| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Umleitungen in Firefox, automatisches öffnen von neuen Reitern und andere ProblemchenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.04.2011, 16:02
| #1 |
| |  Umleitungen in Firefox, automatisches öffnen von neuen Reitern und andere Problemchen Hallo, zuerst einmal ich habe dieses Thema bereits unter Logfiles und Auswertungen schon einmal eröffnet. Da aber seit 4 Tagen nichts passiert ist und ich keine Möglichkeit gefunden habe das Thema in diese Kategorie zu verschieben eröffne ich dieses Thema nochmal. Zum eigentlichen Thema, seit einiger Zeit werde ich im Firefox auf Seiten geleitet deren Adresse ich vorher weder angeklickt noch eingegeben habe, das öffnen von Firefox ist auch nicht immer gegeben. Bei der Suche nach diesem Thema bin ich hier im Forum auf eine Anleitung gestoßen wie man dieses Problem beseitigen könnte. Ich habe bereits einige Scans mit den dort vorgeschlagenen Programmen durchgeführt und bin nun an den Punkt gelangt wo die ersten Reperaturschritte durchgeführt werden müssen. Damit ich mir nicht noch mehr Ärger einhandle habe ich mir gedacht ich poste die Logfiles von den Programmen und jemand kann mir sagen wie ich weiter verfahren soll. ich habe einen Scan mit Malwarebytes durchgeführt und folgendes Logfile erhalten Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6447
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
26.04.2011 20:07:01
mbam-log-2011-04-26 (20-06-49).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|I:\|)
Durchsuchte Objekte: 1392577
Laufzeit: 4 Stunde(n), 56 Minute(n), 28 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 2
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4E3E0230AEBB4E96 (Trojan.SpyEyes) -> Value: 4E3E0230AEBB4E96 -> No action taken.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
c:\Recycle.Bin (Trojan.Spyeyes) -> No action taken.
Infizierte Dateien:
c:\Recycle.Bin\recycle.bin.exe (Trojan.SpyEyes) -> No action taken.
c:\Recycle.Bin\config.bin (Trojan.Spyeyes) -> No action taken.
Code:
ATTFilter 2011/04/26 20:13:26.0583 2452 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/26 20:13:28.0586 2452 ================================================================================
2011/04/26 20:13:28.0586 2452 SystemInfo:
2011/04/26 20:13:28.0587 2452
2011/04/26 20:13:28.0587 2452 OS Version: 6.1.7600 ServicePack: 0.0
2011/04/26 20:13:28.0587 2452 Product type: Workstation
2011/04/26 20:13:28.0587 2452 ComputerName: Computer
2011/04/26 20:13:28.0587 2452 UserName: Benutzer
2011/04/26 20:13:28.0587 2452 Windows directory: C:\Windows
2011/04/26 20:13:28.0587 2452 System windows directory: C:\Windows
2011/04/26 20:13:28.0587 2452 Processor architecture: Intel x86
2011/04/26 20:13:28.0587 2452 Number of processors: 2
2011/04/26 20:13:28.0587 2452 Page size: 0x1000
2011/04/26 20:13:28.0587 2452 Boot type: Normal boot
2011/04/26 20:13:28.0587 2452 ================================================================================
2011/04/26 20:13:32.0175 2452 Initialize success
2011/04/26 20:13:35.0903 5236 ================================================================================
2011/04/26 20:13:35.0904 5236 Scan started
2011/04/26 20:13:35.0904 5236 Mode: Manual;
2011/04/26 20:13:35.0904 5236 ================================================================================
2011/04/26 20:13:37.0516 5236 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/04/26 20:13:37.0582 5236 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/04/26 20:13:37.0683 5236 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/04/26 20:13:37.0784 5236 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/04/26 20:13:37.0844 5236 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/04/26 20:13:37.0895 5236 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/04/26 20:13:37.0997 5236 afcdp (53696ad8ffc5fac51949a525ff65a689) C:\Windows\system32\DRIVERS\afcdp.sys
2011/04/26 20:13:38.0064 5236 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/04/26 20:13:38.0128 5236 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/04/26 20:13:38.0166 5236 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/04/26 20:13:38.0234 5236 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/04/26 20:13:38.0282 5236 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/04/26 20:13:38.0322 5236 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/04/26 20:13:38.0365 5236 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/04/26 20:13:38.0398 5236 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/04/26 20:13:38.0495 5236 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2011/04/26 20:13:38.0597 5236 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/04/26 20:13:38.0636 5236 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2011/04/26 20:13:38.0740 5236 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/04/26 20:13:38.0804 5236 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/04/26 20:13:38.0842 5236 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/04/26 20:13:38.0916 5236 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/26 20:13:38.0954 5236 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/04/26 20:13:39.0149 5236 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/04/26 20:13:39.0383 5236 avfwim (1aad99ec3679bd773cb8320a3148987d) C:\Windows\system32\DRIVERS\avfwim.sys
2011/04/26 20:13:39.0428 5236 avfwot (e513bcdd34350c5b436dbe83d72ca651) C:\Windows\system32\DRIVERS\avfwot.sys
2011/04/26 20:13:39.0493 5236 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/04/26 20:13:39.0578 5236 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/04/26 20:13:39.0623 5236 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/04/26 20:13:39.0701 5236 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/04/26 20:13:39.0802 5236 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/04/26 20:13:39.0889 5236 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/04/26 20:13:40.0000 5236 bizVSerial (66f655b08eed3230e059d197c8a1969b) C:\Windows\system32\drivers\bizVSerialNT.sys
2011/04/26 20:13:40.0049 5236 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/04/26 20:13:40.0084 5236 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/26 20:13:40.0122 5236 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/04/26 20:13:40.0155 5236 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/04/26 20:13:40.0208 5236 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/04/26 20:13:40.0258 5236 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/04/26 20:13:40.0298 5236 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/04/26 20:13:40.0336 5236 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/04/26 20:13:40.0375 5236 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/04/26 20:13:40.0438 5236 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/26 20:13:40.0500 5236 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/26 20:13:40.0633 5236 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/04/26 20:13:40.0690 5236 cjusb (997cbce9e5dcfd9216452f609ae74b18) C:\Windows\system32\DRIVERS\cjusb.sys
2011/04/26 20:13:40.0741 5236 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/04/26 20:13:40.0818 5236 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/04/26 20:13:40.0849 5236 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/04/26 20:13:40.0901 5236 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/04/26 20:13:40.0994 5236 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/04/26 20:13:41.0036 5236 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/04/26 20:13:41.0142 5236 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
2011/04/26 20:13:41.0180 5236 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/04/26 20:13:41.0262 5236 CXAVSAUD (8d0ccebaf0a108f9867cef13107eaf0c) C:\Windows\system32\DRIVERS\pvavsaud.sys
2011/04/26 20:13:41.0332 5236 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/04/26 20:13:41.0377 5236 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/04/26 20:13:41.0424 5236 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/04/26 20:13:41.0514 5236 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/04/26 20:13:41.0617 5236 DSFKSVCS (6e559d2b8053c782016d0cff7173398e) C:\Windows\system32\DRIVERS\dsfksvcs.sys
2011/04/26 20:13:41.0655 5236 dsfroot (9c53b6cef1e01a312cf1ac49c58c4f56) C:\Windows\system32\DRIVERS\dsfroot.sys
2011/04/26 20:13:41.0722 5236 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/26 20:13:41.0864 5236 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/04/26 20:13:42.0028 5236 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/04/26 20:13:42.0095 5236 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/04/26 20:13:42.0166 5236 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/04/26 20:13:42.0213 5236 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/04/26 20:13:42.0270 5236 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/26 20:13:42.0327 5236 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/04/26 20:13:42.0369 5236 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/04/26 20:13:42.0434 5236 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/26 20:13:42.0473 5236 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/04/26 20:13:42.0525 5236 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/04/26 20:13:42.0598 5236 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/26 20:13:42.0664 5236 FTDIBUS (8142d5d886829b9876cb93af59475c09) C:\Windows\system32\drivers\ftdibus.sys
2011/04/26 20:13:42.0718 5236 FTSER2K (63d72a4cf9f163b59db0ceed940a7d76) C:\Windows\system32\drivers\ftser2k.sys
2011/04/26 20:13:42.0793 5236 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/04/26 20:13:42.0869 5236 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/04/26 20:13:42.0948 5236 giveio (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys
2011/04/26 20:13:43.0009 5236 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/04/26 20:13:43.0079 5236 HCW88AUD (fd81cd93209a0449670865a53f0e2b04) C:\Windows\system32\drivers\hcw88aud.sys
2011/04/26 20:13:43.0122 5236 HCW88BDA (d13afc144b6da99b7b487aafe7178db6) C:\Windows\system32\drivers\hcw88bda.sys
2011/04/26 20:13:43.0185 5236 hcw88rc5 (026ebfdef35d39858ce0d95fe5f4ef36) C:\Windows\system32\Drivers\hcw88rc5.sys
2011/04/26 20:13:43.0247 5236 HCW88TSE (89a64422c026265b59107607137044e6) C:\Windows\system32\drivers\hcw88tse.sys
2011/04/26 20:13:43.0311 5236 HCW88TUNE (55667fe68bd7b7b546f45f4bbbeec1ed) C:\Windows\system32\drivers\hcw88tun.sys
2011/04/26 20:13:43.0355 5236 hcw88vid (927d846b8ffe449a98ec0f3c61c9a952) C:\Windows\system32\drivers\hcw88vid.sys
2011/04/26 20:13:43.0416 5236 HCW88XBAR (d61bff053b0c99e6fb0006b77d638c93) C:\Windows\system32\drivers\HCW88BAR.sys
2011/04/26 20:13:43.0492 5236 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/04/26 20:13:43.0567 5236 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/26 20:13:43.0620 5236 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/04/26 20:13:43.0659 5236 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/04/26 20:13:43.0703 5236 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/04/26 20:13:43.0754 5236 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/26 20:13:43.0854 5236 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/04/26 20:13:44.0003 5236 HRMCFGSPC (c56b42a1493bbbc890096e0a6b9d2bdc) C:\Windows\system32\DRIVERS\HRMCFGSPC.SYS
2011/04/26 20:13:44.0082 5236 HRMINTS (a72fdcaba055ba5949590ee101fcfceb) C:\Windows\system32\DRIVERS\HRMINTS.SYS
2011/04/26 20:13:44.0156 5236 HRMPORTS (2cb4dda6a5e590d6512b91e3a8d6260d) C:\Windows\system32\DRIVERS\HRMPORTS.SYS
2011/04/26 20:13:44.0219 5236 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/04/26 20:13:44.0291 5236 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/04/26 20:13:44.0329 5236 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/26 20:13:44.0380 5236 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/04/26 20:13:44.0460 5236 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/04/26 20:13:44.0517 5236 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/04/26 20:13:44.0604 5236 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/26 20:13:44.0650 5236 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/26 20:13:44.0691 5236 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/04/26 20:13:44.0741 5236 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/04/26 20:13:44.0793 5236 irda (9f7e491fb0ba0f9e370163834fc1fe31) C:\Windows\system32\DRIVERS\irda.sys
2011/04/26 20:13:44.0840 5236 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/04/26 20:13:44.0900 5236 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/04/26 20:13:44.0952 5236 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/26 20:13:45.0001 5236 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/26 20:13:45.0056 5236 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/26 20:13:45.0122 5236 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/26 20:13:45.0177 5236 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/04/26 20:13:45.0282 5236 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/26 20:13:45.0361 5236 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/04/26 20:13:45.0396 5236 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/04/26 20:13:45.0442 5236 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/04/26 20:13:45.0480 5236 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/04/26 20:13:45.0527 5236 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/04/26 20:13:45.0597 5236 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/04/26 20:13:45.0639 5236 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/04/26 20:13:45.0725 5236 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/04/26 20:13:45.0768 5236 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/26 20:13:45.0814 5236 MosIrUsb (9da04f53c26e75190e394d7c3b4a7456) C:\Windows\system32\DRIVERS\MosIrUsb.sys
