6}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{A4E4E7C1-C51B-45AA-889E-1D17A427D93D}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{9BD7900C-64AE-4012-89F5-DA23472DFF78}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{614ED7A1-2535-466C-AE62-42474706D9F1}"="{22482F1A-9C83-4017-9B9A-C3533736FCCA}"
"{F815BD12-172E-4C33-997C-8834D1A4444A}"="{DAFA071B-79BB-4B5F-B4EE-7D788F898364}"
"{4B3F3B78-7A5A-4ECB-9047-53379602EA41}"="{DAFA071B-79BB-4B5F-B4EE-7D788F898364}"
"{A13C8724-836C-4E5A-AC6E-1BA73BD2B93A}"="{DAFA071B-79BB-4B5F-B4EE-7D788F898364}"
"{EBBA00E6-9137-4BCB-8EFA-78F76696ED34}"="{238BE142-9BB4-4418-A804-8123FE1719E4}"
"{7132834F-C55D-4A9C-800B-32BE843CB3DE}"="{238BE142-9BB4-4418-A804-8123FE1719E4}"
"{C91C8C4E-2859-4762-864A-87405EEC43F9}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{6E4F0C11-150B-4E0B-8FD8-8A929EFB17FF}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{07277AE9-5D79-4C90-9BDD-B56747142A7C}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{CC730AD2-D1AD-426A-81E9-FCC834996BF5}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{0D4A2782-C93D-492B-B59D-F0C38CB93681}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{5B85E984-1E21-424A-AA2A-AF0A1E011F56}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{914841C4-0E96-4C28-AC0A-3C59C00B852C}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{22DD41ED-A661-45FD-BB06-F37AE312B3C5}"="{EEE9DE85-62F0-401C-BE6D-ED3F81B99E69}"
"{C9FF3539-C40C-4157-896D-3ACCD586C17A}"="{B899466F-A149-4C19-BE4C-82F28E78C90C}"
"{513B3722-5E12-4BF7-8B74-401D7CD108D4}"="{B899466F-A149-4C19-BE4C-82F28E78C90C}"
"{1AF9E027-D20E-4493-9C52-3FEE80F2D85C}"="{B899466F-A149-4C19-BE4C-82F28E78C90C}"
"{448EAE52-64A9-4AE1-B692-8919FD98719B}"="{CD70742A-A310-4A83-AA3E-9EE6C713699B}"
"{E1DB68AD-8072-415C-ADDB-BE20DB38D222}"="{CD70742A-A310-4A83-AA3E-9EE6C713699B}"
"{6C310303-1AD6-4871-8DA9-FC5AB66CEF24}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{0ECCC5DE-A027-44F1-8F7F-2FBA34A46838}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{B6E4AF96-48C2-4ACA-9A16-6A08A0CDC37E}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{6B62AC2C-A0A1-4328-B0E4-0CE4B8031111}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{F041CADE-1427-443D-94D4-2D488EEE9903}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{DBD6FFC1-E51D-4561-A8B1-A3E761CA9000}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{52F428C6-3024-47FA-A6AD-820CA6637278}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{465533BF-8BCA-4B90-B8F5-6170F6236890}"="{1F61065D-8013-45D7-854C-841462A88AC0}"
"{7E1A11F9-8015-4070-BA3E-7D1654DE0298}"="{910B8A31-95E6-44FC-8646-793F2B600259}"
"{E25FC7C6-FA91-458C-94D8-E722AB2FCFE3}"="{910B8A31-95E6-44FC-8646-793F2B600259}"
"{69D52080-40DB-41DD-B790-0BDE045EE7BA}"="{910B8A31-95E6-44FC-8646-793F2B600259}"
"{FF732987-8AB7-4C95-827A-BFB97BFBD12D}"="{BD873650-4B10-4C8E-A67E-AF79BCD40C4B}"
"{C125DD96-7711-495D-8430-3FE1690C044D}"="{BD873650-4B10-4C8E-A67E-AF79BCD40C4B}"
"{1098AA54-C745-4960-B488-08451B7A474C}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{2A474596-490B-408D-BE96-FF7A6B48F504}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{F88A0270-8643-49C5-8975-8CB2B1D78A12}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{1A7C8DF8-BB7A-4992-A83D-BCDB32E7BFF8}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{839522E1-EEA9-4CF8-B81B-E41E38F968AC}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{EA8B004E-FE7E-4731-942C-86B8040E3540}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{1C5FBE02-FC02-4439-9025-7D0EF1CA8D5B}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{DC22A8A7-6F42-497C-8AA5-CA5923132B2D}"="{C9536046-D57B-4320-8ECF-BC05A509F217}"
"{CA8BFE53-F13E-40CF-AE2C-ECB5B4DC56D4}"="{5F753B33-D188-4B3A-B4C0-76FE707F7296}"
"{28528495-E74F-401D-B7DC-575FD4600665}"="{5F753B33-D188-4B3A-B4C0-76FE707F7296}"
"{A5FB7118-C25E-44AF-BC4D-B6C5BE5C13E1}"="{5F753B33-D188-4B3A-B4C0-76FE707F7296}"
"{055DCE49-33A1-42B4-AD2B-C76BC0C2CF2B}"="{9E9753B3-A361-4E0A-8CCC-8B9380E6AC23}"
"{A8A895F3-7994-4F11-A1AC-6A0841C9402E}"="{9E9753B3-A361-4E0A-8CCC-8B9380E6AC23}"
"{936C6132-90AD-4417-BDA3-A2500F0C5AC0}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{833E5685-3EA7-48B1-A265-597158CFDCE9}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{E523B77A-86EB-4F15-A82E-34594651B37F}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{DFBE23C8-CCAC-460B-86D2-B88970B4ACB6}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{78E911D8-7ED6-49F5-9580-6099D0A5D6EE}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{FB081C8C-FED2-44A9-80EF-AAD23D06EE74}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{2335624F-29C8-4DC6-97D6-6FFAE5703F33}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{C1090242-1B85-4BE8-BB93-4B5BB0B54E2E}"="{36616AA7-78BD-4304-9985-AF6BACEE56D0}"
