| |
| |||||||
Log-Analyse und Auswertung: keylogger oder spyware drauf?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.11.2010, 18:06
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  keylogger oder spyware drauf? Nein immer noch leer. Hast Du auch wirklich den Virenscanner deaktiviert?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.11.2010, 18:35
| #17 |
 | keylogger oder spyware drauf? jetzt nochmal ohne viren scanner..hatte es tatsaeclich vergessen zu aktivieren...sorry
__________________ |
|
02.11.2010, 20:03
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | keylogger oder spyware drauf? Irgendwas machst Du falsch. Die Datei hat hier immer 0 Bytes ist also leer. Lad es mal bei file-upload.net hoch und verlink es hier.
__________________
__________________ |
|
02.11.2010, 21:17
| #19 |
| | keylogger oder spyware drauf? File-Upload.net - sdasetup-1-.exe Kannst Du das oeffnen, als ich den ordner per doppelklick in das browserfenster von file-upload setzen wollte, hat er mich wieder zig mal weitergelietet bevor das klappte. |
|
02.11.2010, 21:24
| #20 |
| | keylogger oder spyware drauf? File-Upload.net - OneNote-Table-Of-Contents.onetoc2 oder das? Dateiname: OneNote-Table-Of-Contents.onetoc2 Dateigröße: 4 Kbyte die beiden Dateien bleiben uebrig nach den weiterleitungen |
|
03.11.2010, 03:28
| #21 |
| | keylogger oder spyware drauf? File-Upload.net - MovedFiles.zip |
|
03.11.2010, 13:38
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | keylogger oder spyware drauf? Du musst die Links posten!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.11.2010, 03:54
| #23 |
| | keylogger oder spyware drauf? hxxp://www.file-upload.net/download-2943655/OneNote-Table-Of-Contents.onetoc2.html hxxp://www.file-upload.net/download-2943656/MovedFiles.zip.html hxxp://www.file-upload.net/download-2943657/hosts.html so, zumindest hoffe ich die links nun richtig gepostet zu haben. Ich kann die oben beiden aber nicht oeffnen und der hosts link, sagt mir gar nix. Wenn ich auf OTL Ordner gehe und oeffnen moechte geht er halt immer auf irgendwelche Unter Ordner, bis auf den OTL zip, den ich aber wie gesagt nicht oeffnen kann. Ich hoffe Du kannst etwas damit anfangen, vielleicht kannst Du was oeffnen......??? Danke |
|
04.11.2010, 19:02
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | keylogger oder spyware drauf? Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.11.2010, 03:54
| #25 |
| | keylogger oder spyware drauf? Habe alles so gemacht wie beschrieben. Bin sehr gespannt was Du sagst? Combofix Logfile: Code:
ATTFilter ComboFix 10-11-03.04 - ellyangel 11/04/2010 21:06:54.1.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.1977.919 [GMT -5:00]
Running from: c:\users\ellyangel\Desktop\cofi.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\ellyangel\AppData\Local\{DA6ED62A-E801-47B5-8FD9-559FF80DF12A}
c:\users\ellyangel\AppData\Local\{DA6ED62A-E801-47B5-8FD9-559FF80DF12A}\chrome.manifest
c:\users\ellyangel\AppData\Local\{DA6ED62A-E801-47B5-8FD9-559FF80DF12A}\chrome\content\_cfg.js
c:\users\ellyangel\AppData\Local\{DA6ED62A-E801-47B5-8FD9-559FF80DF12A}\chrome\content\overlay.xul
c:\users\ellyangel\AppData\Local\{DA6ED62A-E801-47B5-8FD9-559FF80DF12A}\install.rdf
D:\install.exe
----- BITS: Possible infected sites -----
hxxp://www.flickr.com
hxxp://farm5.static.flickr.com
hxxp://farm3.static.flickr.com
hxxp://s375.photobucket.com
hxxp://i375.photobucket.com
.
((((((((((((((((((((((((( Files Created from 2010-10-05 to 2010-11-05 )))))))))))))))))))))))))))))))
.
