| |
| |||||||
Log-Analyse und Auswertung: win32.katusha.oWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.06.2011, 12:29
| #1 |
 |  win32.katusha.o Hallo, vielleicht könnt ihr mir weiter helfen... (VISTA) Hab mir den oben genannten trojaner eingefangen (entdeckt via Spybot). Dann mal hier rumgeschaut... hab mir dann "Malwarebytes' Anti-Malware und OTL runtergeladen" Ergebnis ist... und was dann? OTL.TxtOTL Logfile: Code:
ATTFilter OTL logfile created on: 06.06.2011 13:02:25 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Fabo\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1021,76 Mb Total Physical Memory | 389,68 Mb Available Physical Memory | 38,14% Memory free 2,26 Gb Paging File | 1,00 Gb Available in Paging File | 44,35% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 173,99 Gb Total Space | 17,74 Gb Free Space | 10,19% Space Free | Partition Type: NTFS Drive D: | 45,22 Gb Total Space | 44,01 Gb Free Space | 97,32% Space Free | Partition Type: NTFS Drive E: | 2,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: FABO-PC | User Name: Fabo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Fabo\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Programme\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited) PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe (Matsushita Electric Industrial Co., Ltd.) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers) PRC - C:\Programme\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Fabo\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (CLTNetCnService) -- File not found SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) Extras.Txt OTL Extras logfile created on: 06.06.2011 13:02:25 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Fabo\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1021,76 Mb Total Physical Memory | 389,68 Mb Available Physical Memory | 38,14% Memory free 2,26 Gb Paging File | 1,00 Gb Available in Paging File | 44,35% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 173,99 Gb Total Space | 17,74 Gb Free Space | 10,19% Space Free | Partition Type: NTFS Drive D: | 45,22 Gb Total Space | 44,01 Gb Free Space | 97,32% Space Free | Partition Type: NTFS Drive E: | 2,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: FABO-PC | User Name: Fabo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0413632B-5EC7-4525-984D-B745E8E9596E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1177871231\ee\aolsoftware.exe | "{2EBBD3A2-D382-4047-ABCE-60F97E1D43EC}" = protocol=6 | dir=in | app=c:\program files\pplive\pplive.exe | "{39582C3D-2398-4EAD-94C9-29A4B2CB004B}" = dir=in | app=c:\program files\itunes\itunes.exe | "{3A346966-F733-4DCE-95B7-0DC55CAE854F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{551A332E-82B1-45F2-B6D0-E47BED548AE3}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{5655B0B8-D57C-4388-88D6-74B1E92C880E}" = protocol=17 | dir=in | app=c:\program files\pplive\pplive.exe | "{6A77C70C-8523-446B-B008-2725B1B3294E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1177871231\ee\aim6.exe | "{945C6A96-6390-46BB-8DB5-D5744336E980}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1177871231\ee\aim6.exe | "{976F9394-DAB8-451E-A656-F5FCECA878AF}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | "{9A1346DA-79A3-4815-89AD-D589E433A227}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{AA4E11D7-C8C6-4D1B-9AF8-83056C2D7627}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | "{D8BE13D5-79E3-41F0-B6E6-BBF4DD0B5F95}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{FC07AB1A-3917-45F7-876B-AEA12098652C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1177871231\ee\aolsoftware.exe | "TCP Query User{04490357-D608-4212-8D0E-4A55A183C010}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{2EE760C8-70A6-473B-A736-6B8919B1B588}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{37649102-D229-46FF-87F7-3D74E6C03399}C:\program files\free internet tv\internettv.exe" = protocol=6 | dir=in | app=c:\program files\free internet tv\internettv.exe | "TCP Query User{454BCF0B-29E4-499B-81C3-93B9A46D99E6}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | "TCP Query User{48AFD5EA-3F9F-4ADF-AB37-4D027C4B1870}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe | "TCP Query User{51C6A75A-821A-4F89-BDB8-5928F4FBAC0D}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | "TCP Query User{5A03C68E-FD00-422C-A637-D74CEF077410}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{662EE09E-C16F-4B24-B76F-D5733D2BAC9A}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe | "TCP Query User{92406D0F-B784-4F3C-BC9A-C7D236B91D52}C:\program files\microsoft games\age of empires\empiresx.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires\empiresx.exe | "TCP Query User{B1A5991D-2C13-47CC-82A0-1F90D77F5EBF}C:\program files\kazaa lite\clean.kmd" = protocol=6 | dir=in | app=c:\program files\kazaa lite\clean.kmd | "TCP Query User{BA3AA1AC-877E-4A6F-AEA4-6B8F014C025A}C:\users\fabo\appdata\roaming\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\users\fabo\appdata\roaming\sopcast\adv\sopadver.exe | "TCP Query User{CEB34E3A-A70D-4A34-A744-FC37CC43C500}C:\program files\ea sports\madden nfl 08\updater.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\madden nfl 08\updater.exe | "TCP Query User{D5D4BB1E-E7D2-48D3-BD37-6B2D0B945BD1}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=6 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe | "UDP Query User{05B3CF6C-4AD3-4212-8255-CBD07843C2D2}C:\program files\ea sports\madden nfl 08\updater.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\madden nfl 08\updater.exe | "UDP Query User{11E1B6AE-5FAB-468C-89B1-6203E03CC73A}C:\program files\free internet tv\internettv.exe" = protocol=17 | dir=in | app=c:\program files\free internet tv\internettv.exe | "UDP Query User{17FF0DE8-6738-42B6-8645-C3665DC21A7C}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | "UDP Query User{1DB50B4D-DD9F-46CD-B91B-EB3C45EBFA1A}C:\program files\microsoft games\age of empires\empiresx.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires\empiresx.exe | "UDP Query User{5B32CA34-B22C-4FA2-B005-77E26324CE8B}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{7CBA7D46-87E3-48F3-9282-F2CDC31CF8FA}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe | "UDP Query User{823F02A0-F177-4B1D-A8D2-33CBE3E2C6F5}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{8AA04F9D-E1B0-4363-9030-C6A31EAE9754}C:\program files\kazaa lite\clean.kmd" = protocol=17 | dir=in | app=c:\program files\kazaa lite\clean.kmd | "UDP Query User{996614CB-998A-49DC-90D6-B56CDE926997}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe | "UDP Query User{A7FCD5BB-38AF-4C13-890A-C653F4CCA63A}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=17 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe | "UDP Query User{BDBFF406-9967-4924-B254-8F4D87F4A6EC}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{CE2A3224-CD67-4456-B379-F452045703BF}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe | "UDP Query User{E7E9CFF8-33E2-4C9A-9BA7-248FED0D4756}C:\users\fabo\appdata\roaming\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\users\fabo\appdata\roaming\sopcast\adv\sopadver.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 19 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager "{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc "{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print "{497A1721-088F-41EF-8876-B43C9DA5528B}" = ArcSoft Software Suite "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AAC464A-4164-48CB-0080-EDA41ADE7D44}" = Madden NFL 08 "{538A1AE6-5D8B-4BF1-B1B3-AE14FDE21C09}" = Test_OnlineDiagnostic "{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3 "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari "{7B63B2922B174135AFC0E1377DD81EC2}" = "{7EC19307-7C22-47A8-922B-3FA965291260}" = OpenOffice.org 3.0 "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support "{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6 "{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite "{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO -viewer- "{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.5 - Deutsch "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour "{CA70204D-9437-4646-942E-8172F62F96AD}" = Garmin City Navigator Europe NT 2011.30 Update "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0DC1674-B5E8-4364-009E-B350048DD006}" = NHL 2005 "{DCFFB64E-A757-4430-A455-B947F029BFD4}" = Roxio WinOnCD 9 Basic "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "7-Zip" = 7-Zip 4.49 beta "82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008 "AC3Filter" = AC3Filter (remove only) "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Age of Empires" = Microsoft Age of Empires "Age of Empires 2.0" = Microsoft Age of Empires II "Age of Empires Expansion 1.0" = Microsoft Age of Empires Expansion "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Backgammon_v0.3.2" = Backgammon-v0.3.2 "Billiard Art_is1" = Billiard Art "EPSON Printer and Utilities" = EPSON-Drucker-Software "EPSON Scanner" = EPSON Scan "EPSON Stylus CX7300_CX8300_DX7400_DX8400 Benutzerhandbuch" = EPSON Stylus CX7300_CX8300_DX7400_DX8400 Handbuch "Free Studio_is1" = Free Studio version 5.0.9 "Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.9.33.426 "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17) "NVIDIA Drivers" = NVIDIA Drivers "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "TVEpaDrv" = Conrad Electronic USB 2860 Device Driver "TVUPlayer" = TVUPlayer 2.4.9.1 "Uninstall_is1" = Uninstall 1.0.0.1 "ViewpointMediaPlayer" = Viewpoint Media Player "VLC media player" = VLC media player 1.0.5 "VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter "WinRAR archiver" = WinRAR archiver "X264 H.264/AVC Video Codec" = X264 H.264/AVC Video Codec (remove only) ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 13.03.2008 18:14:00 | Computer Name = Fabo-PC | Source = H+BEDV AntiVir | ID = 4118 Description = Error - 13.03.2008 18:14:18 | Computer Name = Fabo-PC | Source = H+BEDV AntiVir | ID = 4118 Description = Error - 13.03.2008 18:35:55 | Computer Name = Fabo-PC | Source = H+BEDV AntiVir | ID = 4118 Description = Error - 22.03.2008 16:13:13 | Computer Name = Fabo-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung firefox.exe, Version 1.8.20080.20121, Zeitstempel 0x47a4062e, fehlerhaftes Modul nss3.dll, Version 3.11.5.0, Zeitstempel 0x47a40804, Ausnahmecode 0xc0000005, Fehleroffset 0x000306df, Prozess-ID 0xa1c, Anwendungsstartzeit 01c88c4ab4b3e3a6. Error - 22.03.2008 20:05:48 | Computer Name = Fabo-PC | Source = Application Hang | ID = 1002 Description = Programm msnmsgr.exe, Version 8.5.1302.1018 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: 8d8 Anfangszeit: 01c88c7978a5edab Zeitpunkt der Beendigung: 67 Error - 22.03.2008 20:25:09 | Computer Name = Fabo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 02.04.2008 11:21:09 | Computer Name = Fabo-PC | Source = Application Hang | ID = 1002 Description = Programm wmplayer.exe, Version 11.0.6000.6344 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: 1204 Anfangszeit: 01c894d5245e2e68 Zeitpunkt der Beendigung: 9 Error - 03.04.2008 11:09:22 | Computer Name = Fabo-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 05.04.2008 07:52:38 | Computer Name = Fabo-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung aolsoftware.exe, Version 1.4.16.3, Zeitstempel 0x4447c056, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9, Ausnahmecode 0xc0000005, Fehleroffset 0x00061ad5, Prozess-ID 0xe6c, Anwendungsstartzeit 01c89713470b2348. Error - 05.04.2008 07:53:08 | Computer Name = Fabo-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung aolsoftware.exe, Version 1.4.16.3, Zeitstempel 0x4447c056, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9, Ausnahmecode 0xc0000005, Fehleroffset 0x000627af, Prozess-ID 0xe6c, Anwendungsstartzeit 01c89713470b2348. [ System Events ] Error - 25.05.2011 00:06:14 | Computer Name = Fabo-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 25.05.2011 um 00:53:27 unerwartet heruntergefahren. Error - 25.05.2011 17:09:08 | Computer Name = Fabo-PC | Source = Service Control Manager | ID = 7031 Description = Error - 25.05.2011 17:09:08 | Computer Name = Fabo-PC | Source = Service Control Manager | ID = 7031 Description = Error - 25.05.2011 17:09:08 | Computer Name = Fabo-PC | Source = Service Control Manager | ID = 7031 Description = Error - 25.05.2011 17:09:08 | Computer Name = Fabo-PC | Source = Service Control Manager | ID = 7031 Description = Error - 25.05.2011 17:09:08 | Computer Name = Fabo-PC | Source = Service Control Manager | ID = 7031 Description = Error - 25.05.2011 17:09:08 | Computer Name = Fabo-PC | Source = Service Control Manager | ID = 7031 Description = Error - 26.05.2011 11:08:30 | Computer Name = Fabo-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 26.05.2011 um 17:01:47 unerwartet heruntergefahren. Error - 26.05.2011 14:27:02 | Computer Name = Fabo-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 26.05.2011 um 20:23:14 unerwartet heruntergefahren. Error - 27.05.2011 00:14:10 | Computer Name = Fabo-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 27.05.2011 um 06:09:10 unerwartet heruntergefahren. < End of report > |
|
06.06.2011, 19:49
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | win32.katusha.oZitat:
__________________ |
|
06.06.2011, 20:44
| #3 |
| | win32.katusha.o --- Search result list ---
__________________Win32.Katusha.o: [SBI $D40E955A] Bibliothek (Datei, nothing done) C:\Windows\System32\wsnmp32d.dll Properties.size=28672 Properties.md5=CAD9D400FB09E5824AF153D363BA075B Properties.filedate=1303431353 Properties.filedatetext=2011-04-22 02:15:52 --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) --- 2009-01-26 blindman.exe (1.0.0.8) 2008-01-28 SDDelFile.exe (1.0.2.4) 2009-01-26 SDFiles.exe (1.6.1.7) 2009-01-26 SDMain.exe (1.0.0.6) 2009-01-26 SDShred.exe (1.0.2.5) 2009-01-26 SDUpdate.exe (1.6.0.12) 2009-01-26 SDWinSec.exe (1.0.0.12) 2009-01-26 SpybotSD.exe (1.6.2.46) 2009-03-05 TeaTimer.exe (1.6.6.32) 2010-01-10 unins000.exe (51.49.0.0) 2009-01-26 Update.exe (1.6.0.7) 2009-11-04 advcheck.dll (1.6.5.20) 2007-04-02 aports.dll (2.1.0.0) 2008-06-14 DelZip179.dll (1.79.11.1) 2009-01-26 SDHelper.dll (1.6.2.14) 2008-06-19 sqlite3.dll 2009-01-26 Tools.dll (2.1.6.10) 2009-01-16 UninsSrv.dll (1.0.0.0) 2011-03-18 Includes\Adware.sbi (*) 2011-05-17 Includes\AdwareC.sbi (*) 2010-08-13 Includes\Cookies.sbi (*) 2010-12-14 Includes\Dialer.sbi (*) 2011-03-08 Includes\DialerC.sbi (*) 2011-02-24 Includes\HeavyDuty.sbi (*) 2011-03-29 Includes\Hijackers.sbi (*) 2011-05-16 Includes\HijackersC.sbi (*) 2010-09-15 Includes\iPhone.sbi (*) 2010-12-14 Includes\Keyloggers.sbi (*) 2011-03-08 Includes\KeyloggersC.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2011-04-05 Includes\Malware.sbi (*) 2011-05-24 Includes\MalwareC.sbi (*) 2011-02-24 Includes\PUPS.sbi (*) 2011-05-24 Includes\PUPSC.sbi (*) 2010-01-25 Includes\Revision.sbi (*) 2011-02-24 Includes\Security.sbi (*) 2011-05-03 Includes\SecurityC.sbi (*) 2008-06-03 Includes\Spybots.sbi (*) 2008-06-03 Includes\SpybotsC.sbi (*) 2011-02-24 Includes\Spyware.sbi (*) 2011-05-10 Includes\SpywareC.sbi (*) 2010-03-08 Includes\Tracks.uti 2011-05-17 Includes\Trojans.sbi (*) 2011-05-11 Includes\TrojansC-02.sbi (*) 2011-05-11 Includes\TrojansC-03.sbi (*) 2011-05-24 Includes\TrojansC-04.sbi (*) 2011-05-25 Includes\TrojansC-05.sbi (*) 2011-05-24 Includes\TrojansC.sbi (*) 2008-03-04 Plugins\Chai.dll 2008-03-05 Plugins\Fennel.dll 2008-02-26 Plugins\Mate.dll 2007-12-24 Plugins\TCPIPAddress.dll --- System information --- Windows Vista (Build: 6002) Service Pack 2 (6.0.6002) / MSXML4SP2: Security update for MSXML4 SP2 (KB954430) / MSXML4SP2: Security update for MSXML4 SP2 (KB973688) --- Startup entries list --- Located: HK_LM:Run, Adobe ARM command: "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" file: C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe size: 932288 MD5: BAD6BEA0DE1F69C82BDB74378CE0C20A Located: HK_LM:Run, Adobe Reader Speed Launcher command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe size: 40368 MD5: 7EBAC86F13F61D132126A8EA40E282EE Located: HK_LM:Run, ArcSoft Connection Service command: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe file: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe size: 98616 MD5: EA9DFB81DD12D32FFA1F2A6BB12C0677 Located: HK_LM:Run, avgnt command: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min file: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe size: 281768 MD5: 61941D4566C3B09F377E0E1A97BD0D9A Located: HK_LM:Run, Corel Photo Downloader command: C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe file: C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe size: 106496 MD5: 283BF06355AE4D20D818420F0A695354 Located: HK_LM:Run, ISUSScheduler command: "c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start file: c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe size: 81920 MD5: 7D58C9BDF9C0A3955BDCDE7387AD12AC Located: HK_LM:Run, iTunesHelper command: "C:\Program Files\iTunes\iTunesHelper.exe" file: C:\Program Files\iTunes\iTunesHelper.exe size: 421160 MD5: 638C728F21CCC7EC4F8517A212C34353 Located: HK_LM:Run, MsgCenterExe command: "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot file: C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: HK_LM:Run, NvCplDaemon command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup file: C:\Windows\system32\NvCpl.dll size: 7766016 MD5: 87D69B4E2FA8F6B7D771A29ED94B3C8D Located: HK_LM:Run, NvMediaCenter command: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit file: C:\Windows\system32\NvMcTray.dll size: 81920 MD5: 2EC6C09A4E1546A7C20A82D662ADE6F3 Located: HK_LM:Run, NvSvc command: RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart file: C:\Windows\system32\nvsvc.dll size: 90191 MD5: 05A03974FA07394DCC5419C6235750CD Located: HK_LM:Run, QuickFinder Scheduler command: "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE" file: C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE size: 77892 MD5: 7D8D4D216F2D68019D5EFABDFF093A23 Located: HK_LM:Run, QuickTime Task command: "C:\Program Files\QuickTime\QTTask.exe" -atboottime file: C:\Program Files\QuickTime\QTTask.exe size: 421888 MD5: 0AEE5668EB59912F32FF245BFA72465F Located: HK_LM:Run, RtHDVCpl command: RtHDVCpl.exe file: C:\Windows\RtHDVCpl.exe size: 4317184 MD5: A086B1BDCCA45A5D346187B14BE3D7BC Located: HK_LM:Run, SunJavaUpdateSched command: "C:\Program Files\Java\jre6\bin\jusched.exe" file: C:\Program Files\Java\jre6\bin\jusched.exe size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: HK_LM:Run, Windows Defender command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide file: C:\Program Files\Windows Defender\MSASCui.exe size: 1008184 MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E Located: HK_CU:Run, ehTray.exe where: S-1-5-21-3180720396-1922566386-2137624434-1000... command: C:\Windows\ehome\ehTray.exe file: C:\Windows\ehome\ehTray.exe size: 125952 MD5: BF08674925F151BD4537B89A493E3E0C Located: HK_CU:Run, EPSON Stylus DX7400 Series where: S-1-5-21-3180720396-1922566386-2137624434-1000... command: C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_S291B.tmp" /EF "HKCU" file: C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE size: 182272 MD5: 9AD31D8018B72E1013CFD012619E0232 Located: HK_CU:Run, ISUSPM Startup where: S-1-5-21-3180720396-1922566386-2137624434-1000... command: "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup file: C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe size: 249856 MD5: 1C46FC1AB600766B8554580204806E84 Located: HK_CU:Run, Sidebar where: S-1-5-21-3180720396-1922566386-2137624434-1000... command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun file: C:\Program Files\Windows Sidebar\sidebar.exe size: 1233920 MD5: 9E35FF7F943AE0FB89192BFE058B7FD4 Located: HK_CU:Run, SpybotSD TeaTimer where: S-1-5-21-3180720396-1922566386-2137624434-1000... command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe size: 2260480 MD5: 390679F7A217A5E73D756276C40AE887 Located: HK_CU:Run, Uniblue RegistryBooster 2 where: S-1-5-21-3180720396-1922566386-2137624434-1000... command: c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe file: c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: Startup (allgemein), PHOTOfunSTUDIO -viewer-.lnk where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup... command: C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe file: C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe size: 40960 MD5: 2240A1A5973B31F9D050C137BD5794EA Located: Startup (Benutzer), OpenOffice.org 3.0.lnk where: C:\Users\Fabo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup... command: C:\Program Files\OpenOffice.org 3\program\quickstart.exe file: C:\Program Files\OpenOffice.org 3\program\quickstart.exe size: 384000 MD5: 9C8D9866C818AC54B71BE86B3193A1A3 --- Browser helper object list --- {DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Java(tm) Plug-In 2 SSV Helper Path: C:\Program Files\Java\jre6\bin\ Long name: jp2ssv.dll Short name: Date (created): 09.03.2010 05:33:40 Date (last access): 30.03.2010 22:32:10 Date (last write): 09.03.2010 05:33:40 Filesize: 41760 Attributes: archive MD5: 1B9245C09E475DC5AA522CAE5809E659 CRC32: 23F45B66 Version: 6.0.190.4 {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: EpsonToolBandKicker Class Path: C:\Program Files\EPSON\EPSON Web-To-Page\ Long name: EPSON Web-To-Page.dll Short name: EPSONW~1.DLL Date (created): 06.02.2008 23:51:26 Date (last access): 06.02.2008 23:51:26 Date (last write): 21.02.2005 22:50:34 Filesize: 368640 Attributes: archive MD5: 01319CF4030B3740BA8261E7024ACAD1 CRC32: D484DB79 Version: 1.1.0.0 --- ActiveX list --- {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_19 Installer: Codebase: hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab description: Sun Java classification: Legitimate known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll info link: info source: Patrick M. Kolla Path: C:\Program Files\Java\jre6\bin\ Long name: jp2iexp.dll Short name: Date (created): 11.12.2008 22:56:30 Date (last access): 