"{21C9E2F8-142C-44D5-87BA-3FF8094747E1}"="{2E2B80DF-C5A9-470B-8C6A-32DF00432964}"
"{E5CF211C-AC4A-4D6E-BFA8-685134FB1983}"="{CFC44A84-D2C6-4152-BAEA-28C973FE3E14}"
"{B6C8DF73-4C39-4F95-8B43-E2382736079A}"="{CFC44A84-D2C6-4152-BAEA-28C973FE3E14}"
"{CAE9506B-84C9-4065-9AA9-1897A7CD18CD}"="{C100DD80-C740-49D5-BECB-215C7C9B00F4}"
"{2D926FFA-178E-4E17-90EB-69316A80FC8A}"="{C100DD80-C740-49D5-BECB-215C7C9B00F4}"
"{D053B201-ADD4-40C8-9A44-2D5D7ED1A201}"="{C100DD80-C740-49D5-BECB-215C7C9B00F4}"
"{A3092916-1B06-4BFF-A054-3DA19CA9D593}"="{C100DD80-C740-49D5-BECB-215C7C9B00F4}"
"{A3F82B63-E63A-4E02-9ABA-3CE6577C2578}"="{C100DD80-C740-49D5-BECB-215C7C9B00F4}"
"{59EC1962-7C7B-4B2E-B792-159EDA04DCA3}"="{33216227-AE1F-4BCA-839C-0D3DCECDC56B}"
"{EE4E5DFD-22D3-4D9F-8501-FDF2BEA13D9F}"="{33216227-AE1F-4BCA-839C-0D3DCECDC56B}"
"{70AC2DFF-7F6E-4A59-956A-2148B896FE52}"="{33216227-AE1F-4BCA-839C-0D3DCECDC56B}"
"{98EC01A3-3509-4E8D-B415-F2B5DA65187C}"="{BBC45557-D3A0-4968-B31B-A1DD6EE48F5A}"
"{D087E2D5-11C2-4211-9B06-305FF3F0DD11}"="{BBC45557-D3A0-4968-B31B-A1DD6EE48F5A}"
"{AE232A9F-42CB-450A-BCAA-FCB71767F4EF}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{3B4138A3-D261-4604-8139-30C4DDB7F269}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{B862EA5C-3806-47A2-8FB8-E21DDBD42154}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{DC4858A1-1DD6-4DB8-9CB8-E4566B958A8A}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{B527E0DE-D6EA-4C95-9CF3-E72B4589184C}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{02796C73-D9A2-4A92-A97B-300DB615B686}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{0D56273B-C961-4490-956A-011013061F4D}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{768D2D5F-7E45-4194-B2A9-AADDD5F59271}"="{136DED37-D3E3-40AC-B32C-75249F6AD948}"
"{FE94199C-F95B-4211-A3C5-986D9B73D990}"="{17DB7ADE-C558-401C-9A3F-7FA59D54A8B2}"
"{AEC3641F-140E-4BFE-9A8A-BC29530EA32A}"="{17DB7ADE-C558-401C-9A3F-7FA59D54A8B2}"
"{8432C32F-FBE0-466C-A620-BA7631E41EB5}"="{17DB7ADE-C558-401C-9A3F-7FA59D54A8B2}"
"{BBAF1D72-C613-4BB9-8E02-8CCCCCB74885}"="{ABC394C7-253B-4CDC-90C5-C3272B1F90BD}"
"{4D42B1AD-C3AC-4543-B31D-30D660E42170}"="{ABC394C7-253B-4CDC-90C5-C3272B1F90BD}"
"{65389FAC-5C56-42F9-89A3-E62CB4E85F24}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{2DC71DBF-8316-4D64-9DE3-7FB0B46E056F}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{0262BAE7-5292-4CF7-AD97-4701C75A41FC}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{4558F1C7-C202-4F78-9BEA-C66F4A73DC0E}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{82E5F2D9-9DC3-4B59-A8B4-1AC890A4D9C7}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{39738C8E-29FC-4DE9-9419-7446BF8289E7}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{246ED2D2-D88C-413E-86ED-9AD3C209AF5D}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{14DE47C2-22A6-4621-A0F4-31EDFEF86F2A}"="{78626B2A-CD55-43BC-BA8E-36948C523E1E}"
"{04413D01-E7F0-4C10-8473-23E25E5833FC}"="{BD59FB9C-98C9-49FA-AF29-3EEEA1595BE6}"
"{83DDBA60-A945-4E0B-A177-E88388AB009E}"="{BD59FB9C-98C9-49FA-AF29-3EEEA1595BE6}"
"{2A08795B-13BE-46E3-8D63-0F3DD38879CD}"="{B56398C6-C461-4AE5-8DE7-A2A69678979D}"
"{6B372822-2D9A-449B-8070-310872C003ED}"="{B56398C6-C461-4AE5-8DE7-A2A69678979D}"
"{713734A0-E2AB-434E-A8BE-3B67148C65BE}"="{B56398C6-C461-4AE5-8DE7-A2A69678979D}"
"{7ACF6C4F-2E42-4B91-BD91-679CDA224476}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{74D9D2BE-1C65-4382-B0FD-A3858D287F32}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{BF6036A8-3DAC-408D-BCF0-DD6378E0EBDA}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{47404449-43E8-4ED1-BC81-AC97D572A449}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{646DAE25-1CC9-4297-A22E-FD07867B47D8}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{D4691E25-F864-4E9B-AD52-00DBBE274950}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{7D14D084-B06C-4883-BC6A-CA56C44DC606}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{0F033C6E-3859-4067-8F3B-34BE3E4DFEF3}"="{467B100E-7E9D-43E3-A76A-014449365B2F}"
"{2C8003DC-FAAF-40A2-957B-69D393F0A7EF}"="{6D72DE4C-EF5C-4EB3-9F1D-7422E845B2BB}"
"{18809CD4-F5BE-4604-B751-25C08ADECF6D}"="{6D72DE4C-EF5C-4EB3-9F1D-7422E845B2BB}"
"{B555FAB0-685C-4514-A7C7-E0BFDB48E046}"="{6D72DE4C-EF5C-4EB3-9F1D-7422E845B2BB}"
"{CE1F2739-E14A-49E4-9F82-2B769E042E77}"="{391E29B7-3037-4AB8-B238-5AF828B16AB4}"
"{ADE245CD-10DF-45A7-99B3-250EAB4BA4B2}"="{391E29B7-3037-4AB8-B238-5AF828B16AB4}"
