| Kékfrankos | 03.10.2010 14:55 |
Hallo,
Ok. Also hier Nummer 1. MAM Zitat:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4735
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
03.10.2010 15:53:51
mbam-log-2010-10-03 (15-53-51).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 781346
Laufzeit: 3 Stunde(n), 27 Minute(n), 1 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\3FWHZQA3LT (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SMH2B46TDP (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{afc285ab-7961-9e3c-e455-7f9ca8bbd657} (Trojan.ZbotR.Gen) -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Qoobox\Quarantine\C\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll.vir (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
C:\Program Files\YouTube Downloader Toolbar\WidgiHelper.exe (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
| OTL
OTL Logfile: Code:
OTL logfile created on: 03.10.2010 16:04:11 - Run 2
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Melanie\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,17 Gb Total Space | 0,51 Gb Free Space | 0,35% Space Free | Partition Type: NTFS
Drive D: | 144,15 Gb Total Space | 144,02 Gb Free Space | 99,91% Space Free | Partition Type: NTFS
Drive E: | 702,31 Mb Total Space | 674,23 Mb Free Space | 96,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MELANIE-PC
Current User Name: Melanie
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - C:\Users\Melanie\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Users\Melanie\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\YouTube Downloader Toolbar\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclIrSrv.exe (Nokia)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Windows\System32\igfxext.exe (Intel Corporation)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Programme\Acer\Acer VCM\acp2HID.exe (Acer Inc.)
========== Modules (SafeList) ==========
MOD - C:\Users\Melanie\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\SweetIM\Messenger\mgAdaptersProxy.dll (SweetIM Technologies Ltd.)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\SysHook.dll ()
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Programme\SweetIM\Messenger\msvcr71.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (GoogleDesktopManager-080708-050100) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
========== Driver Services (SafeList) ==========
DRV - (upperdev) -- C:\Windows\System32\DRIVERS\usbser_lowerflt.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\Melanie\AppData\Local\Temp\catchme.sys File not found
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (ACEDRV09) -- C:\Windows\System32\drivers\ACEDRV09.sys (Protect Software GmbH)
DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (NSCIRDA) -- C:\Windows\System32\drivers\nscirda.sys (National Semiconductor Corporation)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (NTIPPKernel) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corp.)
DRV - (SE2Emdm) -- C:\Windows\System32\drivers\SE2Emdm.sys (MCCI)
DRV - (SE2Emdfl) -- C:\Windows\System32\drivers\SE2Emdfl.sys (MCCI)
DRV - (SE2Ebus) Sony Ericsson Device 046 Driver driver (WDM) -- C:\Windows\System32\drivers\SE2Ebus.sys (MCCI)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\..\URLSearchHook: {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Programme\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ig?hl=de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 20 68 53 4C 41 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Programme\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?SearchSource=10&ctid=CT2391419"
FF - prefs.js..network.proxy.type: 0
[2010.08.03 14:40:32 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\mozilla\Extensions
[2010.08.03 14:42:39 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions
[2010.08.03 14:42:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.03 14:42:39 | 000,000,000 | ---D | M] -- C:\Users\Melanie\AppData\Roaming\mozilla\Firefox\Profiles\uoiz31cn.default\extensions\staged-xpis
O1 HOSTS File: ([2010.09.29 11:50:37 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (TranslatorBar 1.2 Toolbar) - {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Programme\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (TranslatorBar 1.2 Toolbar) - {548f6736-8fe4-4680-82f2-170d6c07e1d2} - C:\Programme\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (TranslatorBar 1.2 Toolbar) - {548F6736-8FE4-4680-82F2-170D6C07E1D2} - C:\Programme\TranslatorBar_1.2\tbTran.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\YouTube Downloader Toolbar\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BackProtection Hintergrunddienst.lnk = C:\Programme\BackProtection 8\bp.exe (JMMG Communications, Jochen Moschko)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1224782147 (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Melanie\Pictures\02.06.09 schatz und ich\002.JPG
O24 - Desktop BackupWallPaper: C:\Users\Melanie\Pictures\02.06.09 schatz und ich\002.JPG
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.10.03 16:06:17 | 000,000,000 | ---D | C] -- C:\Users\Melanie\Desktop\TDSSKiller
[2010.09.30 08:09:01 | 000,000,000 | ---D | C] -- C:\Users\Melanie\Desktop\Warszawa - Budapest