09.03.2010 04:29:16 Date (last write): 09.03.2010 04:28:24 Filesize: 108320 Attributes: archive MD5: 012CEBF724A4A67673B6F4A0ADD0165D CRC32: 10745532 Version: 6.0.190.4 {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_19 Installer: Codebase: hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab Path: C:\Program Files\Java\jre6\bin\ Long name: jp2iexp.dll Short name: Date (created): 11.12.2008 22:56:30 Date (last access): 09.03.2010 04:29:16 Date (last write): 09.03.2010 04:28:24 Filesize: 108320 Attributes: archive MD5: 012CEBF724A4A67673B6F4A0ADD0165D CRC32: 10745532 Version: 6.0.190.4 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_19 Installer: Codebase: hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab description: classification: Legitimate known filename: npjpi150_06.dll info link: info source: Safer Networking Ltd. Path: C:\Program Files\Java\jre6\bin\ Long name: npjpi160_19.dll Short name: NPJPI1~1.DLL Date (created): 09.03.2010 02:16:14 Date (last access): 09.03.2074 04:29:28 Date (last write): 09.03.2010 04:28:22 Filesize: 136992 Attributes: archive MD5: BF86AAF1E914C153F32A9ACD04C91918 CRC32: 4660C324 Version: 6.0.190.4 {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) DPF name: CLSID name: Shockwave Flash Object Installer: C:\Windows\Downloaded Program Files\swflash.inf Codebase: hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab description: Macromedia Shockwave Flash Player classification: Legitimate known filename: info link: info source: Patrick M. Kolla Path: C:\Windows\system32\Macromed\Flash\ Long name: Flash9d.ocx Short name: Date (created): 11.06.2007 13:04:32 Date (last access): 11.06.2007 13:04:32 Date (last write): 11.06.2007 13:04:32 Filesize: 2267368 Attributes: readonly archive MD5: B01E2A41389FBA42B7B5A026EA88C9B7 CRC32: 8980B6EC Version: 9.0.47.0 --- Process list --- PID: 2648 (1172) C:\Windows\system32\Dwm.exe size: 81920 MD5: 01DD1004181FD46ECDC3628228EB269D PID: 2684 (2632) C:\Windows\Explorer.EXE size: 2926592 MD5: D07D4C3038F3578FFCE1C0237F2A1253 PID: 2696 (1184) C:\Windows\system32\taskeng.exe size: 171520 MD5: 3D50C4B10352367D5CB20ED1F50F8DA2 PID: 2928 (2684) C:\Program Files\Windows Defender\MSASCui.exe size: 1008184 MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E PID: 2940 (2684) C:\Windows\RtHDVCpl.exe size: 4317184 MD5: A086B1BDCCA45A5D346187B14BE3D7BC PID: 2948 (2684) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe size: 81920 MD5: 7D58C9BDF9C0A3955BDCDE7387AD12AC PID: 2972 (2684) C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe size: 106496 MD5: 283BF06355AE4D20D818420F0A695354 PID: 3016 (2684) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe size: 98616 MD5: EA9DFB81DD12D32FFA1F2A6BB12C0677 PID: 3024 (2684) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe size: 281768 MD5: 61941D4566C3B09F377E0E1A97BD0D9A PID: 3268 ( 840) C:\Windows\System32\mobsync.exe size: 95744 MD5: 9B89B3BB79EA1ACF041F40A7B6FC5827 PID: 3368 (2684) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe size: 932288 MD5: BAD6BEA0DE1F69C82BDB74378CE0C20A PID: 3504 (2684) C:\Program Files\iTunes\iTunesHelper.exe size: 421160 MD5: 638C728F21CCC7EC4F8517A212C34353 PID: 3512 (2684) C:\Program Files\Windows Sidebar\sidebar.exe size: 1233920 MD5: 9E35FF7F943AE0FB89192BFE058B7FD4 PID: 3528 (2684) C:\Windows\ehome\ehtray.exe size: 125952 MD5: BF08674925F151BD4537B89A493E3E0C PID: 3592 (2684) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe size: 2260480 MD5: 390679F7A217A5E73D756276C40AE887 PID: 3608 (2980) C:\Windows\System32\rundll32.exe size: 44544 MD5: 4B555106290BD117334E9A08761C035A PID: 3636 (3268) C:\Program Files\Windows Media Player\wmplayer.exe size: 168960 MD5: 2D821AFA5A1A9CA7F9F997A1AAD09E72 PID: 3756 (2684) C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe size: 40960 MD5: 2240A1A5973B31F9D050C137BD5794EA PID: 3772 ( 840) C:\Windows\ehome\ehmsas.exe size: 37376 MD5: 0F4195B9B348DE5CF9B822F81704B20E PID: 4036 (3796) C:\Program Files\OpenOffice.org 3\program\soffice.exe size: 7424000 MD5: 76DAC52F7A6D3AD3C8307D012ACF46CE PID: 3248 (4036) C:\Program Files\OpenOffice.org 3\program\soffice.bin size: 7418368 MD5: EEBF2F715C02C8A6CE6DBE844DD1B4E3 PID: 3348 (2684) C:\Program Files\Mozilla Firefox\firefox.exe size: 912344 MD5: D938FB6915EA338BDFC0DCF8773634C5 PID: 1136 (3348) C:\Program Files\Mozilla Firefox\plugin-container.exe size: 16856 MD5: E68C1EFDA668BFF3E2023C72E9EF7A93 PID: 2612 (2684) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe size: 5365592 MD5: 0477C2F9171599CA5BC3307FDFBA8D89 PID: 0 ( 0) [System Process] PID: 4 ( 0) System PID: 436 ( 4) smss.exe size: 64000 PID: 536 ( 524) csrss.exe size: 6144 PID: 584 ( 524) wininit.exe size: 96768 PID: 596 ( 576) csrss.exe size: 6144 PID: 628 ( 584) services.exe size: 279552 PID: 644 ( 584) lsass.exe size: 9728 PID: 652 ( 584) lsm.exe size: 229888 PID: 704 ( 576) winlogon.exe size: 314368 PID: 840 ( 628) svchost.exe size: 21504 PID: 964 ( 628) svchost.exe size: 21504 PID: 1016 ( 628) svchost.exe size: 21504 PID: 1092 ( 628) svchost.exe size: 21504 PID: 1172 ( 628) svchost.exe size: 21504 PID: 1184 ( 628) svchost.exe size: 21504 PID: 1252 (1092) audiodg.exe size: 88576 PID: 1284 ( 628) svchost.exe size: 21504 PID: 1308 ( 628) SLsvc.exe size: 3408896 PID: 1360 ( 628) svchost.exe size: 21504 PID: 1544 ( 628) svchost.exe size: 21504 PID: 1748 ( 628) spoolsv.exe size: 128000 PID: 1772 ( 628) sched.exe PID: 1788 ( 628) svchost.exe size: 21504 PID: 2024 ( 628) ACService.exe PID: 208 ( 628) avguard.exe PID: 272 ( 628) AppleMobileDeviceService.exe PID: 300 ( 628) mDNSResponder.exe PID: 280 ( 628) svchost.exe size: 21504 PID: 540 ( 628) svchost.exe size: 21504 PID: 524 ( 208) avshadow.exe PID: 1208 ( 628) TestHandler.exe PID: 1532 ( 628) svchost.exe size: 21504 PID: 824 ( 628) SearchIndexer.exe size: 441344 PID: 2056 ( 628) SDWinSec.exe PID: 2376 (1172) WUDFHost.exe size: 142336 PID: 3936 (1184) taskeng.exe size: 171520 PID: 4016 ( 628) iPodService.exe PID: 3392 ( 628) svchost.exe size: 21504 PID: 2248 ( 824) SearchProtocolHost.exe size: 185344 PID: 2164 ( 824) SearchFilterHost.exe size: 87552 --- Browser start & search pages list --- Spybot - Search & Destroy browser pages report, 06.06.2011 21:32:55 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page C:\Windows\system32\blank.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar hxxp://www.google.com/ie HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page hxxp://www.google.de/ HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@ hxxp://de.rd.yahoo.com/customize/ie/defaults/su/msgr8/*hxxp://de.search.yahoo.com HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page C:\Windows\System32\blank.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page hxxp://de.yahoo.com HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL hxxp://go.microsoft.com/fwlink/?LinkId=54896 --- Winsock Layered Service Provider list --- Namespace Provider 1: E-Mail-Namenshimanbieter GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE} Filename: Namespace Provider 2: PNRP-Wolken-Namespaceanbieter GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D} Filename: Namespace Provider 3: PNRP-Namen-Namespaceanbieter GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D} Filename: --- Uninstall list --- 7-Zip 4.49 beta (7-Zip) uninstall cmd: "C:\Program Files\7-Zip\Uninstall.exe" EA SPORTS online 2008 (82A44D22-9452-49FB-00FB-CEC7DCAF7E23) uninstall cmd: C:\Program Files\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe AC3Filter (remove only) (AC3Filter) uninstall cmd: C:\Program Files\AC3Filter\uninstall.exe (AddressBook) Adobe Flash Player 10 Plugin 10.3.181.14 (Adobe Flash Player Plugin) version (major): 10 version (minor): 3 estimated size: 6144 uninstall cmd: C:\Windows\system32\Macromed\Flash\FlashUtil10q_Plugin.exe -maintain plugin publisher: Adobe Systems Incorporated help link: hxxp://www.adobe.com/go/flashplayer_support/ Adobe Shockwave Player 11.5 11.5.9.620 (Adobe Shockwave Player) version (major): 11 version (minor): 1 install location: C:\Windows\system32\Adobe uninstall cmd: "C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" publisher: Adobe Systems, Inc. help link: hxxp://www.adobe.com/support/shockwave Microsoft Age of Empires (Age of Empires) uninstall cmd: C:\Program Files\Microsoft Games\Age of Empires\Uninstal.exe /uninstall Microsoft Age of Empires II (Age of Empires 2.0) uninstall cmd: "C:\Program Files\Microsoft Games\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall Microsoft Age of Empires Expansion (Age of Empires Expansion 1.0) uninstall cmd: "C:\Program Files\Microsoft Games\Age of Empires\UNINSTX.EXE" /runtemp Avira AntiVir Personal - Free Antivirus 10.0.0.648 (Avira AntiVir Desktop) version (major): 10 estimated size: 61268 install location: C:\Program Files\Avira\AntiVir Desktop\ uninstall cmd: C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE publisher: Avira GmbH help link: hxxp://www.avira.de/personal-support Backgammon-v0.3.2 (Backgammon_v0.3.2) uninstall cmd: "C:\Program Files\Backgammon-v0.3.2\uninstall.exe" (bearsharetb) Billiard Art 1.0 (Billiard Art_is1) install date: 20090119 install location: C:\Program Files\Net-Games.biz\Billiard Art\ uninstall cmd: "C:\Program Files\Net-Games.biz\Billiard Art\unins000.exe" publisher: MyPlayCity, Inc. help link: hxxp://www.MyPlayCity.com/support (Connection Manager) (DirectDrawEx) (DXM_Runtime) EPSON-Drucker-Software (EPSON Printer and Utilities) uninstall cmd: C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R publisher: SEIKO EPSON Corporation EPSON Scan (EPSON Scanner) uninstall cmd: C:\Program Files\epson\escndv\setup\setup.exe /r EPSON Stylus CX7300_CX8300_DX7400_DX8400 Handbuch (EPSON Stylus CX7300_CX8300_DX7400_DX8400 Benutzerhandbuch) install location: C:\Program Files\EPSON\TPMANUAL\ES_CX_DX\DEU\USE_G uninstall cmd: C:\Program Files\EPSON\TPMANUAL\ES_CX_DX\DEU\USE_G\DOCUNINS.EXE (Fontcore) Free Studio version 5.0.9 (Free Studio_is1) install date: 20110519 install location: C:\Program Files\DVDVideoSoft\Free Studio\ uninstall cmd: "C:\Program Files\DVDVideoSoft\Free Studio\unins000.exe" publisher: DVDVideoSoft Limited. Free YouTube to iPod Converter version 3.9.33.426 (Free YouTube to iPod Converter_is1) install date: 20110503 install location: C:\Program Files\DVDVideoSoft\Free YouTube to iPod Converter\ uninstall cmd: "C:\Program Files\DVDVideoSoft\Free YouTube to iPod Converter\unins000.exe" publisher: DVDVideoSoft Limited. (IE40) (IE4Data) (IE5BAKEX) (IEData) (InstallShield Uninstall Information) EPSON Attach To Email 1.01.0000 (InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) version: 16842752 version (major): 1 version (minor): 1 estimated size: 1108 install date: 20080206 install location: C:\Program Files\EPSON\Creativity Suite\Attach To Email\ install source: F:\COMMON\CreativitySuite\AttachToEmail\ uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG publisher: SEIKO EPSON comments: Attach To Email - Email support app help link: hxxp://www.epson.com/ Security Update for CAPICOM (KB931906) 2.1.0.2 (KB931906) uninstall cmd: MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} publisher: Microsoft Corporation help link: hxxp://support.microsoft.com?kbid=931906 Malwarebytes' Anti-Malware Version 1.51.0.1200 1.51.0.1200 (Malwarebytes' Anti-Malware_is1) install date: 20110606 install location: C:\Program Files\Malwarebytes' Anti-Malware\ uninstall cmd: "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" publisher: Malwarebytes Corporation Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Microsoft .NET Framework 3.5 Language Pack SP1 - deu) install location: C:\Windows\Microsoft.NET\Framework\v3.5\ uninstall cmd: C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe publisher: Microsoft Corporation help link: hxxp://go.microsoft.com/fwlink/?LinkId=120337 Microsoft .NET Framework 3.5 SP1 (Microsoft .NET Framework 3.5 SP1) install location: C:\Windows\Microsoft.NET\Framework\v3.5\ uninstall cmd: C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe publisher: Microsoft Corporation help link: hxxp://go.microsoft.com/fwlink/?LinkId=120337 Microsoft .NET Framework 4 Client Profile 4.0.30319 (Microsoft .NET Framework 4 Client Profile) estimated size: 39732 install location: C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client uninstall cmd: C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client publisher: Microsoft Corporation readme: hxxp://go.microsoft.com/fwlink/?LinkId=164156 Microsoft .NET Framework 4 Client Profile DEU Language Pack 4.0.30319 (Microsoft .NET Framework 4 Client Profile DEU Language Pack) estimated size: 3010 install location: C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP uninstall cmd: C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1031 /parameterfolder ClientLP publisher: Microsoft Corporation readme: hxxp://go.microsoft.com/fwlink/?LinkId=164156 (MobileOptionPack) Mozilla Firefox (3.6.17) 3.6.17 (de) (Mozilla Firefox (3.6.17)) install location: C:\Program Files\Mozilla Firefox uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe publisher: Mozilla comments: Mozilla Firefox (MPlayer2) NVIDIA Drivers (NVIDIA Drivers) uninstall cmd: C:\Windows\system32\NVUNINST.EXE UninstallGUI (SchedulingAgent) (Shockwave) Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash) uninstall cmd: C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock publisher: Adobe Systems help link: hxxp://www.adobe.com/go/flashplayer_support/ Conrad Electronic USB 2860 Device Driver (TVEpaDrv) uninstall cmd: C:\Windows\emunist.exe TVUPlayer 2.4.9.1 2.4.9.1 (TVUPlayer) uninstall cmd: C:\Program Files\TVUPlayer\uninst.exe publisher: TVU networks Uninstall 1.0.0.1 (Uninstall_is1) install date: 20110519 install location: C:\Program Files\Common Files\DVDVideoSoft\ uninstall cmd: "C:\Program Files\Common Files\DVDVideoSoft\unins000.exe" Viewpoint Media Player (ViewpointMediaPlayer) uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u VLC media player 1.0.5 1.0.5 (VLC media player) install location: C:\Program Files\VideoLAN\VLC uninstall cmd: C:\Program Files\VideoLAN\VLC\uninstall.exe publisher: VideoLAN Team VIA Rhine-Family Fast-Ethernet Adapter (VN_VUIns_Rhine_VIA) uninstall cmd: Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA (WIC) WinRAR archiver (WinRAR archiver) uninstall cmd: C:\Program Files\WinRAR\uninstall.exe X264 H.264/AVC Video Codec (remove only) (X264 H.264/AVC Video Codec) uninstall cmd: "C:\Windows\system32\x264-uninstall.exe" 3.3.0 ({0394CDC8-FABD-4ed8-B104-03393876DFDF}) version: 50528256 version (major): 3 version (minor): 3 estimated size: 354 install date: 20070215 install source: c:\WinOnCD\RCP_TOOLS_33\ uninstall cmd: MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF} publisher: Roxio Microsoft .NET Framework 3.5 Language Pack SP1 - deu 3.5.30729 ({052FDD78-A6EA-3187-8386-C82F4CA3A929}) version: 50690057 version (major): 3 version (minor): 5 estimated size: 8991 install date: 20090822 install source: d:\cc6da2e01bacb5482f6b590330\ uninstall cmd: MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929} publisher: Microsoft Corporation 4.0 ({0D330013-4A99-46D6-83C6-2C959C68DBFF}) version: 67108864 version (major): 4 estimated size: 1696 install date: 20070215 install source: c:\WinOnCD\DVDINFOPRO_40\ uninstall cmd: MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF} publisher: Roxio 3.3.0 ({0D397393-9B50-4c52-84D5-77E344289F87}) version: 50528256 version (major): 3 version (minor): 3 estimated size: 993 install date: 20070215 install source: c:\WinOnCD\RCP_DATA_33\ uninstall cmd: MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87} publisher: Roxio Security Update for CAPICOM (KB931906) 2.1.0.2 ({0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}) version: 33619968 version (major): 2 version (minor): 1 estimated size: 770 install date: 20080309 install source: C:\Windows\TEMP\IXP000.TMP\ uninstall cmd: MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} publisher: Microsoft Corporation 3.3.0 ({11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) version: 50528256 version (major): 3 version (minor): 3 estimated size: 1546 install date: 20070215 install source: c:\WinOnCD\RCP_EASYARCHIVE_33\ uninstall cmd: MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B} publisher: Roxio Corel Paint Shop Pro X 10.01 ({1A15507A-8551-4626-915D-3D5FA095CC1B}) version: 167837696 version (major): 10 version (minor): 1 estimated size: 175104 install date: 20070215 install location: c:\Program Files\Corel\Corel Paint Shop Pro X\ install source: c:\PC_Suite_2007\PaintShopProX\ uninstall cmd: MsiExec.exe /I{1A15507A-8551-4626-915D-3D5FA095CC1B} publisher: Corel Inc comments: Installiert Paint Shop Pro X contact: Corel Kundenservice help link: hxxp://www.corel.com/support help telephone: USA: 1-800-772-6735; Außerhalb der USA: +441628 581601, GB: 0870 774 0202 readme: c:\Program Files\Corel\Corel Paint Shop Pro X\readme.html Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 9.0.30729.4148 ({1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) version: 151025673 version (major): 9 estimated size: 590 install date: 20100408 install source: d:\fc560bf2bf8fc04d373bbb6e41\ uninstall cmd: MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} publisher: Microsoft Corporation EPSON Attach To Email 1.01.0000 ({20C45B32-5AB6-46A4-94EF-58950CAF05E5}) version: 16842752 version (major): 1 version (minor): 1 estimated size: 1108 install date: 20080206 install location: C:\Program Files\EPSON\Creativity Suite\Attach To Email\ install source: F:\COMMON\CreativitySuite\AttachToEmail\ publisher: SEIKO EPSON comments: Attach To Email - Email support app help link: hxxp://www.epson.com/ Java(TM) 6 Update 19 6.0.190 ({26A24AE4-039D-4CA4-87B4-2F83216011FF}) version: 100663406 version (major): 6 estimated size: 96644 install date: 20081211 install location: C:\Program Files\Java\jre6\ install source: C:\Users\Fabo\AppData\LocalLow\Sun\Java\jre1.6.0_11\ uninstall cmd: MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} publisher: Sun Microsystems, Inc. contact: hxxp://java.com help link: hxxp://java.com readme: C:\Program Files\Java\jre6\README.txt ({26A24AE4-039D-4CA4-87B4-2F83216013FB}) ({26A24AE4-039D-4CA4-87B4-2F83216015FB}) ({26A24AE4-039D-4CA4-87B4-2F83216017FB}) ({26A24AE4-039D-4CA4-87B4-2F83216019FB}) EPSON Scan Assistant 1.10.00 ({2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) version: 17432576 install location: C:\Program Files\EPSON\Creativity Suite\Scan Assistant uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x7 -u 7.1.20101113b1 ({2CCBABCB-6427-4A55-B091-49864623C43F}) version (major): 7 version (minor): 1 EPSON File Manager 1.3.0.0 ({2EB81825-E9EE-44F4-8F51-1240C3898DC6}) version: 16973824 install location: C:\Program Files\EPSON\Creativity Suite\File Manager uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}\Setup.exe" -l0x7 UNINST Roxio Drag-to-Disc 9.0 ({2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) version: 150994944 version (major): 9 estimated size: 8174 install date: 20070215 install source: c:\WinOnCD\D2D32_90\ uninstall cmd: MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668} publisher: Roxio iTunes 10.2.2.12 ({353FE16B-30FE-469A-BF55-B978F4218003}) version: 167903234 version (major): 10 version (minor): 2 estimated size: 147371 install date: 20110426 install location: C:\Program Files\iTunes\ install source: C:\Users\Fabo\AppData\Local\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{353FE16B-30FE-469A-BF55-B978F4218003} publisher: Apple Inc. contact: AppleCare Support help link: hxxp://www.apple.com/de/support/ help telephone: 01805 009 433 1.0 ({35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}) version: 16777216 version (major): 1 estimated size: 8202 install date: 20070215 install source: c:\WinOnCD\ACTIVATION_103\ uninstall cmd: MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} publisher: Roxio Microsoft .NET Framework 4 Client Profile 4.0.30319 ({3C3901C5-3455-3E0A-A214-0B093A5070A6}) version: 67139183 version (major): 4 estimated size: 565012 install date: 20110421 install source: C:\Users\Fabo\AppData\Local\Temp\Microsoft .NET Framework 4 Client Profile Setup_4.0.30319\ uninstall cmd: MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6} publisher: Microsoft Corporation readme: hxxp://go.microsoft.com/fwlink/?LinkId=164156 ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2160841) ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2162169) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) 1 ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708) uninstall cmd: C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client publisher: Microsoft Corporation comments: This security update is for Microsoft .NET Framework 4 Client Profile. If you later install a more recent service pack, this security update will be uninstalled automatically. For more information, visit hxxp://support.microsoft.com/kb/2446708. help link: hxxp://support.microsoft.com/kb/2446708 ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228) ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478063) ({3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663) EPSON Easy Photo Print 1.5.0.0 ({3D78F2A2-C893-4ABD-B5FE-AD7011837755}) version: 17104896 install location: C:\Program Files\EPSON\Creativity Suite\Easy Photo Print uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}\SETUP.EXE" -l0x7 UNINST publisher: SEIKO EPSON CORPORATION ArcSoft Software Suite ({497A1721-088F-41EF-8876-B43C9DA5528B}) uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\Setup.exe" -l0x7 publisher: ArcSoft Java Auto Updater 2.0.2.1 ({4A03706F-666A-4037-7777-5F2748764D10}) version: 33554434 version (major): 2 estimated size: 1197 install date: 20100330 install source: C:\Users\Fabo\AppData\LocalLow\Sun\Java\AU\ publisher: Sun Microsystems, Inc. Madden NFL 08 ({4AAC464A-4164-48CB-0080-EDA41ADE7D44}) uninstall cmd: C:\Program Files\EA Sports\Madden NFL 08\EAUninstall.exe publisher: Electronic Arts Test_OnlineDiagnostic 1.00.0000 ({538A1AE6-5D8B-4BF1-B1B3-AE14FDE21C09}) version: 16777216 version (major): 1 estimated size: 4680 install date: 20070215 install location: C:\firststeps\ install source: C:\FirstSteps\ uninstall cmd: MsiExec.exe /I{538A1AE6-5D8B-4BF1-B1B3-AE14FDE21C09} publisher: Ihr Firmenname WordPerfect Office X3 13.0 ({54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}) version: 218103808 version (major): 13 estimated size: 569276 install date: 20070215 install location: C:\Program Files\WordPerfect Office X3\ install source: C:\PC_Suite_2007\WordPerfectOfficeX3\WPOX3\ uninstall cmd: MsiExec.exe /I{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8} publisher: Corel Corporation comments: Installiert WordPerfect Office X3 contact: Corel Kundendienst help link: hxxp://www.corel.com/support QuickTime 7.69.80.9 ({57752979-A1C9-4C02-856B-FBB27AC4E02C}) version: 121962576 version (major): 7 version (minor): 69 estimated size: 75499 install date: 20110426 install location: C:\Program Files\QuickTime\ install source: C:\Users\Fabo\AppData\Local\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C} publisher: Apple Inc. contact: AppleCare Support help link: hxxp://www.apple.com/de/support help telephone: 01805 009 433 3.3.0 ({619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) version: 50528256 version (major): 3 version (minor): 3 estimated size: 668 install date: 20070215 install source: c:\WinOnCD\RCP_COPY_33\ uninstall cmd: MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} publisher: Roxio ({62369F2F77534556AEF4C58152E3BDE5}) 2.1.0 ({6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) version: 33619968 version (major): 2 version (minor): 1 estimated size: 16015 install date: 20070215 install source: c:\WinOnCD\EXPRESSLABELER_30\ uninstall cmd: MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} publisher: Roxio EPSON Copy Utility 3 3.3.0.0 ({67EDD823-135A-4D59-87BD-950616D6E857}) version: 50528256 install location: C:\Program Files\EPSON\Creativity Suite uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x7 -UnInstall Apple Software Update 2.1.1.116 ({6956856F-B6B3-4BE0-BA0B-8F495BE32033}) version: 33619969 version (major): 2 version (minor): 1 estimated size: 2208 install date: 20090926 install location: C:\Program Files\Apple Software Update\ install source: C:\Users\Fabo\AppData\Local\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} publisher: Apple Inc. contact: AppleCare Support help link: hxxp://www.apple.com/de/support help telephone: 01805 009 433 Windows Media Player Firefox Plugin 1.0.0.8 ({69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) version: 16777216 version (major): 1 estimated size: 296 install date: 20070515 install source: C:\Users\Fabo\AppData\Local\Temp\IXP000.TMP\ uninstall cmd: MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} publisher: Microsoft Corp Safari 5.33.21.1 ({6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}) version: 86048789 version (major): 5 version (minor): 33 estimated size: 42257 install date: 20110426 install location: C:\Program Files\Safari\ install source: C:\Users\Fabo\AppData\Local\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1} publisher: Apple Inc. contact: AppleCare Support help link: hxxp://www.apple.com/de/support help telephone: 01805 009 433 6.6.0 ({7585478E9D9B42108671C12F8714CEFE}) install location: C:\Program Files\DivX uninstall cmd: C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER publisher: DivX, Inc. 6.8.2 ({7B63B2922B174135AFC0E1377DD81EC2}) install location: C:\Program Files\DivX uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC publisher: DivX, Inc. OpenOffice.org 3.0 3.0.9379 ({7EC19307-7C22-47A8-922B-3FA965291260}) version: 50341027 version (major): 3 estimated size: 356831 install date: 20090214 install location: C:\Program Files\ install source: C:\Users\Fabo\Desktop\Desktop\OpenOffice.org 3.0 (de) Installation Files\ uninstall cmd: MsiExec.exe /I{7EC19307-7C22-47A8-922B-3FA965291260} publisher: OpenOffice.org comments: OpenOffice.org 3.0 (de) (OOO300m15(Build:9379)) contact: Abteilung für die technische Unterstützung help link: hxxp://de.openoffice.org help telephone: x-xxx-xxx-xxx EPSON Web-To-Page ({7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}) install location: C:\Program Files\EPSON\EPSON Web-To-Page uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\Setup.exe" -l0x7 -anything 3.3.0 ({83FFCFC7-88C6-41c6-8752-958A45325C82}) version: 50528256 version (major): 3 version (minor): 3 estimated size: 1278 install date: 20070215 install source: c:\WinOnCD\RCP_AUDIO_33\ uninstall cmd: MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82} publisher: Roxio Apple Application Support 1.5.1 ({853A4763-6643-4604-8D64-28BDD8925F4C}) version: 17104897 version (major): 1 version (minor): 5 estimated size: 52197 install date: 20110426 install location: C:\Program Files\Common Files\Apple\Apple Application Support\ install source: C:\Users\Fabo\AppData\Local\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{853A4763-6643-4604-8D64-28BDD8925F4C} publisher: Apple Inc. contact: AppleCare Support help link: hxxp://www.apple.com/support/ help telephone: 1-800-275-2273 MSXML 4.0 SP2 (KB954430) 4.20.9870.0 ({86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) version: 68429454 version (major): 4 version (minor): 20 estimated size: 1309 install date: 20081116 install source: c:\bb6f9dd03ce94f0dadfca15a\ uninstall cmd: MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} publisher: Microsoft Corporation help link: hxxp://support.microsoft.com/kb/954430 Corel Photo Album 6 6.31 ({8A9B8148-DDD7-448F-BD6C-358386D32354}) version: 102694912 version (major): 6 version (minor): 31 estimated size: 93289 install date: 20070215 install location: c:\Program Files\Corel\Corel Photo Album 6\ install source: c:\PC_Suite_2007\PhotoAlbum6\ uninstall cmd: MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354} publisher: Corel, Inc. comments: Installiert Corel Photo Album 6 contact: Corel Kundendienst help link: hxxp://www.corel.com/support help telephone: USA: 1-800-772-6735; außerhalb der USA: +441628 581601; Vereinigtes Königreich: 0870 774 0202 Camera RAW Plug-In for EPSON Creativity Suite 2.2.0.0 ({93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}) version: 33685504 install location: C:\Program Files\EPSON\Creativity Suite\Common\Module\RawPlugIn2 uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}\SETUP.EXE" -l0x7 UNINST publisher: SEIKO EPSON CORPORATION PHOTOfunSTUDIO -viewer- 2.00.000 ({9A9DBEBC-C800-4776-A970-D76D6AA405B1}) version: 33554432 install date: 20080828 install location: C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer- install source: F:\PHOTOFUN\Setup\ uninstall cmd: C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x0007 -z"Uninstall" -removeonly publisher: Panasonic Adobe Reader 8.2.5 - Deutsch 8.2.5 ({AC76BA86-7AD7-1031-7B44-A82000000003}) version: 134348805 version (major): 8 version (minor): 2 estimated size: 104443 install date: 20110111 install source: C:\Users\Fabo\AppData\Local\Adobe\Updater5\Install\reader8rdr-de_DE\ uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A82000000003} publisher: Adobe Systems Incorporated comments: contact: Kundendienst help link: hxxp://www.adobe.de/support/main.html readme: C:\Program Files\Adobe\Reader 8.0\Reader\Readme.htm Spelling Dictionaries Support For Adobe Reader 8 8.0.0 ({AC76BA86-7AD7-5464-3428-800000000003}) version: 134217728 version (major): 8 estimated size: 33322 install date: 20081221 install source: C:\Users\Fabo\AppData\Local\Adobe\Updater5\Install\reader8rdr-de_DE\ uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003} publisher: Adobe Systems comments: This is a placeholder for ARP comments for Spelling Dictionaries for Adobe Reader 8.0 contact: Customer Support help link: hxxp://www.adobe.com/support/main.html help telephone: 1-800-833-6687 DivX Converter 6.6.0 ({B13A7C41581B411290FBC0395694E2A9}) install location: C:\Program Files\DivX uninstall cmd: C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER publisher: DivX, Inc. Spybot - Search & Destroy 1.6.2 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) install date: 20100110 install location: C:\Program Files\Spybot - Search & Destroy\ uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe" publisher: Safer Networking Limited help link: hxxp://www.safer-networking.org/index.php?page=support Bonjour 2.0.5.0 ({C2E4B5BD-32DB-4817-A060-341AB17C3F90}) version: 33554437 version (major): 2 estimated size: 1130 install date: 20110426 install location: C:\Program Files\Bonjour\ install source: C:\Users\Fabo\AppData\Local\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /X{C2E4B5BD-32DB-4817-A060-341AB17C3F90} publisher: Apple Inc. contact: AppleCare-Support help link: hxxp://www.apple.com/de/support help telephone: 01805 009 433 3.3.0 ({C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) version: 50528256 version (major): 3 version (minor): 3 estimated size: 17860 install date: 20070215 install source: c:\WinOnCD\RCP_CORE_33\ uninstall cmd: MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C} publisher: Roxio Garmin City Navigator Europe NT 2011.30 Update 14.30.0.0 ({CA70204D-9437-4646-942E-8172F62F96AD}) version: 236847104 version (major): 14 version (minor): 30 estimated size: 2657018 install date: 20101129 install source: C:\Users\Fabo\AppData\Local\Temp\IMG\ uninstall cmd: MsiExec.exe /X{CA70204D-9437-4646-942E-8172F62F96AD} publisher: Garmin Ltd or its subsidiaries comments: Please contact Garmin with comments and concerns. contact: Customer Support Department help link: hxxp://www.garmin.com/support Apple Mobile Device Support 3.4.0.25 ({CACAEB5F-174D-4C7C-AC56-A33289A807CA}) version: 50593792 version (major): 3 version (minor): 4 estimated size: 22273 install date: 20110426 install location: C:\Program Files\Common Files\Apple\Mobile Device Support\ install source: C:\Users\Fabo\AppData\Local\Apple\Apple Software Update\ uninstall cmd: MsiExec.exe /I{CACAEB5F-174D-4C7C-AC56-A33289A807CA} publisher: Apple Inc. contact: AppleCare Support help link: hxxp://www.apple.com/de/support/ help telephone: 01805 009 433 Microsoft .NET Framework 3.5 SP1 3.5.30729 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}) version: 50690057 version (major): 3 version (minor): 5 estimated size: 84556 install date: 20101009 install source: d:\8c8ee38fe98fc086ce76fa434d\ uninstall cmd: MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} publisher: Microsoft Corporation Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473) uninstall cmd: C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT="" publisher: Microsoft Corporation comments: This security update is for Microsoft .NET Framework 3.5 SP1. If you later install a more recent service pack, this security update will be uninstalled automatically. For more information, visit hxxp://support.microsoft.com/kb/2416473. help link: hxxp://support.microsoft.com/kb/2416473 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595) uninstall cmd: C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" publisher: Microsoft Corporation comments: This hotfix is for Microsoft .NET Framework 3.5 SP1. If you later install a more recent service pack, this hotfix will be uninstalled automatically. For more information, visit hxxp://support.microsoft.com/kb/953595. help link: hxxp://support.microsoft.com/kb/953595 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484) uninstall cmd: C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" publisher: Microsoft Corporation comments: This hotfix is for Microsoft .NET Framework 3.5 SP1. If you later install a more recent service pack, this hotfix will be uninstalled automatically. For more information, visit hxxp://support.microsoft.com/kb/958484. help link: hxxp://support.microsoft.com/kb/958484 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) uninstall cmd: C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" publisher: Microsoft Corporation comments: This update is for Microsoft .NET Framework 3.5 SP1. If you later install a more recent service pack, this update will be uninstalled automatically. For more information, visit hxxp://support.microsoft.com/kb/963707. help link: hxxp://support.microsoft.com/kb/963707 NHL 2005 ({D0DC1674-B5E8-4364-009E-B350048DD006}) uninstall cmd: C:\Program Files\EA SPORTS\NHL 2005\EAUninstall.exe Roxio WinOnCD 9 Basic 9.0.138 ({DCFFB64E-A757-4430-A455-B947F029BFD4}) version: 150995082 version (major): 9 estimated size: 195713 install date: 20070215 install location: c:\Program Files\Roxio\ install source: c:\WinOnCD\ uninstall cmd: MsiExec.exe /I{DCFFB64E-A757-4430-A455-B947F029BFD4} publisher: Roxio comments: Hauptinstallationsprogramm für Digital Media Suite contact: hxxp://support.roxio.com help link: hxxp://support.roxio.com readme: c:\Program Files\Roxio\ReadMe.htm Realtek High Definition Audio Driver ({F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) uninstall cmd: RtlUpd.exe -r -m Update Manager 4.60 ({F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}) version: 71041024 version (major): 4 version (minor): 60 estimated size: 2651 install date: 20070215 install location: C:\Program Files\My Company Name\My Product Name\ install source: C:\PC_Suite_2007\WordPerfectOfficeX3\WPOX3\ uninstall cmd: MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA} publisher: Corel Corporation MSXML 4.0 SP2 (KB973688) 4.20.9876.0 ({F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) version: 68429460 version (major): 4 version (minor): 20 estimated size: 1368 install date: 20091125 install source: d:\05ad589032bc9778ccc93e6ecb0c\ uninstall cmd: MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} publisher: Microsoft Corporation help link: hxxp://support.microsoft.com/kb/973688 Microsoft .NET Framework 4 Client Profile DEU Language Pack 4.0.30319 ({F750C986-5310-3A5A-95F8-4EC71C8AC01C}) version: 67139183 version (major): 4 estimated size: 24787 install date: 20101128 install source: D:\e1f9562fe241f8858f47\ uninstall cmd: MsiExec.exe /X{F750C986-5310-3A5A-95F8-4EC71C8AC01C} publisher: Microsoft Corporation readme: hxxp://go.microsoft.com/fwlink/?LinkId=164156 --- System Services --- Service (registry key): .NET CLR Data Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET CLR Networking Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET CLR Networking 4.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET Data Provider for Oracle Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NET Data Provider for SqlServer Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): .NETFramework Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ACDaemon Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ArcSoft Connect Daemon Object name: LocalSystem Image path: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe Image size: 102712 Image MD5: 61A581E5481E22A76A88490C57015105 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 0 Service (registry key): ACPI Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft ACPI-Treiber Image path: system32\drivers\acpi.sys Image size: 265688 Image MD5: 82B296AE1892FE3DBEE00C9CF92F8AC7 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): adp94xx Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\adp94xx.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): adpahci Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\adpahci.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): adpu160m Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\adpu160m.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): adpu320 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\adpu320.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): adsi Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): AeLookupSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\aelupsvc.dll,-1 Description: @%SystemRoot%\system32\aelupsvc.dll,-2 Object name: localSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): Afc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PPdus ASPI Shell Image path: system32\drivers\Afc.sys Image size: 11776 Image MD5: A7B8A3A79D35215D798A300DF49ED23F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): AFD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Ancilliary Function Driver for Winsock Description: Ancilliary Function Driver for Winsock Image path: \SystemRoot\system32\drivers\afd.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): agp440 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Intel AGP Bus Filter Image path: \SystemRoot\system32\drivers\agp440.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): aic78xx Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\djsvs.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ALG Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\Alg.exe,-112 Description: @%SystemRoot%\system32\Alg.exe,-113 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\alg.exe Image size: 59392 Image MD5: A1545B731579895D8CC44FC0481C1192 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): aliide Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\aliide.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 3 Service (registry key): amdagp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AMD AGP Bus Filter Driver Image path: \SystemRoot\system32\drivers\amdagp.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): amdide Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\amdide.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 3 Service (registry key): AmdK7 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AMD K7 Processor Driver Image path: \SystemRoot\system32\drivers\amdk7.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): AmdK8 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: AMD K8 Processor Driver Image path: \SystemRoot\system32\drivers\amdk8.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): AntiVirSchedulerService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Avira AntiVir Planer Description: Dienst zur Steuerung von Avira AntiVir Personal - Free Antivirus Prüfaufträgen und Updates. Object name: LocalSystem Image path: "C:\Program Files\Avira\AntiVir Desktop\sched.exe" Image size: 136360 Image MD5: C27D46B06D340293670450FCE9DFB166 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Service (registry key): AntiVirService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Avira AntiVir Guard Description: Bietet permanenten Schutz vor Viren und Malware mit der AntiVir Suchengine. Object name: LocalSystem Image path: "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" Image size: 269480 Image MD5: C9FB073FD3C306B9EB32993BE72F8AB7 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Service (registry key): Appinfo Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\appinfo.dll,-100 Description: @%systemroot%\system32\appinfo.dll,-101 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,ProfSvc Service (registry key): Apple Mobile Device Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Apple Mobile Device Description: Enthält die Schnittstelle zu Mobilgeräten von Apple. Object name: LocalSystem Image path: "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" Image size: 37664 Image MD5: 20F6F19FE9E753F2780DC2FA083AD597 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: Tcpip Service (registry key): arc Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\arc.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): arcsas Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\arcsas.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): AsyncMac Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Asynchroner RAS -Medientreiber Description: Asynchroner RAS -Medientreiber Image path: system32\DRIVERS\asyncmac.sys Image size: 17408 Image MD5: 53B202ABEE6455406254444303E87BE1 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): atapi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IDE-Kanal Image path: system32\drivers\atapi.sys Image size: 19944 Image MD5: 1F05B78AB91C9075565A9D8A4B880BC4 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): AudioEndpointBuilder Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\audiosrv.dll,-204 Description: @%SystemRoot%\System32\audiosrv.dll,-205 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: PlugPlay Service (registry key): Audiosrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\audiosrv.dll,-200 Description: @%SystemRoot%\System32\audiosrv.dll,-201 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: AudioEndpointBuilder,RpcSs,MMCSS Service (registry key): avgntflt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: avgntflt Description: Avira mini-filter driver Image path: system32\DRIVERS\avgntflt.sys Image size: 61960 Image MD5: 47B879406246FFDCED59E18D331A0E7D Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 1 Depends On services: FltMgr Service (registry key): avipbb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: avipbb Description: Avira Security Enhancement Driver Image path: system32\DRIVERS\avipbb.sys Image size: 137656 Image MD5: 5FEDEF54757B34FB611B9EC8FB399364 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): BattC Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Beep Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Beep Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): BFE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\bfe.dll,-1001 Description: @%SystemRoot%\system32\bfe.dll,-1002 Object name: NT AUTHORITY\LocalService Image path: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): BITS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\qmgr.dll,-1000 Description: @%SystemRoot%\system32\qmgr.dll,-1001 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs,EventSystem Service (registry key): blbdrive Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\blbdrive.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Bonjour Service Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Dienst "Bonjour" Description: Damit können Hardwaregeräte und Softwaredienste im Netzwerk eine automatische Selbstkonfiguration durchführen und ihre Verfügbarkeit anzeigen. Object name: LocalSystem Image path: "C:\Program Files\Bonjour\mDNSResponder.exe" Image size: 349472 Image MD5: F2060A34C8A75BC24A9222EB4F8C07BD Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: Tcpip Service (registry key): bowser Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Bowser Description: Implements the datagram receiver for the computer browser browser service. Image path: system32\DRIVERS\bowser.sys Image size: 69632 Image MD5: 35F376253F687BDE63976CCB3F2108CA Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Service (registry key): BrFiltLo Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Brother USB Mass-Storage Lower Filter Driver Image path: \SystemRoot\system32\drivers\brfiltlo.