"{DB85F002-CCA2-4503-B530-CA26E46FAC7E}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{2D4CD886-906F-4163-AF36-73D8019EE3D6}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{B30E7C13-8EAF-49BA-B7AE-A7EFC9248457}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{0A85928C-14C9-4343-BA45-B7D1DB82F080}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{9ACB9632-E823-4D51-B1D5-28608DEACBD3}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{9B201D22-F04D-465F-8140-3C625F3EC58E}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{D7A640A8-641F-4185-9338-D68E6EA1FB5A}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{29AC4BBF-D82C-41BF-8AD2-127BBCBBC616}"="{280D34BA-601A-45BE-AFCA-F065C6608F0C}"
"{789B93D8-09D7-47CF-90BE-D023E500F7CD}"="{2D69BA53-72CF-4663-B8D8-32D40B6F581F}"
"{0BCCE404-75B9-4CA7-A9F7-62DA530870AE}"="{2D69BA53-72CF-4663-B8D8-32D40B6F581F}"
"{B22AE220-81FB-4F25-8080-DAA9A44F1B5A}"="{2D69BA53-72CF-4663-B8D8-32D40B6F581F}"
"{0DC4770B-3C91-43B4-9136-D7B49ACEF5E2}"="{50C8170E-79DA-49F0-B5B1-48BA82357D83}"
"{9C75AFE5-1EBE-46F1-A918-B219FC1DCF3F}"="{50C8170E-79DA-49F0-B5B1-48BA82357D83}"
"{A52FB15D-F1F5-456A-9752-5D46159D2030}"="{2CFE0A15-CDCE-4978-8639-99D5697F51D8}"
"{F52C8A55-C1D6-46D8-B1F5-64C7339F328F}"="{2CFE0A15-CDCE-4978-8639-99D5697F51D8}"
"{0E966F50-8447-48A8-95BE-3FD2D8FBBB82}"="{2CFE0A15-CDCE-4978-8639-99D5697F51D8}"
"{22A2094A-8CFE-4A7A-8F14-B13BF9C995CC}"="{2CFE0A15-CDCE-4978-8639-99D5697F51D8}"
"{DB19E559-906C-4221-8CCD-90E57866474B}"="{2CFE0A15-CDCE-4978-8639-99D5697F51D8}"
"{41D4FF75-4D11-4F03-A339-E42FEE71CC29}"="{7F0F8DDA-A104-440C-BA3C-34141F35126A}"
"{F7F279CA-DDFB-4A6D-96CD-B7C7C2D6137C}"="{7F0F8DDA-A104-440C-BA3C-34141F35126A}"
"{67EB6487-654C-43B5-801D-9264E2F325D8}"="{A3F1E27D-7AD4-4ADB-98E0-12F92AF81C95}"
"{88E96299-F096-4DC4-8481-54A8D5D9163A}"="{A3F1E27D-7AD4-4ADB-98E0-12F92AF81C95}"
"{3081FC38-9FA7-4F8B-821C-81DEA10F6D65}"="{94E19B14-45B2-41EB-ADC9-F8305E222D91}"
"{EB6FCFEB-4FEE-4527-BB32-0F70B29D3F40}"="{94E19B14-45B2-41EB-ADC9-F8305E222D91}"
"{46D2B353-0645-4387-B688-F35CCF9F1D49}"="{94E19B14-45B2-41EB-ADC9-F8305E222D91}"
"{3939155E-F29A-48F5-AAD7-4BADB37B1DBE}"="{94E19B14-45B2-41EB-ADC9-F8305E222D91}"
"{B9758959-DB41-45A0-9DED-D7F3CD60A615}"="{94E19B14-45B2-41EB-ADC9-F8305E222D91}"
"{5F135811-B325-484F-B7A5-ECF87179E758}"="{14088C6F-3664-4264-A07B-D6DC3B8691C9}"
"{8844A2D8-5FBF-4F1F-840B-595371A0DBF4}"="{14088C6F-3664-4264-A07B-D6DC3B8691C9}"
"{ABF29DEC-6A32-4970-A243-16B4E82BB59F}"="{14088C6F-3664-4264-A07B-D6DC3B8691C9}"
"{A42141DA-BD49-44BD-9807-EB32E2270C4D}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{C4CE52E8-3C93-46FC-AEC1-83799F754DF0}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{774D0066-4EAC-49A4-8DC8-552B41D4BBA6}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{261CA942-68FE-4FE6-94B5-7891DE9605CA}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{65D0AFF8-DAF6-48BE-938D-67DEF8EA6602}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{BC15812C-ABF8-4269-9915-362CDACB2C62}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{6D833695-F2FD-4CAD-8396-A822F318955B}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{9CDB1660-D609-42BA-B346-2D2A2D1305A6}"="{FCBEA820-4BC7-4CCA-9853-19B293C68471}"
"{B4B4C02D-90C4-4313-B030-B21E4DD68B3C}"="{A3860E7E-1F33-407F-A1B6-2486655CFB43}"
"{448DCF6C-FD66-4B60-A79D-D56E58A31772}"="{A3860E7E-1F33-407F-A1B6-2486655CFB43}"
"{B21E2AAD-D51C-4DDA-92CC-B9714B00C733}"="{1E478287-3FFA-49B2-B0DE-59C422C9C937}"
"{49B7E2A8-1ADA-4C00-B214-2F6F013EEDBF}"="{1E478287-3FFA-49B2-B0DE-59C422C9C937}"
"{7ECF0251-FB72-4ED4-828D-8AE2175FBF94}"="{1E478287-3FFA-49B2-B0DE-59C422C9C937}"
"{49420A61-2188-4989-8539-41BAC70A8B75}"="{D2F94D66-57E7-4267-9628-CDA206B8148B}"
"{C3F7135A-B8EA-4588-8E6D-4B128BFBAED3}"="{D2F94D66-57E7-4267-9628-CDA206B8148B}"
"{FAB55FE5-9752-487E-A909-83E41EE3791E}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{E0537022-874E-4074-B211-EA268EF484FB}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{1098C90F-064E-4B0A-B6B7-5EEF15212B6E}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{EC003826-D4AC-4273-B3CE-34AD867E9EDB}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{685CA88B-9702-419D-AD48-7EADA6D3E22F}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{96827657-349B-41E4-9946-7A823DF24F6F}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{6A0A0229-4BDD-416F-8862-D26299AF4103}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{AA378FDC-FC2D-4F75-9079-CDE58C83763E}"="{B1A7C4E3-0653-4EA9-B8E2-1774FD4F888F}"
"{0B09DDEE-BE84-4E4B-8EF2-55163D2272DB}"="{0297F0CA-3A98-48FA-AF0F-BBB37F797A15}"
"{45B445C5-0E2F-42A9-8585-B244C7DB9AF2}"="{0297F0CA-3A98-48FA-AF0F-BBB37F797A15}"
"{A956A538-8556-493E-987D-032684DA3FFC}"="{40F336AA-2DEF-4BFD-A916-E9541838B742}"