2010-11-05 02:24 . 2010-11-05 02:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-05 02:01 . 2010-11-05 02:02 -------- d-----w- C:\32788R22FWJFW
2010-11-04 20:55 . 2010-11-04 20:55 -------- d-----w- c:\program files\CCleaner
2010-10-28 21:32 . 2010-11-02 16:13 -------- d-----w- C:\_OTL
2010-10-19 20:00 . 2010-10-19 20:00 -------- d-----w- c:\windows\system32\N360_BACKUP
2010-10-14 23:01 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-14 23:01 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-14 23:01 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-10-14 23:01 . 2010-09-06 14:13 303616 ----a-w- c:\windows\system32\drivers\srv.sys
2010-10-14 23:01 . 2010-09-06 14:12 101888 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-10-14 23:01 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll
2010-10-14 23:01 . 2010-09-06 14:12 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-10-14 23:01 . 2010-08-10 15:02 274432 ----a-w- c:\windows\system32\schannel.dll
2010-10-14 23:01 . 2010-06-28 16:15 1315840 ----a-w- c:\windows\system32\ole32.dll
2010-10-14 23:01 . 2010-06-28 14:31 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2010-10-10 16:43 . 2009-05-18 21:17 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-10-10 16:43 . 2008-04-17 20:12 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-10-10 16:43 . 2010-10-10 16:43 -------- d-----w- c:\program files\Symantec
2010-10-10 16:43 . 2010-10-10 16:43 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-10-10 16:42 . 2010-10-13 20:41 -------- d-----w- c:\windows\system32\drivers\N360
2010-10-10 16:42 . 2010-10-10 16:42 -------- d-----w- c:\program files\Norton 360
2010-10-09 20:32 . 2010-09-14 22:59 14808 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2010-10-09 20:32 . 2010-09-14 22:59 718296 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2010-10-09 15:54 . 2010-04-12 22:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-09 15:54 . 2010-04-12 22:29 411368 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-10-08 18:06 . 2010-09-09 22:52 6084944 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8155D70B-60DD-4805-9650-130A0B4C6BCC}\mpengine.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 15:12 . 2010-07-02 04:10 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2009-01-28 00:45 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2009-01-28 00:45 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2009-01-28 00:45 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2009-01-28 00:45 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2009-01-28 00:45 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2009-01-28 00:45 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-17 13:32 . 2010-09-15 16:04 126464 ----a-w- c:\windows\system32\spoolsv.exe
2010-10-09 20:22 . 2009-10-23 16:21 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2008-09-02 14:05 398776 ----a-w- c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-30 00:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-24 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"CyberDefender Registry Cleaner"="c:\program files\cyberdefender\registry cleaner\Startcdrc.exe" [2010-05-12 187904]
"Google Update"="c:\users\ellyangel\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-03-18 136176]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"AdobeUpdater6"="c:\program files\Common Files\Adobe\Updater6\Adobe_Updater.exe" [2009-01-08 2521464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-20 6244896]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-30 526896]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-26 28672]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-17 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-17 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-17 145944]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-22 159744]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-02 850440]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-07-24 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-07-24 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-07-18 167936]
"Acer Assist Launcher"="c:\program files\Acer\Acer Assist\launcher.exe" [2007-11-19 1261568]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2010-07-15 126976]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-10-09 30192]
" Malwarebytes Anti-Malware (reboot)"="c:\users\Default\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
c:\users\ellyangel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
R2 gupdate1c9ea1663e6a5d0;Google Update Service (gupdate1c9ea1663e6a5d0);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 133104]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-26 131072]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-10-09 30192]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2010-02-04 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
S1 aswSP;aswSP; [x]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101001.001\BHDrvx86.sys [2010-10-02 692272]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101028.001\IDSvix86.sys [2010-10-19 353840]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-07-18 61424]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-17 81504]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-06-02 24576]
S2 N360;Norton 360;c:\program files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-26 45056]
S2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-17 122368]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-10-10 102448]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-04-12 84240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder
2010-11-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-24 15:21]
2010-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 21:56]
2010-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 21:56]
2010-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2136634944-1118908816-156827738-1000Core.job