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): BrFiltUp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Brother USB Mass-Storage Upper Filter Driver Image path: \SystemRoot\system32\drivers\brfiltup.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Browser Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\browser.dll,-100 Description: @%systemroot%\system32\browser.dll,-101 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation,LanmanServer Service (registry key): Brserid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Brother MFC Serial Port Interface Driver (WDM) Image path: \SystemRoot\system32\drivers\brserid.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): BrSerWdm Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Brother WDM Serial driver Image path: \SystemRoot\system32\drivers\brserwdm.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): BrUsbMdm Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Brother MFC USB Fax Only Modem Image path: \SystemRoot\system32\drivers\brusbmdm.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): BrUsbSer Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Brother MFC USB Serial WDM Driver Image path: \SystemRoot\system32\drivers\brusbser.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): BTHMODEM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Bluetooth Serial Communications Driver Image path: \SystemRoot\system32\drivers\bthmodem.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): BTHPORT Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): cdfs Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: CD/DVD File System Reader Description: ISO9660/Joliet File System Reader for CD/DVDs. (Core) (All pieces) Image path: system32\DRIVERS\cdfs.sys Image size: 70144 Image MD5: 7ADD03E75BEB9E6DD102C3081D29840A Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Depends On group: "SCSI CDROM Class" Service (registry key): cdrom Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: CD-ROM-Laufwerktreiber Image path: system32\DRIVERS\cdrom.sys Image size: 67072 Image MD5: 6B4BFFB9BECD728097024276430DB314 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): CertPropSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\certprop.dll,-11 Description: @%SystemRoot%\System32\certprop.dll,-12 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): circlass Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Consumer IR Devices Image path: \SystemRoot\system32\drivers\circlass.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): CLFS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Common Log (CLFS) Description: Common Log (CLFS) Image path: System32\CLFS.sys Image size: 245736 Image MD5: D7659D3B5B92C31E84E53C1431F35132 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): clr_optimization_v2.0.50727_32 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft .NET Framework NGEN v2.0.50727_X86 Description: Microsoft .NET Framework NGEN Object name: LocalSystem Image path: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe Image size: 66368 Image MD5: 8EE772032E2FE80A924F3B8DD5082194 Control Set: CurrentControlSet Start: 4 Type: 16 Error Control: 0 Service (registry key): clr_optimization_v4.0.30319_32 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft .NET Framework NGEN v4.0.30319_X86 Description: Microsoft .NET Framework NGEN Object name: LocalSystem Image path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe Image size: 130384 Image MD5: C5A75EB48E2344ABDC162BDA79E16841 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 0 Service (registry key): CLTNetCnService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Symantec Lic NetConnect service Description: Symantec Lic NetConnect Service Object name: LocalSystem Image path: "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Service (registry key): cmdide Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\cmdide.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 3 Service (registry key): Compbatt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Composite Battery Driver Image path: \SystemRoot\system32\drivers\compbatt.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 3 Service (registry key): COMSysApp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @comres.dll,-947 Description: @comres.dll,-948 Object name: LocalSystem Image path: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} Image size: 7168 Image MD5: BE01E566D1F569AAB32D0335613E1EEA Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RpcSs,EventSystem,SENS Service (registry key): crcdisk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Crcdisk Filter Driver Image path: system32\drivers\crcdisk.sys Image size: 22632 Image MD5: 2A213AE086BBEC5E937553C7D9A2B22C Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): Crusoe Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Transmeta Crusoe Processor Driver Image path: \SystemRoot\system32\drivers\crusoe.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): crypt32 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): CryptSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\cryptsvc.dll,-1001 Description: @%SystemRoot%\system32\cryptsvc.dll,-1002 Object name: NT Authority\NetworkService Image path: %SystemRoot%\system32\svchost.exe -k NetworkService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): DCLocator Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): DcomLaunch Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @oleres.dll,-5012 Description: @oleres.dll,-5013 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k DcomLaunch Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): DfsC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\drivers\dfsc.sys,-101 Description: @%systemroot%\system32\drivers\dfsc.sys,-102 Image path: System32\Drivers\dfsc.sys Image size: 75264 Image MD5: 218D8AE46C88E82014F5D73D0236D9B2 Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Depends On services: Mup Service (registry key): DFSR Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @dfsrres.dll,-101 Description: @dfsrres.dll,-102 Object name: LocalSystem Image path: %SystemRoot%\system32\DFSR.exe Image size: 2092544 Image MD5: 2CC3DCFB533A1035B13DCAB6160AB38B Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RpcSs,EventSystem Service (registry key): Dhcp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\dhcpcsvc.dll,-100 Description: @%SystemRoot%\system32\dhcpcsvc.dll,-101 Object name: NT Authority\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: NSI,Tdx,Afd Service (registry key): disk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Laufwerktreiber Image path: system32\drivers\disk.sys Image size: 53736 Image MD5: 5D4AEFC3386920236A548271F8F1AF6A Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): DLABMFSM Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DLA\DLABMFSM.SYS Image size: 35096 Image MD5: A53723176D0002FEB486EFF8E17812F2 Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): DLABOIOM Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DLA\DLABOIOM.SYS Image size: 32472 Image MD5: D4587063ACEA776699251E177D719586 Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): DLACDBHM Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\Drivers\DLACDBHM.SYS Image size: 12856 Image MD5: 5230CDB7E715F3A3B4A882E254CDD35D Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 0 Service (registry key): DLADResM Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DLA\DLADResM.SYS Image size: 9432 Image MD5: 1CC77BF6481567B617F7D204932A10E4 Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): DLAIFS_M Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DLA\DLAIFS_M.SYS Image size: 104536 Image MD5: 24400137E387A24410C52A591F3CFB4D Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): DLAOPIOM Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DLA\DLAOPIOM.SYS Image size: 26296 Image MD5: 29A303FECEB28641ECEBDAE89EB71C63 Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): DLAPoolM Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DLA\DLAPoolM.SYS Image size: 14520 Image MD5: C93E33A22A1AE0C5508F3FB1F6D0A50C Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): DLARTL_M Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\Drivers\DLARTL_M.SYS Image size: 28184 Image MD5: 91886FED52A3F9966207BCE46CFD794F Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 0 Service (registry key): DLAUDFAM Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DLA\DLAUDFAM.SYS Image size: 94648 Image MD5: B953498C35A31E5AC98F49ADBCF3E627 Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): DLAUDF_M Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DLA\DLAUDF_M.SYS Image size: 97848 Image MD5: 4897704C093C1F59CE58FC65E1E1EF1E Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): Dnscache Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\dnsapi.dll,-101 Description: @%SystemRoot%\System32\dnsapi.dll,-102 Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\svchost.exe -k NetworkService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Tdx Service (registry key): dot3svc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\dot3svc.dll,-1102 Description: @%systemroot%\system32\dot3svc.dll,-1103 Object name: localSystem Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,Ndisuio,Eaphost |
|
06.06.2011, 20:45
| #4 |
| | win32.katusha.o Service (registry key): DPS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\dps.dll,-500 Description: @%systemroot%\system32\dps.dll,-501 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): drmkaud Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Kernel-DRM-Audioentschlüsselung Image path: system32\drivers\drmkaud.sys Image size: 5632 Image MD5: 97FEF831AB90BEE128C9AF390E243F80 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): DRVMCDB Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\Drivers\DRVMCDB.SYS Image size: 99176 Image MD5: C00440385CF9F3D142917C63F989E244 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 0 Service (registry key): DRVNDDM Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\Drivers\DRVNDDM.SYS Image size: 51768 Image MD5: FFC371525AA55D1BAE18715EBCB8797C Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 0 Service (registry key): DXGKrnl Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: LDDM Graphics Subsystem Description: Controls the underlying video driver stacks to provide fully-featured display capabilities. Image path: \SystemRoot\System32\drivers\dxgkrnl.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): E1G60 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Intel(R) PRO/1000 NDIS 6 Adapter Driver Image path: system32\DRIVERS\E1G60I32.sys Image size: 117760 Image MD5: F88FB26547FD2CE6D0A5AF2985892C48 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): EapHost Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\eapsvc.dll,-1 Description: @%systemroot%\system32\eapsvc.dll,-2 Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS,KeyIso Service (registry key): Ecache Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ReadyBoost Caching Driver Description: ReadyBoost Caching Driver Image path: System32\drivers\ecache.sys Image size: 141288 Image MD5: 7F64EA048DCFAC7ACF8B4D7B4E6FE371 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): ehRecvr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\ehome\ehrecvr.exe,-101 Description: @%SystemRoot%\ehome\ehrecvr.exe,-102 Object name: NT AUTHORITY\networkService Image path: %systemroot%\ehome\ehRecvr.exe Image size: 292352 Image MD5: 9BE3744D295A7701EB425332014F0797 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Depends On services: RPCSS Service (registry key): ehSched Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\ehome\ehsched.exe,-101 Description: @%SystemRoot%\ehome\ehsched.exe,-102 Object name: NT AUTHORITY\networkService Image path: %systemroot%\ehome\ehsched.exe Image size: 131072 Image MD5: AD1870C8E5D6DD340C829E6074BF3C3F Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Depends On services: RPCSS Service (registry key): ehstart Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\ehome\ehstart.dll,-101 Description: @%SystemRoot%\ehome\ehstart.dll,-102 Object name: NT AUTHORITY\LocalService Image path: %windir%\system32\svchost.exe -k LocalServiceNoNetwork Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: RPCSS Service (registry key): elxstor Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\elxstor.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): EmdCache Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): EMDMgmt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\emdmgmt.dll,-1000 Description: @%SystemRoot%\system32\emdmgmt.dll,-1001 Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: rpcss,ecache,slsvc,fileinfo Service (registry key): ESENT Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Eventlog Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\wevtsvc.dll,-200 Description: @%SystemRoot%\system32\wevtsvc.dll,-201 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): EventSystem Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @comres.dll,-2450 Description: @comres.dll,-2451 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: rpcss Service (registry key): exfat Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: exFAT File System Driver Description: exFAT File System Driver Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Service (registry key): fastfat Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: FAT12/16/32 File System Driver Description: Note - dependance on CDROM.SYS only if required to read/write DVD-RAM media (which appears as CD class device). (Core) (All pieces) Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Service (registry key): fdc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Floppy Disk Controller Driver Image path: system32\DRIVERS\fdc.sys Image size: 25088 Image MD5: 63BDADA84951B9C03E641800E176898A Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): fdPHost Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\fdPHost.dll,-100 Description: @%systemroot%\system32\fdPHost.dll,-101 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,http Service (registry key): FDResPub Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\fdrespub.dll,-100 Description: @%systemroot%\system32\fdrespub.dll,-101 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,http Service (registry key): FET5X86V Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: VIA Rhine-Family Fast-Ethernet Adapter Driver Service Image path: system32\DRIVERS\fetnd5bv.sys Image size: 42496 Image MD5: 8787449F8EF116DB0E8E06C3555746A7 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): FETNDIS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: VIA Rhine-Familie--Fast-Ethernet-Adaptertreiberdienst Image path: system32\DRIVERS\fetnd5.sys Image size: 45568 Image MD5: B2B2C38E916184FF8523C7439DDD417F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): FileInfo Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: File Information FS MiniFilter Description: Collects information about files in memory to be consumed by other system services. Image path: system32\drivers\fileinfo.sys Image size: 58936 Image MD5: A8C0139A884861E3AAE9CFE73B208A9F Control Set: CurrentControlSet Start: 0 Type: 2 Error Control: 1 Depends On services: fltmgr Service (registry key): Filetrace Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: FileTrace Description: ETW File Trace Filter Image path: system32\drivers\filetrace.sys Image size: 27648 Image MD5: 0AE429A696AECBC5970E3CF2C62635AE Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Depends On services: FltMgr Service (registry key): flpydisk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Floppy Disk Driver Image path: system32\DRIVERS\flpydisk.sys Image size: 20480 Image MD5: 6603957EFF5EC62D25075EA8AC27DE68 Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): FltMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: FltMgr Description: File System Filter Manager Driver Image path: system32\drivers\fltmgr.sys Image size: 190424 Image MD5: 01334F9EA68E6877C4EF05D3EA8ABB05 Control Set: CurrentControlSet Start: 0 Type: 2 Error Control: 3 Service (registry key): FontCache Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\FntCache.dll,-100 Description: @%systemroot%\system32\FntCache.dll,-101 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): FontCache3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\PresentationHost.exe,-3309 Description: @%SystemRoot%\system32\PresentationHost.exe,-3310 Object name: NT Authority\LocalService Image path: %systemroot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe Image size: 43904 Image MD5: C7FBDD1ED42F82BFA35167A5C9803EA3 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): Fs_Rec Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 8 Error Control: 0 Service (registry key): gagp30kx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms Image path: \SystemRoot\system32\drivers\gagp30kx.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): GEARAspiWDM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: GEAR ASPI Filter Driver Image path: System32\Drivers\GEARAspiWDM.sys Image size: 26600 Image MD5: 8182FF89C65E4D38B2DE4BB0FB18564E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): gpsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @gpapi.dll,-112 Description: @gpapi.dll,-113 Object name: LocalSystem Image path: %windir%\system32\svchost.exe -k GPSvcGroup Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: RPCSS,Mup Service (registry key): HdAudAddService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst Image path: system32\drivers\HdAudio.sys Image size: 235520 Image MD5: CB04C744BE0A61B1D648FAED182C3B59 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): HDAudBus Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft-UAA-Bustreiber für High Definition Audio Image path: system32\DRIVERS\HDAudBus.sys Image size: 561152 Image MD5: 062452B7FFD68C8C042A6261FE8DFF4A Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): HidBth Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Bluetooth HID Miniport Image path: \SystemRoot\system32\drivers\hidbth.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Service (registry key): HidIr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Infrared HID Driver Image path: \SystemRoot\system32\drivers\hidir.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 0 Service (registry key): hidserv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\hidserv.dll,-101 Description: @%SystemRoot%\System32\hidserv.dll,-102 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): HidUsb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft HID Class-Treiber Image path: system32\DRIVERS\hidusb.sys Image size: 12800 Image MD5: CCA4B519B17E23A00B826C55716809CC Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): hkmsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\kmsvc.dll,-6 Description: @%SystemRoot%\system32\kmsvc.dll,-7 Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): HpCISSs Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\hpcisss.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): HTTP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: HTTP Description: This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start. Image path: system32\drivers\HTTP.sys Image size: 411648 Image MD5: F870AA3E254628EBEAFE754108D664DE Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): i2omp Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\i2omp.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): i8042prt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: i8042 Keyboard and PS/2 Mouse Port Driver Image path: system32\DRIVERS\i8042prt.sys Image size: 54784 Image MD5: 22D56C8184586B7A1F6FA60BE5F5A2BD Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): iaStor Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Intel AHCI Controller Image path: \SystemRoot\system32\drivers\iastor.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): iaStorV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Intel RAID Controller Vista Image path: \SystemRoot\system32\drivers\iastorv.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): IDriverT Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: InstallDriver Table Manager Description: Provides support for the Running Object Table for InstallShield Drivers Object name: LocalSystem Image path: "c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe" Image size: 73728 Image MD5: 6F95324909B502E2651442C1548AB12F Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Service (registry key): idsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193 Description: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8192 Object name: LocalSystem Image path: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" Image size: 879448 Image MD5: 98477B08E61945F974ED9FDC4CB6BDAB Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): iirsp Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\iirsp.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): IKEEXT Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\ikeext.dll,-501 Description: @%SystemRoot%\system32\ikeext.dll,-502 Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: BFE Service (registry key): inetaccs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): IntcAzAudAddService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Service for Realtek HD Audio (WDM) Image path: system32\drivers\RTKVHDA.sys Image size: 1668456 Image MD5: C61B3B87F3856CEF0C9F204028C6860D Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): intelide Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\intelide.