[2010.09.30 04:17:59 | 000,000,000 | ---D | C] -- C:\Users\Melanie\AppData\Roaming\SUPERAntiSpyware.com
[2010.09.30 04:17:47 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2010.09.29 19:17:35 | 000,000,000 | ---D | C] -- C:\Users\Melanie\AppData\Roaming\gtk-2.0
[2010.09.29 19:16:24 | 000,000,000 | ---D | C] -- C:\Users\Melanie\.thumbnails
[2010.09.29 19:13:49 | 000,000,000 | ---D | C] -- C:\Users\Melanie\Documents\gegl-0.0
[2010.09.29 19:13:49 | 000,000,000 | ---D | C] -- C:\Users\Melanie\.gimp-2.6
[2010.09.29 19:12:55 | 000,000,000 | ---D | C] -- C:\Programme\GIMP-2.0
[2010.09.29 14:21:33 | 000,000,000 | ---D | C] -- C:\Users\Melanie\AppData\Roaming\Avira
[2010.09.29 12:16:43 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.09.29 12:16:42 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.09.29 12:16:42 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.09.29 12:16:42 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.09.29 12:16:42 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.09.29 12:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.09.29 11:56:37 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.09.29 11:32:54 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010.09.29 11:32:54 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010.09.29 11:32:54 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010.09.29 11:32:26 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010.09.29 11:31:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.09.29 11:30:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.09.29 11:14:29 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010.09.29 11:09:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.09.29 10:03:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.29 07:22:51 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2010.09.29 07:22:51 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll
[2010.09.29 07:22:46 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2010.09.29 07:22:46 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll
[2010.09.29 07:22:43 | 000,000,000 | ---D | C] -- C:\Programme\AviSynth 2.5
[2010.09.29 07:22:11 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax
[2010.09.29 07:22:11 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax
[2010.09.29 07:22:11 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSSplitter.ax
[2010.09.29 07:22:11 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSDecoder.ax
[2010.09.29 07:22:11 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax
[2010.09.29 07:22:10 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010.09.29 07:22:10 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\System32\nbDX.dll
[2010.09.29 07:22:10 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\System32\MatroskaDX.ax
[2010.09.29 07:22:10 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\System32\flvDX.dll
[2010.09.29 07:22:10 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\System32\RealMediaDX.ax
[2010.09.29 07:22:10 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\System32\msfDX.dll
[2010.09.29 07:22:09 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax
[2010.09.29 07:22:09 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\System32\AVCDX.ax
[2010.09.29 07:21:33 | 000,000,000 | ---D | C] -- C:\Programme\eRightSoft
[2010.09.29 07:08:22 | 000,000,000 | ---D | C] -- C:\Users\Melanie\AppData\Roaming\Yqmii
[2010.09.29 07:08:22 | 000,000,000 | ---D | C] -- C:\Users\Melanie\AppData\Roaming\Axfeoh
[2010.09.28 09:21:59 | 000,000,000 | ---D | C] -- C:\Programme\Application Updater
[2010.09.28 09:21:57 | 000,000,000 | ---D | C] -- C:\Programme\YouTube Downloader Toolbar
[2010.09.28 09:20:34 | 000,000,000 | ---D | C] -- C:\Programme\YouTube Downloader
[2010.09.28 08:12:59 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL
[2010.09.28 08:12:59 | 000,094,208 | ---- | C] (vbAccelerator) -- C:\Windows\System32\vbalIml6.ocx
[2010.09.28 08:12:59 | 000,086,016 | ---- | C] (vbAccelerator) -- C:\Windows\System32\vbalARLB6.ocx
[2010.09.28 08:12:59 | 000,064,000 | ---- | C] (TBX Software) -- C:\Windows\System32\tbxcmd.ocx
[2010.09.28 08:12:59 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\System32\SSubTmr6.dll
[2010.09.28 08:12:59 | 000,023,040 | ---- | C] (TBX Software) -- C:\Windows\System32\tbxridbar.ocx
[2010.09.28 08:12:59 | 000,008,192 | ---- | C] (TBX) -- C:\Windows\System32\tbxdlg.dll
[2010.09.28 08:12:58 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL
[2010.09.28 08:12:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGDE.DLL
[2010.09.28 08:12:57 | 000,000,000 | ---D | C] -- C:\Programme\FIS2005
[2010.09.27 01:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010.09.16 08:39:27 | 000,000,000 | ---D | C] -- C:\Users\Melanie\Desktop\Spiele, Musik, Bewerbungen
[2010.09.15 04:38:05 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010.09.14 12:45:58 | 000,024,440 | ---- | C] (fCoder Group, Inc.) -- C:\Windows\System32\udcpm.dll
[2010.09.14 12:41:02 | 000,000,000 | ---D | C] -- C:\Users\Melanie\AppData\Roaming\UDC Profiles
[2010.09.14 12:40:48 | 000,000,000 | R--D | C] -- C:\Users\Melanie\Documents\UDC Output Files
[2010.09.14 12:40:39 | 000,000,000 | ---D | C] -- C:\Programme\Universal Document Converter
[2010.09.09 16:18:04 | 000,000,000 | ---D | C] -- C:\Users\Melanie\AppData\Roaming\ASCOMP Software