- c:\users\ellyangel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-27 15:02]
2010-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2136634944-1118908816-156827738-1000UA.job
- c:\users\ellyangel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-27 15:02]
2010-11-04 c:\windows\Tasks\Norton Security Scan for ellyangel.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-03-15 11:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.msn.de/
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game13.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\ellyangel\AppData\Roaming\Mozilla\Firefox\Profiles\p4rvkwxr.default\
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\ellyangel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\ellyangel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-CyberDefender Registry Cleaner - (no file)
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\ellyangel\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-11-04 21:26
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\4.3.0.5\diMaster.dll\" /prefetch:1"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2010-11-04 21:46:11
ComboFix-quarantined-files.txt 2010-11-05 02:45
Pre-Run: 20,378,263,552 bytes free
Post-Run: 20,328,599,552 bytes free
- - End Of File - - A27445B7D121C5E82779B2C8B78916FE
|
|
05.11.2010, 15:29
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | keylogger oder spyware drauf? Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.11.2010, 22:59
| #27 |
| | keylogger oder spyware drauf? OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 15:57:19 on 08.11.2010 OS: Windows Vista Home Basic Edition Service Pack 1 (Build 6001), 32-bit Default Browser: Microsoft Corporation Internet Explorer 7.00.6000.16386 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [Common] -----( %SystemRoot%\Tasks )----- "Google Software Updater.job" - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-2136634944-1118908816-156827738-1000Core.job" - "Google Inc." - C:\Users\ellyangel\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-2136634944-1118908816-156827738-1000UA.job" - "Google Inc." - C:\Users\ellyangel\AppData\Local\Google\Update\GoogleUpdate.exe "Norton Security Scan for ellyangel.job" - "Symantec Corporation" - C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys "aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys "aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\system32\drivers\aswRdr.sys "aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys "avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys "AVFSFilter" (AVFSFilter) - ? - C:\Windows\System32\DRIVERS\avfsfilter.sys (File not found) "BHDrvx86" (BHDrvx86) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101029.001\BHDrvx86.sys "catchme" (catchme) - ? - C:\Users\ELLYAN~1\AppData\Local\Temp\catchme.sys (File not found) "Dritek General Port I/O" (DritekPortIO) - "Dritek System Inc." - C:\PROGRA~1\LAUNCH~1\DPortIO.sys "EraserUtilRebootDrv" (EraserUtilRebootDrv) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys "IDSVix86" (IDSVix86) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101104.004\IDSvix86.sys "int15" (int15) - "Acer, Inc." - C:\Windows\system32\drivers\int15.sys "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "kglciuog" (kglciuog) - ? - C:\Users\ELLYAN~1\AppData\Local\Temp\kglciuog.sys (Hidden registry entry, rootkit activity | File not found) "NAVENG" (NAVENG) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101108.002\NAVENG.SYS "NAVEX15" (NAVEX15) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101108.002\NAVEX15.SYS "NTIPPKernel" (NTIPPKernel) - "Cyberlink Corp." - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys "PSDFilter" (PSDFilter) - "Egis Incorporated" - C:\Windows\System32\DRIVERS\psdfilter.sys "PSDNServ" (PSDNServ) - "Egis Incorporated" - C:\Windows\System32\DRIVERS\PSDNServ.sys "PSDVdisk" (psdvdisk) - "Egis Incorporated" - C:\Windows\System32\DRIVERS\PSDVdisk.sys "Symantec Data Store" (SymDS) - "Symantec Corporation" - C:\Windows\System32\drivers\N360\0403000.005\SYMDS.SYS "Symantec Eraser Control driver" (eeCtrl) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys "Symantec Extended File Attributes" (SymEFA) - "Symantec Corporation" - C:\Windows\System32\drivers\N360\0403000.005\SYMEFA.SYS "Symantec Hash Provider" (ccHP) - "Symantec Corporation" - C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys "Symantec Iron Driver" (SymIRON) - "Symantec Corporation" - C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS "Symantec Real Time Storage Protection" (SRTSP) - "Symantec Corporation" - C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS "Symantec Real Time Storage Protection (PEL)" (SRTSPX) - "Symantec Corporation" - C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS "Symantec Vista Network Dispatch Driver" (SYMTDIv) - "Symantec Corporation" - C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS "SymEvent" (SymEvent) - "Symantec Corporation" - C:\Windows\system32\Drivers\SYMEVENT.SYS "UBHelper" (UBHelper) - "NewTech Infosystems Corporation" - C:\Windows\system32\drivers\UBHelper.sys "Upper Class Filter Driver" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\Windows\System32\DRIVERS\NTIDrvr.sys "{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}" ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) - "Cyberlink Corp." - C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\ashShell.dll {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} "DragDropProtect Class" - "Egis Inc." - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll {2b45bd21-71f8-4c8c-a87a-7eeb25a1a3e0} "EPM-PO Shell Extension" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll <binary data> "BearShare MediaBar" - "BearShare" - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "Norton Toolbar" - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll <binary