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 3 Service (registry key): intelppm Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Intel-Prozessortreiber Image path: system32\DRIVERS\intelppm.sys Image size: 41472 Image MD5: 224191001E78C89DFA78924C3EA595FF Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): IPBusEnum Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\IPBusEnum.dll,-102 Description: @%systemroot%\system32\IPBusEnum.dll,-103 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,fdPHost Service (registry key): IpFilterDriver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\rascfg.dll,-32013 Description: @%systemroot%\system32\rascfg.dll,-32013 Image path: system32\DRIVERS\ipfltdrv.sys Image size: 47616 Image MD5: 62C265C38769B864CB25B4BCF62DF6C3 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): iphlpsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\iphlpsvc.dll,-200 Description: @%SystemRoot%\system32\iphlpsvc.dll,-201 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k NetSvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSS,Tdx,winmgmt,tcpip,nsi Service (registry key): IpInIp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IP in IP Tunnel Driver Description: IP in IP Tunnel Driver Image path: system32\DRIVERS\ipinip.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): IPMIDRV Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\ipmidrv.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): IPNAT Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IP Network Address Translator Description: IP Network Address Translator Image path: system32\DRIVERS\ipnat.sys Image size: 100864 Image MD5: 8793643A67B42CEC66490B2A0CF92D68 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): iPod Service Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: iPod-Dienst Description: iPod-Hardwareverwaltungsdienste Object name: LocalSystem Image path: "C:\Program Files\iPod\bin\iPodService.exe" Image size: 820520 Image MD5: CA9D4B998BFF311A539604ED87318FA0 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RpcSs Service (registry key): IRENUM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IR Bus Enumerator Description: IR Bus Enumerator Image path: system32\drivers\irenum.sys Image size: 13312 Image MD5: 109C0DFB82C3632FBD11949B73AEEAC9 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): isapnp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PnP ISA/EISA Bus Driver Image path: \SystemRoot\system32\drivers\isapnp.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 3 Service (registry key): iScsiPrt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: iScsiPort-Treiber Image path: system32\DRIVERS\msiscsi.sys Image size: 180712 Image MD5: 232FA340531D940AAC623B121A595034 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): iteatapi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ITEATAPI_Service_Install Image path: \SystemRoot\system32\drivers\iteatapi.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): iteraid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ITERAID_Service_Install Image path: \SystemRoot\system32\drivers\iteraid.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): kbdclass Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Tastaturklassentreiber Image path: system32\DRIVERS\kbdclass.sys Image size: 35384 Image MD5: 37605E0A8CF00CBBA538E753E4344C6E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): kbdhid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Tastatur-HID-Treiber Image path: system32\DRIVERS\kbdhid.sys Image size: 17408 Image MD5: EDE59EC70E25C24581ADD1FBEC7325F7 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): KeyIso Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @keyiso.dll,-100 Description: @keyiso.dll,-101 Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 9728 Image MD5: 3978F3540329E16C0AC3BCF677E5669F Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): KSecDD Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\Drivers\ksecdd.sys Image size: 439864 Image MD5: 86165728AF9BF72D6442A894FDFB4F8B Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): KtmRm Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @comres.dll,-2946 Description: @comres.dll,-2947 Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\System32\svchost.exe -k NetworkService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS,SamSS Service (registry key): LanmanServer Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\srvsvc.dll,-100 Description: @%systemroot%\system32\srvsvc.dll,-101 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: SamSS,Srv Service (registry key): LanmanWorkstation Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\wkssvc.dll,-100 Description: @%systemroot%\system32\wkssvc.dll,-101 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Bowser,MRxSmb10,MRxSmb20,NSI Service (registry key): ldap Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): lltdio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: E/A-Treiber für Verbindungsschicht-Topologieerkennungszuordnung Image path: system32\DRIVERS\lltdio.sys Image size: 47104 Image MD5: D1C5883087A0C3F1344D9D55A44901F6 Control Set: CurrentControlSet Start: 2 Type: 1 Error Control: 1 Service (registry key): lltdsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\lltdres.dll,-1 Description: @%SystemRoot%\system32\lltdres.dll,-2 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: rpcss,lltdio Service (registry key): lmhosts Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\lmhsvc.dll,-101 Description: @%SystemRoot%\system32\lmhsvc.dll,-102 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: NetBT,Afd Service (registry key): Lsa Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): LSI_FC Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\lsi_fc.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): LSI_SAS Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\lsi_sas.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): LSI_SCSI Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\lsi_scsi.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): luafv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: UAC File Virtualization Description: Virtualizes file write failures to per-user locations. Image path: \SystemRoot\system32\drivers\luafv.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 2 Error Control: 1 Depends On services: FltMgr Service (registry key): Mcx2Svc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\ehome\ehres.dll,-15501 Description: @%SystemRoot%\ehome\ehres.dll,-15502 Object name: NT Authority\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: SSDPSRV,IPBusEnum,TermService,fdphost Service (registry key): megasas Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\megasas.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): MMCSS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\mmcss.dll,-100 Description: @%systemroot%\system32\mmcss.dll,-101 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): Modem Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\drivers\modem.sys Image size: 31744 Image MD5: E13B5EA0F51BA5B1512EC671393D09BA Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): monitor Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Monitor-Klassenfunktionstreiber-Dienst Image path: system32\DRIVERS\monitor.sys Image size: 41984 Image MD5: EC839BA91E45CCE6EADAFC418FFF8206 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): mouclass Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mausklassentreiber Image path: system32\DRIVERS\mouclass.sys Image size: 34360 Image MD5: 5BF6A1326A335C5298477754A506D263 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): mouhid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Maus-HID-Treiber Image path: system32\DRIVERS\mouhid.sys Image size: 15872 Image MD5: 93B8D4869E12CFBE663915502900876F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): MountMgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mount Point Manager Description: Driver responsible with maintaining persistent drive letters and names for volumes Image path: System32\drivers\mountmgr.sys Image size: 57400 Image MD5: BDAFC88AA6B92F7842416EA6A48E1600 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): mpio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Multi-Path Bus Driver Image path: \SystemRoot\system32\drivers\mpio.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): mpsdrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\FirewallAPI.dll,-23092 Description: @%SystemRoot%\system32\FirewallAPI.dll,-23093 Image path: System32\drivers\mpsdrv.sys Image size: 64000 Image MD5: 22241FEBA9B2DEFA669C8CB0A8DD7D2E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MpsSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\FirewallAPI.dll,-23090 Description: @%SystemRoot%\system32\FirewallAPI.dll,-23091 Object name: NT Authority\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: mpsdrv,bfe Service (registry key): Mraid35x Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\mraid35x.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): MRxDAV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WebDav Client Redirector Driver Description: WebDav Client Redirector Driver Image path: \SystemRoot\system32\drivers\mrxdav.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Depends On services: rdbss Service (registry key): mrxsmb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: SMB MiniRedirector Wrapper and Engine Description: Implements the framework for the SMB filesystem redirector Image path: system32\DRIVERS\mrxsmb.sys Image size: 106496 Image MD5: 5FE5CF325F5B02EBC60832D3440CB414 Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Depends On services: rdbss Service (registry key): mrxsmb10 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: SMB 1.x MiniRedirector Description: Implements the SMB 1.x (CIFS) protocol. This protocol provides connectivity to network resources on pre-Windows Vista servers Image path: system32\DRIVERS\mrxsmb10.sys Image size: 213504 Image MD5: 30B9C769446AF379A2AFB72B0392604D Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Depends On services: mrxsmb Service (registry key): mrxsmb20 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: SMB 2.0 MiniRedirector Description: Implements the SMB 2.0 protocol, which provides connectivity to network resources on Windows Vista and later servers Image path: system32\DRIVERS\mrxsmb20.sys Image size: 79360 Image MD5: FEA239B3EC4877E2B7E23204AF589DDF Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Depends On services: mrxsmb Service (registry key): msahci Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\msahci.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 3 Service (registry key): msdsm Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Multi-Path Device Specific Module Image path: \SystemRoot\system32\drivers\msdsm.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): MSDTC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @comres.dll,-2797 Description: @comres.dll,-2798 Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\System32\msdtc.exe Image size: 105984 Image MD5: FD7520CC3A80C5FC8C48852BB24C6DED Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS,SamSS Service (registry key): MSDTC Bridge 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): MSDTC Bridge 4.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Msfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): msisadrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ISA/EISA-Klassentreiber Image path: system32\drivers\msisadrv.sys Image size: 16440 Image MD5: 0F400E306F385C56317357D6DEA56F62 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): MSiSCSI Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\iscsidsc.dll,-5000 Description: @%SystemRoot%\system32\iscsidsc.dll,-5001 Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): msiserver Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\msimsg.dll,-27 Description: @%SystemRoot%\system32\msimsg.dll,-32 Object name: LocalSystem Image path: %systemroot%\system32\msiexec /V Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: rpcss Service (registry key): MSKSSRV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Streaming Service Proxy Image path: system32\drivers\MSKSSRV.sys Image size: 8192 Image MD5: D8C63D34D9C9E56C059E24EC7185CC07 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSPCLOCK Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Proxy für Streaming Clock Image path: system32\drivers\MSPCLOCK.sys Image size: 5888 Image MD5: 1D373C90D62DDB641D50E55B9E78D65E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSPQM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Proxy für Streaming Quality Manager Image path: system32\drivers\MSPQM.sys Image size: 5504 Image MD5: B572DA05BF4E098D4BBA3A4734FB505B Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MsRPC Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSSCNTRS Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): mssmbios Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft-Systemverwaltungs-BIOS-Treiber Image path: system32\DRIVERS\mssmbios.sys Image size: 31288 Image MD5: E384487CB84BE41D09711C30CA79646C Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): MSTEE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Streaming Tee/Sink-to-Sink-Konvertierung Image path: system32\drivers\MSTEE.sys Image size: 6016 Image MD5: 7199C1EEC1E4993CAF96B8C0A26BD58A Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Mup Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Mup Description: Multiple UNC Provider Image path: System32\Drivers\mup.sys Image size: 48104 Image MD5: 6A57B5733D4CB702C8EA4542E836B96C Control Set: CurrentControlSet Start: 0 Type: 2 Error Control: 1 Service (registry key): napagent Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\qagentrt.dll,-6 Description: @%SystemRoot%\system32\qagentrt.dll,-7 Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\System32\svchost.exe -k NetworkService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): NativeWifiP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NativeWiFi-Filter Image path: system32\DRIVERS\nwifi.sys Image size: 148480 Image MD5: 85C44FDFF9CF7E72A40DCB7EC06A4416 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NDIS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NDIS System Driver Description: NDIS System Driver Image path: system32\drivers\ndis.sys Image size: 527848 Image MD5: 1357274D1883F68300AEADD15D7BBB42 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): NdisTapi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\rascfg.dll,-32001 Description: @%systemroot%\system32\rascfg.dll,-32001 Image path: system32\DRIVERS\ndistapi.sys Image size: 20992 Image MD5: 0E186E90404980569FB449BA7519AE61 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Ndisuio Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NDIS-Benutzermodus-E/A-Protokoll Image path: system32\DRIVERS\ndisuio.sys Image size: 16896 Image MD5: D6973AA34C4D5D76C0430B181C3CD389 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NdisWan Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\rascfg.dll,-32002 Description: @%systemroot%\system32\rascfg.dll,-32002 Image path: system32\DRIVERS\ndiswan.sys Image size: 121344 Image MD5: 818F648618AE34F729FDB47EC68345C3 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NDProxy Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NetBIOS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NetBIOS Interface Description: NetBIOS Interface Image path: system32\DRIVERS\netbios.sys Image size: 35840 Image MD5: BCD093A5A6777CF626434568DC7DBA78 Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): netbt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NETBT Description: This service implements NetBios over TCP/IP. Image path: System32\DRIVERS\netbt.sys Image size: 185856 Image MD5: ECD64230A59CBD93C85F1CD1CAB9F3F6 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On services: Tdx,tcpip Service (registry key): Netlogon Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\netlogon.dll,-102 Description: @%SystemRoot%\System32\netlogon.dll,-103 Object name: LocalSystem Image path: %systemroot%\system32\lsass.exe Image size: 9728 Image MD5: 3978F3540329E16C0AC3BCF677E5669F Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: LanmanWorkstation Service (registry key): Netman Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\netman.dll,-109 Description: @%SystemRoot%\system32\netman.dll,-110 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs,nsi Service (registry key): netprofm Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\netprof.dll,-246 Description: @%SystemRoot%\system32\netprof.dll,-247 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs,nlasvc Service (registry key): NetTcpPortSharing Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201 Description: @%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8200 Object name: NT AUTHORITY\LocalService Image path: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" Image size: 129880 Image MD5: D6C4E4A39A36029AC0813D476FBD0248 Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Service (registry key): nfrd960 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\nfrd960.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): NlaSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\nlasvc.dll,-1 Description: @%SystemRoot%\System32\nlasvc.dll,-2 Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\System32\svchost.exe -k NetworkService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: NSI,RpcSs,TcpIp Service (registry key): Npfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Service (registry key): nsi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\nsisvc.dll,-200 Description: @%SystemRoot%\system32\nsisvc.dll,-201 Object name: NT Authority\LocalService Image path: %systemroot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: nsiproxy Service (registry key): nsiproxy Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NSI proxy service Description: NSI proxy service Image path: system32\drivers\nsiproxy.sys Image size: 16384 Image MD5: 609773E344A97410CE4EBF74A8914FCF Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): NTDS Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Ntfs Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Service (registry key): ntrigdigi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: N-trig HID Tablet Driver Image path: \SystemRoot\system32\drivers\ntrigdigi.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Null Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): nvatabus Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\nvatabus.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 3 Service (registry key): nvlddmkm Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\nvlddmkm.sys Image size: 4456384 Image MD5: 7D80FF0E34A0D04BEF343DF07B4707CF Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): nvraid Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NVIDIA nForce(tm) RAID Class Driver Image path: \SystemRoot\system32\drivers\nvraid.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): nvstor Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\nvstor.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 3 Service (registry key): nv_agp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: NVIDIA nForce AGP Bus Filter Image path: \SystemRoot\system32\drivers\nv_agp.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): NwlnkFlt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IPX Traffic Filter Driver Description: IPX Traffic Filter Driver Image path: system32\DRIVERS\nwlnkflt.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: NwlnkFwd Service (registry key): NwlnkFwd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: IPX Traffic Forwarder Driver Description: IPX Traffic Forwarder Driver Image path: system32\DRIVERS\nwlnkfwd.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ohci1394 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: VIA OHCI-konformer IEEE 1394-Hostcontroller Image path: system32\DRIVERS\ohci1394.sys Image size: 62208 Image MD5: 6F310E890D46E246E0E261A63D9B36B4 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): p2pimsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\p2psvc.dll,-8004 Description: @%SystemRoot%\system32\p2psvc.dll,-8005 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): p2psvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\p2psvc.dll,-8006 Description: @%SystemRoot%\system32\p2psvc.dll,-8007 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: p2pimsvc,PNRPSvc Service (registry key): Parport Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Parallel port driver Image path: \SystemRoot\system32\drivers\parport.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): partmgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Partition Manager Description: Disk class filter driver that auctions out partitions to volume managers Image path: System32\drivers\partmgr.sys Image size: 54248 Image MD5: 57389FA59A36D96B3EB09D0CB91E9CDC Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): Parvdm Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\parvdm.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 2 Type: 1 Error Control: 0 Depends On services: Parport Depends On group: "Parallel arbitrator" Service (registry key): PcaSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\pcasvc.dll,-1 Description: @%SystemRoot%\system32\pcasvc.dll,-2 Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): pci Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PCI-Bus-Treiber Image path: system32\drivers\pci.sys Image size: 149480 Image MD5: 941DC1D19E7E8620F40BBC206981EFDB Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): pciide Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\pciide.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 3 Service (registry key): pcmcia Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\pcmcia.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): PEAUTH Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PEAUTH Image path: system32\drivers\peauth.sys Image size: 878080 Image MD5: 6349F6ED9C623B44B52EA3C63C831A92 Control Set: CurrentControlSet Start: 2 Type: 1 Error Control: 1 Service (registry key): PerfDisk Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfNet Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfOS Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PerfProc Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): pla Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\pla.dll,-500 Description: @%systemroot%\system32\pla.dll,-501 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): PlugPlay Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\umpnpmgr.dll,-100 Description: @%SystemRoot%\system32\umpnpmgr.dll,-101 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k DcomLaunch Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): PNRPAutoReg Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\p2psvc.dll,-8002 Description: @%SystemRoot%\system32\p2psvc.dll,-8003 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: pnrpsvc Service (registry key): PNRPsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\p2psvc.dll,-8000 Description: @%SystemRoot%\system32\p2psvc.dll,-8001 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: p2pimsvc Service (registry key): PolicyAgent Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\polstore.dll,-5010 Description: @%SystemRoot%\system32\polstore.dll,-5011 Object name: NT Authority\NetworkService Image path: %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Tcpip,bfe Service (registry key): PortProxy Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): PptpMiniport Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WAN-Miniport (PPTP) Description: WAN-Miniport (PPTP) Image path: system32\DRIVERS\raspptp.sys Image size: 62976 Image MD5: ECFFFAEC0C1ECD8DBC77F39070EA1DB1 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Processor Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Processor Driver Image path: \SystemRoot\system32\drivers\processr.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ProfSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\profsvc.dll,-300 Description: @%systemroot%\system32\profsvc.dll,-301 Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): ProtectedStorage Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\psbase.dll,-300 Description: @%systemroot%\system32\psbase.dll,-301 Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 9728 Image MD5: 3978F3540329E16C0AC3BCF677E5669F Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): PSched Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\drivers\pacer.sys,-101 Description: @%SystemRoot%\System32\drivers\pacer.sys,-101 Image path: system32\DRIVERS\pacer.sys Image size: 72192 Image MD5: 99514FAA8DF93D34B5589187DB3AA0BA Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): PxHelp20 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: PxHelp20 Image path: System32\Drivers\PxHelp20.sys Image size: 45200 Image MD5: 40FEDD328F98245AD201CF5F9F311724 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): ql2300 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: QLogic Fibre Channel Miniport Driver Image path: \SystemRoot\system32\drivers\ql2300.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 |