[2010.09.09 16:17:56 | 001,242,552 | ---- | C] (NuMedia Soft, Inc.) -- C:\Windows\System32\NMSDVDXU.dll
[2010.09.09 16:17:55 | 000,000,000 | ---D | C] -- C:\Programme\ASCOMP Software
[2010.09.08 10:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.09.07 11:24:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.09.07 11:22:22 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Melanie\Desktop\OTL.exe
[2010.09.07 10:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010.09.07 10:27:28 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.09.06 21:19:06 | 000,000,000 | ---D | C] -- C:\Users\Melanie\AppData\Roaming\Malwarebytes
[2010.09.06 21:18:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.09.06 21:18:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.06 21:18:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.09.06 21:18:50 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.09.06 20:53:33 | 000,000,000 | ---D | C] -- C:\EGIS_Drive
[2010.09.06 20:44:23 | 000,000,000 | --SD | C] -- C:\Users\Melanie\BackProtection
[2010.09.06 20:43:42 | 000,060,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SYSINFO.OCX
[2010.09.06 20:43:38 | 000,000,000 | ---D | C] -- C:\Programme\BackProtection 8
[2010.09.06 20:43:07 | 000,099,866 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB5DE.dll
[2010.09.06 20:43:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST5UNST.EXE
[2010.09.06 20:43:06 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVBVM50.dll
[2010.09.06 19:25:38 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PCSuite
[2010.09.06 19:25:30 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Nokia
[2010.09.06 19:21:39 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010.09.06 19:18:53 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution
[2008.09.10 18:54:41 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
========== Files - Modified Within 30 Days ==========
[2010.10.03 16:07:24 | 004,456,448 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat
[2010.10.03 16:01:15 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.10.03 15:59:17 | 000,002,299 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\acervcmtmp.ini
[2010.10.03 15:58:59 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010.10.03 15:58:36 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.03 15:58:16 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.03 15:58:16 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.03 15:58:13 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.10.03 15:58:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.03 15:58:07 | 3146,633,216 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.03 15:57:08 | 000,524,288 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{86966b68-6af0-11df-adb2-001d72c6155e}.TMContainer00000000000000000001.regtrans-ms
[2010.10.03 15:57:08 | 000,065,536 | -HS- | M] () -- C:\Users\Melanie\ntuser.dat{86966b68-6af0-11df-adb2-001d72c6155e}.TM.blf
[2010.10.03 15:57:07 | 002,421,016 | -H-- | M] () -- C:\Users\Melanie\AppData\Local\IconCache.db
[2010.10.03 15:15:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.03 13:13:09 | 001,206,412 | ---- | M] () -- C:\Users\Melanie\Desktop\tdsskiller.zip
[2010.10.02 18:42:16 | 000,000,000 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\FileOut.cns
[2010.10.02 18:42:16 | 000,000,000 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\FileIn.cns
[2010.10.02 07:46:30 | 006,782,605 | ---- | M] () -- C:\Users\Melanie\Desktop\YouTube - Pociąg TLK _Barbakan_ Szczecin Gł. - Kraków Gł..wav
[2010.10.02 07:45:04 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\YouTube Downloader.lnk
[2010.10.01 17:41:33 | 000,003,514 | ---- | M] () -- C:\Users\Melanie\.recently-used.xbel
[2010.09.30 07:13:25 | 000,000,158 | ---- | M] () -- C:\Windows\TSDataEx.ini
[2010.09.30 07:13:25 | 000,000,000 | ---- | M] () -- C:\FileOut.Cns
[2010.09.30 07:13:25 | 000,000,000 | ---- | M] () -- C:\FileIn.Cns
[2010.09.29 11:51:02 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.09.29 11:50:37 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.09.28 09:17:13 | 000,000,235 | ---- | M] () -- C:\Users\Melanie\Documents\PKP_300306-2.mp3
[2010.09.28 09:06:14 | 000,005,056 | ---- | M] () -- C:\ProgramData\drctchbl.xvi
[2010.09.28 08:33:59 | 004,295,189 | ---- | M] () -- C:\Users\Melanie\Desktop\YouTubeDownloaderSetup261.exe
[2010.09.26 13:35:21 | 000,083,968 | ---- | M] () -- C:\Users\Melanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.26 11:13:23 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.09.18 19:25:24 | 000,591,320 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.18 19:25:23 | 001,432,888 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.18 19:25:23 | 000,623,280 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.18 19:25:23 | 000,125,378 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.18 19:25:23 | 000,103,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.14 19:58:23 | 000,015,028 | ---- | M] () -- C:\Users\Melanie\Desktop\150px-FC_Honved_Budapest_svg.png
[2010.09.14 12:43:48 | 000,005,972 | ---- | M] () -- C:\Users\Melanie\AppData\Local\d3d9caps.dat
[2010.09.07 18:45:30 | 000,000,864 | ---- | M] () -- C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BackProtection Hintergrunddienst.lnk