2011/04/26 20:13:45.0855 5236 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/26 20:13:45.0892 5236 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/26 20:13:45.0957 5236 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/04/26 20:13:46.0047 5236 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/04/26 20:13:46.0126 5236 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/26 20:13:46.0179 5236 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/04/26 20:13:46.0248 5236 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/26 20:13:46.0288 5236 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/26 20:13:46.0365 5236 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/26 20:13:46.0403 5236 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/04/26 20:13:46.0493 5236 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/04/26 20:13:46.0625 5236 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/04/26 20:13:46.0663 5236 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/04/26 20:13:46.0731 5236 MSHUSBVideo (7a0f9cbdbdb135113b9a3c138e20c85d) C:\Windows\system32\Drivers\nx6000.sys
2011/04/26 20:13:46.0773 5236 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/04/26 20:13:46.0841 5236 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/26 20:13:46.0884 5236 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/26 20:13:46.0925 5236 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/04/26 20:13:46.0961 5236 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/04/26 20:13:47.0011 5236 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/26 20:13:47.0063 5236 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/04/26 20:13:47.0132 5236 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/04/26 20:13:47.0179 5236 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/04/26 20:13:47.0275 5236 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/26 20:13:47.0352 5236 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/04/26 20:13:47.0402 5236 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/04/26 20:13:47.0445 5236 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/26 20:13:47.0494 5236 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/26 20:13:47.0542 5236 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/26 20:13:47.0604 5236 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/04/26 20:13:47.0642 5236 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/26 20:13:47.0686 5236 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/26 20:13:47.0805 5236 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/04/26 20:13:47.0863 5236 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
2011/04/26 20:13:47.0926 5236 nmwcdc (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
2011/04/26 20:13:48.0013 5236 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
2011/04/26 20:13:48.0049 5236 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/04/26 20:13:48.0111 5236 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/26 20:13:48.0224 5236 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2011/04/26 20:13:48.0319 5236 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/04/26 20:13:48.0588 5236 nvlddmkm (8b75f652726a2ba3197860f300514e3f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/26 20:13:48.0928 5236 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/04/26 20:13:48.0992 5236 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2011/04/26 20:13:49.0049 5236 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/04/26 20:13:49.0095 5236 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/04/26 20:13:49.0256 5236 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/04/26 20:13:49.0307 5236 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/04/26 20:13:49.0366 5236 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/26 20:13:49.0461 5236 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/04/26 20:13:49.0504 5236 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/04/26 20:13:49.0576 5236 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/04/26 20:13:49.0618 5236 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/04/26 20:13:49.0664 5236 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/04/26 20:13:49.0710 5236 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/04/26 20:13:49.0910 5236 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/26 20:13:49.0963 5236 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/04/26 20:13:50.0031 5236 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/26 20:13:50.0107 5236 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/04/26 20:13:50.0242 5236 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/04/26 20:13:50.0303 5236 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/26 20:13:50.0342 5236 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/26 20:13:50.0408 5236 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/04/26 20:13:50.0455 5236 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/26 20:13:50.0503 5236 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/26 20:13:50.0600 5236 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/26 20:13:50.0643 5236 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/26 20:13:50.0704 5236 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/04/26 20:13:50.0738 5236 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/26 20:13:50.0792 5236 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/26 20:13:50.0832 5236 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/04/26 20:13:50.0879 5236 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/04/26 20:13:50.0928 5236 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/04/26 20:13:51.0064 5236 RsFx0103 (fd692c6ffade58f7c4c3c3c9a0ec35bd) C:\Windows\system32\DRIVERS\RsFx0103.sys
2011/04/26 20:13:51.0122 5236 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/26 20:13:51.0209 5236 RTL8023xp (4e20765744bfbc16f6d6e5bd5598786b) C:\Windows\system32\DRIVERS\Rtnicxp.sys
2011/04/26 20:13:51.0267 5236 RTL8167 (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/04/26 20:13:51.0325 5236 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/04/26 20:13:51.0380 5236 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/04/26 20:13:51.0468 5236 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/26 20:13:51.0591 5236 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/26 20:13:51.0624 5236 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/04/26 20:13:51.0666 5236 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/04/26 20:13:51.0767 5236 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/04/26 20:13:51.0806 5236 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/04/26 20:13:51.0853 5236 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/04/26 20:13:51.0892 5236 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/04/26 20:13:51.0971 5236 silabenm (c16173316918a1360dc22947c4ff6352) C:\Windows\system32\DRIVERS\silabenm.sys
2011/04/26 20:13:52.0030 5236 silabser (4569c7774fde5029a422b1431daecb90) C:\Windows\system32\DRIVERS\silabser.sys
2011/04/26 20:13:52.0078 5236 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/04/26 20:13:52.0125 5236 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/04/26 20:13:52.0166 5236 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/04/26 20:13:52.0218 5236 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/04/26 20:13:52.0344 5236 snapman (bd3863c139f3380a9f44fb188feefc6e) C:\Windows\system32\DRIVERS\snapman.sys
2011/04/26 20:13:52.0620 5236 speedfan (5d6401db90ec81b71f8e2c5c8f0fef23) C:\Windows\system32\speedfan.sys
2011/04/26 20:13:52.0675 5236 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/04/26 20:13:52.0777 5236 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/04/26 20:13:52.0777 5236 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/04/26 20:13:52.0788 5236 sptd - detected Locked file (1)
2011/04/26 20:13:52.0876 5236 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
2011/04/26 20:13:52.0932 5236 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/26 20:13:52.0997 5236 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/26 20:13:53.0073 5236 ssmdrv (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/04/26 20:13:53.0119 5236 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/04/26 20:13:53.0169 5236 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
2011/04/26 20:13:53.0284 5236 StkCMini (8061c4f4d00176cde0a46622faecd183) C:\Windows\system32\Drivers\StkCMini.sys
2011/04/26 20:13:53.0384 5236 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/26 20:13:53.0504 5236 tap0901 (2e644070f2240cca9775a6b79cae62cd) C:\Windows\system32\DRIVERS\tap0901.sys
2011/04/26 20:13:53.0623 5236 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/04/26 20:13:53.0752 5236 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/26 20:13:53.0810 5236 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/26 20:13:53.0860 5236 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/04/26 20:13:53.0938 5236 tdrpman273 (431801fcc97034e04a6eff81136578d7) C:\Windows\system32\DRIVERS\tdrpm273.sys
2011/04/26 20:13:53.0997 5236 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/04/26 20:13:54.0045 5236 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/26 20:13:54.0084 5236 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/26 20:13:54.0177 5236 timounter (a34d7024bb7140ec785c86bc065d4f60) C:\Windows\system32\DRIVERS\timntr.sys
2011/04/26 20:13:54.0293 5236 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/26 20:13:54.0352 5236 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/26 20:13:54.0427 5236 TVicPort (97dd70feca64fb4f63de7bb7e66a80b1) C:\Windows\system32\drivers\TVicPort.sys
2011/04/26 20:13:54.0463 5236 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/04/26 20:13:54.0514 5236 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/26 20:13:54.0614 5236 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/04/26 20:13:54.0673 5236 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/26 20:13:54.0723 5236 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/04/26 20:13:54.0791 5236 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/04/26 20:13:54.0848 5236 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
2011/04/26 20:13:54.0891 5236 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/26 20:13:54.0931 5236 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/04/26 20:13:54.0985 5236 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/26 20:13:55.0031 5236 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/26 20:13:55.0091 5236 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/04/26 20:13:55.0129 5236 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/26 20:13:55.0182 5236 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\drivers\usbser.sys
2011/04/26 20:13:55.0243 5236 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/04/26 20:13:55.0273 5236 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/26 20:13:55.0332 5236 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/26 20:13:55.0380 5236 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers\usbvideo.sys
2011/04/26 20:13:55.0484 5236 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/04/26 20:13:55.0578 5236 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/26 20:13:55.0622 5236 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/04/26 20:13:55.0662 5236 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/04/26 20:13:55.0714 5236 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/04/26 20:13:55.0764 5236 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/04/26 20:13:55.0817 5236 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/04/26 20:13:55.0857 5236 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/04/26 20:13:55.0909 5236 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/04/26 20:13:55.0977 5236 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/04/26 20:13:56.0038 5236 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/04/26 20:13:56.0166 5236 VSPerfDrv100 (5a2ddc5411a092bedb1a07755e087784) C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys
2011/04/26 20:13:56.0224 5236 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/04/26 20:13:56.0308 5236 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/04/26 20:13:56.0360 5236 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/26 20:13:56.0389 5236 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/26 20:13:56.0503 5236 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/04/26 20:13:56.0596 5236 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/26 20:13:56.0720 5236 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/04/26 20:13:56.0766 5236 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/04/26 20:13:56.0931 5236 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/04/26 20:13:56.0978 5236 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/04/26 20:13:57.0073 5236 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/26 20:13:57.0186 5236 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/04/26 20:13:57.0234 5236 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/26 20:13:57.0338 5236 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/04/26 20:13:57.0409 5236 ================================================================================
2011/04/26 20:13:57.0409 5236 Scan finished
2011/04/26 20:13:57.0409 5236 ================================================================================
2011/04/26 20:13:57.0430 3764 Detected object count: 2
2011/04/26 20:15:32.0462 3764 Locked file(sptd) - User select action: Skip
2011/04/26 20:15:32.0637 3764 \HardDisk0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/04/26 20:15:32.0637 3764 \HardDisk0 - ok
2011/04/26 20:15:32.0639 3764 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
2011/04/26 20:16:02.0846 3308 Deinitialize success
Code:
ATTFilter 2011/04/26 20:21:34.0388 5488 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/26 20:21:35.0377 5488 ================================================================================
2011/04/26 20:21:35.0377 5488 SystemInfo:
2011/04/26 20:21:35.0378 5488
2011/04/26 20:21:35.0378 5488 OS Version: 6.1.7600 ServicePack: 0.0
2011/04/26 20:21:35.0378 5488 Product type: Workstation
2011/04/26 20:21:35.0378 5488 ComputerName: Computer
2011/04/26 20:21:35.0378 5488 UserName: Benutzer
2011/04/26 20:21:35.0379 5488 Windows directory: C:\Windows
2011/04/26 20:21:35.0379 5488 System windows directory: C:\Windows
2011/04/26 20:21:35.0379 5488 Processor architecture: Intel x86
2011/04/26 20:21:35.0379 5488 Number of processors: 2
2011/04/26 20:21:35.0379 5488 Page size: 0x1000
2011/04/26 20:21:35.0379 5488 Boot type: Normal boot
2011/04/26 20:21:35.0379 5488 ================================================================================
2011/04/26 20:21:39.0835 5488 Initialize success
2011/04/26 20:21:44.0961 5908 ================================================================================
2011/04/26 20:21:44.0961 5908 Scan started
2011/04/26 20:21:44.0961 5908 Mode: Manual;
2011/04/26 20:21:44.0961 5908 ================================================================================
2011/04/26 20:21:46.0094 5908 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/04/26 20:21:46.0160 5908 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/04/26 20:21:46.0224 5908 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/04/26 20:21:46.0318 5908 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/04/26 20:21:46.0412 5908 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/04/26 20:21:46.0472 5908 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/04/26 20:21:46.0575 5908 afcdp (53696ad8ffc5fac51949a525ff65a689) C:\Windows\system32\DRIVERS\afcdp.sys
2011/04/26 20:21:46.0676 5908 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/04/26 20:21:46.0750 5908 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/04/26 20:21:46.0800 5908 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/04/26 20:21:46.0890 5908 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/04/26 20:21:46.0959 5908 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/04/26 20:21:47.0011 5908 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/04/26 20:21:47.0054 5908 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/04/26 20:21:47.0117 5908 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/04/26 20:21:47.0218 5908 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2011/04/26 20:21:47.0276 5908 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/04/26 20:21:47.0325 5908 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2011/04/26 20:21:47.0451 5908 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/04/26 20:21:47.0540 5908 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/04/26 20:21:47.0621 5908 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/04/26 20:21:47.0740 5908 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/26 20:21:47.0787 5908 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/04/26 20:21:47.0979 5908 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/04/26 20:21:48.0239 5908 avfwim (1aad99ec3679bd773cb8320a3148987d) C:\Windows\system32\DRIVERS\avfwim.sys
2011/04/26 20:21:48.0295 5908 avfwot (e513bcdd34350c5b436dbe83d72ca651) C:\Windows\system32\DRIVERS\avfwot.sys
2011/04/26 20:21:48.0371 5908 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/04/26 20:21:48.0433 5908 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/04/26 20:21:48.0501 5908 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/04/26 20:21:48.0590 5908 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/04/26 20:21:48.0704 5908 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/04/26 20:21:48.0800 5908 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/04/26 20:21:48.0888 5908 bizVSerial (66f655b08eed3230e059d197c8a1969b) C:\Windows\system32\drivers\bizVSerialNT.sys
2011/04/26 20:21:48.0927 5908 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/04/26 20:21:48.0996 5908 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/26 20:21:49.0044 5908 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/04/26 20:21:49.0087 5908 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/04/26 20:21:49.0154 5908 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/04/26 20:21:49.0217 5908 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/04/26 20:21:49.0277 5908 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/04/26 20:21:49.0314 5908 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/04/26 20:21:49.0364 5908 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/04/26 20:21:49.0439 5908 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/26 20:21:49.0511 5908 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/26 20:21:49.0644 5908 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/04/26 20:21:49.0723 5908 cjusb (997cbce9e5dcfd9216452f609ae74b18) C:\Windows\system32\DRIVERS\cjusb.sys
2011/04/26 20:21:49.0796 5908 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/04/26 20:21:49.0929 5908 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/04/26 20:21:49.0994 5908 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/04/26 20:21:50.0068 5908 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/04/26 20:21:50.0150 5908 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/04/26 20:21:50.0190 5908 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/04/26 20:21:50.0321 5908 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
2011/04/26 20:21:50.0369 5908 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/04/26 20:21:50.0462 5908 CXAVSAUD (8d0ccebaf0a108f9867cef13107eaf0c) C:\Windows\system32\DRIVERS\pvavsaud.sys
2011/04/26 20:21:50.0554 5908 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/04/26 20:21:50.0622 5908 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/04/26 20:21:50.0680 5908 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/04/26 20:21:50.0782 5908 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/04/26 20:21:50.0873 5908 DSFKSVCS (6e559d2b8053c782016d0cff7173398e) C:\Windows\system32\DRIVERS\dsfksvcs.sys
2011/04/26 20:21:50.0921 5908 dsfroot (9c53b6cef1e01a312cf1ac49c58c4f56) C:\Windows\system32\DRIVERS\dsfroot.sys
2011/04/26 20:21:51.0001 5908 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/26 20:21:51.0165 5908 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/04/26 20:21:51.0354 5908 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/04/26 20:21:51.0417 5908 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/04/26 20:21:51.0522 5908 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/04/26 20:21:51.0603 5908 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/04/26 20:21:51.0669 5908 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/26 20:21:51.0744 5908 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/04/26 20:21:51.0791 5908 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/04/26 20:21:51.0857 5908 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/26 20:21:51.0918 5908 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/04/26 20:21:51.0980 5908 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/04/26 20:21:52.0032 5908 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/26 20:21:52.0120 5908 FTDIBUS (8142d5d886829b9876cb93af59475c09) C:\Windows\system32\drivers\ftdibus.sys
2011/04/26 20:21:52.0196 5908 FTSER2K (63d72a4cf9f163b59db0ceed940a7d76) C:\Windows\system32\drivers\ftser2k.sys
2011/04/26 20:21:52.0272 5908 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/04/26 20:21:52.0357 5908 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/04/26 20:21:52.0437 5908 giveio (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys
2011/04/26 20:21:52.0509 5908 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/04/26 20:21:52.0590 5908 HCW88AUD (fd81cd93209a0449670865a53f0e2b04) C:\Windows\system32\drivers\hcw88aud.sys
2011/04/26 20:21:52.0666 5908 HCW88BDA (d13afc144b6da99b7b487aafe7178db6) C:\Windows\system32\drivers\hcw88bda.sys
2011/04/26 20:21:52.0730 5908 hcw88rc5 (026ebfdef35d39858ce0d95fe5f4ef36) C:\Windows\system32\Drivers\hcw88rc5.sys
2011/04/26 20:21:52.0815 5908 HCW88TSE (89a64422c026265b59107607137044e6) C:\Windows\system32\drivers\hcw88tse.sys
2011/04/26 20:21:52.0900 5908 HCW88TUNE (55667fe68bd7b7b546f45f4bbbeec1ed) C:\Windows\system32\drivers\hcw88tun.sys
2011/04/26 20:21:52.0967 5908 hcw88vid (927d846b8ffe449a98ec0f3c61c9a952) C:\Windows\system32\drivers\hcw88vid.sys
2011/04/26 20:21:53.0028 5908 HCW88XBAR (d61bff053b0c99e6fb0006b77d638c93) C:\Windows\system32\drivers\HCW88BAR.sys
2011/04/26 20:21:53.0126 5908 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/04/26 20:21:53.0211 5908 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/26 20:21:53.0264 5908 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/04/26 20:21:53.0327 5908 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/04/26 20:21:53.0403 5908 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/04/26 20:21:53.0476 5908 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/26 20:21:53.0554 5908 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/04/26 20:21:53.0660 5908 HRMCFGSPC (c56b42a1493bbbc890096e0a6b9d2bdc) C:\Windows\system32\DRIVERS\HRMCFGSPC.SYS
2011/04/26 20:21:53.0727 5908 HRMINTS (a72fdcaba055ba5949590ee101fcfceb) C:\Windows\system32\DRIVERS\HRMINTS.SYS
2011/04/26 20:21:53.0800 5908 HRMPORTS (2cb4dda6a5e590d6512b91e3a8d6260d) C:\Windows\system32\DRIVERS\HRMPORTS.SYS
2011/04/26 20:21:53.0876 5908 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/04/26 20:21:53.0958 5908 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/04/26 20:21:54.0018 5908 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/26 20:21:54.0081 5908 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/04/26 20:21:54.0216 5908 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/04/26 20:21:54.0284 5908 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/04/26 20:21:54.0338 5908 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/26 20:21:54.0383 5908 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/26 20:21:54.0441 5908 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/04/26 20:21:54.0497 5908 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/04/26 20:21:54.0561 5908 irda (9f7e491fb0ba0f9e370163834fc1fe31) C:\Windows\system32\DRIVERS\irda.sys
2011/04/26 20:21:54.0629 5908 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/04/26 20:21:54.0690 5908 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/04/26 20:21:54.0741 5908 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/26 20:21:54.0801 5908 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/26 20:21:54.0845 5908 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/26 20:21:54.0900 5908 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/26 20:21:54.0989 5908 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/04/26 20:21:55.0104 5908 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/26 20:21:55.0206 5908 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/04/26 20:21:55.0253 5908 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/04/26 20:21:55.0320 5908 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/04/26 20:21:55.0370 5908 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/04/26 20:21:55.0428 5908 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/04/26 20:21:55.0498 5908 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/04/26 20:21:55.0550 5908 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/04/26 20:21:55.0647 5908 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/04/26 20:21:55.0723 5908 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/26 20:21:55.0769 5908 MosIrUsb (9da04f53c26e75190e394d7c3b4a7456) C:\Windows\system32\DRIVERS\MosIrUsb.sys