data> "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab {166B1BCA-3F9C-11CF-8075-444553540000} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\Windows\system32\Adobe\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} "Zylom Games Player" - "Zylom Games" - C:\Windows\Downloaded Program Files\zylomgamesplayer.dll / hxxp://game13.zylom.com/activex/zylomgamesplayer.cab {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} "{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}" - "WebEx Communications, Inc" - C:\ProgramData\webex\ieatgpc.dll / -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "Blog This" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL {48E73304-E1D6-4330-914C-F5F514E3486C} "Send to OneNote" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll <binary data> "Acer eDataSecurity Management" - "Egis Incorporated." - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll <binary data> "BearShare MediaBar" - "BearShare" - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll <binary data> "MSN Toolbar" - "Microsoft Corp." - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} "Norton Toolbar" - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {d2ce3e00-f94a-4740-988e-03dc2f38c34f} "MSN Toolbar Helper" - "Microsoft Corp." - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} "ShowBarObj Class" - "Egis" - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {6D53EC84-6AAE-4787-AEEE-F4628F01010C} "Symantec Intrusion Prevention" - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} "Symantec NCO BHO" - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} "UrlHelper Class" - ? - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Sign-in Helper" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll {5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found) [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "OneNote 2007 Screen Clipper and Launcher.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "CyberDefender Registry Cleaner" - "CyberDefender" - c:\program files\cyberdefender\registry cleaner\Startcdrc.exe "Google Update" - "Google Inc." - "C:\Users\ellyangel\AppData\Local\Google\Update\GoogleUpdate.exe" /c "msnmsgr" - "Microsoft Corporation" - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background "swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Acer Assist Launcher" - "Acer Inc." - C:\Program Files\Acer\Acer Assist\launcher.exe "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "ArcadeDeluxeAgent" - "CyberLink Corp." - "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "avast5" - "AVAST Software" - C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui "BkupTray" - ? - "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" "CLMLServer" - "CyberLink" - "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" "eDataSecurity Loader" - "Egis Incorporated" - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe "ePower_DMC" - "Acer Inc." - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe "Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup "Google Quick Search Box" - "Google Inc." - "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun "LManager" - "Dritek System Inc." - C:\PROGRA~1\LAUNCH~1\LManager.exe " Malwarebytes Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Users\Default\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript "OpwareSE4" - "Nuance Communications, Inc." - "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" "PlayMovie" - "Acer Corp." - "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "WrtMon.exe" - ? - C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe "avast! Mail Scanner" (avast! Mail Scanner) - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe "avast! Web Scanner" (avast! Web Scanner) - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe "CLHNService" (CLHNService) - ? - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe "Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\Cyberlink\Shared files\RichVideo.exe "eDataSecurity Service" (eDataSecurity Service) - "Egis Incorporated" - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe "Empowering Technology Service" (ETService) - ? - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe "Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate1c9ea1663e6a5d0)" (gupdate1c9ea1663e6a5d0) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "MobilityService" (MobilityService) - ? - C:\Acer\Mobility Center\MobilityService.exe "Norton 360" (N360) - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe "NTI Backup Now 5 Agent Service" (BUNAgentSvc) - "NewTech Infosystems, Inc." - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe "NTI Backup Now 5 Backup Service" (NTIBackupSvc) - "NewTech InfoSystems, Inc." - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe "NTI Backup Now 5 Scheduler Service" (NTISchedulerSvc) - ? - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (File found, but it contains no detailed information) "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "PIXMA Extended Survey Program" (IJPLMSVC) - ? - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE "SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe "Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - ? - C:\PROGRA~1\FISHDO~1\FISHDO~1.SCR (File not found) ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
08.11.2010, 23:02
| #28 |