[2010.09.07 18:37:53 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2010.09.07 11:22:27 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Melanie\Desktop\OTL.exe
[2010.09.07 10:29:28 | 000,087,144 | ---- | M] () -- C:\Users\Melanie\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.09.07 10:28:15 | 000,328,712 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.09.07 10:27:06 | 533,420,333 | ---- | M] () -- C:\Windows\MEMORY.DMP
========== Files Created - No Company Name ==========
[2010.10.03 13:13:04 | 001,206,412 | ---- | C] () -- C:\Users\Melanie\Desktop\tdsskiller.zip
[2010.10.02 07:46:30 | 006,782,605 | ---- | C] () -- C:\Users\Melanie\Desktop\YouTube - Pociąg TLK _Barbakan_ Szczecin Gł. - Kraków Gł..wav
[2010.10.02 07:23:54 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.10.01 17:41:33 | 000,003,514 | ---- | C] () -- C:\Users\Melanie\.recently-used.xbel
[2010.09.29 11:32:54 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010.09.29 11:32:54 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.09.29 11:32:54 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.09.29 11:32:54 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.09.29 11:32:54 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.09.29 07:22:11 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\RLMPCDec.ax
[2010.09.29 07:22:11 | 000,070,656 | RHS- | C] () -- C:\Windows\System32\RLAPEDec.ax
[2010.09.29 07:22:11 | 000,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax
[2010.09.29 07:22:10 | 000,120,832 | RHS- | C] () -- C:\Windows\System32\MPCDx.ax
[2010.09.29 07:22:09 | 000,227,328 | RHS- | C] () -- C:\Windows\System32\ac3DX.ax
[2010.09.29 07:22:09 | 000,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax
[2010.09.29 07:22:09 | 000,097,280 | RHS- | C] () -- C:\Windows\System32\FLACDX.ax
[2010.09.29 07:22:09 | 000,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax
[2010.09.28 09:20:35 | 000,000,923 | ---- | C] () -- C:\Users\Public\Desktop\YouTube Downloader.lnk
[2010.09.28 09:17:07 | 000,000,235 | ---- | C] () -- C:\Users\Melanie\Documents\PKP_300306-2.mp3
[2010.09.28 09:06:14 | 000,005,056 | ---- | C] () -- C:\ProgramData\drctchbl.xvi
[2010.09.28 08:33:47 | 004,295,189 | ---- | C] () -- C:\Users\Melanie\Desktop\YouTubeDownloaderSetup261.exe
[2010.09.28 08:12:59 | 000,053,760 | ---- | C] () -- C:\Windows\System\ppacklib.dll
[2010.09.26 11:13:23 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.09.14 19:58:43 | 000,015,028 | ---- | C] () -- C:\Users\Melanie\Desktop\150px-FC_Honved_Budapest_svg.png
[2010.09.07 18:37:52 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.09.07 10:27:06 | 533,420,333 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.09.06 20:43:59 | 000,000,864 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BackProtection Hintergrunddienst.lnk
[2010.08.28 00:47:58 | 000,002,299 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\acervcmtmp.ini
[2010.05.09 19:22:49 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2010.02.24 12:57:19 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.01.23 14:50:06 | 000,005,972 | ---- | C] () -- C:\Users\Melanie\AppData\Local\d3d9caps.dat
[2009.11.14 18:33:49 | 000,000,158 | ---- | C] () -- C:\Windows\TSDataEx.ini
[2009.11.01 16:35:56 | 000,000,000 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\FileOut.cns
[2009.11.01 16:35:56 | 000,000,000 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\FileIn.cns
[2009.07.06 13:27:56 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.07.05 12:07:49 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.05.07 18:47:01 | 000,000,194 | ---- | C] () -- C:\Windows\Sierra.ini
[2008.10.05 00:05:18 | 000,000,000 | ---- | C] () -- C:\Users\Melanie\AppData\Roaming\wklnhst.dat
[2008.10.04 21:55:48 | 000,083,968 | ---- | C] () -- C:\Users\Melanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.10 18:43:58 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1527.dll
[2008.09.10 09:12:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008.09.10 09:10:18 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008.09.10 09:10:18 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008.09.10 09:09:20 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008.05.07 20:06:49 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.05.07 20:03:50 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.05.07 20:03:50 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.04.30 10:09:06 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.04.30 10:09:01 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2008.04.30 10:09:01 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2008.04.30 10:09:01 | 000,000,041 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.11.07 01:01:19 | 000,121,562 | ---- | C] () -- C:\Windows\System32\PicFormat32.dll
[2003.07.13 05:40:28 | 000,217,088 | ---- | C] () -- C:\Windows\System32\SAWZipNG.dll
[2002.03.13 07:46:00 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
[1997.11.10 16:18:48 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 03.10.2010 16:04:11 - Run 2
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Melanie\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,17 Gb Total Space | 0,51 Gb Free Space | 0,35% Space Free | Partition Type: NTFS
Drive D: | 144,15 Gb Total Space | 144,02 Gb Free Space | 99,91% Space Free | Partition Type: NTFS