"{124C4BBB-022B-4002-82CF-83CC0F5323AD}"="{40F336AA-2DEF-4BFD-A916-E9541838B742}"
"{3E8AE868-937B-470F-BAF5-51918B32C685}"="{0297F0CA-3A98-48FA-AF0F-BBB37F797A15}"
"{4595C60C-059D-4610-82D4-BF555F39FA8B}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{7B1922B0-AE8A-4D10-96E6-58BBECCF1C99}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{37814041-0174-4D82-A511-04F750AC154C}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{294D4FFE-1E13-4BB4-8351-17E8AEEF19D4}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{D892C988-736B-4AC1-8C05-69705C62863C}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{A1A7B685-B2F7-4669-9616-661A4B6D23D9}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{5F5ABC2E-1519-4296-9DF3-1AF97B8A7BF6}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{42BB2C30-F85C-4646-B98F-E8DC1EA381ED}"="{2F804C6E-E23E-4A15-902B-6F85EF530577}"
"{E0CD88A1-D5CC-466C-9EA7-F558DFE77FFF}"="{F2033916-E0C7-4E3D-85E8-C305A4833CF9}"
"{C3085D0A-3339-4E73-9BF4-E79AB026F573}"="{F2033916-E0C7-4E3D-85E8-C305A4833CF9}"
"{DC37DA4E-A0DA-4228-8F70-02C3C89926A9}"="{74392E45-9992-48F2-BB7D-1568110C0BBF}"
"{00FBC8D6-84E0-4EBE-BE0D-3ED2A60FD350}"="{74392E45-9992-48F2-BB7D-1568110C0BBF}"
"{A20FD829-126D-4295-A981-EB18074C2A0D}"="{74392E45-9992-48F2-BB7D-1568110C0BBF}"
"{CA1CB2B6-DD03-4A6A-89CE-DF2B610DB999}"="{74392E45-9992-48F2-BB7D-1568110C0BBF}"
"{F3895717-F5C5-4342-88BF-3650AEEECE90}"="{74392E45-9992-48F2-BB7D-1568110C0BBF}"
"{84906370-1F02-4AC4-8614-144D7B53505C}"="{AA4DA560-2123-4DD7-A084-D5137A43230C}"
"{019CA4BF-4C13-4019-84D4-774AEC364332}"="{AA4DA560-2123-4DD7-A084-D5137A43230C}"
"{F29828C8-4F5D-40FF-8B58-3CA3FE6EDF09}"="{AA4DA560-2123-4DD7-A084-D5137A43230C}"
"{361B1E1E-18A1-4F55-B3BA-ECBEFB218303}"="{56C4A16F-6818-44E9-8452-2DE8B9AD6225}"
"{BFE883A8-1538-4599-9AD7-D0B995056699}"="{56C4A16F-6818-44E9-8452-2DE8B9AD6225}"
"{6BC75E94-2A54-4AFA-8B28-B70A0301A405}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{5B5A4AB1-67F1-426F-AE7E-3625CD9A9741}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{82AB07EA-2F45-4C64-AC36-915319398BCC}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{4EF8AE39-EECB-4701-8E53-3740E5723ECE}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{8BF7BB32-3A30-4A81-B647-A9174C02BA60}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{C2A2D45F-45BD-471B-8F63-ECBAB9568ED4}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{34BEA3EB-3D15-4AA5-B1B4-AA35CF077CFF}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{149EE642-ED30-4A28-BA0C-9F0E166F9ACB}"="{DFB98E40-2018-4691-A4F6-B17D18E6C520}"
"{6450AF8E-5669-4830-B09E-97EAE4783DAC}"="{29BE8FBA-2DE5-4AB4-8225-E4481B6709FF}"
"{DA957AE3-BBE8-43CF-923E-1DCB905E4D4A}"="{29BE8FBA-2DE5-4AB4-8225-E4481B6709FF}"
"{EC8B61CD-468F-47D4-8AE3-FE9C4FBACEB1}"="{29BE8FBA-2DE5-4AB4-8225-E4481B6709FF}"
"{49AA2AD2-246C-44D4-9382-BF613C3E6142}"="{E8A99C93-3E77-4E05-BC9C-D52AB03903EB}"
"{3B0438EC-651D-43E1-AFBB-94969DDE9331}"="{E8A99C93-3E77-4E05-BC9C-D52AB03903EB}"
"{EB929DBE-BBCE-4581-808C-7A500180EE00}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{052A04CD-505C-4A6C-A98A-CBFF1BBDFAAB}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{885810E6-A333-49C1-BA9E-4EA0F73EB424}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{E235F7BE-91C5-48FF-A908-9A3913DFCDFD}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{E153140E-006D-4EA4-B02E-E3BEFD5EE4BF}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{2DA4C0BD-C51E-4598-9912-B6ACC2FFA91A}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{1CD4E72E-8A90-4F9F-8381-12884DD4DBB3}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{015ABA7E-88CD-4F05-9462-2BE757814CEE}"="{4BD255D7-6229-4BB8-93B0-06C6DECC0AFB}"
"{BFEDD8E8-AB84-4E19-B1CA-2906B7B32875}"="{53A5C383-A8F5-425B-AEFB-B4BDE46C6A99}"
"{89011185-44B8-428E-B988-F4B4373753FF}"="{53A5C383-A8F5-425B-AEFB-B4BDE46C6A99}"
"{EBC0E9ED-2F56-4CEC-A896-6353637B19AA}"="{53A5C383-A8F5-425B-AEFB-B4BDE46C6A99}"
"{5800BCC7-716D-48C0-ADAB-6921BF946897}"="{2E51661B-86CF-4ABC-B205-DA944BC2B94D}"
"{27F960EC-8AF4-4CE8-8C43-D8D75EC534E4}"="{2E51661B-86CF-4ABC-B205-DA944BC2B94D}"
"{28EE6B27-4ECC-4989-AE82-061480C9E50D}"="{01F95042-294F-4798-93E2-31AC8ABB054F}"
"{6752E8D8-59A2-47C1-B759-DA22265D505B}"="{01F95042-294F-4798-93E2-31AC8ABB054F}"
"{77DE0315-6C5E-4DAE-99D9-6B18179A53D1}"="{6FFBD8B9-3AB4-4932-9C0A-0298C16F22F3}"
"{B6AAD151-5708-410B-9121-A0B9EE7E4A98}"="{6FFBD8B9-3AB4-4932-9C0A-0298C16F22F3}"
"{A2968EBB-2FE1-4FCA-AD09-AF6E9E9E982D}"="{6FFBD8B9-3AB4-4932-9C0A-0298C16F22F3}"
"{0F604FE4-0E0C-449F-9FA2-08F4D83C4F35}"="{6FFBD8B9-3AB4-4932-9C0A-0298C16F22F3}"
"{77610434-3AD9-4B90-9D69-10BBDECFEF20}"="{6FFBD8B9-3AB4-4932-9C0A-0298C16F22F3}"