| | keylogger oder spyware drauf? MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows Vista Home Basic Edition Windows Information: Service Pack 1 (build 6001), 32-bit Base Board Manufacturer: Acer BIOS Manufacturer: Acer System Manufacturer: Acer System Product Name: Aspire 4330 Logical Drives Mask: 0x0000001c Kernel Drivers (total 165): 0x8264E000 \SystemRoot\system32\ntkrnlpa.exe 0x8261B000 \SystemRoot\system32\hal.dll 0x80408000 \SystemRoot\system32\kdcom.dll 0x80410000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x80470000 \SystemRoot\system32\PSHED.dll 0x80481000 \SystemRoot\system32\BOOTVID.dll 0x80489000 \SystemRoot\system32\CLFS.SYS 0x804CA000 \SystemRoot\system32\CI.dll 0x80607000 \SystemRoot\system32\drivers\Wdf01000.sys 0x80683000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x80690000 \SystemRoot\system32\drivers\acpi.sys 0x806D6000 \SystemRoot\system32\drivers\WMILIB.SYS 0x806DF000 \SystemRoot\system32\drivers\msisadrv.sys 0x806E7000 \SystemRoot\system32\drivers\pci.sys 0x8070E000 \SystemRoot\System32\drivers\partmgr.sys 0x8071D000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x80720000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x8072A000 \SystemRoot\system32\drivers\volmgr.sys 0x80739000 \SystemRoot\System32\drivers\volmgrx.sys 0x80783000 \SystemRoot\System32\drivers\mountmgr.sys 0x80793000 \SystemRoot\System32\Drivers\UBHelper.sys 0x8079B000 \SystemRoot\system32\drivers\atapi.sys 0x807A3000 \SystemRoot\system32\drivers\ataport.SYS 0x807C1000 \SystemRoot\system32\drivers\msahci.sys 0x807CB000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x805AA000 \SystemRoot\system32\drivers\fltmgr.sys 0x87C05000 \SystemRoot\system32\drivers\N360\0403000.005\SYMDS.SYS 0x87C5B000 \SystemRoot\system32\drivers\fileinfo.sys 0x87C6B000 \SystemRoot\system32\DRIVERS\psdfilter.sys 0x87C74000 \SystemRoot\system32\drivers\N360\0403000.005\SYMEFA.SYS 0x87CA1000 \SystemRoot\System32\Drivers\ksecdd.sys 0x87E08000 \SystemRoot\system32\drivers\ndis.sys 0x87F13000 \SystemRoot\system32\drivers\msrpc.sys 0x87F3E000 \SystemRoot\system32\drivers\NETIO.SYS 0x8800F000 \SystemRoot\System32\Drivers\Ntfs.sys 0x8811E000 \SystemRoot\system32\drivers\volsnap.sys 0x88157000 \SystemRoot\System32\Drivers\spldr.sys 0x8815F000 \SystemRoot\System32\Drivers\mup.sys 0x8816E000 \SystemRoot\System32\drivers\ecache.sys 0x88195000 \SystemRoot\system32\drivers\disk.sys 0x881A6000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x881C7000 \SystemRoot\system32\drivers\crcdisk.sys 0x881F2000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x88000000 \SystemRoot\system32\DRIVERS\tunmp.sys 0x87F78000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x8C405000 \SystemRoot\system32\DRIVERS\igdkmd32.sys 0x8CAE9000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x8CB88000 \SystemRoot\System32\drivers\watchdog.sys 0x8CB95000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x8CBA0000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x8CBDE000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x8CBED000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x87D12000 \SystemRoot\system32\DRIVERS\athr.sys 0x87F87000 \SystemRoot\system32\DRIVERS\Rtlh86.sys 0x87FA9000 \SystemRoot\system32\DRIVERS\jmcr.sys 0x87FBE000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS 0x8C400000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x87FE4000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x87DF6000 \SystemRoot\system32\DRIVERS\DKbFltr.sys 0x807D9000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x8C006000 \SystemRoot\system32\DRIVERS\Apfiltr.sys 0x8C033000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x8C03E000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x8C056000 \SystemRoot\system32\DRIVERS\NTIDrvr.sys 0x8C05E000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys 0x8C064000 \SystemRoot\system32\DRIVERS\wmiacpi.sys 0x8C06D000 \SystemRoot\system32\DRIVERS\msiscsi.sys 0x8C09B000 \SystemRoot\system32\DRIVERS\storport.sys 0x8C0DC000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x8C0E7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x8C0FE000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x8C109000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x8C12C000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x8C13B000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x8C14F000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x8C164000 \SystemRoot\system32\DRIVERS\termdd.sys 0x8C174000 \SystemRoot\system32\DRIVERS\swenum.sys 0x8C176000 \SystemRoot\system32\DRIVERS\ks.sys 0x8C1A0000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x8C1AA000 \SystemRoot\system32\DRIVERS\umbus.sys 0x8C1B7000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x8C1EB000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x8CC09000 \SystemRoot\system32\drivers\RTKVHDA.sys 0x8CE15000 \SystemRoot\system32\drivers\portcls.sys 0x8CE42000 \SystemRoot\system32\drivers\drmk.sys 0x8CE67000 \SystemRoot\system32\DRIVERS\AGRSM.sys 0x8CF8D000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x8CF8F000 \SystemRoot\system32\drivers\modem.sys 0x8CF9C000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0x8CFA5000 \SystemRoot\System32\Drivers\Null.SYS 0x8CFAC000 \SystemRoot\System32\Drivers\Beep.SYS 0x8CFB3000 \SystemRoot\System32\drivers\vga.sys 0x8CFBF000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x8CFE0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x8CFE8000 \SystemRoot\system32\drivers\rdpencdd.sys 0x8CFF0000 \SystemRoot\System32\Drivers\Msfs.SYS 0x807E4000 \SystemRoot\System32\Drivers\Npfs.SYS 0x8CC00000 \SystemRoot\System32\DRIVERS\rasacd.sys 0x8D00C000 \SystemRoot\System32\drivers\tcpip.sys 0x8D0F5000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x8D110000 \SystemRoot\system32\DRIVERS\tdx.sys 0x8D126000 \SystemRoot\System32\Drivers\N360\0403000.005\SYMTDIV.SYS 0x8D17F000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS 0x8D1A4000 \SystemRoot\System32\Drivers\aswTdi.SYS 0x8D1AE000 \SystemRoot\system32\DRIVERS\smb.sys 0x8D80B000 \SystemRoot\system32\drivers\afd.sys 0x8D853000 \SystemRoot\System32\Drivers\aswRdr.SYS 0x8D858000 \SystemRoot\System32\DRIVERS\netbt.sys 0x8D88A000 \SystemRoot\system32\DRIVERS\pacer.sys 0x8D8A0000 \SystemRoot\system32\DRIVERS\netbios.sys 0x8D8AE000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x8D8C1000 \SystemRoot\system32\drivers\N360\0403000.005\Ironx86.SYS 0x8D8E0000 \SystemRoot\system32\drivers\N360\0403000.005\SRTSPX.SYS 0x8D8EA000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x8D926000 \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys 0x8D92A000 \SystemRoot\system32\drivers\nsiproxy.sys 0x8D98F000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 0x8D1C2000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 0x8D1DF000 \SystemRoot\System32\Drivers\dfsc.sys 0x8E40A000 \SystemRoot\system32\drivers\N360\0403000.005\ccHPx86.sys 0x8E535000 \SystemRoot\System32\Drivers\aswSP.SYS 0x8E55C000 \SystemRoot\System32\Drivers\crashdmp.sys 0x8E569000 \SystemRoot\System32\Drivers\dump_dumpata.sys 0x8E574000 \SystemRoot\System32\Drivers\dump_msahci.sys 0x80C90000 \SystemRoot\System32\win32k.sys 0x8E57E000 \SystemRoot\System32\drivers\Dxapi.sys 0x8E588000 \SystemRoot\system32\DRIVERS\monitor.sys 0x80EB0000 \SystemRoot\System32\TSDDD.dll 0x80ED0000 \SystemRoot\System32\cdd.dll 0x8E597000 \SystemRoot\system32\drivers\luafv.sys 0x8E5B2000 \??\C:\Windows\system32\drivers\aswMonFlt.sys 0x8E5E9000 \SystemRoot\System32\Drivers\aswFsBlk.SYS 0xA960B000 \SystemRoot\system32\drivers\spsys.sys 0xA96BA000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys 0xA96CC000 \SystemRoot\system32\DRIVERS\lltdio.sys 0xA96DC000 \SystemRoot\system32\DRIVERS\nwifi.sys 0xA9706000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0xA9710000 \SystemRoot\system32\DRIVERS\rspndr.sys 0xA9723000 \SystemRoot\system32\drivers\HTTP.sys 0xA9790000 \SystemRoot\System32\DRIVERS\srvnet.sys 0xA97AD000 \SystemRoot\system32\DRIVERS\bowser.sys 0xA97C6000 \SystemRoot\System32\drivers\mpsdrv.sys 0xA97DB000 \SystemRoot\system32\drivers\mrxdav.sys 0x881D0000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0xAC60B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0xAC644000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0xAC65C000 \SystemRoot\System32\DRIVERS\srv2.sys 0xAC684000 \SystemRoot\System32\DRIVERS\srv.sys 0xAC6D2000 \??\C:\Windows\system32\drivers\int15.sys 0xAC6D9000 \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys 0xAC6F7000 \SystemRoot\system32\drivers\peauth.sys 0xAC7D5000 \SystemRoot\system32\DRIVERS\PSDNServ.sys 0xAC7DE000 \SystemRoot\system32\DRIVERS\PSDVdisk.sys 0xAC7F0000 \SystemRoot\System32\Drivers\secdrv.SYS 0x8E5EC000 \SystemRoot\System32\drivers\tcpipreg.sys 0x805DC000 \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl 0xB5A04000 \SystemRoot\system32\DRIVERS\cdfs.sys 0xB5A1A000 \SystemRoot\System32\Drivers\N360\0403000.005\SRTSP.SYS 0xB5BD3000 \SystemRoot\system32\DRIVERS\asyncmac.sys 0xB5BDC000 \??\C:\Users\ELLYAN~1\AppData\Local\Temp\kglciuog.sys 0x8D934000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101104.004\IDSvix86.sys 0x8E489000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101029.001\BHDrvx86.sys 0xB5A71000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101108.002\NAVEX15.SYS 0xB5BBF000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101108.002\NAVENG.SYS 0x77820000 \Windows\System32\ntdll.dll Processes (total 90): 0 System Idle Process 4 System 468 C:\Windows\System32\smss.exe 544 csrss.exe 588 C:\Windows\System32\wininit.exe 596 csrss.exe 624 C:\Windows\System32\winlogon.exe 676 C:\Windows\System32\services.exe 688 C:\Windows\System32\lsass.exe 696 C:\Windows\System32\lsm.exe 852 C:\Windows\System32\svchost.exe 932 C:\Windows\System32\svchost.exe 1100 C:\Windows\System32\svchost.exe 1124 C:\Windows\System32\svchost.exe 1136 C:\Windows\System32\svchost.exe 1204 C:\Windows\System32\audiodg.exe 1232 C:\Windows\System32\SLsvc.exe 1268 C:\Windows\System32\svchost.exe 1408 C:\Windows\System32\svchost.exe 1520 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 1956 C:\Windows\System32\spoolsv.exe 1980 C:\Windows\System32\svchost.exe 2004 C:\Windows\System32\taskeng.exe 252 C:\Windows\System32\dwm.exe 332 C:\Windows\explorer.exe 1488 C:\Windows\RtHDVCpl.exe 1548 C:\Windows\System32\taskeng.exe 1608 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe 1736 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe 1556 C:\Windows\System32\hkcmd.exe 1988 C:\Windows\System32\igfxpers.exe 320 C:\Program Files\Apoint2K\Apoint.exe 1024 C:\Windows\System32\igfxsrvc.exe 1544 C:\Windows\System32\agrsmsvc.exe 1320 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe 1000 C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe 2064 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe 2132 C:\Program Files\Acer\Empowering Technology\Service\ETService.exe 2220 C:\Program Files\Canon\IJPLM\ijplmsvc.exe 2268 C:\Program Files\Common Files\LightScribe\LSSrvc.exe 2304 C:\ACER\Mobility Center\MobilityService.exe 2336 C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe 2380 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe 2448 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe 2500 C:\Windows\System32\svchost.exe 2548 C:\Program Files\Cyberlink\Shared files\RichVideo.exe 2580 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2700 C:\Windows\System32\svchost.exe 2756 C:\Windows\System32\svchost.exe 2796 C:\Windows\System32\SearchIndexer.exe 3344 WmiPrvSE.exe 3648 C:\Program Files\Launch Manager\LManager.exe 3656 C:\Program Files\Apoint2K\ApMsgFwd.exe 3664 C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe 3676 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe 3692 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe 3700 C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe 3732 C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe 3748 C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe 3756 C:\Windows\vsnpstd3.exe 3784 C:\Program Files\Common Files\Java\Java Update\jusched.exe 3792 C:\Program Files\Alwil Software\Avast5\AvastUI.exe 3804 C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe 3812 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 3832 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 3868 C:\Program Files\Windows Media Player\wmpnscfg.exe 3908 C:\Users\ELLYAN~1\AppData\Local\Temp\RtkBtMnt.exe 2376 C:\Program Files\Apoint2K\ApntEx.exe 2492 