|
06.06.2011, 20:45
| #5 |
| | win32.katusha.o Service (registry key): ql40xx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: QLogic iSCSI Miniport Driver Image path: \SystemRoot\system32\drivers\ql40xx.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): QWAVE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\qwave.dll,-1 Description: @%SystemRoot%\system32\qwave.dll,-2 Object name: NT AUTHORITY\LocalService Image path: %windir%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: rpcss,psched,QWAVEdrv,LLTDIO Service (registry key): QWAVEdrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\drivers\qwavedrv.sys,-1 Description: @%SystemRoot%\system32\drivers\qwavedrv.sys,-2 Image path: \SystemRoot\system32\drivers\qwavedrv.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): RasAcd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Access Auto Connection Driver Description: Remote Access Auto Connection Driver Image path: System32\DRIVERS\rasacd.sys Image size: 11776 Image MD5: 147D7F9C556D259924351FEB0DE606C3 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): RasAuto Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%Systemroot%\system32\rasauto.dll,-200 Description: @%Systemroot%\system32\rasauto.dll,-201 Object name: localSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RasMan,Tapisrv Service (registry key): Rasl2tp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WAN-Miniport (L2TP) Description: WAN-Miniport (L2TP) Image path: system32\DRIVERS\rasl2tp.sys Image size: 76288 Image MD5: A214ADBAF4CB47DD2728859EF31F26B0 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): RasMan Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%Systemroot%\system32\rasmans.dll,-200 Description: @%Systemroot%\system32\rasmans.dll,-201 Object name: localSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: Tapisrv,SstpSvc Service (registry key): RasPppoe Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\rascfg.dll,-32007 Description: @%systemroot%\system32\rascfg.dll,-32007 Image path: system32\DRIVERS\raspppoe.sys Image size: 41472 Image MD5: 509A98DD18AF4375E1FC40BC175F1DEF Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): RasSstp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\sstpsvc.dll,-202 Description: @%systemroot%\system32\sstpsvc.dll,-202 Image path: system32\DRIVERS\rassstp.sys Image size: 69120 Image MD5: 2005F4A1E05FA09389AC85840F0A9E4D Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): rdbss Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Redirected Buffering Sub Sysytem Description: Provides the framework for network mini-redirectors Image path: system32\DRIVERS\rdbss.sys Image size: 225280 Image MD5: B14C9D5B9ADD2F84F70570BBBFAA7935 Control Set: CurrentControlSet Start: 1 Type: 2 Error Control: 1 Depends On services: Mup Service (registry key): RDPCDD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: RDPCDD Description: RDPDD Chained DD Image path: System32\DRIVERS\RDPCDD.sys Image size: 6144 Image MD5: 89E59BE9A564262A3FB6C4F4F1CD9899 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): RDPDD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): rdpdr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Terminal Server Device Redirector Driver Image path: \SystemRoot\system32\drivers\rdpdr.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): RDPENCDD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: RDP Encoder Mirror Driver Description: RDP Encoder Mirror Driver Image path: system32\drivers\rdpencdd.sys Image size: 6144 Image MD5: 9D91FE5286F748862ECFFA05F8A0710C Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): RDPNP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\drprov.dll,-100 Description: @%systemroot%\system32\drprov.dll,-101 Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): RDPWD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: RDP Winstation Driver Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): RemoteAccess Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%Systemroot%\system32\mprdim.dll,-200 Description: @%Systemroot%\system32\mprdim.dll,-201 Object name: localSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: RpcSS,RasMan,bfe Depends On group: NetBIOSGroup Service (registry key): RemoteRegistry Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @regsvc.dll,-1 Description: @regsvc.dll,-2 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k regsvc Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): RoxMediaDB9 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: RoxMediaDB9 Description: Roxio RoxMediaDB9 Service Object name: LocalSystem Image path: "c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe" Image size: 887544 Image MD5: 369FFB73BF61751E43CA589E3A0E4B90 Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 0 Service (registry key): RpcLocator Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\Locator.exe,-2 Description: @%systemroot%\system32\Locator.exe,-3 Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\locator.exe Image size: 7680 Image MD5: 5123F83CBC4349D065534EEB6BBDC42B Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): RpcSs Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @oleres.dll,-5010 Description: @oleres.dll,-5011 Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\svchost.exe -k rpcss Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: DcomLaunch Service (registry key): rspndr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Antwort für Verbindungsschicht-Topologieerkennung Image path: system32\DRIVERS\rspndr.sys Image size: 60416 Image MD5: 9C508F4074A39E8B4B31D27198146FAD Control Set: CurrentControlSet Start: 2 Type: 1 Error Control: 1 Service (registry key): RT73 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: D-Link USB Wireless LAN Card Driver Image path: system32\DRIVERS\Dr71WU.sys Image size: 429440 Image MD5: 5EFF124BFABAC3E7FC2908BE28906B1B Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): RxFilter Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: RxFilter Description: RxFilter mini-filter driver Image path: system32\DRIVERS\RxFilter.sys Image size: 50688 Image MD5: 85ECEB9936E1112D055409647FC8579A Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Depends On services: FltMgr Depends On group: "" Service (registry key): SamSs Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\samsrv.dll,-1 Description: @%SystemRoot%\system32\samsrv.dll,-2 Object name: LocalSystem Image path: %SystemRoot%\system32\lsass.exe Image size: 9728 Image MD5: 3978F3540329E16C0AC3BCF677E5669F Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS Service (registry key): sbp2port Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: SBP-2 Transport/Protocol Bus Driver Image path: \SystemRoot\system32\drivers\sbp2port.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): SBSDWSCService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: SBSD Security Center Service Object name: LocalSystem Image path: C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe Image size: 1153368 Image MD5: 794D4B48DFB6E999537C7C3947863463 Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: wscsvc Service (registry key): SCardSvr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\SCardSvr.dll,-1 Description: @%SystemRoot%\System32\SCardSvr.dll,-5 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: PlugPlay Service (registry key): Schedule Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\schedsvc.dll,-100 Description: @%SystemRoot%\system32\schedsvc.dll,-101 Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS,EventLog Service (registry key): SCPolicySvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\certprop.dll,-13 Description: @%SystemRoot%\System32\certprop.dll,-14 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): SDRSVC Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\sdrsvc.dll,-107 Description: @%SystemRoot%\system32\sdrsvc.dll,-102 Object name: localSystem Image path: %SystemRoot%\system32\svchost.exe -k SDRSVC Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): secdrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Security Driver Control Set: CurrentControlSet Start: 2 Type: 1 Error Control: 1 Service (registry key): seclogon Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\seclogon.dll,-7001 Description: @%SystemRoot%\system32\seclogon.dll,-7000 Object name: LocalSystem Image path: %windir%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): SENS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\Sens.dll,-200 Description: @%SystemRoot%\system32\Sens.dll,-201 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: EventSystem Service (registry key): Serenum Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Serenum-Filtertreiber Image path: system32\DRIVERS\serenum.sys Image size: 17920 Image MD5: CE9EC966638EF0B10B864DDEDF62A099 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Serial Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Treiber für seriellen Anschluss Image path: system32\DRIVERS\serial.sys Image size: 83456 Image MD5: 6D663022DB3E7058907784AE14B69898 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): sermouse Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Serial Mouse Driver Image path: \SystemRoot\system32\drivers\sermouse.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ServiceModelEndpoint 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ServiceModelOperation 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): ServiceModelService 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): SessionEnv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\SessEnv.dll,-1026 Description: @%SystemRoot%\System32\SessEnv.dll,-1027 Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS,LanmanWorkstation Service (registry key): sffdisk Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: SFF Storage Class Driver Image path: \SystemRoot\system32\drivers\sffdisk.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): sffp_mmc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: SFF Storage Protocol Driver for MMC Image path: \SystemRoot\system32\drivers\sffp_mmc.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): sffp_sd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: SFF Storage Protocol Driver for SDBus Image path: \SystemRoot\system32\drivers\sffp_sd.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): sfloppy Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: High-Capacity Floppy Disk Drive Image path: \SystemRoot\system32\drivers\sfloppy.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): SharedAccess Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\ipnathlp.dll,-106 Description: @%SystemRoot%\system32\ipnathlp.dll,-107 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 4 Type: 32 Error Control: 1 Depends On services: Netman,WinMgmt,RasMan,BFE Service (registry key): ShellHWDetection Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\shsvcs.dll,-12288 Description: @%SystemRoot%\System32\shsvcs.dll,-12289 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: RpcSs Service (registry key): sisagp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: SIS AGP Bus Filter Image path: \SystemRoot\system32\drivers\sisagp.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): SiSRaid2 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\sisraid2.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): SiSRaid4 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\sisraid4.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): slsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\SLsvc.exe,-101 Description: @%SystemRoot%\system32\SLsvc.exe,-102 Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\SLsvc.exe Image size: 3408896 Image MD5: 862BB4CBC05D80C5B45BE430E5EF872F Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: RpcSs Service (registry key): SLUINotify Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\SLUINotify.dll,-103 Description: @%SystemRoot%\system32\SLUINotify.dll,-102 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: SLSvc,netprofm,EventSystem Service (registry key): Smb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\tcpipcfg.dll,-50005 Description: @%SystemRoot%\system32\tcpipcfg.dll,-50006 Image path: system32\DRIVERS\smb.sys Image size: 66560 Image MD5: 7B75299A4D201D6A6533603D6914AB04 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): SMSvcHost 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): SMSvcHost 4.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): SNMPTRAP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\snmptrap.exe,-3 Description: @%SystemRoot%\system32\snmptrap.exe,-4 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\snmptrap.exe Image size: 12800 Image MD5: 2A146A055B4401C16EE62D18B8E2A032 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): spldr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Security Processor Loader Driver Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): Spooler Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\spoolsv.exe,-1 Description: @%systemroot%\system32\spoolsv.exe,-2 Object name: LocalSystem Image path: %SystemRoot%\System32\spoolsv.exe Image size: 128000 Image MD5: 8554097E5136C3BF9F69FE578A1B35F4 Control Set: CurrentControlSet Start: 2 Type: 272 Error Control: 1 Depends On services: RPCSS,http Service (registry key): srv Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DRIVERS\srv.sys Image size: 305152 Image MD5: 41987F9FC0E61ADF54F581E15029AD91 Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Depends On services: srv2 Service (registry key): srv2 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: srv2 Description: Default SDDL for Windows Resource Protected file Image path: System32\DRIVERS\srv2.sys Image size: 146432 Image MD5: A5940CA32ED206F90BE9FABDF6E92DE4 Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Depends On services: srvnet Service (registry key): srvnet Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: System32\DRIVERS\srvnet.sys Image size: 102400 Image MD5: 37AA1D560D5FA486C4B11C2F276ADA61 Control Set: CurrentControlSet Start: 3 Type: 2 Error Control: 1 Service (registry key): SSDPSRV Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\ssdpsrv.dll,-100 Description: @%systemroot%\system32\ssdpsrv.dll,-101 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: HTTP Service (registry key): ssmdrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: ssmdrv Description: Avira Snapshot Driver Image path: system32\DRIVERS\ssmdrv.sys Image size: 28520 Image MD5: A36EE93698802CD899F98BFD553D8185 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): SstpSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\sstpsvc.dll,-200 Description: @%SystemRoot%\system32\sstpsvc.dll,-201 Object name: NT Authority\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): stisvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\wiaservc.dll,-9 Description: @%SystemRoot%\system32\wiaservc.dll,-10 Object name: NT Authority\LocalService Image path: %SystemRoot%\system32\svchost.exe -k imgsvc Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: RpcSs,ShellHWDetection Service (registry key): stllssvr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: stllssvr Object name: LocalSystem Image path: "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" Image size: 73728 Image MD5: 51778FD315C9882F1CBD932743E62A72 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 0 Service (registry key): swenum Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Software-Bus-Treiber Image path: system32\DRIVERS\swenum.sys Image size: 15288 Image MD5: 7BA58ECF0C0A9A69D44B3DCA62BECF56 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): swprv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\swprv.dll,-103 Description: @%SystemRoot%\System32\swprv.dll,-102 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k swprv Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): Symc8xx Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\symc8xx.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Sym_hi Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\sym_hi.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Sym_u3 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\sym_u3.