"{3F6D5C56-69F6-48B0-A114-4C0D40AE4306}"="{E38EAD64-11B6-4758-A64B-AB5236FD81B1}"
"{D3829C59-9994-47D0-A6F5-36977937F526}"="{E38EAD64-11B6-4758-A64B-AB5236FD81B1}"
"{F150B48C-1318-4541-82A4-FD149E3825EE}"="{E38EAD64-11B6-4758-A64B-AB5236FD81B1}"
"{61F14932-DF8A-4ABB-98D3-571572B77BB2}"="{444B9C0F-6F7F-4CE2-B01B-379980F336DB}"
"{51AE48BA-C8B7-4DD2-BB5F-C9A080504BC7}"="{444B9C0F-6F7F-4CE2-B01B-379980F336DB}"
"{DFAD3B38-171C-4834-9DB5-F93B609651C2}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{8B44792A-35D0-43D8-8CA2-8162A2D38CA1}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{54EC886C-48C4-4A90-8165-511F5B00D026}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{E93B1ADC-96C6-482E-82BE-3E82053A1809}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{6DF4844B-4C94-4571-8826-1A942E4D0A1E}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{87085F46-0665-4E8C-85C6-2DEBF9C91F19}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{4C16B332-52FE-4D4B-8CCA-2638F9058986}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{07078797-E199-4A19-8B78-15B707A87213}"="{A3F599C2-A7BC-48E6-AE71-1F8126D9FDDB}"
"{2903FF09-F8A9-4F98-B9D0-97F6CF7F0B59}"="{0A6A688C-64CC-4B57-B505-7A63F8143EFF}"
"{3D73A879-754B-4C58-8B74-886131162AC0}"="{0A6A688C-64CC-4B57-B505-7A63F8143EFF}"
"{30F188C1-2FF0-47AF-BF96-C97ECFF74144}"="{0A6A688C-64CC-4B57-B505-7A63F8143EFF}"
"{11BF9378-6F0A-4922-B15E-4D93B8D317AD}"="{06E58B7C-205D-458C-9EB3-0053EE1CDB1A}"
"{A6E0D551-CE33-4592-B4CF-C6AEB80E2FA1}"="{06E58B7C-205D-458C-9EB3-0053EE1CDB1A}"
"{995B5A1D-42DF-425A-A01C-30DFE8A4F951}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{5C1EFBD7-1A2E-4E13-9D9F-A16579312CCC}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{4CEDFF4F-8027-49E5-ADDA-D1696CC01451}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{93751D86-2C1C-47DC-BF19-FC83FF98283C}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{BF8BDB16-F5D0-4350-91CB-22A809F0C8AA}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{3F106879-2D21-4211-ACED-DF51F823786F}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{AC538D3A-1156-477E-B710-B178D4DB4D63}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{26E6A52E-ED1D-4A1A-9229-ABB9D58B3B19}"="{912C6985-B9A2-4AF4-ABB6-09D9E2ECD215}"
"{19780152-EC88-4A15-8DCF-EF69FF633690}"="{20340A5F-56E0-48EB-88A5-D34F7B9B8F6B}"
"{875B55AE-53C4-4A8B-8463-542BCE71FCBC}"="{20340A5F-56E0-48EB-88A5-D34F7B9B8F6B}"
"{00AC9506-9C77-4DF1-8AC3-3FB88FB4123E}"="{20340A5F-56E0-48EB-88A5-D34F7B9B8F6B}"
"{DB62AD6D-0EAE-44EE-9FD7-8CBF3DB98059}"="{CA1243D4-73D9-4B4B-B971-12E41731425B}"
"{27A2CABA-6CB3-4DB4-B59E-CBDB8B32AC77}"="{CA1243D4-73D9-4B4B-B971-12E41731425B}"
"{ED0A2EFD-2742-4CC9-B853-0F3AC064DC4E}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{E8C153AE-8D92-4EAF-AAA2-356272D7A5BA}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{9A04A597-D4AE-41C3-901C-519C6B38767A}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{8AFF5C52-F75C-4624-8A28-163E8B268E27}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{2E86FFA0-D7CB-4883-BE0C-6443DC677B59}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{BB054723-4CE9-48FB-90D3-9419591B5EB5}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{72D403AD-362C-4FF0-AE0C-483AEADC0A6D}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{4E0A6EB7-6D35-4093-8B29-7690568C1BAA}"="{B93374FB-1936-44D3-B481-C05149B47E34}"
"{7C2B62C0-45F9-4491-8C51-B6AAF6A6F6B0}"="{C8C70070-15F9-43CC-8078-4DE0A8AA5D33}"
"{CBC8CB30-718C-4939-98F9-546E3EDA100D}"="{C8C70070-15F9-43CC-8078-4DE0A8AA5D33}"
"{E778172B-9689-48E8-B56F-BE92E78EBE1C}"="{C8C70070-15F9-43CC-8078-4DE0A8AA5D33}"
"{3D58AE93-2C4D-4920-9D3F-27B628A7FE7A}"="{E9FA7041-BA27-4DB1-8238-1427E2C0F612}"
"{2B72C666-AB6E-42B3-A436-B14C5F9A7C44}"="{E9FA7041-BA27-4DB1-8238-1427E2C0F612}"
"{73154978-63D4-4D29-B239-CDEEC1EE2D7F}"="{AC040E88-ECA5-425F-8A7F-678DB10F3492}"
"{60E6FC55-6CC1-4A5E-B97F-1F7EB33241BD}"="{AC040E88-ECA5-425F-8A7F-678DB10F3492}"
"{E823FB04-B13F-4B14-8619-26645D6150DD}"="{AC040E88-ECA5-425F-8A7F-678DB10F3492}"
"{6D2372E5-9C9B-4021-9F03-B9F5074C444B}"="{AC040E88-ECA5-425F-8A7F-678DB10F3492}"
"{BECB43B3-AF3D-46CC-BFD7-AE78D8A8B604}"="{AC040E88-ECA5-425F-8A7F-678DB10F3492}"
"{9453F5EC-590B-4145-A37C-72A32FEE0102}"="{A6420269-9244-4240-9781-A897369FB498}"
"{C6D4C0FB-74B9-4032-9728-A08737088104}"="{A6420269-9244-4240-9781-A897369FB498}"
"{AD52C911-6703-4AF4-80FC-FD62E3B17E16}"="{A6420269-9244-4240-9781-A897369FB498}"
"{BDFBBD87-39FE-462D-BA42-02AA8F6D9770}"="{23064D50-4BC4-4251-A5CE-A35F478B3C87}"
"{04B1B0D6-C848-46C9-A246-4D11B0678005}"="{23064D50-4BC4-4251-A5CE-A35F478B3C87}"