C:\Windows\System32\igfxext.exe 2692 C:\Windows\System32\igfxsrvc.exe 2992 dllhost.exe 1652 C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe 3144 C:\Program Files\Windows Media Player\wmpnetwk.exe 1620 C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe 4668 C:\Windows\System32\mobsync.exe 4724 C:\Windows\System32\wbem\unsecapp.exe 5436 C:\Windows\System32\wuauclt.exe 5252 C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe 4528 C:\Windows\System32\ctfmon.exe 5180 C:\Program Files\Internet Explorer\ieuser.exe 5420 C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe 5108 C:\Program Files\Windows Live\Messenger\msnmsgr.exe 4844 C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe 4984 C:\Program Files\Windows Live\Contacts\wlcomm.exe 4644 C:\Windows\System32\taskeng.exe 4988 C:\Program Files\Internet Explorer\iexplore.exe 6024 C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe 12 C:\Windows\System32\SearchProtocolHost.exe 5016 C:\Windows\System32\SearchFilterHost.exe 4816 C:\Users\ellyangel\Desktop\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`80500000 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x0000000f`39800000 (NTFS) PhysicalDrive0 Model Number: HitachiHTS542512K9SA00, Rev: BB2OC31P Size Device Name MBR Status -------------------------------------------- 111 GB \\.\PhysicalDrive0 Acer MBR code detected SHA1: 12ADB8D1AD8327A4A2FA5865BC87234485F25003 Done! |
|
08.11.2010, 23:19
| #29 |
| | keylogger oder spyware drauf? GMER 1.0.15.15507 - hxxp://www.gmer.net Rootkit scan 2010-11-07 17:07:15 Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS542512K9SA00 BB2OC31P Running: jyl1xb4y.exe; Driver: C:\Users\ELLYAN~1\AppData\Local\Temp\kglciuog.sys ---- System - GMER 1.0.15 ---- SSDT 86CD20A8 ZwAlertResumeThread SSDT 86CD2168 ZwAlertThread SSDT 86CD2938 ZwAllocateVirtualMemory SSDT 86A6D4E0 ZwAlpcConnectPort SSDT 86C07978 ZwAssignProcessToJobObject SSDT 86C07E40 ZwCreateMutant SSDT 86C07698 ZwCreateSymbolicLinkObject SSDT 86CD1148 ZwCreateThread SSDT 86C07A38 ZwDebugActiveProcess SSDT 86CD2AC8 ZwDuplicateObject SSDT 86CD2798 ZwFreeVirtualMemory SSDT 86C07F10 ZwImpersonateAnonymousToken SSDT 86C07FD0 ZwImpersonateThread SSDT 868B6318 ZwLoadDriver SSDT 86CD26B8 ZwMapViewOfSection SSDT 86C07D80 ZwOpenEvent SSDT 86CD2008 ZwOpenProcess SSDT 86CD2A08 ZwOpenProcessToken SSDT 86C07C00 ZwOpenSection SSDT 86CD2B98 ZwOpenThread SSDT 86C07888 ZwProtectVirtualMemory SSDT 86CD2228 ZwResumeThread SSDT 86CD2468 ZwSetContextThread SSDT 86CD2528 ZwSetInformationProcess SSDT 86C07AF8 ZwSetSystemInformation SSDT 86C07CC0 ZwSuspendProcess SSDT 86CD22E8 ZwSuspendThread SSDT 86CD1228 ZwTerminateProcess SSDT 86CD23A8 ZwTerminateThread SSDT 86CD25F8 ZwUnmapViewOfSection SSDT 86CD2868 ZwWriteVirtualMemory SSDT 86C07788 ZwCreateThreadEx Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8E54ABAE] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x8E54A9D2] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetTimerEx + 350 82706A14 8 Bytes [A8, 20, CD, 86, 68, 21, CD, ...] .text ntkrnlpa.exe!KeSetTimerEx + 364 82706A28 4 Bytes [38, 29, CD, 86] {CMP [ECX], CH; INT 0x86} .text ntkrnlpa.exe!KeSetTimerEx + 370 82706A34 4 Bytes [E0, D4, A6, 86] .text ntkrnlpa.exe!KeSetTimerEx + 3C4 82706A88 4 Bytes [78, 79, C0, 86] .text ntkrnlpa.exe!KeSetTimerEx + 428 82706AEC 4 Bytes [40, 7E, C0, 86] .text ... PAGE ntkrnlpa.exe!ObMakeTemporaryObject 8282DA2A 5 Bytes JMP 8E5465D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject 82896442 5 Bytes JMP 8E547FFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!NtCreateSection 82897259 7 Bytes JMP 8E54A9D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 828E2368 7 Bytes JMP 8E54ABB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl entry point in "" section [0x805FB41C] .clc C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl unknown last code section [0x805FC000, 0x1000, 0xE0000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1520] kernel32.dll!SetUnhandledExceptionFilter 76476E2D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [748A88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [748E98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [748AB9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7489FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [748A7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7489EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [748DB17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [748ABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [748A074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [748A06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [748971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7492D848] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [748C7379] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7489E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7489697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [748969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [748A2465] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [100027E0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001D90] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10002B30] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.) IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [100011D0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.) IAT C:\Windows\system32\services.exe[676] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00060002 IAT C:\Windows\system32\services.exe[676] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 00060000 ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 2 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 35 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\Properties@DHPRebalanceOptOut 1 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7 Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256 Reg HKLM\SYSTEM\controlset002\control\Class\{6D807884-7D21-11CF-801C-08002BE10318}\Properties@DeviceType 31 Reg HKLM\SYSTEM\controlset002\control\Class\{6D807884-7D21-11CF-801C-08002BE10318}\Properties@DeviceCharacteristics 257 Reg HKLM\SYSTEM\controlset002\control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}\Properties@DeviceType 48 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x01 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x03 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x01 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Data 0x00 0x00 0x08 0xBF ... Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x01 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000@Data 0x00 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Data 0x00 0x00 0x2D 0x41 ... Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020001 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020001\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020001\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020001\00000000@Data 0x00 0x00 0xA0 0x41 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x01 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?# |
|
08.11.2010, 23:20
| #30 |
| | keylogger oder spyware drauf? HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020002 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020002\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020002\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020002\00000000@Data 0x00 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Data 0x00 0x00 0x00 0xBF ... Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x01 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000@Data 0x00 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Data 0x00 0x20 0x31 0xC2 ... Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020005 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020005\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020005\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020005\00000000@Data 0x00 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x02 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{85401fd4-6de4-4b9d-9869-2d6753a82f3c} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{85401fd4-6de4-4b9d-9869-2d6753a82f3c}\00020003 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{85401fd4-6de4-4b9d-9869-2d6753a82f3c}\00020003\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{85401fd4-6de4-4b9d-9869-2d6753a82f3c}\00020003\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{85401fd4-6de4-4b9d-9869-2d6753a82f3c}\00020003\00000000@Data 0x00 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e} Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000@Data 0x01 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020004 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020004\00000000 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020004\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020004\00000000@Data 0x00 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x62 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x4D 0x00 0x69 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x62 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x41 0x00 0x63 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x61 0x00 0x63 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x00 0x00 0xFF 0x0D Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x41 0x00 0x43 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x61 0x00 0x63 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x00 0x00 0xFF 0x0D Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{5724c81d-d5af-4c1f-a103-a06e28f204c6} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{5724c81d-d5af-4c1f-a103-a06e28f204c6}\00000001 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{83da6326-97a6-4088-9453-a1923f573b29} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x63 0x00 0x70 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x49 0x00 0x6E 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x63 0x00 0x70 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x49 0x00 0x6E 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000007 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000007\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000007\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000007\00000000@Data 0x2E 0x00 0x4E 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x61 0x00 0x63 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x04 0x00 0xFF 0x0D Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x49 0x00 0x6E 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x69 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x4D 0x00 0x45 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x50 0x00 0x72 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x49 0x00 0x4F 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x53 0x00 0x79 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x49 0x00 0x4F 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x48 0x00 0x69 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x4D 0x00 0x45 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ... Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6} Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00 Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data |
|
| Themen zu keylogger oder spyware drauf? |
| 0 bytes, acer, adobe, alternate, antivirus, auswerten...hijackthis, avast!, bho, canon, components, corp./icp, desktop, explorer, firefox.exe, google, google chrome, hijack, hijackthis, hkus\s-1-5-18, install.exe, internet, internet explorer, intrusion prevention, keylogger, launch, location, messenger, micro, microsoft, microsoft office word, msvcp90.dll, nvstor.sys, office 2007, oldtimer, otl.exe, plug-in, programdata, registry, registry cleaner, rundll, saver, security scan, security update, shell32.dll, software, spyware, symantec, system, temp, trojan.agent.u, vista, windows, wmp |
Linear-Darstellung