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): SysMain Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\sysmain.dll,-1000 Description: @%SystemRoot%\system32\sysmain.dll,-1001 Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: rpcss,fileinfo Service (registry key): TabletInputService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\TabSvc.dll,-100 Description: @%SystemRoot%\system32\TabSvc.dll,-101 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: PlugPlay,RpcSs Service (registry key): TapiSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\tapisrv.dll,-10100 Description: @%SystemRoot%\system32\tapisrv.dll,-10101 Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\System32\svchost.exe -k NetworkService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: PlugPlay,RpcSs Service (registry key): TBS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\tbssvc.dll,-100 Description: @%SystemRoot%\system32\tbssvc.dll,-101 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): Tcpip Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\tcpipcfg.dll,-50003 Description: @%SystemRoot%\system32\tcpipcfg.dll,-50003 Image path: System32\drivers\tcpip.sys Image size: 905088 Image MD5: A474879AFA4A596B3A531F3E69730DBF Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): Tcpip6 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft IPv6-Protokolltreiber Description: Microsoft IPv6-Protokolltreiber Image path: system32\DRIVERS\tcpip.sys Image size: 905088 Image MD5: A474879AFA4A596B3A531F3E69730DBF Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): tcpipreg Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: TCP/IP Registry Compatibility Description: Provides compatibility for legacy applications which interact with TCP/IP through the registry. If this service is stopped, certain applications may have impaired functionality. Image path: System32\drivers\tcpipreg.sys Image size: 30720 Image MD5: 608C345A255D82A6289C2D468EB41FD7 Control Set: CurrentControlSet Start: 2 Type: 1 Error Control: 1 Depends On services: tcpip Service (registry key): TDPIPE Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: TDPIPE Image path: system32\drivers\tdpipe.sys Image size: 17920 Image MD5: 5DCF5E267BE67A1AE926F2DF77FBCC56 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): TDTCP Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: TDTCP Image path: system32\drivers\tdtcp.sys Image size: 29184 Image MD5: 389C63E32B3CEFED425B61ED92D3F021 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): tdx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\tcpipcfg.dll,-50004 Description: @%SystemRoot%\system32\tcpipcfg.dll,-50004 Image path: system32\DRIVERS\tdx.sys Image size: 72192 Image MD5: 76B06EB8A01FC8624D699E7045303E54 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Depends On services: Tcpip Service (registry key): TermDD Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Terminal-Gerätetreiber Image path: system32\DRIVERS\termdd.sys Image size: 53224 Image MD5: 3CAD38910468EAB9A6479E2F01DB43C7 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): TermService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\termsrv.dll,-268 Description: @%SystemRoot%\System32\termsrv.dll,-267 Object name: NT Authority\NetworkService Image path: %SystemRoot%\System32\svchost.exe -k NetworkService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RPCSS,TermDD Service (registry key): TestHandler Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Fujitsu Siemens Computers Diagnostic Testhandler Description: Manages and controls the Fujitsu Siemens Computers Diagnostic Tools. Object name: LocalSystem Image path: C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe Image size: 204800 Image MD5: 1489A8B70AF925D983D399BEAB1E701F Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): Themes Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\shsvcs.dll,-8192 Description: @%SystemRoot%\System32\shsvcs.dll,-8193 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): THREADORDER Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\mmcss.dll,-102 Description: @%systemroot%\system32\mmcss.dll,-103 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): TrkWks Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\trkwks.dll,-1 Description: @%SystemRoot%\system32\trkwks.dll,-2 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): TrustedInstaller Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 Description: @%SystemRoot%\servicing\TrustedInstaller.exe,-101 Object name: localSystem Image path: %SystemRoot%\servicing\TrustedInstaller.exe Image size: 39424 Image MD5: 97D9D6A04E3AD9B6C626B9931DB78DBA Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): TSDDD Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): tssecsrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Terminal Services Security Filter Driver Description: Terminal Services Security Filter Driver Image path: System32\DRIVERS\tssecsrv.sys Image size: 23552 Image MD5: DCF0F056A2E4F52287264F5AB29CF206 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): tunmp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Tun-Miniportadaptertreiber Image path: system32\DRIVERS\tunmp.sys Image size: 15360 Image MD5: CAECC0120AC49E3D2F758B9169872D38 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): tunnel Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft-IPv6-Tunnelminiport-Adaptertreiber Image path: system32\DRIVERS\tunnel.sys Image size: 25088 Image MD5: 300DB877AC094FEAB0BE7688C3454A9C Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): uagp35 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft AGPv3.5 Filter Image path: \SystemRoot\system32\drivers\uagp35.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): udfs Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: udfs Description: Reads/Writes UDF 1.02,1.5,2.0x,2.5 disc formats, usually found on C/DVD discs. (Core) (All pieces) Image path: system32\DRIVERS\udfs.sys Image size: 226816 Image MD5: D9728AF68C4C7693CB100B8441CBDEC6 Control Set: CurrentControlSet Start: 4 Type: 2 Error Control: 1 Service (registry key): UGatherer Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): UGTHRSVC Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): UI0Detect Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\ui0detect.exe,-101 Description: @%SystemRoot%\system32\ui0detect.exe,-102 Object name: LocalSystem Image path: %SystemRoot%\system32\UI0Detect.exe Image size: 35840 Image MD5: ECEF404F62863755951E09C802C94AD5 Control Set: CurrentControlSet Start: 3 Type: 272 Error Control: 1 Service (registry key): uliagpkx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Uli AGP Bus Filter Image path: \SystemRoot\system32\drivers\uliagpkx.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): uliahci Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\uliahci.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): UlSata Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\ulsata.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): ulsata2 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\ulsata2.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): umbus Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: UMBus-Enumerator-Treiber Image path: system32\DRIVERS\umbus.sys Image size: 34816 Image MD5: 32CFF9F809AE9AED85464492BF3E32D2 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): upnphost Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\upnphost.dll,-213 Description: @%systemroot%\system32\upnphost.dll,-214 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: SSDPSRV,HTTP Service (registry key): usb Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): USB28xxBGA Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB 2860 Device Image path: system32\DRIVERS\emBDA.sys Image size: 579840 Image MD5: 75860C1E8F36D13A96A8CB426E4C18AE Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): USB28xxOEM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB 28xx OEM Filter Image path: system32\DRIVERS\emOEM.sys Image size: 551424 Image MD5: 67BBBFB2528CE47D715884BCE634CF9E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): USBAAPL Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Apple Mobile USB Driver Image path: System32\Drivers\usbaapl.sys Image size: 41984 Image MD5: D4FB6ECC60A428564BA8768B0E23C0FC Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbccgp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Standard-USB-Haupttreiber Image path: system32\DRIVERS\usbccgp.sys Image size: 73216 Image MD5: CAF811AE4C147FFCD5B51750C7F09142 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbcir Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: eHome Infrared Receiver (USBCIR) Image path: \SystemRoot\system32\drivers\usbcir.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): usbehci Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller Image path: system32\DRIVERS\usbehci.sys Image size: 39936 Image MD5: 79E96C23A97CE7B8F14D310DA2DB0C9B Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbhub Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB2-aktivierter Hub Image path: system32\DRIVERS\usbhub.sys Image size: 196096 Image MD5: 4673BBCB006AF60E7ABDDBE7A130BA42 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbohci Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft USB Open Host Controller Miniport Driver Image path: \SystemRoot\system32\drivers\usbohci.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): usbprint Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft USB-Druckerklasse Image path: system32\DRIVERS\usbprint.sys Image size: 18944 Image MD5: E75C4B5269091D15A2E7DC0B6D35F2F5 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbscan Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB-Scannertreiber Image path: system32\DRIVERS\usbscan.sys Image size: 35328 Image MD5: A508C9BD8724980512136B039BBA65E9 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): USBSTOR Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: USB-Massenspeichertreiber Image path: system32\DRIVERS\USBSTOR.SYS Image size: 65536 Image MD5: BE3DA31C191BC222D9AD503C5224F2AD Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): usbuhci Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Miniporttreiber für universellen Microsoft USB-Hostcontroller Image path: system32\DRIVERS\usbuhci.sys Image size: 23552 Image MD5: 814D653EFC4D48BE3B04A307ECEFF56F Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): UxSms Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\dwm.exe,-2000 Description: @%SystemRoot%\system32\dwm.exe,-2001 Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): vds Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\vds.exe,-100 Description: @%SystemRoot%\system32\vds.exe,-112 Object name: LocalSystem Image path: %SystemRoot%\System32\vds.exe Image size: 385536 Image MD5: CD88D1B7776DC17A119049742EC07EB4 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RpcSs,PlugPlay Service (registry key): vga Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\vgapnp.sys Image size: 26112 Image MD5: 7D92BE0028ECDEDEC74617009084B5EF Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 0 Service (registry key): VgaSave Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\System32\drivers\vga.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 0 Service (registry key): viaagp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: VIA AGP Bus Filter Image path: \SystemRoot\system32\drivers\viaagp.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): ViaC7 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: VIA C7 Processor Driver Image path: \SystemRoot\system32\drivers\viac7.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): viaide Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\viaide.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 3 Service (registry key): viamraid Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: \SystemRoot\system32\drivers\viamraid.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): videX32 Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\videX32.sys Image size: 9216 Image MD5: F95C0FCFBCBDA6D8F202D2DF4052F88D Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): volmgr Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Treiber für Volume-Manager Image path: system32\drivers\volmgr.sys Image size: 52792 Image MD5: 69503668AC66C77C6CD7AF86FBDF8C43 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): volmgrx Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Dynamic Volume Manager Description: Extension of the volume manager driver that manages software RAID volumes (spanned, striped, mirrored, RAID-5) on dynamic disks Image path: System32\drivers\volmgrx.sys Image size: 292840 Image MD5: 23E41B834759917BFD6B9A0D625D0C28 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): volsnap Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Speichervolumes Image path: system32\drivers\volsnap.sys Image size: 226280 Image MD5: 147281C01FCB1DF9252DE2A10D5E7093 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 3 Service (registry key): vsmraid Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\drivers\vsmraid.sys Image size: 112232 Image MD5: D984439746D42B30FC65A4C3546C6829 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): VSS Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\vssvc.exe,-102 Description: @%systemroot%\system32\vssvc.exe,-101 Object name: LocalSystem Image path: %systemroot%\system32\vssvc.exe Image size: 1055232 Image MD5: DB3D19F850C6EB32BDCB9BC0836ACDDB Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): W32Time Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\w32time.dll,-200 Description: @%SystemRoot%\system32\w32time.dll,-201 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Service (registry key): W3SVC Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WacomPen Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Wacom Serial Pen HID Driver Image path: \SystemRoot\system32\drivers\wacompen.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Wanarp Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Access IP ARP Driver Description: Remote Access IP ARP Driver Image path: system32\DRIVERS\wanarp.sys Image size: 62464 Image MD5: 55201897378CCA7AF8B5EFD874374A26 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): Wanarpv6 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Remote Access IPv6 ARP Driver Description: Remote Access IPv6 ARP Driver Image path: system32\DRIVERS\wanarp.sys Image size: 62464 Image MD5: 55201897378CCA7AF8B5EFD874374A26 Control Set: CurrentControlSet Start: 1 Type: 1 Error Control: 1 Service (registry key): wcncsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\wcncsvc.dll,-3 Description: @%SystemRoot%\system32\wcncsvc.dll,-4 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: rpcss Service (registry key): WcsPlugInService Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\WcsPlugInService.dll,-200 Description: @%SystemRoot%\system32\WcsPlugInService.dll,-201 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k wcssvc Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Wd Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Watchdog Timer Driver Image path: \SystemRoot\system32\drivers\wd.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): Wdf01000 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Kernel Mode Driver Frameworks service Image path: system32\drivers\Wdf01000.sys Image size: 503864 Image MD5: B6F0A7AD6D4BD325FBCD8BAC96CD8D96 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): WdiServiceHost Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\wdi.dll,-502 Description: @%systemroot%\system32\wdi.dll,-503 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k wdisvc Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): WdiSystemHost Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\wdi.dll,-500 Description: @%systemroot%\system32\wdi.dll,-501 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): WebClient Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\webclnt.dll,-100 Description: @%systemroot%\system32\webclnt.dll,-101 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: MRxDAV Service (registry key): Wecsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\wecsvc.dll,-200 Description: @%SystemRoot%\system32\wecsvc.dll,-201 Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\system32\svchost.exe -k NetworkService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: HTTP,Eventlog Service (registry key): wercplsupport Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\wercplsupport.dll,-101 Description: @%SystemRoot%\System32\wercplsupport.dll,-100 Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Service (registry key): WerSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\wersvc.dll,-100 Description: @%SystemRoot%\System32\wersvc.dll,-101 Object name: localSystem Image path: %SystemRoot%\System32\svchost.exe -k WerSvcGroup Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Service (registry key): WinDefend Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 Description: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-3068 Object name: LocalSystem Image path: %SystemRoot%\System32\svchost.exe -k secsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): Windows Workflow Foundation 3.0.0.0 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): WinHttpAutoProxySvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\winhttp.dll,-100 Description: @%SystemRoot%\system32\winhttp.dll,-101 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: Dhcp Service (registry key): Winmgmt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%Systemroot%\system32\wbem\wmisvc.dll,-205 Description: @%Systemroot%\system32\wbem\wmisvc.dll,-204 Object name: localSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 0 Depends On services: RPCSS Service (registry key): WinRM Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%Systemroot%\system32\wsmsvc.dll,-101 Description: @%Systemroot%\system32\wsmsvc.dll,-102 Object name: NT AUTHORITY\NetworkService Image path: %SystemRoot%\System32\svchost.exe -k NetworkService Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RPCSS,HTTP Service (registry key): Winsock Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 3 Type: 4 Error Control: 1 Service (registry key): WinSock2 Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): Wlansvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\wlansvc.dll,-257 Description: @%SystemRoot%\System32\wlansvc.dll,-258 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: nativewifip,RpcSs,Ndisuio,Eaphost Service (registry key): WmiAcpi Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Microsoft Windows Management Interface for ACPI Image path: \SystemRoot\system32\drivers\wmiacpi.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): WmiApRpl Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): wmiApSrv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 Description: @%Systemroot%\system32\wbem\wmiapsrv.exe,-111 Object name: localSystem Image path: %systemroot%\system32\wbem\WmiApSrv.exe Image size: 137728 Image MD5: 43BE3875207DCB62A85C8C49970B66CC Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): WMPNetworkSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 Description: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-102 Object name: NT AUTHORITY\NetworkService Image path: "%ProgramFiles%\Windows Media Player\wmpnetwk.exe" Image size: 896512 Image MD5: 3978704576A121A9204F8CC49A301A9B Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Depends On services: UPnPHost,http Service (registry key): WPCSvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\wpcsvc.dll,-100 Description: @%SystemRoot%\system32\wpcsvc.dll,-101 Object name: NT Authority\LocalService Image path: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 3 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): WPDBusEnum Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\wpdbusenum.dll,-100 Description: @%SystemRoot%\system32\wpdbusenum.dll,-101 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs Service (registry key): WpdUsb Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: WpdUsb Image path: system32\DRIVERS\wpdusb.sys Image size: 40448 Image MD5: DE9D36F91A4DF3D911626643DEBF11EA Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): WPFFontCache_v0400 Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 Description: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-101 Object name: NT AUTHORITY\LocalService Image path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe Image size: 753504 Image MD5: DCF3E3EDF5109EE8BC02FE6E1F045795 Control Set: CurrentControlSet Start: 3 Type: 16 Error Control: 1 Service (registry key): ws2ifsl Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: Winsock IFS driver Description: Winsock IFS driver Image path: \SystemRoot\system32\drivers\ws2ifsl.sys Image size: 0 Image MD5: D41D8CD98F00B204E9800998ECF8427E Control Set: CurrentControlSet Start: 4 Type: 1 Error Control: 1 Service (registry key): wscsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\System32\wscsvc.dll,-200 Description: @%SystemRoot%\System32\wscsvc.dll,-201 Object name: NT AUTHORITY\LocalService Image path: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: RpcSs,WinMgmt Service (registry key): WSearch Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\SearchIndexer.exe,-103 Description: @%systemroot%\system32\SearchIndexer.exe,-104 Object name: LocalSystem Image path: %systemroot%\system32\SearchIndexer.exe /Embedding Image size: 441344 Image MD5: AED0DFF80C6B3914769407E78D7AB21A Control Set: CurrentControlSet Start: 2 Type: 16 Error Control: 1 Depends On services: RPCSS Service (registry key): WSearchIdxPi Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): wuauserv Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%systemroot%\system32\wuaueng.dll,-105 Description: @%systemroot%\system32\wuaueng.dll,-106 Object name: LocalSystem Image path: %systemroot%\system32\svchost.exe -k netsvcs Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: rpcss Service (registry key): WUDFRd Registry path: \SYSTEM\CurrentControlSet\Services\ Image path: system32\DRIVERS\WUDFRd.sys Image size: 83328 Image MD5: AC13CB789D93412106B0FB6C7EB2BCB6 Control Set: CurrentControlSet Start: 3 Type: 1 Error Control: 1 Service (registry key): wudfsvc Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: @%SystemRoot%\system32\wudfsvc.dll,-1000 Description: @%SystemRoot%\system32\wudfsvc.dll,-1001 Object name: LocalSystem Image path: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted Image size: 21504 Image MD5: 3794B461C45882E06856F282EEF025AF Control Set: CurrentControlSet Start: 2 Type: 32 Error Control: 1 Depends On services: PlugPlay Service (registry key): xfilt Registry path: \SYSTEM\CurrentControlSet\Services\ Display name: VIA SATA IDE Hot-plug Driver Image path: system32\DRIVERS\xfilt.sys Image size: 17920 Image MD5: BEC604CDC548A528EBD3D7AA1DD46A89 Control Set: CurrentControlSet Start: 0 Type: 1 Error Control: 1 Service (registry key): xmlprov Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {70030A13-5769-4568-9373-CD5AA27913CA} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {75E90B5A-1CC2-4D91-8455-2FCE5E456DF4} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {86767E20-BE7B-4290-997F-EE75D6C86697} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {B494D7EB-2229-4D3A-8EDB-4A0614F10747} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 Service (registry key): {B97E5D3C-21C0-44D3-A3A4-3F2B92785551} Registry path: \SYSTEM\CurrentControlSet\Services\ Control Set: CurrentControlSet Start: 0 Type: 0 Error Control: 0 |
|
06.06.2011, 23:01
| #6 |
| | win32.katusha.o und das kam bei Malwarebytes' Anti-Malware raus Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Datenbank Version: 6779 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19048 06.06.2011 23:56:58 mbam-log-2011-06-06 (23-56-58).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 302423 Laufzeit: 2 Stunde(n), 10 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Ehrlich gesagt, weiss ich nicht warum der nichts anzeigt... Versteh nur noch BAHNHOF...  |
|
07.06.2011, 10:54
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | win32.katusha.o Hat Malwarebytes zuvor auch nihts gefunden oder war das der erste Scan mit diesem Tool?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.06.2011, 13:18
| #8 | |
| | win32.katusha.o Beim erstmal hat der schon was angezeigt. Hab auch geschaut ob ich die logdaitei finde. Ist aber nichts mehr drauf... Hab den mittlerweile 3mal gemacht... findet nichts mehr. Zitat:
|
|
07.06.2011, 13:31
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | win32.katusha.o Die Logdateien sind im Reiter Logdateien....