"{2D89CAF5-7469-4147-A9CB-D08BCCB7F852}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{763D21BC-3F9A-4BA2-8C87-4AC62D514974}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{67D50DAF-9BAB-406D-AF3C-148CD6C8225E}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{77169607-CBB4-429D-BFC0-750E9FE5D43B}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{67B0CC75-A5CC-46CB-8734-029B01252A8E}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{FE96AF76-46CA-4459-93AA-80F813377C19}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{BFDBBC60-0EBB-4A2B-B8B0-AA02FA371A82}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{41C2A9B7-176E-4C5D-9B21-9BAD5E4F5548}"="{F54A34C9-3D13-47A0-87C2-7ABF7385AA65}"
"{DA56EE4D-656F-4C3F-B2B5-61B5CDE6556F}"="{FDB7A554-E442-4BE0-BF31-3C90799FF9D6}"
"{64A00939-6EC4-4596-B9CB-211F83C4DA65}"="{FDB7A554-E442-4BE0-BF31-3C90799FF9D6}"
"{BA83AD70-E33C-4DB6-B844-B3790E101B55}"="{FDB7A554-E442-4BE0-BF31-3C90799FF9D6}"
"{0AE25F75-5CF1-4D24-9E0E-C862C40B4BD9}"="{B1FACDC5-5A2B-4F50-8AE7-8C15EF695A3D}"
"{01754B6B-D294-4C1E-9BE5-A2F1A7BEC2B8}"="{B1FACDC5-5A2B-4F50-8AE7-8C15EF695A3D}"
"{987C2419-6887-4B03-AF74-7800AED1F77C}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{2A3F768E-7206-437B-A47B-1A50D3A3FA4B}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{9540CDD1-E9DC-432D-9F77-EFADD9472094}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{736BE774-B096-469E-AF5D-7DF9BFE3F68D}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{2A70914D-7C73-41DC-975B-A9C457DD3A0C}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{7F187632-BFA2-4B8A-ABCB-AD39FD6E659A}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{59005154-F76B-457D-9823-3DECF701D208}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{B913611F-FCDB-4427-AEFC-1D9760D5283D}"="{5EAD263D-2209-4770-BE6C-AA58D4407213}"
"{5E939319-0642-47F8-9BED-E6D5E710BC25}"="{8BB0FA2F-5777-4700-A532-F68DD11B8AB7}"
"{E351D09B-B24A-4A93-826F-9CB93022DD8C}"="{8BB0FA2F-5777-4700-A532-F68DD11B8AB7}"
"{05096381-1742-4256-B227-2A0933A233C9}"="{8BB0FA2F-5777-4700-A532-F68DD11B8AB7}"
"{7E2B779A-907A-4DBF-8A68-80C8D06DCB2C}"="{FE787C9C-D8AD-48B3-9C10-1D3FA1A46E47}"
"{6537E4DB-13FC-4AB7-AF72-1195001E57CE}"="{FE787C9C-D8AD-48B3-9C10-1D3FA1A46E47}"
"{63D54BAE-814B-4F18-BCE4-FDEF34409595}"="{C604968E-F399-4FF4-8DC8-9945BDC41B46}"
"{15FA48FC-136B-461C-A810-B1EF1402A211}"="{C604968E-F399-4FF4-8DC8-9945BDC41B46}"
"{81BDC0FF-C18F-44C8-98FB-29048414405D}"="{C604968E-F399-4FF4-8DC8-9945BDC41B46}"
"{CAB568DB-F143-4469-8F16-DDB78DFC5121}"="{C604968E-F399-4FF4-8DC8-9945BDC41B46}"
"{C6DCFEBC-9F3F-4FEA-AF18-84314DDB629E}"="{C604968E-F399-4FF4-8DC8-9945BDC41B46}"
"{7FE3CF19-12D0-4F0B-8B38-A43AE2592039}"="{95B551E3-05FA-4C04-AFE7-012560EA9DEA}"
"{C972A989-538D-4508-8942-CF1D5E29005C}"="{95B551E3-05FA-4C04-AFE7-012560EA9DEA}"
"{6C6CDF29-E2EB-4730-9AFC-F0B98799BFA1}"="{95B551E3-05FA-4C04-AFE7-012560EA9DEA}"
"{26380E66-E6F5-421C-93AE-92E1D8EA7BD6}"="{0A9B239B-68E2-41AF-9C30-0BF0E0EF1E05}"
"{549F6D2A-FB08-41BB-A3A2-215B961ACE78}"="{0A9B239B-68E2-41AF-9C30-0BF0E0EF1E05}"
"{F1EA64DA-66A5-4C9D-A287-4ED26BFE8828}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{8167609F-CE0C-4FF6-9864-751AC7425419}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{EA8C36EC-75E9-4B3C-A7EC-968DA34CC523}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{E388C077-805C-4A6F-8D8E-F303CA42EB43}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{C0F4D606-CB53-4D09-A802-7C830EE5D1B6}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{BF4EFE25-8B3F-4107-AB6B-136656112070}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{2461D2DF-D54A-44A2-A12E-414F2127036A}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{9119B842-C949-4249-8029-33230FC031E2}"="{682A005A-01A5-48DF-9AB3-5FE0C694ED91}"
"{A5569A8B-074B-4BB6-A6C4-C0B0F95DA356}"="{0B0C559A-82CE-402E-858A-423931784C97}"
"{AE66BC61-D1C0-4111-89F5-79CB55DC34DD}"="{0B0C559A-82CE-402E-858A-423931784C97}"
"{26507288-8064-4147-A3CC-1B3713310F9D}"="{8680F8B8-1FFE-4B65-BF0D-3A6BD66BD70D}"
"{2CC336D9-8838-4BF3-8FC7-B693E95BD6B0}"="{8680F8B8-1FFE-4B65-BF0D-3A6BD66BD70D}"
"{3600D27C-A52E-4898-89AC-E5BB180FB7CA}"="{8680F8B8-1FFE-4B65-BF0D-3A6BD66BD70D}"
"{A97443CD-9AEF-4731-8180-E2BB52C7F49B}"="{8680F8B8-1FFE-4B65-BF0D-3A6BD66BD70D}"
"{C04A7988-3B46-4111-9544-01E6BB31AF3C}"="{8680F8B8-1FFE-4B65-BF0D-3A6BD66BD70D}"
"{0DB9BF44-D752-4FD0-8690-9ACBDF98DD1D}"="{1ADAD5C6-C633-4266-866C-EDF6E04CCA3F}"
"{82A109CB-47EF-4EE3-A40D-038A4D955DBF}"="{1ADAD5C6-C633-4266-866C-EDF6E04CCA3F}"
"{4EF3FF1B-B49F-4B66-9033-7DB6FB6CB900}"="{1ADAD5C6-C633-4266-866C-EDF6E04CCA3F}"
"{B78D41A3-0FD8-42FF-A14C-604A6A0742F8}"="{3941A945-3647-4316-BC63-E156DA143EF4}"