Drive E: | 702,31 Mb Total Space | 674,23 Mb Free Space | 96,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MELANIE-PC
Current User Name: Melanie
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr -- File not found
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B0CCEC36-0F68-4200-9333-07ABDC9E6849}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B3743900-03CE-48DB-AB35-E7E997A036C3}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{046CAE90-41BD-4DFF-9F66-69CBDABEA0DC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0515AB49-D391-4A91-8DAF-53C4D3C2F355}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{057C4092-4B25-4539-939B-63111302ADC0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0AA0CB6D-250A-497E-896F-CC4E0E01269B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C6E0F10-7302-4C2B-8930-67DB8668572A}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{0E42E275-4EDB-4BE4-9107-69835DD8382A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1078D01E-5551-4BBA-B6D4-0A4CB6DB4C87}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{13B1B061-F775-40F5-BC17-822DAEDA0C4E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{174BDFC6-5957-4BEA-BC23-14F8680CF8FD}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{18F13C8A-2F99-4689-A939-5F2BEEEE4676}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1B31B917-3FB6-4893-AEFB-86D65F402F3B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1F4BF65C-AD70-4820-A638-34912EDC82B5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{201477B6-A117-44F3-A075-F09B1F3E8CC7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BD739EF-A368-40D8-8694-38C445AFF41E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2CDCF5F8-6BE7-4195-B77A-DBE6DC9C8B00}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D6C587F-53A7-41DA-A284-844F79B44E52}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2DB9864A-7249-4E0B-9B05-84DF35F6E304}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{2E12FE3B-F0BF-4E1B-875B-01449643E220}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E39948B-3696-4D57-A6BE-DC4061598B5E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2F95D4F7-1A70-4609-8797-1F4695C71702}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{30B1BB7C-47DA-409F-9A46-272821AD65E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{31A2002C-2D07-4788-A180-D1FB7DF92E6E}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{31EE60CF-0E6A-4F5E-A2B9-23EE956A20DA}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{32C776B1-88B3-498B-BDDD-382E5DA221A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{34F8E6F2-3633-4471-8D44-EA6DD247C4BE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{357157BD-043D-4229-97C7-6BEABC42647F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{381AAF77-5325-44C7-BBDF-1F1A67E76AC2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3867FFCB-159C-405B-AB2E-64EEAB55BD47}" = protocol=6 | dir=in | app=c:\gamigo\snowboundonline\run.exe |
"{38FE7F86-9D6B-43F3-A7D0-D452EB973705}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{39543FCA-E84E-4C40-BDBD-3AD976759DFC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3F191BD8-E698-460A-8E8B-39B1F3923758}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{40F6633E-C7F1-4B60-A140-293DB36D74F3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{473D0EBB-ED72-4BCD-9868-A12242E9F7ED}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4D013F74-3C09-499E-9EE2-04EC2B33842C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4E03B8D7-3820-4ABB-B0FD-3C8D279BE0B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4E68C5A0-5745-45E5-9D6F-310383B088EA}" = protocol=17 | dir=in | app=e:\libneap.dll |
"{5042E790-1744-4447-AD2D-8B89F17ADD43}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5426B4D8-11C5-4418-B531-70355A855A0D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5AD711F2-CD42-429E-818E-E2A72FAD3FF2}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{5EB66F48-0DF4-49AE-8897-76AEDA2FA512}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5F445A37-1343-4DEB-A2C3-B705E4382C35}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{623F3F0C-96E3-4507-BC2C-6751D634CA79}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{663E24DB-746F-4613-A025-711B5352DF9A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{6698C2B0-0C8C-4BB4-AC2D-76CBD39FA84B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66EB64F4-4600-4C86-B478-2BC2E528FDAA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{686C827B-3F1E-4B91-834A-B92FBE144655}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{69E15D11-2F91-4A1A-BA60-6DFB87DF6DBE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6C6D270D-9A2E-495B-B7B3-20CCAC190787}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CAD8071-31AD-4DBA-B819-2FEE6DD0200E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CD629A3-AF4A-4EE4-B3DB-759E3ED6EEA3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{74BEE852-5C5F-4F60-9C63-6033F6513F06}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{785670C8-D6E0-41A8-B487-054B9F423C3A}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{7C0A7420-F5A9-4FB3-A313-79B5B5F94228}" = protocol=6 | dir=in | app=e:\libneap.dll |