2011/04/26 20:21:55.0833 5908 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/26 20:21:55.0881 5908 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/26 20:21:55.0923 5908 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/04/26 20:21:55.0981 5908 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/04/26 20:21:56.0038 5908 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/26 20:21:56.0113 5908 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/04/26 20:21:56.0193 5908 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/26 20:21:56.0310 5908 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/26 20:21:56.0387 5908 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/26 20:21:56.0437 5908 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/04/26 20:21:56.0526 5908 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/04/26 20:21:56.0614 5908 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/04/26 20:21:56.0663 5908 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/04/26 20:21:56.0731 5908 MSHUSBVideo (7a0f9cbdbdb135113b9a3c138e20c85d) C:\Windows\system32\Drivers\nx6000.sys
2011/04/26 20:21:56.0773 5908 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/04/26 20:21:56.0853 5908 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/26 20:21:56.0896 5908 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/26 20:21:56.0937 5908 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/04/26 20:21:56.0983 5908 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/04/26 20:21:57.0067 5908 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/26 20:21:57.0119 5908 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/04/26 20:21:57.0166 5908 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/04/26 20:21:57.0202 5908 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/04/26 20:21:57.0286 5908 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/26 20:21:57.0364 5908 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/04/26 20:21:57.0413 5908 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/04/26 20:21:57.0456 5908 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/26 20:21:57.0504 5908 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/26 20:21:57.0542 5908 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/26 20:21:57.0583 5908 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/04/26 20:21:57.0620 5908 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/26 20:21:57.0664 5908 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/26 20:21:57.0784 5908 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/04/26 20:21:57.0874 5908 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
2011/04/26 20:21:57.0926 5908 nmwcdc (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
2011/04/26 20:21:58.0013 5908 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
2011/04/26 20:21:58.0049 5908 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/04/26 20:21:58.0099 5908 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/26 20:21:58.0179 5908 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2011/04/26 20:21:58.0274 5908 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/04/26 20:21:58.0551 5908 nvlddmkm (8b75f652726a2ba3197860f300514e3f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/26 20:21:58.0907 5908 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/04/26 20:21:58.0958 5908 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2011/04/26 20:21:59.0016 5908 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/04/26 20:21:59.0062 5908 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/04/26 20:21:59.0201 5908 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/04/26 20:21:59.0241 5908 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/04/26 20:21:59.0288 5908 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/26 20:21:59.0362 5908 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/04/26 20:21:59.0404 5908 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/04/26 20:21:59.0444 5908 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/04/26 20:21:59.0485 5908 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/04/26 20:21:59.0531 5908 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/04/26 20:21:59.0622 5908 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/04/26 20:21:59.0811 5908 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/26 20:21:59.0852 5908 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/04/26 20:21:59.0920 5908 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/26 20:22:00.0018 5908 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/04/26 20:22:00.0120 5908 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/04/26 20:22:00.0181 5908 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/26 20:22:00.0220 5908 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/26 20:22:00.0264 5908 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/04/26 20:22:00.0311 5908 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/26 20:22:00.0358 5908 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/26 20:22:00.0396 5908 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/26 20:22:00.0454 5908 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/26 20:22:00.0526 5908 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/04/26 20:22:00.0593 5908 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/26 20:22:00.0649 5908 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/26 20:22:00.0686 5908 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/04/26 20:22:00.0747 5908 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/04/26 20:22:00.0793 5908 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/04/26 20:22:00.0930 5908 RsFx0103 (fd692c6ffade58f7c4c3c3c9a0ec35bd) C:\Windows\system32\DRIVERS\RsFx0103.sys
2011/04/26 20:22:00.0989 5908 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/26 20:22:01.0054 5908 RTL8023xp (4e20765744bfbc16f6d6e5bd5598786b) C:\Windows\system32\DRIVERS\Rtnicxp.sys
2011/04/26 20:22:01.0112 5908 RTL8167 (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/04/26 20:22:01.0169 5908 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/04/26 20:22:01.0225 5908 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/04/26 20:22:01.0301 5908 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/26 20:22:01.0380 5908 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/26 20:22:01.0423 5908 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/04/26 20:22:01.0467 5908 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/04/26 20:22:01.0567 5908 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/04/26 20:22:01.0618 5908 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/04/26 20:22:01.0676 5908 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/04/26 20:22:01.0726 5908 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/04/26 20:22:01.0827 5908 silabenm (c16173316918a1360dc22947c4ff6352) C:\Windows\system32\DRIVERS\silabenm.sys
2011/04/26 20:22:01.0886 5908 silabser (4569c7774fde5029a422b1431daecb90) C:\Windows\system32\DRIVERS\silabser.sys
2011/04/26 20:22:01.0933 5908 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/04/26 20:22:02.0026 5908 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/04/26 20:22:02.0065 5908 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/04/26 20:22:02.0140 5908 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/04/26 20:22:02.0222 5908 snapman (bd3863c139f3380a9f44fb188feefc6e) C:\Windows\system32\DRIVERS\snapman.sys
2011/04/26 20:22:02.0431 5908 speedfan (5d6401db90ec81b71f8e2c5c8f0fef23) C:\Windows\system32\speedfan.sys
2011/04/26 20:22:02.0464 5908 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/04/26 20:22:02.0593 5908 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/04/26 20:22:02.0593 5908 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/04/26 20:22:02.0609 5908 sptd - detected Locked file (1)
2011/04/26 20:22:02.0709 5908 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
2011/04/26 20:22:02.0788 5908 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/26 20:22:02.0841 5908 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/26 20:22:02.0906 5908 ssmdrv (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/04/26 20:22:02.0962 5908 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/04/26 20:22:03.0014 5908 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
2011/04/26 20:22:03.0107 5908 StkCMini (8061c4f4d00176cde0a46622faecd183) C:\Windows\system32\Drivers\StkCMini.sys
2011/04/26 20:22:03.0195 5908 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/26 20:22:03.0304 5908 tap0901 (2e644070f2240cca9775a6b79cae62cd) C:\Windows\system32\DRIVERS\tap0901.sys
2011/04/26 20:22:03.0401 5908 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/04/26 20:22:03.0523 5908 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/26 20:22:03.0577 5908 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/26 20:22:03.0626 5908 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/04/26 20:22:03.0705 5908 tdrpman273 (431801fcc97034e04a6eff81136578d7) C:\Windows\system32\DRIVERS\tdrpm273.sys
2011/04/26 20:22:03.0764 5908 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/04/26 20:22:03.0813 5908 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/26 20:22:03.0851 5908 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/26 20:22:03.0944 5908 timounter (a34d7024bb7140ec785c86bc065d4f60) C:\Windows\system32\DRIVERS\timntr.sys
2011/04/26 20:22:04.0048 5908 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/26 20:22:04.0108 5908 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/26 20:22:04.0161 5908 TVicPort (97dd70feca64fb4f63de7bb7e66a80b1) C:\Windows\system32\drivers\TVicPort.sys
2011/04/26 20:22:04.0197 5908 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/04/26 20:22:04.0259 5908 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/26 20:22:04.0358 5908 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/04/26 20:22:04.0407 5908 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/26 20:22:04.0457 5908 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/04/26 20:22:04.0525 5908 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/04/26 20:22:04.0626 5908 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
2011/04/26 20:22:04.0691 5908 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/26 20:22:04.0745 5908 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/04/26 20:22:04.0830 5908 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/26 20:22:04.0897 5908 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/26 20:22:04.0969 5908 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/04/26 20:22:05.0019 5908 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/26 20:22:05.0126 5908 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\drivers\usbser.sys
2011/04/26 20:22:05.0220 5908 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/04/26 20:22:05.0277 5908 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/26 20:22:05.0343 5908 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/26 20:22:05.0392 5908 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers\usbvideo.sys
2011/04/26 20:22:05.0496 5908 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/04/26 20:22:05.0555 5908 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/26 20:22:05.0599 5908 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/04/26 20:22:05.0639 5908 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/04/26 20:22:05.0693 5908 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/04/26 20:22:05.0731 5908 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/04/26 20:22:05.0773 5908 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/04/26 20:22:05.0824 5908 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/04/26 20:22:05.0875 5908 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/04/26 20:22:05.0933 5908 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/04/26 20:22:05.0994 5908 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/04/26 20:22:06.0122 5908 VSPerfDrv100 (5a2ddc5411a092bedb1a07755e087784) C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys
2011/04/26 20:22:06.0180 5908 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/04/26 20:22:06.0242 5908 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/04/26 20:22:06.0293 5908 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/26 20:22:06.0333 5908 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/26 20:22:06.0448 5908 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/04/26 20:22:06.0518 5908 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/26 20:22:06.0654 5908 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/04/26 20:22:06.0689 5908 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/04/26 20:22:06.0853 5908 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/04/26 20:22:06.0901 5908 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/04/26 20:22:07.0006 5908 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/26 20:22:07.0131 5908 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/04/26 20:22:07.0178 5908 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/26 20:22:07.0366 5908 ================================================================================
2011/04/26 20:22:07.0366 5908 Scan finished
2011/04/26 20:22:07.0366 5908 ================================================================================