"{019D2BCF-DB05-4F67-96E7-34149D1DC3E1}"="{3941A945-3647-4316-BC63-E156DA143EF4}"
"{00A2AA81-C986-4447-AD15-6634B0D24FE5}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{57EE32E7-9E74-4798-866E-673ACE235692}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{7A662B6D-3CD5-4729-A01B-74B13BC96710}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{100383FC-E730-44B2-834B-A273EDB3CEFC}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{4CFE5C24-04E5-4C17-8623-B38127A22631}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{8948EBAB-6604-4E13-A212-7D9341031CF8}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{D5D55120-FE6A-49C4-840C-C0BEDD406F73}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{D596E925-58C3-496B-989E-20CAE88AB413}"="{647596D9-87CD-4CAD-B649-25D4C249A189}"
"{0D344D62-189A-4656-A255-E50C1ED1BEAA}"="{11AF209E-F9A0-4606-A4F6-6E887F48CE6C}"
"{E3090150-6427-402E-A376-0D21C7652EB3}"="{11AF209E-F9A0-4606-A4F6-6E887F48CE6C}"
"{DB09D5A8-D7E4-4002-95AD-B8874B8E3C70}"="{11AF209E-F9A0-4606-A4F6-6E887F48CE6C}"
"{03455C18-BF67-491F-A25C-C3769D458113}"="{9B524427-7C69-41F8-916B-0CB0EE4185AF}"
"{5D69D371-ED9D-4509-934C-1171182E3D84}"="{9B524427-7C69-41F8-916B-0CB0EE4185AF}"
"{9D4E70D6-BE0E-4943-BC75-F2CF056E5B6E}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{FE97A1ED-F0D6-4BEC-B268-D12AB8ABE051}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{135F4AF1-86A2-4ED4-B718-282FC9660ED5}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{7FE92D5B-1E80-4995-8A9E-23F0475667BD}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{67599316-CB9D-48DE-908A-70DA6C91EA6C}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{ECE226FC-D583-42B9-8B78-8900B91CBCF8}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{CDC53F7C-3977-4F99-B223-3731CAD20C2F}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{6800CBC1-A6C8-4BD2-83DF-6DBFF40FB98C}"="{414A277B-1ABE-4FF1-99D6-87F95227A667}"
"{CC92F57E-7DE1-4925-AB9B-E37F7F96798B}"="{5A932282-2C17-4E8D-B43B-B91751E1BF0E}"
"{4BDAC934-3260-4C3B-B9B6-A29C7C4255AF}"="{5A932282-2C17-4E8D-B43B-B91751E1BF0E}"
"{A09C5BB5-67AB-4D5A-B1C0-7801EA13C42F}"="{5A932282-2C17-4E8D-B43B-B91751E1BF0E}"
"{43131E7C-02E6-46BD-BC18-1821DA47B09B}"="{532F7960-6A6F-43BA-BCF9-D48141004F41}"
"{4C609F02-E584-41F1-A7BD-FD256DE82B67}"="{532F7960-6A6F-43BA-BCF9-D48141004F41}"
"{453B5D84-C389-4A33-8B41-E42A49143911}"="{BDC4CA98-8C54-4FE7-B851-804E2CD8400A}"
"{9AEDF074-9E7A-4EFB-9983-4B3CF4D39C50}"="{BDC4CA98-8C54-4FE7-B851-804E2CD8400A}"
"{0287B5B6-7CCD-4058-A34F-A432FADCC9BD}"="{BDC4CA98-8C54-4FE7-B851-804E2CD8400A}"
"{5F14195E-FAAA-43EE-81E8-2863FF3B3256}"="{BDC4CA98-8C54-4FE7-B851-804E2CD8400A}"
"{01D46A14-8370-4E8A-A4B1-85CA388D47DD}"="{BDC4CA98-8C54-4FE7-B851-804E2CD8400A}"
"{7B137C4F-A1D8-49E6-B693-D63FA12C43C8}"="{FFBCDF9F-A2A6-43D2-9603-16F29E8C89F3}"
"{F06A7F66-60BC-4432-99FB-CE2D8F96EDBA}"="{FFBCDF9F-A2A6-43D2-9603-16F29E8C89F3}"
"{3B6886C8-A180-447F-8ABF-399C090E20DD}"="{25882375-2F9C-4976-8821-48E5C0E8510A}"
"{745922E3-46F2-4735-A5DB-B2CA725118D2}"="{25882375-2F9C-4976-8821-48E5C0E8510A}"
"{444EB005-B302-4BAF-9009-F2ABC3606F1F}"="{25882375-2F9C-4976-8821-48E5C0E8510A}"
"_AvProdSvcComm_"="{FE1BB958-F464-4355-B0BA-929FC256C622}"
"SubmissionEngineIPC"="{FE1BB958-F464-4355-B0BA-929FC256C622}"
"SubmissionEngineCallbackIPC"="{FE1BB958-F464-4355-B0BA-929FC256C622}"
"{38C4F460-852A-4A9F-9C95-C60F784F4D45}"="{281A59B3-A7D3-498D-A8B8-A4DBEB190B1F}"
"{33F37F9E-527E-40D7-8866-46CE221C89B4}"="{281A59B3-A7D3-498D-A8B8-A4DBEB190B1F}"
"{6B32AA0F-6253-4E94-B837-0529C5E5541B}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{708D59C2-A9AB-405A-8EC0-58A97BCF220F}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{8F31CF16-54C0-46EA-A85B-CFCB1ECFF432}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{2A8B5760-CD26-4CD2-84CE-30428697A230}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{66D6ED66-C640-4F21-B998-99B5E716931C}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{030B3265-65F3-40BD-87A2-F12E75B5B117}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{62910D56-C240-47E8-8BC1-350A108C41B2}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{29194720-87F2-4F0A-981B-3841DA57BE3E}"="{7DB4E95B-DCD7-44EA-9333-798D00E76D6D}"
"{2819699B-511C-4115-9841-8B83FDD4BFEE}"="{A595A698-8091-40CF-BD8B-3472D104FB73}"
"{22AACA55-697A-4433-9141-6FEAACAD71C7}"="{A595A698-8091-40CF-BD8B-3472D104FB73}"
"{3B92D4CA-38B5-4395-8B65-81916165B98C}"="{FE1BB958-F464-4355-B0BA-929FC256C622}"
"{05525442-1AA3-4BD9-A98F-26671708AD9D}"="{FE1BB958-F464-4355-B0BA-929FC256C622}"
"{A90A74AD-D821-4E27-AC3F-A492A72C5499}"="{FE1BB958-F464-4355-B0BA-929FC256C622}"
"{C84D8648-2CFE-4112-BE02-86245F137D2C}"="{50004891-569B-490F-AA77-0D7DE1F7FC9B}"