"{7EC7D901-F7A4-4E8A-8BEF-B0AA9FB84F81}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A242C81-33AC-4B6C-9D23-50A4360AC30C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8AF0D93E-83E2-460D-B674-27487D45D47D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B2B9469-10B8-4B65-9139-D84FB2585854}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B3488E5-E66D-4C64-A6D6-400D01F097BA}" = protocol=17 | dir=in | app=e:\dwizard615.exe |
"{912C173F-76FA-43A2-9A1B-1217ADBCA054}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{92199FC9-675B-41DD-A674-A697D6DF84FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9E00047A-456B-4324-9237-5B8996187512}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A14FF724-1692-4982-9999-8DDA3BD64CF4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A7898854-4855-42AD-A680-595A87E9CCC5}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{A7F136AA-66E0-4782-AD73-4100136243C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ABE5CFA9-8510-4F6C-A17F-FA7AF7F79FBF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5195AB3-74D6-41FD-AC3E-F13518F4641A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B7750CF6-AD6A-4023-B1F8-4AFF7CC5C0E9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B77F9E97-92E6-4165-8073-C25B985F7ABA}" = protocol=17 | dir=in | app=c:\gamigo\snowboundonline\run.exe |
"{C120845B-15ED-4155-878E-ABE812208B34}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C815E185-D1CB-49C9-ADE5-0C3CA3A3EC04}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{C9361CDA-5327-41E0-986C-6AC76875DDCA}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{CAE458B9-6B41-469F-81C2-009550143045}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD04A254-A2E8-4ADB-96D2-91074CD83499}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{D4B234B0-B109-4106-8A6F-C16FC6F18713}" = protocol=6 | dir=in | app=e:\dwizard615.exe |
"{D5CB2415-F15F-4148-88D8-73081C54F0D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D72A2A13-2176-4554-B5AB-EC4DCC6F27CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D89BC81B-F048-4FFE-A0FC-7F79DCDDF241}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DBF97DF8-19E3-4347-9A10-EBB5EAE7D1D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DC5A5504-5DBC-44E1-9F93-576CA513434C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DFCE3B1E-5608-4F48-9692-11E4FE1FB82D}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E951B1DB-74A9-4390-A214-B7CC94EA1A66}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E9BB441F-C6F6-4FBD-A10D-C7B17E32BEB5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E9D31E29-0BE1-4F04-8955-5B8661B6F271}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EF8F2DCF-6C91-4317-9FFF-5F6773A7FD87}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F25B8834-D667-4269-B7F7-932B44911059}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{F39D629A-C59F-4EFE-8701-1FB8572EA983}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F85931DE-2FCE-4B1D-9202-52E3324F2007}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{F96C5476-AEE3-4280-A7D4-5953188EFA71}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{0A04BDCF-CCDA-4B29-B6B4-20626F0EA5B5}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=6 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe |
"TCP Query User{0C6EA673-AC9D-4728-9464-25CB86BAB5E6}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{2986400D-C5D6-486C-9ADD-CDE44E75D3ED}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{3574FA08-1F87-4ED2-B8DC-3A7BEFF021B0}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=6 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe |
"TCP Query User{4BF1F50E-E8AF-4079-BEEA-27C2A6AC8D50}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{5205D070-46C7-4622-93F9-779667C051B3}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{A4685A39-4761-488F-AEEE-68E338D03644}C:\program files\ea sports\fussball manager 10\manager10.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fussball manager 10\manager10.exe |
"TCP Query User{AFBF6A7F-2DA6-4B8C-8BA9-EBE64DECE3BE}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{C51BCCDF-F365-4BC2-8947-AAEF7392B2E1}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{E13B0C81-C9EF-4B9B-9963-FBD520A40C5A}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{E79382BD-A4B3-499A-802B-41D15751A6B6}C:\program files\ea sports\fussball manager 10\manager10.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fussball manager 10\manager10.exe |
"UDP Query User{0894D49F-80BA-4011-A4BB-59E5B5CB123C}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{10E6197C-C817-425D-91E3-5D4A08621E48}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{54B5A8BF-7CE4-41F3-B3CD-51C0929F8BD8}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=17 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe |
"UDP Query User{5763FB3E-FBCE-4FE8-A52D-332677094EA9}C:\program files\ea sports\fussball manager 10\manager10.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fussball manager 10\manager10.exe |
"UDP Query User{72E33DF3-3CB6-433E-B53C-58D83282A470}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{9410DC36-2531-4B37-AC81-84863F76C926}C:\program files\ea sports\fussball manager 10\manager10.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fussball manager 10\manager10.exe |