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.06.2011, 15:12
| #10 | |
| | win32.katusha.o Hab in den Logdatein 3 Daten gefunden... 1. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6688 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19048 27.05.2011 03:40:47 mbam-log-2011-05-27 (03-40-47).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 300830 Laufzeit: 2 Stunde(n), 59 Minute(n), 28 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) 2. Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Datenbank Version: 6779 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19048 06.06.2011 02:46:11 mbam-log-2011-06-06 (02-46-11).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 302277 Laufzeit: 1 Stunde(n), 41 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) 3. Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Datenbank Version: 6779 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19048 06.06.2011 23:56:58 mbam-log-2011-06-06 (23-56-58).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 302423 Laufzeit: 2 Stunde(n), 10 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Keine Ahnung wo die 4. Datei ist, hab die vor meinem Urlaub gemacht, also vor etwa 10 Tagen... Zitat:
|
|
07.06.2011, 17:37
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | win32.katusha.o MIt einem anderen Benutzerkonto vllt?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.06.2011, 00:20
| #12 | |
| | win32.katusha.o so hab das ganz mal runtergeworfen und nochmal installiert... hat nicht viel genützt,aber die erste Datei hab ich gefunden... Allerdings hat die auch nichts angezeigt... VON 27.5. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6688 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19048 27.05.2011 03:40:47 mbam-log-2011-05-27 (03-40-47).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 300830 Laufzeit: 2 Stunde(n), 59 Minute(n), 28 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Zitat:
|
|
08.06.2011, 09:19
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | win32.katusha.o Beim POsten der OTL.txt ist dir ein Fehler unterlaufen. Es ist unvollständig und direkt darunter ist das Log der Extras. Ich brauch die OTL.txt vollständig.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.06.2011, 10:37
| #14 |
| | win32.katusha.o So hier noch mal OTL.txtOTL Logfile: Code:
ATTFilter OTL logfile created on: 08.06.2011 11:17:59 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Fabo\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1021,76 Mb Total Physical Memory | 302,76 Mb Available Physical Memory | 29,63% Memory free 2,26 Gb Paging File | 1,19 Gb Available in Paging File | 52,72% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 173,99 Gb Total Space | 17,57 Gb Free Space | 10,10% Space Free | Partition Type: NTFS Drive D: | 45,22 Gb Total Space | 44,01 Gb Free Space | 97,32% Space Free | Partition Type: NTFS Drive E: | 2,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: FABO-PC | User Name: Fabo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.06.08 11:16:46 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Fabo\Downloads\OTL.exe PRC - [2011.04.30 14:20:52 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2011.04.28 19:00:14 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.03.20 23:38:57 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2010.11.03 17:15:44 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.03.05 17:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe PRC - [2009.01.09 21:14:48 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin PRC - [2009.01.09 21:14:42 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe PRC - [2008.04.17 14:14:48 | 000,102,712 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2008.04.17 14:14:00 | 000,098,616 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2007.11.16 14:43:16 | 000,040,960 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\Programme\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe PRC - [2006.12.29 12:11:00 | 004,317,184 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2006.11.14 17:07:08 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe PRC - [2005.11.16 19:08:40 | 000,106,496 | ---- | M] (Corel, Inc.) -- C:\Programme\Corel\Corel Photo Album 6\MediaDetect.exe ========== Modules (SafeList) ========== MOD - [2011.06.08 11:16:46 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Fabo\Downloads\OTL.exe MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService) SRV - [2011.04.28 19:00:14 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.03.20 23:38:57 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008.04.17 14:14:48 | 000,102,712 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2006.11.14 17:07:08 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler) ========== Driver Services (SafeList) ========== DRV - [2011.03.20 23:38:58 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010.11.23 11:03:13 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.10.09 00:55:50 | 000,551,424 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM) DRV - [2009.09.17 10:01:18 | 000,579,840 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA) DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2007.04.27 18:55:12 | 000,429,440 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Dr71WU.sys -- (RT73) DRV - [2007.02.08 23:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2006.12.05 11:21:00 | 004,456,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2006.11.01 13:19:12 | 000,050,688 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RxFilter.sys -- (RxFilter) DRV - [2006.10.26 17:22:00 | 000,009,432 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM) DRV - [2006.10.26 17:21:34 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2006.10.26 17:21:34 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM) DRV - [2006.10.26 17:21:32 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2006.10.26 17:21:30 | 000,026,296 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2006.10.26 17:21:28 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2006.10.26 17:21:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2006.10.26 17:21:24 | 000,104,536 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2006.10.18 18:39:58 | 000,017,920 | ---- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\xfilt.sys -- (xfilt) DRV - [2006.10.17 21:22:26 | 000,009,216 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\videX32.sys -- (videX32) DRV - [2006.08.11 11:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M) DRV - [2006.07.14 14:55:34 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvatabus.sys -- (nvatabus) DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A7 5C 84 1D 6D 27 CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "BearShare Web Search" FF - prefs.js..browser.search.selectedEngine: "Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1 FF - prefs.js..extensions.enabledItems: {937f343c-c9c2-4235-b544-7fc4da2f2594}:2.5.6.0 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 4 FF - prefs.js..extensions.enabledItems: 9 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1 FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.6.0 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.30 14:21:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.30 14:21:02 | 000,000,000 | ---D | M] [2008.09.01 18:24:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fabo\AppData\Roaming\mozilla\Extensions [2011.06.08 01:47:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions [2010.11.28 23:27:40 | 000,000,000 | ---D | M] ("Garmin Communicator") -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2010.09.15 11:17:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.11.25 15:32:59 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.03.30 22:37:02 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.02.05 19:11:52 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} [2010.11.13 01:45:43 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.02.22 16:37:07 | 000,000,000 | ---D | M] (Suche Deutschland Toolbar) -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\{937f343c-c9c2-4235-b544-7fc4da2f2594} [2010.07.14 16:56:56 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.02.22 16:37:07 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\de-DE@dictionaries.addons.mozilla.org [2010.10.15 16:32:23 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\en-US@dictionaries.addons.mozilla.org [2010.09.03 00:51:15 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\firefox@tvunetworks.com [2010.10.15 16:32:23 | 000,000,000 | ---D | M] (Dizionario italiano) -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\it-IT@dictionaries.addons.mozilla.org [2010.09.03 00:50:39 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Fabo\AppData\Roaming\mozilla\Firefox\Profiles\tj9n2h07.default\extensions\vshare@toolbar [2009.07.18 01:02:48 | 000,002,476 | ---- | M] () -- C:\Users\Fabo\AppData\Roaming\Mozilla\Firefox\Profiles\tj9n2h07.default\searchplugins\BearShareWebSearch.xml [2010.07.14 18:57:14 | 000,000,873 | ---- | M] () -- C:\Users\Fabo\AppData\Roaming\Mozilla\Firefox\Profiles\tj9n2h07.default\searchplugins\conduit.xml [2010.12.13 03:23:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2007.05.21 21:13:47 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2008.09.01 18:24:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\talkback@mozilla.org [2008.12.11 22:57:33 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2009.03.25 16:50:31 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009.09.09 16:21:04 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2009.11.10 02:52:02 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2010.03.30 22:34:12 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [2010.10.31 11:45:42 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2009.07.18 01:02:48 | 000,002,476 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\BearShareWebSearch.xml [2010.10.31 11:45:43 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.10.31 11:45:43 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.10.31 11:45:43 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.10.31 11:45:43 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2008.05.30 17:07:46 | 000,000,736 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Corel Photo Downloader] C:\Programme\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.) O4 - HKLM..\Run: [MsgCenterExe] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [QuickFinder Scheduler] C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SunJavaUpdateSched] File not found O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [EPSON Stylus DX7400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [Uniblue RegistryBooster 2] File not found O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Fabo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Users\Fabo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Fabo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Fabo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Programme\WordPerfect Office X3\Programs\WPLauncher.hta () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Fabo\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Fabo\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2007.05.01 18:16:32 | 000,000,148 | R--- | M] () - E:\AUTORUN.inf -- [ UDF ] O32 - AutoRun File - [2007.07.04 05:19:48 | 000,000,000 | R--D | M] - E:\AutoRun -- [ UDF ] O32 - AutoRun File - [2007.07.04 05:19:47 | 000,634,880 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ UDF ] O32 - AutoRun File - [2007.07.04 04:23:42 | 000,585,728 | R--- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ UDF ] O33 - MountPoints2\{b65d4206-6194-11de-8226-0019db518a3f}\Shell - "" = AutoRun O33 - MountPoints2\{b65d4206-6194-11de-8226-0019db518a3f}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a O33 - MountPoints2\{d00ca5fe-f22e-11db-a252-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{d00ca5fe-f22e-11db-a252-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Madden08.exe -- [2007.07.04 05:00:31 | 000,144,648 | R--- | M] (EA - Salt Lake) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.06.07 23:03:57 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.06.07 23:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.06.07 23:03:52 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.05.27 00:39:23 | 000,000,000 | ---D | C] -- C:\Users\Fabo\AppData\Roaming\Malwarebytes [2011.05.27 00:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.05.27 00:38:56 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.05.24 00:08:17 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.05.19 23:07:12 | 000,000,000 | ---D | C] -- C:\Users\Fabo\AppData\Roaming\DVDVideoSoft ========== Files - Modified Within 30 Days ========== [2011.06.08 10:40:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.08 10:40:15 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.08 10:40:14 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.08 01:23:15 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.06.08 01:23:15 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.06.08 01:23:15 | 000,126,054 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.06.08 01:23:15 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.06.07 23:03:57 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.06.07 22:42:42 | 000,326,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.06.07 22:42:25 | 1072,160,768 | -HS- | M] () -- C:\hiberfil.sys [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.05.24 19:14:10 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2011.05.24 00:08:17 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.05.19 23:08:54 | 000,001,044 | ---- | M] () -- C:\Users\Fabo\Desktop\Desktop\DVDVideoSoft Free Studio.lnk ========== Files Created - No Company Name ========== [2011.06.07 23:03:57 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.22 02:15:52 | 000,028,672 | ---- | C] () -- C:\Windows\System32\wsnmp32d.dll [2010.06.20 13:15:13 | 000,001,301 | ---- | C] () -- C:\Windows\TVEpaDrv.ini [2010.06.20 12:28:56 | 000,303,104 | ---- | C] () -- C:\Windows\emunist.exe [2009.10.19 23:11:38 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.10.19 23:11:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.04.14 23:57:46 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib [2008.09.10 18:40:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.06.01 02:22:11 | 000,001,356 | ---- | C] () -- C:\Users\Fabo\AppData\Local\d3d9caps.dat [2008.05.02 00:09:29 | 000,000,074 | ---- | C] () -- C:\Windows\tm.ini [2008.03.21 22:30:08 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008.02.06 23:54:16 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2008.02.06 23:54:16 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2008.02.06 23:54:16 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2008.02.06 23:54:16 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2008.02.06 23:54:16 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2008.02.06 23:54:16 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2008.02.06 23:54:16 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2008.02.06 23:54:16 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2008.02.06 23:54:16 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2008.02.06 23:54:16 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2008.02.06 23:54:16 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2008.02.06 23:54:16 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2008.02.06 23:54:16 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2008.02.06 23:54:16 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2008.02.06 23:54:16 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2008.02.06 23:54:16 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2008.02.06 23:54:16 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2008.02.06 23:54:16 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2008.02.06 23:54:16 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2008.02.06 23:52:40 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX7400DEFGIPS.ini [2007.09.19 21:05:56 | 000,073,216 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe [2007.07.30 23:56:24 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE [2007.07.30 23:56:24 | 000,006,067 | ---- | C] () -- C:\Windows\UNWISE.INI [2007.06.16 22:48:00 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html [2007.06.14 16:41:11 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2007.05.31 21:38:25 | 000,055,949 | ---- | C] () -- C:\Windows\System32\x264-uninstall.exe [2007.04.24 10:14:36 | 000,194,560 | ---- | C] () -- C:\Users\Fabo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.02.15 23:45:41 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL [2007.02.15 23:45:36 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini [2007.02.15 22:55:55 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll [2007.02.15 15:20:34 | 000,135,168 | ---- | C] () -- C:\Windows\System32\property.dll [2006.11.06 18:03:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006.11.02 17:33:31 | 000,628,504 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,126,054 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,326,800 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.08.11 10:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll [2005.08.17 16:10:56 | 000,542,208 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [1997.06.14 13:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll ========== LOP Check ========== [2007.04.29 20:28:21 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\acccore [2009.02.04 19:39:35 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\CoSoSys [2011.05.19 23:08:16 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\DVDVideoSoft [2011.05.03 21:10:26 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\DVDVideoSoftIEHelpers [2008.02.23 18:03:19 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\EPSON [2008.01.30 17:04:21 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\FloodLightGames [2010.10.02 21:18:54 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\GARMIN [2007.05.15 16:20:34 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\Kazaa Lite [2008.12.20 12:55:49 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\OpenOffice.org [2008.08.28 22:58:51 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\Panasonic [2007.09.28 13:08:19 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\PTV Game [2009.08.21 01:06:16 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\StreamTorrent [2007.09.05 15:25:10 | 000,000,000 | ---D | M] -- C:\Users\Fabo\AppData\Roaming\Uniblue [2011.06.07 22:41:23 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 48 bytes -> C:\Windows:01131222C357D2C5 @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:8AB6C1D7 < End of report > |
|
08.06.2011, 10:51
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | win32.katusha.o Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "Search"
O4 - HKLM..\Run: [MsgCenterExe] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Uniblue RegistryBooster 2] File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.05.01 18:16:32 | 000,000,148 | R--- | M] () - E:\AUTORUN.inf -- [ UDF ]
O32 - AutoRun File - [2007.07.04 05:19:48 | 000,000,000 | R--D | M] - E:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2007.07.04 05:19:47 | 000,634,880 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2007.07.04 04:23:42 | 000,585,728 | R--- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ UDF ]
O33 - MountPoints2\{b65d4206-6194-11de-8226-0019db518a3f}\Shell - "" = AutoRun
O33 - MountPoints2\{b65d4206-6194-11de-8226-0019db518a3f}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a
O33 - MountPoints2\{d00ca5fe-f22e-11db-a252-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d00ca5fe-f22e-11db-a252-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Madden08.exe -- [2007.07.04 05:00:31 | 000,144,648 | R--- | M] (EA - Salt Lake)
[2011.04.22 02:15:52 | 000,028,672 | ---- | C] () -- C:\Windows\System32\wsnmp32d.dll
@Alternate Data Stream - 48 bytes -> C:\Windows:01131222C357D2C5
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:8AB6C1D7
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu win32.katusha.o |
| 7-zip, adobe, antivir, bonjour, defender, desktop, error, explorer, extras.txt, firefox, flash player, home, install.exe, logfile, nss3.dll, ntdll.dll, oldtimer, otl.txt, plug-in, realtek, registry, safer networking, scan, sched.exe, security, shell32.dll, software, trojaner, trojaner eingefangen, usb, win32/spy.agent.ntn |
Linear-Darstellung