"{2E37040C-1931-4326-A6B2-425C5C82E188}"="{50004891-569B-490F-AA77-0D7DE1F7FC9B}"
"{5B13DAB8-01EC-4EB4-AE33-C26CD0A6194D}"="{50004891-569B-490F-AA77-0D7DE1F7FC9B}"
"{67B90921-ED0A-46AF-86A0-2BA0B8C907D1}"="{50004891-569B-490F-AA77-0D7DE1F7FC9B}"
"{1CEECA1A-B50D-41EA-8C0A-F24E3D4D7141}"="{50004891-569B-490F-AA77-0D7DE1F7FC9B}"
"{ED5337CA-3D7D-4801-A094-54BE522952A9}"="{12753ABF-9A04-4BC2-9591-7CE2E1604A70}"
"{D6DE7AA8-98E8-472D-A3ED-3E3AEBFD55DB}"="{12753ABF-9A04-4BC2-9591-7CE2E1604A70}"
"{1B9CBD02-127E-4758-9A16-982B579E72F6}"="{12753ABF-9A04-4BC2-9591-7CE2E1604A70}"
"{33727F2D-0B9C-4A55-9C61-D705DC97C0D9}"="{749A355D-1F83-4218-BBBA-95FA7B9E90F4}"
"{94E7E7DE-F340-4448-ABC5-06FD09AD3482}"="{06D6BBCD-A7AD-40DC-95F0-F9B591A1A198}"
"{FA15D3F3-D5DF-426C-BEE3-A81BE4837DA8}"="{9515DED7-DAD8-45F6-B923-01D5F8D30717}"
"{446B6448-A9BE-40D8-A8D3-FD221D83A957}"="{4F845F3B-7339-42F4-98AC-13E5CFC5346F}"
"{3EE9240D-E3B8-46DB-A911-EFD779DB15F9}"="{4F845F3B-7339-42F4-98AC-13E5CFC5346F}"
"{13F0DD75-8BE3-4167-83BA-34B16429DDA8}"="{4F845F3B-7339-42F4-98AC-13E5CFC5346F}"
"{6C4AEEE7-9463-45B6-AA48-F5AF1EB75BA4}"="{716F5273-EF1F-484B-8F52-4E7210AD8DF1}"
"{2CEABFB3-40EA-4615-B26A-6BADAAE496B7}"="{716F5273-EF1F-484B-8F52-4E7210AD8DF1}"
"{E0C71D74-E8DA-4FAD-9439-2A9BCC80C410}"="{716F5273-EF1F-484B-8F52-4E7210AD8DF1}"
"ccSvcHst_ccSetMgr"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"{A6D74B3B-C009-48ce-ADB6-159798ECB2C0}"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"SNDServiceRequestChannel"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"SNDLocationChannel"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"ccSettingsService"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"ccSvcHst_CLTNetCnService"="{A39B34B0-EF1B-4691-8726-B37FA95B8404}"
"cltIPCServer_Channel"="{A39B34B0-EF1B-4691-8726-B37FA95B8404}"
"ccSvcHst_ccEvtMgr"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"IPS_COMMAND_CHANNEL"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"ccEvtCli"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"{00D569D0-E16A-480B-990E-E51D66D73069}"="{6B800528-1B54-472B-AD40-4BBB9202BE3C}"
"{79376521-18B8-4CFE-908B-8B17F8779227}"="{6B800528-1B54-472B-AD40-4BBB9202BE3C}"
"{25E5C968-4CC7-430C-A92F-0F50DB292C10}"="{6B800528-1B54-472B-AD40-4BBB9202BE3C}"
"{3455C5E4-B1BE-456E-9128-350C48DCE6DB}"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"{16C67DA3-E339-4EC2-86F8-5D8413DA3890}"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
"{BCC5DDE5-CDB7-44EB-8F9C-9E494BA98A6E}"="{E6B3B65D-8845-40F2-A910-B0DDCA462162}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(5900)
c:\program files\IDM\Desktop SMS\oehook.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\progra~1\AVG\AVG2013\avgrsx.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\taskhost.exe
c:\program files\AVG\AVG2013\avgnsx.exe
c:\program files\AVG\AVG2013\avgemcx.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\RtHDVCpl.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\program files\Synaptics\SynTP\SynToshiba.exe
c:\program files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
c:\program files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
c:\program files\Windows Mail\WinMail.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Ask.com\UpdateTask.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-31 18:46:02 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-01-31 17:46
.
Vor Suchlauf: 9 Verzeichnis(se), 46.256.812.032 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 45.911.203.840 Bytes frei
.
- - End Of File - - CD1793964776BD7CB519ABA26C5F1FE7
achso, ist es normal, dass mein Bildschirmhintergrund weg ist und die Symbole auf meinem Desktop jetzt etwas anders angeordnet sind? |
|
31.01.2013, 19:27
| #14 |
| /// Malware-holic | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet hi norton remover ausführen, neustarten: Download Avira RegistryCleaner ausführen, neustarten, dann bitte melden
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
31.01.2013, 19:44
| #15 |
| | verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet hey  Norton hab ich ausgeführt und neu gestartet. eine kurze Frage noch: Bei Avira muss ich auf "Keys auslesen" drücken und die gefundenen Keys dann löschen und dann neustarten, oder? |
|
| Themen zu verdächtige E-Mail erhalten, Zip-Datei im Anhang geöffnet |
| antivirenprogramm, avg, avira, computer, dateien, e-mail, edition, free, infizierte, installiert, internet, laptop, neu, nicht mehr, nichts, probleme, programm, programme, rechner, sonntag, trojaner, unbekannte, verdächtige, verschickt, wirklich, zugeklappt |
Linear-Darstellung