"UDP Query User{AFC28250-7B0E-469F-BD9F-492205F76473}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{C64DF1BC-7E98-462E-BF9C-3ACFF3AA619A}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{C8DA22EB-058E-495F-91A8-B87E94B7B5C9}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{CA796A13-5E4C-43B8-BCCD-510B80B436E6}C:\program files\activision value\world series of poker toc\wsoptoc.exe" = protocol=17 | dir=in | app=c:\program files\activision value\world series of poker toc\wsoptoc.exe |
"UDP Query User{FEAD0ED5-B023-4930-A4EB-EEA445753E6A}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004098A1-0362-4C42-A1C3-CAD436CFF4A1}" = YouTube Downloader Toolbar v1.0
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.2
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{266C7330-C0F4-49E5-8F20-A56F9F822875}" = SweetIM Toolbar for Internet Explorer 3.3
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}" = MSTS Patch 1.7.0519
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A0C1B89-04F3-4AAE-92AC-133B8D2DBEF3}_is1" = UZ_WLABmee62-001 v2.0
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79AE77D7-7E8C-4A98-B32B-A941736DBFA6}_is1" = Texas Hold'em Poker - Royal-Flush-Edition 2007
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D16ECDF4-DA6F-418F-947A-C1652B5CFD96}" = SweetIM for Messenger 2.7
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows-Treiberpaket - Nokia Modem (11/03/2006 6.82.0.1)
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Windows-Treiberpaket - Nokia Modem (06/09/2010 4.5)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"AceIt_is1" = AceIt v1.3.1
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Big Fun Maxi Minigolf" = Big Fun Maxi Minigolf
"BrothersInArms" = Brothers In Arms
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Convoi" = Convoi 1.50
"DirectXMediaRuntime" = DirectX Media Runtime 5.1
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EA Download Manager" = EA Download Manager
"EEEE705096F837B7907659F100C9FE6DA001970F" = Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.7)
"FIS2005_is1" = FIS2005 1.0
"FUSSBALL MANAGER 08" = FUSSBALL MANAGER 08
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"GameSpy Arcade" = GameSpy Arcade
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"IrfanView" = IrfanView (remove only)
"LManager" = Launch Manager
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX Speed burnR D" = MAGIX Speed burnR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSTS Activity Mover_is1" = MSTS Activity Mover, 1.0
"Need4 Software Launcher" = Need4 Software Launcher 7.1
"Need4 Video Converter 7" = Need4 Video Converter 7
"Nokia PC Suite" = Nokia PC Suite
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TGATool2A_is1" = TGATool2A version 4.00.34
"The route Bratislava-Brno-Praha for MSTS_is1" = The route Bratislava-Brno-Praha for MSTS version from BP 77 /
"Train Simulator 1.0" = Microsoft Train Simulator
"Train Store (German Language Pack)" = Train Store (German Language Pack)
"Train Store V3.2" = Train Store V3.2
"TranslatorBar_1.2 Toolbar" = TranslatorBar 1.2 Toolbar
"Uninstall_is1" = Uninstall 1.0.0.1
"Universal Document Converter_is1" = Universal Document Converter (Demo)
"VLC media player" = VLC media player 0.9.8a
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World Series of Poker TOC" = World Series of Poker: TOC
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Route_Riter v7.5" = Route_Riter v7.5
"TrainSim.pl PMK v2.3" = TrainSim.pl PMK v2.3
"TrainSim.pl Wschodnia Polska v2.0" = TrainSim.pl Wschodnia Polska v2.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.05.2010 10:13:58 | Computer Name = Melanie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung train.exe, Version 1.16.5.912, Zeitstempel 0x3c1625d7,
fehlerhaftes Modul train.exe, Version 1.16.5.912, Zeitstempel 0x3c1625d7, Ausnahmecode
0xc0000005, Fehleroffset 0x001a61df, Prozess-ID 0x1768, Anwendungsstartzeit 01caf75d6a6916a1.
Error - 20.05.2010 01:30:25 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.05.2010 01:30:30 | Computer Name = Melanie-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 20.05.2010 01:30:30 | Computer Name = Melanie-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 21.05.2010 02:05:35 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.05.2010 02:05:40 | Computer Name = Melanie-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 21.05.2010 02:05:40 | Computer Name = Melanie-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 22.05.2010 02:23:27 | Computer Name = Melanie-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.05.2010 02:23:32 | Computer Name = Melanie-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 22.05.2010 02:23:32 | Computer Name = Melanie-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ System Events ]
Error - 29.09.2010 05:36:56 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 29.09.2010 05:50:40 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 29.09.2010 06:17:09 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7006
Description =
Error - 30.09.2010 16:28:03 | Computer Name = Melanie-PC | Source = DCOM | ID = 10010
Description =
Error - 30.09.2010 22:44:43 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 01.10.2010 08:11:00 | Computer Name = Melanie-PC | Source = volsnap | ID = 393251
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht vergrößert werden kann.