2011/04/26 20:22:07.0393 2748 Detected object count: 1
2011/04/26 20:22:12.0045 2748 Locked file(sptd) - User select action: Skip
2011/04/26 20:22:37.0554 4256 Deinitialize success
|
|
29.04.2011, 16:22
| #2 |
| | Umleitungen in Firefox, automatisches öffnen von neuen Reitern und andere Problemchen hier nun die Auswertung von OTL
__________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 26.04.2011 20:25:31 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\BENUTZER\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 207,79 Gb Total Space | 119,84 Gb Free Space | 57,67% Space Free | Partition Type: NTFS Drive D: | 78,13 Gb Total Space | 38,97 Gb Free Space | 49,89% Space Free | Partition Type: NTFS Drive E: | 356,84 Gb Total Space | 276,07 Gb Free Space | 77,36% Space Free | Partition Type: NTFS Drive F: | 117,19 Gb Total Space | 61,63 Gb Free Space | 52,59% Space Free | Partition Type: NTFS Drive G: | 177,29 Gb Total Space | 38,58 Gb Free Space | 21,76% Space Free | Partition Type: NTFS Drive I: | 149,05 Gb Total Space | 70,97 Gb Free Space | 47,62% Space Free | Partition Type: NTFS Computer Name: COMPUTER | User Name: BENUTZER | Logged in as USER. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\BENUTZER\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH) PRC - C:\Windows\System32\cjpcsc.exe (REINER SCT) PRC - C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) PRC - C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) PRC - C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) PRC - C:\Programme\MySQL\MySQL Server 5.5\bin\mysqld.exe () PRC - C:\Programme\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation) PRC - C:\Programme\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Acronis\DiskDirector\OSS\reinstall_svc.exe () PRC - C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.) PRC - C:\Programme\Polar\WebSync\WebSync.exe () PRC - C:\Programme\Polar\Daemon\polard.exe () PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) PRC - C:\Programme\Microsoft Office\Office14\GROOVEMN.EXE (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) PRC - C:\Programme\DeskTask\DeskTask.exe (Carthago Software) PRC - C:\Programme\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe (Ipswitch) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Password Safe\pwsafe.exe (SourceForge.net) PRC - C:\Programme\Offline Course Player\OlpSynch.exe () PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG) PRC - C:\Windows\System32\StkCSrv.exe (Syntek America Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\BENUTZER\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (afcdpsrv) -- C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis) SRV - (Akamai) -- c:\Programme\Common Files\Akamai\netsession_win_a35e6b9.dll () SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) SRV - (cjpcsc) -- C:\Windows\System32\cjpcsc.exe (REINER SCT) SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (MySQL) -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe () SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirFirewallService) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH) SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) SRV - (OS Selector) -- C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe () SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (Polar Daemon) -- C:\Program Files\Polar\Daemon\polard.exe () SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (HauppaugeTVServer) -- C:\Programme\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works) SRV - (OpenVPNService) -- C:\Programme\OpenVPN\bin\openvpnserv.exe () SRV - (HRService) -- c:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe () SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe (Microsoft Corporation) SRV - (StkSSrv) -- C:\Windows\System32\StkCSrv.exe (Syntek America Inc.) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (snapman) -- C:\Windows\system32\DRIVERS\snapman.sys (Acronis) DRV - (afcdp) -- C:\Windows\System32\drivers\afcdp.sys (Acronis) DRV - (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273) -- C:\Windows\system32\DRIVERS\tdrpm273.sys (Acronis) DRV - (timounter) -- C:\Windows\system32\DRIVERS\timntr.sys (Acronis) DRV - (MSHUSBVideo) -- C:\Windows\System32\drivers\nx6000.sys (Microsoft Corporation) DRV - (cjusb) -- C:\Windows\System32\drivers\cjusb.sys (REINER SCT) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (avfwot) -- C:\Windows\System32\drivers\avfwot.sys (Avira GmbH) DRV - (FTDIBUS) -- C:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.) DRV - (FTSER2K) -- C:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.) DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.) DRV - (avfwim) -- C:\Windows\System32\drivers\avfwim.sys (Avira GmbH) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (HRMPORTS) -- C:\Windows\System32\drivers\hrmports.sys (Microsoft Corporation) DRV - (HRMCFGSPC) -- C:\Windows\System32\drivers\hrmcfgspc.sys (Microsoft Corporation) DRV - (HRMINTS) -- C:\Windows\System32\drivers\hrmints.sys (Microsoft Corporation) DRV - (DSFKSVCS) -- C:\Windows\system32\DRIVERS\dsfksvcs.sys (Microsoft Corporation) DRV - (dsfroot) -- C:\Windows\system32\DRIVERS\dsfroot.sys (Microsoft Corporation) DRV - (cpudrv) -- C:\Programme\SystemRequirementsLab\cpudrv.sys () DRV - (VSPerfDrv100) -- C:\Programme\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys (Microsoft Corporation) DRV - (HCW88TSE) -- C:\Windows\System32\drivers\hcw88tse.sys (Hauppauge Computer Works, Inc) DRV - (hcw88rc5) -- C:\Windows\System32\drivers\hcw88rc5.sys (Hauppauge Computer Works, Inc.) DRV - (HCW88BDA) -- C:\Windows\System32\drivers\hcw88bda.sys (Hauppauge Computer Works, Inc) DRV - (HCW88AUD) -- C:\Windows\System32\drivers\hcw88aud.sys (Hauppauge Computer Works, Inc) DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project) DRV - (silabser) -- C:\Windows\System32\drivers\silabser.sys (Silicon Laboratories) DRV - (silabenm) -- C:\Windows\System32\drivers\silabenm.sys (Silicon Laboratories, Inc.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (RsFx0103) -- C:\Windows\System32\drivers\RsFx0103.sys (Microsoft Corporation) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (MosIrUsb) -- C:\Windows\System32\drivers\MosIrUsb.sys () DRV - (bizVSerial) -- C:\Windows\System32\drivers\bizVSerialNT.sys (franson.biz) DRV - (StkCMini) -- C:\Windows\System32\drivers\StkCMini.sys (Syntek) DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider) DRV - (CXAVSAUD) -- C:\Windows\System32\drivers\pvavsaud.sys (Conexant Systems, Inc.) DRV - (TVicPort) -- C:\Windows\System32\drivers\TVicPort.sys (EnTech Taiwan) DRV - (giveio) -- C:\Windows\system32\giveio.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://msdn.microsoft.com/de-de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 01 5E 9E C0 24 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledItems: {723AAF16-AF1F-4404-A5D7-0BFE39766609}:0.3.3 FF - prefs.js..extensions.enabledItems: SQLiteManager@mrinalkant.blogspot.com:0.6.5 FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 445 FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.19 12:18:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.26 09:55:05 | 000,000,000 | ---D | M] [2009.12.15 17:14:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BENUTZER\AppData\Roaming\mozilla\Extensions [2011.04.21 10:16:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BENUTZER\AppData\Roaming\mozilla\Firefox\Profiles\wwyazoa4.default\extensions [2011.04.19 15:16:32 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\BENUTZER\AppData\Roaming\mozilla\Firefox\Profiles\wwyazoa4.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2011.04.19 15:29:25 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Users\BENUTZER\AppData\Roaming\mozilla\Firefox\Profiles\wwyazoa4.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2009.11.30 18:24:49 | 000,000,000 | ---D | M] ("Outlook 2003 Green") -- C:\Users\BENUTZER\AppData\Roaming\mozilla\Firefox\Profiles\wwyazoa4.default\extensions\{e8cba685-830c-1283-6314-a6ae605cc8be} [2009.11.30 18:24:49 | 000,000,000 | ---D | M] (FormalGnome) -- C:\Users\BENUTZER\AppData\Roaming\mozilla\Firefox\Profiles\wwyazoa4.default\extensions\{FD40BF8D-5859-4f95-866A-F59FF99ECF59} [2011.04.19 12:18:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.07.03 11:27:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.04 21:08:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.04 15:48:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.04 15:20:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} File not found (No name found) -- [2010.05.22 19:42:30 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [2010.07.03 11:27:41 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.04 21:08:55 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.04 15:48:40 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.04 15:20:00 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} () (No name found) -- C:\USERS\BENUTZER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WWYAZOA4.DEFAULT\EXTENSIONS\{723AAF16-AF1F-4404-A5D7-0BFE39766605}.XPI () (No name found) -- C:\USERS\BENUTZER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WWYAZOA4.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI () (No name found) -- C:\USERS\BENUTZER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WWYAZOA4.DEFAULT\EXTENSIONS\SQLITEMANAGER@MRINALKANT.BLOGSPOT.COM.XPI [2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2009.08.21 04:00:04 | 000,061,440 | ---- | M] (Element K Corporation) -- C:\Programme\Mozilla Firefox\plugins\NPOlp32.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml Hosts file not found O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (NuSphere ToolBar) - {0F62D223-9206-4EA3-9EA8-D0F3C7C82ACA} - C:\Programme\NuSphere\PhpED\NuSphereIEBar.dll () O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG) O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [OLPSYNCH] C:\Programme\Offline Course Player\OlpSynch.exe () O4 - HKLM..\Run: [SAOB Monitor] C:\Programme\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [GrooveMonitor] C:\Programme\Microsoft Office\Office14\GROOVEMN.EXE (Microsoft Corporation) O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) O4 - HKCU..\Run: [Polar Sync] File not found O4 - Startup: C:\Users\BENUTZER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskTask.lnk = C:\Programme\DeskTask\DeskTask.exe (Carthago Software) O4 - Startup: C:\Users\BENUTZER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Users\BENUTZER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk = C:\Programme\Password Safe\pwsafe.exe (SourceForge.net) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Edit with Altova X&MLSpy - C:\Programme\Altova\XMLSpy2010\spy.htm () O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: NuSphere PhpED :: Debug this page - C:\Program Files\NuSphere\PhpED\NuSphereIEBar.dll () O9 - Extra Button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Programme\Altova\XMLSpy2010\spy.htm () O9 - Extra 'Tools' menuitem : Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Programme\Altova\XMLSpy2010\spy.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control) O16 - DPF: {7142BA01-8BDF-11CF-9E23-0000E8A37440} hxxp://www.kraxner.com/Editor/Livecam/svideo.cab (Surround Video Control Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.100 O18 - Protocol\Handler\haufereader - No CLSID value found O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.12.07 11:39:22 | 000,000,040 | ---- | M] () - C:\AUTO.BAS -- [ NTFS ] O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2007.12.07 11:39:22 | 000,000,040 | ---- | M] () - E:\AUTO.BAS -- [ NTFS ] O32 - AutoRun File - [2004.11.25 10:25:53 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2007.12.07 11:39:22 | 000,000,040 | ---- | M] () - I:\AUTO.BAS -- [ NTFS ] O32 - AutoRun File - [2004.11.25 10:25:53 | 000,000,000 | ---- | M] () - I:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{3caeac45-0dca-11e0-a682-0011d8050e03}\Shell - "" = AutoRun O33 - MountPoints2\{3caeac45-0dca-11e0-a682-0011d8050e03}\Shell\AutoRun\command - "" = P:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{f231abfd-2cfd-11df-b227-0011d8050e03}\Shell - "" = AutoRun O33 - MountPoints2\{f231abfd-2cfd-11df-b227-0011d8050e03}\Shell\AutoRun\command - "" = I:\CD_Menue.exe O33 - MountPoints2\{f38cbdf9-feb2-11df-b770-0011d8050e03}\Shell - "" = AutoRun O33 - MountPoints2\{f38cbdf9-feb2-11df-b770-0011d8050e03}\Shell\AutoRun\command - "" = P:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.26 10:25:28 | 000,000,000 | ---D | C] -- C:\Users\BENUTZER\AppData\Roaming\Malwarebytes [2011.04.26 10:25:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.26 10:25:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.26 10:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.26 10:25:14 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.04.26 10:25:14 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.04.26 09:55:24 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll [2011.04.21 10:23:40 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\BENUTZER\Desktop\OTL.exe [2011.04.20 19:03:43 | 000,000,000 | ---D | C] -- C:\Windows\Acronis [2011.04.20 15:32:42 | 000,167,968 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\afcdp.sys [2011.04.20 15:32:42 | 000,000,000 | ---D | C] -- C:\Users\BENUTZER\AppData\Roaming\3EAE4A17-5803-43CE-8F20-8E063A20806B [2011.04.20 15:32:29 | 000,600,928 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\timntr.sys [2011.04.19 19:00:03 | 000,000,000 | ---D | C] -- C:\Users\BENUTZER\AppData\Roaming\632E7B95-1252-4DFA-9FA0-6F358B1F6821 [2011.04.19 18:59:57 | 000,752,128 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\tdrpm273.sys [2011.04.19 15:29:30 | 000,000,000 | ---D | C] -- C:\Users\BENUTZER\AppData\Roaming\QuickScan [2011.04.16 12:16:43 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Haufe [2011.04.12 14:48:29 | 000,000,000 | ---D | C] -- C:\Users\BENUTZER\Documents\NuSphere [2011.04.05 11:07:53 | 000,000,000 | ---D | C] -- C:\Users\BENUTZER\Documents\Navicat [2011.04.05 11:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremiumSoft [2011.04.05 11:05:36 | 000,000,000 | ---D | C] -- C:\Programme\PremiumSoft [2011.04.05 10:41:19 | 000,000,000 | ---D | C] -- C:\Users\BENUTZER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MySQL [2011.04.05 10:40:57 | 000,000,000 | ---D | C] -- C:\Programme\MySQL [2011.04.05 09:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PHP [2011.04.05 09:33:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PHP NuSphere [2011.04.05 09:33:50 | 000,297,984 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\midas.dll [2011.04.05 09:33:29 | 000,000,000 | ---D | C] -- C:\Programme\NuSphere [2011.04.01 23:22:13 | 000,000,000 | ---D | C] -- C:\Users\BENUTZER\Documents\SHDC-Karte [1 C:\Users\BENUTZER\*.tmp files -> C:\Users\BENUTZER\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.26 20:25:38 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.26 20:25:38 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.26 20:17:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.26 20:17:04 | 2516,082,688 | -HS- | M] () -- C:\hiberfil.sys [2011.04.26 15:08:05 | 000,768,026 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.26 15:08:05 | 000,722,738 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.26 15:08:05 | 000,175,606 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.26 15:08:05 | 000,148,394 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.26 14:20:16 | 455,900,492 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.04.26 10:25:19 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.21 10:32:02 | 080,842,752 | -HS- | M] () -- C:\tnd_loader.dat [2011.04.21 10:23:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\BENUTZER\Desktop\OTL.exe [2011.04.21 09:32:41 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.04.20 19:03:42 | 000,000,155 | ---- | M] () -- C:\Windows\System32\autopart.opt [2011.04.20 17:28:23 | 000,166,976 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\snapman.sys [2011.04.20 17:28:18 | 000,001,216 | ---- | M] () -- C:\Users\Public\Desktop\Acronis Disk Director 11 Home.lnk [2011.04.20 15:32:42 | 000,167,968 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\afcdp.sys [2011.04.20 15:32:33 | 000,752,128 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\tdrpm273.sys [2011.04.20 15:32:29 | 000,600,928 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\timntr.sys [2011.04.20 15:31:47 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk [2011.04.20 15:31:46 | 000,001,527 | ---- | M] () -- C:\Users\Public\Desktop\Acronis Online Backup.lnk [2011.04.20 10:21:22 | 113,836,032 | ---- | M] () -- C:\Users\BENUTZER\Documents\boot.iso [2011.04.18 09:45:50 | 000,000,220 | ---- | M] () -- C:\Users\BENUTZER\Desktop\Speed4Trade - eCommerce Lösungen.url [2011.04.18 09:45:45 | 000,000,172 | ---- | M] () -- C:\Users\BENUTZER\Desktop\E-Commerce Software und Services Intershop Communications AG (3).url [2011.04.18 09:45:41 | 000,000,208 | ---- | M] () -- C:\Users\BENUTZER\Desktop\Unser Managed-Shop-Hosting - ShopDriver Shopsystem und Shop Software.url [2011.04.18 09:31:40 | 000,048,256 | ---- | M] () -- C:\Users\BENUTZER\Desktop\screenshot.JPG [2011.04.16 12:17:02 | 000,002,309 | ---- | M] () -- C:\Users\Public\Desktop\QuickSteuer DELUXE Wissens-Center 2010.lnk [2011.04.14 10:23:10 | 000,000,600 | ---- | M] () -- C:\Users\BENUTZER\AppData\Local\PUTTY.RND [2011.04.14 10:19:39 | 000,006,845 | ---- | M] () -- C:\.viminfo [2011.04.14 10:12:44 | 000,012,066 | ---- | M] () -- C:\.bash_history [2011.04.11 18:16:27 | 000,001,912 | ---- | M] () -- C:\Users\BENUTZER\Documents\it.banner.unicode.sql [2011.04.11 18:06:02 | 000,001,910 | ---- | M] () -- C:\Users\BENUTZER\Documents\it.banner.sql [2011.04.11 17:39:41 | 006,304,545 | ---- | M] () -- C:\Users\BENUTZER\Documents\it.address-book.sql [2011.04.05 20:08:34 | 000,091,131 | ---- | M] () -- C:\archiv.tar [2011.04.05 18:17:08 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI [2011.04.05 11:05:51 | 000,001,187 | ---- | M] () -- C:\Users\BENUTZER\Desktop\Navicat Premium.lnk [2011.04.05 09:33:52 | 000,001,056 | ---- | M] () -- C:\Users\Public\Desktop\NuSphere PhpED.lnk [2011.04.05 08:46:17 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011.03.28 15:05:50 | 000,214,439 | ---- | M] () -- C:\Users\BENUTZER\Documents\Commerzbank_Wertpapierstrategie_April.pdf [1 C:\Users\BENUTZER\*.tmp files -> C:\Users\BENUTZER\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.26 10:25:19 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.21 10:49:21 | 2516,082,688 | -HS- | C] () -- C:\hiberfil.sys [2011.04.20 19:03:42 | 000,000,155 | ---- | C] () -- C:\Windows\System32\autopart.opt [2011.04.20 17:28:18 | 000,001,216 | ---- | C] () -- C:\Users\Public\Desktop\Acronis Disk Director 11 Home.lnk [2011.04.20 15:31:47 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk [2011.04.20 15:31:46 | 000,001,527 | ---- | C] () -- C:\Users\Public\Desktop\Acronis Online Backup.lnk [2011.04.20 10:21:13 | 113,836,032 | ---- | C] () -- C:\Users\BENUTZER\Documents\boot.iso [2011.04.19 15:51:06 | 080,842,752 | -HS- | C] () -- C:\tnd_loader.dat [2011.04.19 12:18:57 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.04.18 09:45:50 | 000,000,220 | ---- | C] () -- C:\Users\BENUTZER\Desktop\Speed4Trade - eCommerce Lösungen.url [2011.04.18 09:45:45 | 000,000,172 | ---- | C] () -- C:\Users\BENUTZER\Desktop\E-Commerce Software und Services Intershop Communications AG (3).url [2011.04.18 09:45:40 | 000,000,208 | ---- | C] () -- C:\Users\BENUTZER\Desktop\Unser Managed-Shop-Hosting - ShopDriver Shopsystem und Shop Software.url [2011.04.18 09:31:38 | 000,048,256 | ---- | C] () -- C:\Users\BENUTZER\Desktop\screenshot.JPG [2011.04.16 12:17:02 | 000,002,309 | ---- | C] () -- C:\Users\Public\Desktop\QuickSteuer DELUXE Wissens-Center 2010.lnk [2011.04.14 10:19:38 | 000,006,845 | ---- | C] () -- C:\.viminfo [2011.04.11 18:16:25 | 000,001,912 | ---- | C] () -- C:\Users\BENUTZER\Documents\it.banner.unicode.sql [2011.04.11 17:59:08 | 000,001,910 | ---- | C] () -- C:\Users\BENUTZER\Documents\it.banner.sql [2011.04.11 17:39:39 | 006,304,545 | ---- | C] () -- C:\Users\BENUTZER\Documents\it.address-book.sql [2011.04.05 20:08:33 | 000,091,131 | ---- | C] () -- C:\archiv.tar [2011.04.05 11:05:51 | 000,001,187 | ---- | C] () -- C:\Users\BENUTZER\Desktop\Navicat Premium.lnk [2011.04.05 11:05:44 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll [2011.04.05 09:33:52 | 000,001,056 | ---- | C] () -- C:\Users\Public\Desktop\NuSphere PhpED.lnk [2011.03.28 15:05:50 | 000,214,439 | ---- | C] () -- C:\Users\BENUTZER\Documents\Commerzbank_Wertpapierstrategie_April.pdf [2011.03.18 19:04:51 | 000,000,132 | ---- | C] () -- C:\Users\BENUTZER\AppData\Roaming\Adobe GIF Format CS5 Prefs [2011.02.25 10:47:30 | 000,000,394 | ---- | C] () -- C:\Windows\hbcikrnl.ini [2011.02.25 10:47:06 | 000,167,936 | ---- | C] () -- C:\Windows\System32\SerialXP.dll [2011.02.25 10:47:06 | 000,027,648 | ---- | C] () -- C:\Windows\System32\win32com.dll [2011.01.08 12:53:51 | 000,000,132 | ---- | C] () -- C:\Users\BENUTZER\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011.01.08 12:05:52 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.12.31 15:30:48 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI [2010.10.17 11:49:15 | 000,000,132 | ---- | C] () -- C:\Users\BENUTZER\AppData\Roaming\Adobe BMP Format CS5 Prefs [2010.10.06 11:20:54 | 000,000,322 | ---- | C] () -- C:\Windows\ksstudio.ini [2010.10.06 11:16:46 | 000,000,000 | ---- | C] () -- C:\Windows\graphedt.INI [2010.08.20 09:51:34 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2010.08.09 13:16:27 | 000,003,584 | ---- | C] () -- C:\Users\BENUTZER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.07.30 10:36:30 | 000,073,728 | ---- | C] () -- C:\Windows\StkUnist.exe [2010.07.30 10:36:29 | 000,186,240 | ---- | C] () -- C:\Windows\System32\drivers\StkCSF.sys [2010.07.04 11:08:42 | 000,001,456 | ---- | C] () -- C:\Users\BENUTZER\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll [2010.06.08 10:18:34 | 000,149,688 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2010.06.02 12:12:01 | 000,000,600 | ---- | C] () -- C:\Users\BENUTZER\AppData\Local\PUTTY.RND [2010.04.26 15:53:22 | 000,000,410 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2010.04.26 15:53:22 | 000,000,153 | ---- | C] () -- C:\Windows\brpcfx.ini [2010.04.26 15:52:51 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.04.26 15:51:55 | 000,000,065 | ---- | C] () -- C:\Windows\System32\bd7820n.dat [2010.04.26 15:51:49 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2010.04.26 15:51:47 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll [2010.03.11 18:22:26 | 000,034,706 | ---- | C] () -- C:\Windows\Irremote.ini [2010.03.11 18:22:07 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI [2010.03.11 18:21:47 | 000,142,337 | ---- | C] () -- C:\Windows\System32\Wait.exe [2010.03.11 18:20:28 | 000,002,344 | ---- | C] () -- C:\Windows\HCWPNP.INI [2010.03.10 18:40:21 | 000,007,647 | ---- | C] () -- C:\Users\BENUTZER\AppData\Local\Resmon.ResmonCfg [2010.03.06 15:20:16 | 000,000,000 | ---- | C] () -- C:\Windows\Cube.INI [2010.02.16 12:24:45 | 000,000,423 | ---- | C] () -- C:\Windows\ODBC.INI [2010.02.08 08:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\System32\vfprintpthelper.dll [2009.12.12 12:25:10 | 000,164,864 | ---- | C] () -- C:\Windows\System32\UNWISE32.EXE [2009.12.01 10:18:40 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2009.11.25 14:11:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009.11.24 19:48:57 | 000,040,960 | ---- | C] () -- C:\Windows\System32\hcwxds.dll [2009.11.24 18:38:42 | 000,000,304 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat [2009.11.17 17:11:26 | 000,303,104 | ---- | C] () -- C:\Windows\System32\dnt27VC8.dll [2009.11.17 17:09:36 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dntvmc27VC8.dll [2009.11.17 17:09:20 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dntvm27VC8.dll [2009.07.14 10:47:43 | 000,768,026 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 10:47:43 | 000,175,606 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 003,781,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,722,738 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,148,394 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.18 20:29:04 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2009.04.08 07:17:48 | 000,057,344 | ---- | C] () -- C:\Windows\System32\FKStampPainter20.dll [2009.02.18 18:55:22 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe [2009.02.03 21:52:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe [2009.02.02 20:11:40 | 000,208,896 | ---- | C] () -- C:\Windows\System32\LXPrnUtil10.dll [2008.03.11 13:17:25 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat [2007.10.11 11:40:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\drivers\MosIrUsb.sys [2007.07.07 17:50:56 | 000,121,562 | ---- | C] () -- C:\Windows\System32\PicFormat32.dll [2006.09.21 14:53:28 | 000,282,679 | ---- | C] () -- C:\Windows\System32\dnt27.dll [2006.09.21 14:52:24 | 000,077,882 | ---- | C] () -- C:\Windows\System32\dntvmc27.dll [2006.09.21 14:52:14 | 000,077,881 | ---- | C] () -- C:\Windows\System32\dntvm27.dll [2006.04.21 10:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll [2006.02.09 08:50:54 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html [1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys < End of report > Zum Schluß noch der Inhalt aus Extras.txt von OTL OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 26.04.2011 20:25:32 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\BENUTZER\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 207,79 Gb Total Space | 119,84 Gb Free Space | 57,67% Space Free | Partition Type: NTFS
Drive D: | 78,13 Gb Total Space | 38,97 Gb Free Space | 49,89% Space Free | Partition Type: NTFS
Drive E: | 356,84 Gb Total Space | 276,07 Gb Free Space | 77,36% Space Free | Partition Type: NTFS
Drive F: | 117,19 Gb Total Space | 61,63 Gb Free Space | 52,59% Space Free | Partition Type: NTFS
Drive G: | 177,29 Gb Total Space | 38,58 Gb Free Space | 21,76% Space Free | Partition Type: NTFS
Drive I: | 149,05 Gb Total Space | 70,97 Gb Free Space | 47,62% Space Free | Partition Type: NTFS
Computer Name: COMPUTER | User Name: BENUTZER | Logged in as USER.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{05A6F765-D749-45E6-A157-2E5ADE8F8FF0}" = sensorsamples
"{06E34C00-0446-4176-81C8-A5DAFE53CA36}" = Acronis Disk Director 11 Home
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{085AC6CC-3716-4C62-8965-FF94296BCC26}" = vistalibs_x64fre
"{089387C3-9AC0-4994-9381-75B4CD4BC907}" = Setup-PCE-BDM
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{091DDD71-FA98-4FF6-8E6F-07C9D09E29B8}" = wdftools_ia64fre
"{0A026ED9-D774-4008-B62C-7565E5626371}" = networklibraries_ia64fre
"{0A049327-DE93-4098-B573-AAC71E0E6FA4}" = toastermetadatapackagesample
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A68FF18-07E3-4D28-BFDC-8F51ECE8A011}" = infsample_x64fre
"{0AD94592-05F9-4E96-9418-D50FEE317342}" = networklibraries_x86fre
"{0F32914F-A633-4516-B531-7084C8F19F93}" = Haufe iDesk-Browser
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{11C88EEC-23FC-4181-B6E4-22247E2ABD28}" = Microsoft Expression Web 3
"{1231849C-2D95-46C5-BC1B-A7A4481A279F}" = dsfsamples
"{1321CC95-FB73-4437-8F77-B179432F8857}" = setupsamples
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1570DE88-A78A-37FD-8A05-92620D160CCA}" = Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - DEU
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16323910-782A-48A1-B604-C0A0021A1907}" = USB2.0 Digital Microscope
"{170DE2A7-4768-370C-9671-D8D17826EFBF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{17349339-D8E7-4394-805E-E2346C19BA82}" = setuptools_x64fre
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{18E1FD72-60FA-3E10-A66B-640970B5559F}" = Visual Studio Tools for the Office system 3.0 Runtime Language Pack - DEU
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{197AB90B-2CE8-4098-B8DC-A8C7ACBBEAD9}" = imagingtools_x86fre
"{198C0A8A-5E8D-4CF5-BE66-9D0E1FFBC217}" = pnptools_x64fre
"{1A2606DD-5E86-4ADA-954B-D98012A174E0}" = ocxinstall
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1C2B3CEA-482E-4453-B3E2-C9731337828A}" = Microsoft SQL Server 2008 Native Client
"{1C3ADB5F-750E-4453-AC98-B75C5323845C}" = Microsoft SQL Server Compact 3.5 for Devices DEU
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{1D40200D-F18E-3549-96D7-90ABCB693DAD}" = MSDN Library for Visual Studio 2008 SP1 - DEU
"{1E8FC55E-F212-4B80-A0F7-A0D178C2FE4A}" = powermanagement_ia64fre
"{1F20DE69-167B-4F69-8D99-10DA59D92D10}" = headers
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{225C12AE-BB37-4EE3-8935-583E2F0E6644}" = Lexware reisekosten 2009
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{28CF21CC-3FFF-3610-BA0E-5E5118EE92D5}" = Microsoft Visual Studio 2010 Premium - DEU
"{28E0E806-0461-4E12-B272-465766FF94FB}" = bluetoothsamples
"{290790FE-0D04-4E3D-B1C9-6CDCF64B1E04}" = wdtfbinaries_x64fre
"{2ADD318F-B560-4D64-9A2B-0196FCF103BD}" = audiosamples
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{315A928B-2B99-4E22-A066-14CD901F9C0B}" = generaltools_ia64fre
"{319786B7-D72F-43B3-99C1-E93724ED17D3}" = Lexware online banking 4.90
"{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU
"{32148D5D-909F-4A7B-93EE-5C16B71F4A8C}" = funScreenScraping Client Version
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{329335E6-0A4B-42B9-9230-5CAC83B04649}" = vistalibs_ia64fre
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{34600C75-5EF7-476C-A897-531078A304C3}" = buildtools_x86fre
"{35546EB8-2D2F-4AAD-9FE5-9574520F4AD8}" = offreg_ia64fre
"{37AC7F94-2C0C-3DFF-8039-4B6AB79150D0}" = Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools
"{37DD5BB3-9DB4-4D92-9E50-16F2AD14A317}" = MySQL Server 5.5
"{37E0996B-CD8D-46C9-A801-9EE67276DF9A}" = tracingtool_x64fre
"{384DB786-E488-45CC-AB4A-E6ABE11B0905}" = tools_ia64fre
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38AD20B9-0433-45D5-86D6-C76BAE151892}" = printtools_ia64fre
"{3924C3E7-C440-4B23-9740-9A9EC0545F21}" = Crystal Reports Basic German Language Pack for Visual Studio 2008
"{39556553-8C77-4C5E-8F30-4083274948A2}" = Application Verifier
"{3A2F0C18-0F0B-44BF-80F0-CB4204565573}" = printtools_x64fre
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B31D97A-7CF4-4ED2-8593-535AE7C0FB92}" = toolindex
"{3BC1AB78-2D98-4906-84B5-4230B5420DCC}" = Offline Course Player
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C9E736F-8436-41D2-87F3-1468A59CA866}" = tracingtool_ia64fre
"{3ECC5DE9-FF75-4EDD-8D46-6E4A59603E16}" = debugfiles_win7
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{4077C73A-C623-40B9-8D0A-B9D501AF3046}" = tracingtool_x86fre
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{44046312-696F-4E29-82C8-3F29F81DD11F}" = Lexware Elster
"{445174EA-3D3A-308E-84AD-446127E71441}" = Microsoft Visual Studio 2008 Professional Edition - DEU
"{4649A430-BC01-4C9E-9846-50FC56A9D00E}" = generalsamples
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{47F94730-ABD2-47F6-920E-EA8CDB6DD0C6}_is1" = BASCOM-AVR
"{48402841-6F46-464D-8FA1-3A4460C8399D}" = toastersample
"{4908FC86-4753-40EB-99CD-1F1EB30E6F84}" = fireflysample
"{493028C3-0EC5-4FBF-B3D3-F4A934AB8801}" = eventsample
"{49B35B72-04FF-478D-842E-DBC7A5E68285}" = biometricsamples
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4ACDC413-AF13-3934-8D8A-1F8CEF70D1A5}" = Microsoft Document Explorer 2008 Language Pack - DEU
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4B509F1E-BEA7-3D0E-BE94-3BBF85E8D698}" = Microsoft Windows SDK .NET Framework Tools (30514)
"{4C3B13F6-7CA2-47FD-9A47-C542BA730EF7}" = libs_x64fre
"{4C9C47E8-C79E-4A3B-BD87-5088916F67BC}" = imagingtools_ia64fre
"{4CCA10F5-40E2-439E-9D82-67F70A292CCC}" = Polar WebSync
"{4DD3FE4D-1D81-44F4-9FCC-BB8F861C6E21}" = pfd_x64fre
"{4DD6CC58-ED0B-46F1-8A23-4661D7DA60DD}" = wnetlibs_x64fre
"{4DF9AF39-93A8-45BD-AB41-6577969C4AE0}" = cancelsample
"{4E3A817A-8033-3D7E-BCA9-102EFF3FD9CA}" = Microsoft Device Emulator Version 3.0 - DEU
"{4F30BC2B-5441-3149-91D7-FAA2332E2F5F}" = Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
"{4FBF748A-AF57-487E-8A74-A32710938A7C}" = bluetoothtools_x64fre
"{5008655B-381C-4C45-BF2F-E1998DDED2C5}" = chkinftool_x86fre
"{502A382B-6A1F-41C3-A370-A085182EEA91}" = wdftools_x86fre
"{5058FE9A-CF62-48B5-9AA2-48C536827880}" = sideshowsamples
"{5193B1FC-FC33-4CBA-9B9F-85F3D8F7CD87}" = readme
"{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{53C53D37-CA3C-4C32-B1B5-3BCC594144C2}" = networksamples
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{57456DD2-4CDD-4245-A5E6-D865CD8E0238}" = Lexware reisekosten 2009
"{579CB8A1-9966-4223-943F-05B3CF84C841}" = Microsoft Visual C++ 2008 Samples
"{59624372-3B85-47f4-9B04-4911E551DF1E}" = Lexware Info Service
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5B66B4F6-D913-4D8D-B997-2E208ABECA73}" = portiosample
"{5B86F724-E2A0-47B6-805A-88D873175EFB}" = biometrictools_x86fre
"{5BE72DAD-15B7-4B1D-808D-9C66DF8E691D}" = storagesamples
"{5BF31BC3-EA1C-4905-9FF1-0FFBE5C4099B}" = bussamples
"{5CFC8A29-B245-4409-B8EE-CED98238E00C}" = Altova MissionKit® 2010 rel. 3 for Enterprise XML Developers
"{5D8A40E9-8E59-3761-98DE-2C9F7303FA17}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Windows Debugging Tools (30514)
"{5DB161C0-7C9C-41D7-8DA1-CB112F60946B}" = Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack
"{5E19FE0D-CBC4-49DB-AF02-9DDEBFE35EF2}" = ActivePerl 5.12.0 Build 1200
"{5E38A4B3-E50B-4E05-AC66-CDA806B12D10}" = smartcardsamples
"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit June 2009 (Version 3.5.40619.1)
"{60F063BE-732B-3E02-9574-63F81F057A8B}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Application Verifier (30514)
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{62B7C52C-CAB6-48B1-8245-52356C141C92}" = RENESIS® Player Browser Plugins
"{62BEC6D1-0287-4272-BFC4-C7C1A422B718}" = avstreamtools_x86fre
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63B405FD-A763-4F88-8844-1673AA5F00AB}" = wnetlibs_ia64fre
"{64c5b887-b5ee-42b8-8596-78905a6b5f1f}" = Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
"{65B89385-7BC3-4B25-A2A7-A621D149D298}" = wdtfbinaries_ia64fre
"{66D6D87F-D616-408F-9AD1-70D4D744DC29}" = irsamples
"{670CAF31-78EA-4A8B-9F8D-32EC018B1345}" = pnptools_x86fre
"{6742BE3D-1A59-3BFD-BA20-2FDA866099B8}" = Microsoft Visual Studio 2010 Premium - ENU
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{681F4E9F-34E0-36BD-BF2C-100554E403A5}" = Microsoft Visual F# 2.0 Runtime Language Pack - DEU
"{699C970F-1E17-3CD8-A2EA-87AB9EDEDFF4}" = Microsoft Windows SDK for Windows 7 Samples (30514)
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6B0EBD96-8ADA-4B36-83A0-AC35D12DC4CE}" = Silicon Laboratories CP210x VCP Drivers for Windows 7
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E9CFEF5-0245-411F-8587-CF83DF9D4B05}" = Microsoft SQL Server 2008 Database Engine Services
"{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{6F1B3EC0-1182-4AA6-9E08-C4D7A05E1B7C}" = streammediasamples
"{6F9AD5EF-EF6A-4548-B797-2543F0D1F28F}" = offreg_x86fre
"{71E96A45-FE54-4AF6-B208-A3F860EF1063}" = usbsamples
"{721B5CF0-D220-4955-BB6F-EBCFB1096DE7}" = Windows Mobile 5.0 SDK R2 for Pocket PC
"{725943A7-97C3-4E7D-841E-7E6FBAABF64B}" = drvtools_ia64fre
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{72CCBEA1-8D57-4981-A337-81019F28C5BA}" = Microsoft .NET Compact Framework 3.5
"{752E90AC-3F11-4EA3-88EA-96441047EC31}" = Microsoft Expression Web 3 SP1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AA5E78D-BE64-4EA2-9CA7-DE37DCB3009A}" = Microsoft Expression Blend 3 SDK
"{7AFFE35D-047A-3D27-B204-1CD849933C02}" = Microsoft Windows SDK for Windows 7 Common Utilities (30514)
"{7BEC151D-ADA9-3EA9-9273-99BA82881971}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{7C668763-D786-460C-8921-079B8954C352}" = Microsoft Expression Studio 3
"{7CA89ADF-C212-4D5A-85EC-79BAA250A656}" = infsample_x86fre
"{7DD52F48-C19E-4FD8-8B25-429F96321003}" = Microsoft Windows Driver Kit Documentation 7600.091201
"{7ED7AA72-49BE-40FB-89C4-F1DBAAC16F01}" = dfx_ia64fre
"{80CFB54B-2C2C-4513-9B90-923F7F850074}" = evntdrvsample
"{80E9F5C1-4F6D-494C-A8D3-0B0879EA368D}" = DDBAC
"{82B341CB-D57D-4286-BE54-FB86BAAD23EB}" = pfd_x86fre
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{84E8E114-069F-4C04-827A-434C5E84926B}" = QuickSteuer DELUXE Wissens-Center 2010
"{85701256-4CFE-4144-A831-4D03DB2C830A}" = wpdtools_x86fre
"{857DA860-472D-483E-AC6E-B9D7DDCDB0BA}" = Microsoft Expression Design 3
"{85C977FB-2A5B-3223-8AC5-828558EAF7D9}" = Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
"{86DE5D5D-7F44-4D9E-803C-4298732C16A3}" = dfx_x86fre
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AFD8D85-FF4D-4DA7-B1A0-14C6A1BA1F59}" = setuptools_x86fre
"{8B62890F-E903-42BA-B1F7-7868432BCC4A}" = tools_x64fre
"{8BF161B5-1065-4457-8C7C-76366914033A}" = drvtools_x86fre
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0021-0407-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (German) 2007
"{90120000-0021-0407-0000-0000000FF1CE}_VisualWebDeveloper_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_VisualWebDeveloper_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{9096B2CA-170B-4696-AB43-AF5DD8D539E6}" = hid_inputsamples
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{9269E4BE-0607-488B-9BFD-9E54FEADB17B}" = ioctlsample
"{928D2FB1-291A-362B-89A4-7075A9D904A4}" = Microsoft Windows SDK for Windows 7 (7.1)
"{92C5C058-E941-47C3-B7E8-38A79C605969}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D33319-C14C-3070-A464-CE8416E46487}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1
"{984AD1E9-A775-40F8-9A43-70908593B247}" = hidsampleinput
"{984E6987-6A7E-4F2D-AF7F-68BBB3BD68AD}" = dfx_x64fre
"{9936A6C2-0C21-49D8-8AB1-92384259D214}" = powermanagement_x86fre
"{99870CAE-4D57-42F2-9427-AC88F33FC8C3}" = buildsamples
"{99F0C3CC-8DF0-3611-B190-CF4D1AF0E053}" = Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.2
"{9A444847-CF56-404A-8815-2E41259CB224}" = wdtfbinaries_x86fre
"{9A9C11FA-AE85-3B48-86BE-5FA83D0384B3}" = Microsoft Windows SDK Intellisense and Reference Assemblies (30514)
"{9AA2D735-3375-42D4-9A61-3FFEF82599D6}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{9C3B8582-A72A-4835-8903-877A834407BB}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework
"{9D668C99-AEED-472A-98C0-65D8865150F6}" = wxplibs_x86fre
"{9DC1A9BA-070A-455F-8AC3-62587524ADFB}" = Quicken 2011 - ServicePack 4
"{9E6C6A09-A71E-45A4-8DBE-68C64DFC451B}" = generaltools_x64fre
"{9F3E3C1B-6964-48D6-84C8-925C9A5A8229}" = Polar Daemon
"{A072218B-9353-4FAA-A969-64E64568B431}" = umdfsamples
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A13D9E3A-B31D-4E69-8681-EDB7AA02E365}" = Quicken Import Export Server 2011
"{A541122D-7159-40B6-991D-A8A89006DB91}" = displaysamples
"{A74123D0-28F2-431A-8C9A-864CD6F2F900}" = infsample_ia64fre
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AA467959-A1D6-4F45-90CD-11DC57733F32}" = Crystal Reports Basic for Visual Studio 2008
"{AB99CA8E-0BA0-4AE7-A9AF-26D97D70A570}" = bluetoothtools_x86fre
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_944" = Adobe Acrobat 9.4.4 - CPSID_83708
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.3 - Deutsch
"{AC849092-6F19-4395-8860-BC3B82CAFE51}" = funScreenScraping Microsoft Systemdateien
"{ACAF97EB-7C5B-4C13-84E2-656FD8F2AE08}" = imagingtools_x64fre
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP 12
"{AEDC22CF-1590-4095-8053-4B724A5BA7A8}" = wsdtool_x86fre
"{B086FEC7-E6B5-4E03-B7DC-60D5D0787174}" = drvtools_x64fre
"{B1060346-9388-4C5B-AA52-176C39819E43}" = Microsoft .NET Compact Framework 2.0 SP2
"{B121B2B4-867E-4389-AC58-0AEC72C37F47}" = wpdsamples
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B268E9A1-04A9-40D0-9866-846BE2B74BA7}" = Microsoft Windows SDK for Visual Studio 2008 Win32 Tools
"{B2B60AF9-E82A-453D-AB79-B4103614FF7E}" = setuptools_ia64fre
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B4665EAE-6733-4978-8757-629C7D8DD6A5}" = powermanagement_x64fre
"{B533A27C-3B5D-42AB-B397-A817F154CC22}" = printtools_x86fre
"{B66819C1-8FA4-4456-A12C-E8C6555DC2E2}" = libs_x86fre
"{B66D9EAC-DDAE-4477-93B2-A946438D97B6}" = wmisamples
"{B7072091-4582-396F-87E2-412C85AC7095}" = Microsoft Windows SDK MSHelp (30514)
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B875D436-48A7-42CE-A105-23A7F65B9A60}" = avstreamtools_ia64fre
"{B8E9F8A1-9F4D-43D5-ABD6-1DF067FAA469}" = Microsoft SQL Server 2008 Database Engine Services
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{BD33DB46-D5EE-4529-8854-7161F4A87720}" = avstreamtools_x64fre
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{BEC25D5C-2CD4-4518-8061-4D97D61C710F}" = pnpportssample
"{BFBDD199-81A2-4BFA-9581-D2EA1716B546}" = DSF-KitSetup
"{C0742F98-1E35-4755-A32D-9F9DAE97CBF3}" = ifssamples
"{C1620364-5718-43DD-B6B7-104A0A41EACC}" = swtuner
"{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}" = Brother MFL-Pro Suite MFC-7820N
"{C2C2CC3D-E764-39E9-8AA7-394ECDED2102}" = Microsoft Help Power Tool
"{C521D5BA-BAE4-43E7-9250-6436E0502948}" = hidsamples
"{C617EC41-9E21-3915-AA7E-F156B74F7D07}" = Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514)
"{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86)
"{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5
"{C7966AB3-A8D9-48D5-B7DF-922674C40098}" = Device Simulation Framework 1.0.1
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}" = Microsoft Windows SDK for Visual Studio 2008 Tools
"{CBE08674-3776-4578-9992-46FAEF528F15}" = oacr_x86fre
"{CC2FB3DD-C2DD-4D35-911C-042F3532EE79}" = tools_x86fre
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE2A7D92-D766-30A9-B195-C4772EE2695F}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Common Tools (30514)
"{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}" = Dotfuscator Software Services - Community Edition - DEU
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D058CD28-634C-4EF1-A47D-669FD6BE0C55}" = generaltools_x86fre
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1ABCCBA-5525-48B2-9D13-F6D4B6CE4749}" = buildtools_ia64fre
"{D4649DBC-E3A2-4217-BCB0-17E8203E8B33}" = WiX Toolset v3.6.1321.0 MSI Package
"{D4E7A54A-4124-49A7-835B-F3BB3B501475}" = libs_ia64fre
"{D721152B-35EB-44F3-AB58-D0AE8882813F}" = sdv
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{D80B8A95-3DC7-428C-B216-70251A4296DD}" = wnetlibs_x86fre
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D982C565-EE25-4E1D-8581-95ABDF637032}" = pfd_ia64fre
"{DA7F48EF-5F56-45FE-9169-3B8159A7A323}" = Windows Mobile 5.0 SDK R2 for Smartphone
"{DB1F1933-58B6-4ACD-A7E8-ABE8CC086A07}" = System Requirements Lab for Intel
"{DB2DA644-E019-49FE-9E0B-90DD2AEC8367}" = Z-Icon Tool
"{DBE8431C-CF9A-38C3-B42D-28B6FCE1EA3B}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU
"{DC0B9B4B-3198-4F0F-8A2D-1235ED539D53}" = biometrictools_x64fre
"{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
"{DC6B7F7C-20F7-4D40-9735-957752CE5F53}" = pnptools_ia64fre
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEE03A90-C723-4E3D-A661-86651D6F0668}" = QuickSteuer Deluxe 2010
"{DF7DBA84-0A55-11D6-A0A6-6A7573736972}" = Polar ProTrainer
"{E1423BD0-AAAE-4291-B220-863AEDF873D7}" = printsamples
"{E1C4F4F3-067B-4E16-87AB-1DF79D287126}" = Microsoft Expression Blend 3
"{E259DE5F-4980-4882-85D0-312F82721ED5}" = Quicken 2011
"{E32260E7-0B10-43C7-9B77-AB9F4184676D}" = Microsoft SQL Server Compact 3.5 Design Tools DEU
"{E35466C4-2C85-4718-801E-761E18ACDD91}" = avstreamsamples
"{E4197D6B-F046-33E7-ABDE-51FF373FDC76}" = Windows SDK IntellisenseNFX
"{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}" = Microsoft ASP.NET MVC 2 - DEU
"{E5052212-DAF0-4BD2-A28E-EF9B9A1D3D81}" = buildtools_x64fre
"{E6343838-6EFE-4528-90ED-8D9258CA4584}" = installhelp
"{E6847FF6-C825-4739-814D-8758A9B30A9A}" = modemtools
"{E6E836AB-EC50-48EA-9208-374A982F28F2}" = bluetoothtools_ia64fre
"{E754BD2E-5F64-4D38-A1C6-8B8143A09985}" = offreg_x64fre
"{E761E173-81A4-4C12-A28D-322952C4F31B}" = wpdtools_x64fre
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{E8FC40D9-D7E5-49FC-B58C-D366A3F35874}" = Microsoft Expression Encoder 3
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{EBD729CC-602A-4D12-896B-4FBEBE1B6C4F}" = wcoinstallers
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EC66418E-DAA2-36D5-809E-40BEC94E622A}" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"{EDE33D47-848D-4BAE-8399-01D4457D8F64}" = wsdtool_ia64fre
"{EE1E82F8-E538-4B5A-952B-6252DEFA5D06}" = wsdtool_x64fre
"{EE531675-A09C-51DD-F356-ECA9D6857039}" = Adobe Community Help
"{F1ED5BD7-4770-4037-9CBD-5DF9A5BEC408}" = Plus Pack für Acronis True Image Home 2011
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F573FC3C-4149-4FE7-B189-7E5DD3281927}" = networklibraries_x64fre
"{F5F16DEF-5F74-46C8-95E3-AC2FEB04A9DD}" = wdftools_x64fre
"{F6995FC4-2D91-4169-B3C4-7C51B7123902}" = Lexware online banking
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7E345A5-F79B-44EE-BC4A-738899E756C0}" = Lexware online banking 4.90
"{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86)
"{FB2EEF6E-00A7-4863-A44A-227EB927A589}" = vistalibs_x86fre
"{FC338210-F594-11D3-BA24-00001C3AB4DF}" = cyberJack Base Components
"{FCFE5318-77F7-4661-A526-418C431A48B5}" = wpdtools_ia64fre
"{FDAA0CD7-930D-4E16-B3A2-66FAA2EEF3AD}" = pcidrvsample
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Windows-Treiberpaket - Nokia Modem (06/09/2010 4.5)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira Premium Security Suite
"AVS Audio Editor_is1" = AVS Audio Editor version 6.1
"AVS Audio Recorder_is1" = AVS Audio Recorder version 4.0
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"Blend_3.0.1938.0" = Microsoft Expression Blend 3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CSELITE65_is1" = CSE HTML Validator Lite v6.52
"Design_6.0.1739.0" = Microsoft Expression Design 3
"desktask" = DeskTask (remove only)
"EEEE705096F837B7907659F100C9FE6DA001970F" = Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.7)
"Encoder_3.0.1332.0" = Microsoft Expression Encoder 3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"ExpressionStudio_3.0.1064.0" = Microsoft Expression Studio 3
"GridVista" = Acer GridVista
"h3viewerXX_is1" = H3Viewer by hxxp://www.Helpware.net
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"InstallShield_{E259DE5F-4980-4882-85D0-312F82721ED5}" = Quicken Deluxe 2011
"Keseling CD-Menü 6.0.5_is1" = Keseling CD-Menü 6.0.5
"KitSetup Registration {B4285279-1846-49B4-B8FD-B9EAF0FF17DA}:{68656B6B-555E-5459-5E5D-6363635E5F61}" = Microsoft Windows Driver Kit 7.1.0.7600
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft Document Explorer 2008 Language Pack - DEU" = Microsoft Document Explorer 2008 Language Pack - DEU
"Microsoft Help Power Tool" = Microsoft Help Viewer Power Tool
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack" = Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack
"Microsoft Visual Studio 2008 Professional Edition - DEU" = Microsoft Visual Studio 2008 Professional Edition - DEU
"Microsoft Visual Studio 2010 Premium - DEU" = Microsoft Visual Studio 2010 Premium - DEU
"Microsoft Visual Studio 2010 Premium - ENU" = Microsoft Visual Studio 2010 Premium - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Studio Macro Tools - DEU Language Pack" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"Mozilla Embedded Browser_is1" = Mozilla Embedded Browser version 3.5
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"MProg 3.0a" = MProg 3.0a
"MSDN Library für Visual Studio 2008 SP1" = MSDN Library für Visual Studio 2008 SP1
"Nokia PC Suite" = Nokia PC Suite
"NuSphere PhpED_is1" = NuSphere PhpED version 5.9.5
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Office14.VISIOR" = Microsoft Visio Premium 2010
"OpenVPN" = OpenVPN 2.1.0
"Password Safe" = Password Safe
"PHP Documentor_is1" = Php Documentor version 1.4.2 for NuSphere PhpED
"PHP_is1" = php-4.4.9 for NuSphere PhpED
"PHP5_is1" = php-5.2.17 for NuSphere PhpED
"PHP53_is1" = php-5.3.5 for NuSphere PhpED
"POLYSTYLE_is1" = Polystyle 2.0zo (trial) for NuSphere PhpED
"PremiumSoft Navicat Premium_is1" = PremiumSoft Navicat Premium 9.1
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"SpeedFan" = SpeedFan (remove only)
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"Visual Studio Tools for the Office system 3.0 Runtime Language Pack - DEU" = Visual Studio-Tools für Office System 3.0 Runtime Language Pack - DEU
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"Web_3.0.3813.0" = Microsoft Expression Web 3
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.4.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe ConnectNow Add-in" = Adobe ConnectNow Add-in
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
29.04.2011, 16:30
| #3 |
| /// Malware-holic   | Umleitungen in Firefox, automatisches öffnen von neuen Reitern und andere Problemchen machst du onlinebanking einkäufe oder sonst was wichtiges mit dem pc
__________________
__________________ |
|
01.05.2011, 09:45
| #4 |
| | Umleitungen in Firefox, automatisches öffnen von neuen Reitern und andere Problemchen Es werden schon vertrauliche Sache auf dem PC erledigt. Und es ist einfach nervig wenn du deinen Browser starten willst und er macht andere Sachen. Jetzt momentan macht bei jedem Herunterfahren Updates die er beim Hochfahren konfigurieren muß. also es wird immer mehr. Und es gibt ja hier http://www.trojaner-board.de/97193-u...-probleme.html eine Anleitung die man vielleicht benutzen kann nur jetzt bin ich an einem Punkt wo erste Reperaturschritte unternommen werden sollen und da kann ich nicht so einfach die Sachen von dort kopieren. Geändert von spinosa (01.05.2011 um 10:20 Uhr) |
|
02.05.2011, 14:50
| #5 |
| /// Malware-holic | Umleitungen in Firefox, automatisches öffnen von neuen Reitern und andere Problemchen es hat schon seine gründe, warum ich hier solche fragen stelle. - bank anrufen, onlinebanking sofort sperren lassen. befor noch jemand die chance erhällt dein geld auszugeben. - da wir nicht garantieren können das du das system sauber bekommst: - daten sichern, dazu gerhören bilder dokumente musik. nur daten aus legalen quellen, nicht aus filesharing netzen etc. - formatieren und das system neu aufsetzen. - pc absichern, tipps kannst du dazu bekommen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
02.05.2011, 15:05
| #6 |
| | Umleitungen in Firefox, automatisches öffnen von neuen Reitern und andere Problemchen hab ich eine Chance mit Autor Cosinus in Kontakt zu treten? Denn der hat die Anleitung auf die ich mich beziehe Anfang April geschrieben. |
|
02.05.2011, 15:08
| #7 |
| /// Malware-holic | Umleitungen in Firefox, automatisches öffnen von neuen Reitern und andere Problemchen und was hat das damit zu tun das du wegen diesem trojaner deinen pc formatieren musst? und dein onlinebanking sperren, außer natürlich du teilst gern das geld was du hast...
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
02.05.2011, 15:45
| #8 |
| | Umleitungen in Firefox, automatisches öffnen von neuen Reitern und andere Problemchen das hat nichts damit zutun. Aber die Antwort "Du mußt deinen PC formatieren." kam mir zu schnell und wenn das deine einzige Antwort ist dann hätte ich gern noch jemanden anderes gefragt, zumal es hier im Forum Anleitungen gibt ohne die Antwort "Du mußt deinen PC neu aufsetzen." Denn das wird sicher die Option sein die ich machen werde wenn garnichts funktioniert hat. |
|
02.05.2011, 15:56
| #9 |
| /// Malware-holic | Umleitungen in Firefox, automatisches öffnen von neuen Reitern und andere Problemchen du kannst von mir aus ne pm schreiben, verlinke auf den thread. dann wirst halt sehen ob du von ihm ne antwort bekommst. ich kann hier auch noch 10 programme laufen lassen, dich noch nen tag beschäftigen, und die antwort wird trotzdem die selbe sein. man kann nicht nachweisen das es auf dem pc keine malware gibt, selbst wenn alle symtome weg sind, bedeutet das noch lange nicht, dass der pc malware frei ist. da gibts doch eigendlich auch nichts zu überlegen, du sagst du machst irgendwas mit geld am pc. so, wenn man jetzt drüber nachdenkt, was ist dir lieber, zeit ins neu aufsetzen zu investieren, den pc absichern, oder das mal einer in deinem namen und auf deine rechnung shoppen geht, dein konto leer räumt oder deinen pc für straftaten benutzt?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
02.05.2011, 16:21
| #10 |
| | Umleitungen in Firefox, automatisches öffnen von neuen Reitern und andere Problemchen Danke für deine Bemühungen. |
|
| Themen zu Umleitungen in Firefox, automatisches öffnen von neuen Reitern und andere Problemchen |
| antivir, automatisches öffnen, avira, dateien, desktop, detected, explorer, firefox, forum, harddisk, logfiles, malwarebytes, microsoft, neu, neue, object, performance, problem, programme, recycle.bin, rootkit, rootkit.win32.tdss.tdl4, seite, seiten, software, studio, suche, system neu, system32, tdss, visual studio |
Linear-Darstellung