Error - 02.10.2010 00:45:21 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 02.10.2010 01:14:11 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 03.10.2010 04:56:39 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 03.10.2010 09:58:44 | Computer Name = Melanie-PC | Source = Service Control Manager | ID = 7000
Description =
[ TuneUp Events ]
Error - 12.06.2010 15:01:08 | Computer Name = Melanie-PC | Source = TuneUp Program Statistics | ID = 131840
Description =
< End of report >
--- --- --- TDSSKiller
Dauerte nur 25 sek. 263 durchsuchte Objekte. Ist das normal, das es so schnell geht? Zitat:
2010/10/03 16:34:12.0929 TDSS rootkit removing tool 2.4.3.0 Sep 27 2010 15:28:54
2010/10/03 16:34:12.0929 ================================================================================
2010/10/03 16:34:12.0929 SystemInfo:
2010/10/03 16:34:12.0929
2010/10/03 16:34:12.0929 OS Version: 6.0.6002 ServicePack: 2.0
2010/10/03 16:34:12.0929 Product type: Workstation
2010/10/03 16:34:12.0929 ComputerName: MELANIE-PC
2010/10/03 16:34:12.0929 UserName: Melanie
2010/10/03 16:34:12.0929 Windows directory: C:\Windows
2010/10/03 16:34:12.0929 System windows directory: C:\Windows
2010/10/03 16:34:12.0929 Processor architecture: Intel x86
2010/10/03 16:34:12.0929 Number of processors: 2
2010/10/03 16:34:12.0929 Page size: 0x1000
2010/10/03 16:34:12.0929 Boot type: Normal boot
2010/10/03 16:34:12.0929 ================================================================================
2010/10/03 16:34:13.0288 Initialize success
2010/10/03 16:34:15.0721 ================================================================================
2010/10/03 16:34:15.0721 Scan started
2010/10/03 16:34:15.0721 Mode: Manual;
2010/10/03 16:34:15.0721 ================================================================================
2010/10/03 16:34:16.0720 ACEDRV09 (ec818aed40e3359fe49ddb1700151e56) C:\Windows\system32\drivers\ACEDRV09.sys
2010/10/03 16:34:16.0860 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2010/10/03 16:34:16.0891 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2010/10/03 16:34:16.0954 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2010/10/03 16:34:17.0047 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2010/10/03 16:34:17.0079 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2010/10/03 16:34:17.0157 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2010/10/03 16:34:17.0250 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
2010/10/03 16:34:17.0344 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2010/10/03 16:34:17.0391 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/10/03 16:34:17.0422 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2010/10/03 16:34:17.0484 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2010/10/03 16:34:17.0500 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2010/10/03 16:34:17.0531 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2010/10/03 16:34:17.0578 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2010/10/03 16:34:17.0687 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2010/10/03 16:34:17.0734 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2010/10/03 16:34:17.0765 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/10/03 16:34:17.0812 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2010/10/03 16:34:17.0890 avgntflt (a88d29d928ad2b830e87b53e3f9bc182) C:\Windows\system32\DRIVERS\avgntflt.sys
2010/10/03 16:34:17.0952 avipbb (524b9e78e396c00968c5629ed5bbfab0) C:\Windows\system32\DRIVERS\avipbb.sys
2010/10/03 16:34:18.0030 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\Windows\system32\DRIVERS\b57nd60x.sys
2010/10/03 16:34:18.0093 BCM43XX (e22abcaa7b6ff580feb0d49545dc4263) C:\Windows\system32\DRIVERS\bcmwl6.sys
2010/10/03 16:34:18.0155 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2010/10/03 16:34:18.0202 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2010/10/03 16:34:18.0264 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2010/10/03 16:34:18.0295 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/10/03 16:34:18.0327 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/10/03 16:34:18.0373 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/10/03 16:34:18.0420 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/10/03 16:34:18.0451 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/10/03 16:34:18.0467 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/10/03 16:34:18.0498 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/10/03 16:34:18.0623 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/10/03 16:34:18.0701 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2010/10/03 16:34:18.0748 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2010/10/03 16:34:18.0795 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2010/10/03 16:34:18.0888 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/10/03 16:34:18.0919 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2010/10/03 16:34:18.0951 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/10/03 16:34:18.0997 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2010/10/03 16:34:19.0029 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2010/10/03 16:34:19.0107 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2010/10/03 16:34:19.0153 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2010/10/03 16:34:19.0216 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
2010/10/03 16:34:19.0263 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2010/10/03 16:34:19.0325 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2010/10/03 16:34:19.0372 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/10/03 16:34:19.0419 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2010/10/03 16:34:19.0512 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2010/10/03 16:34:19.0575 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2010/10/03 16:34:19.0668 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2010/10/03 16:34:19.0731 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2010/10/03 16:34:19.0809 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2010/10/03 16:34:19.0840 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2010/10/03 16:34:19.0887 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2010/10/03 16:34:19.0933 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/10/03 16:34:19.0965 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2010/10/03 16:34:20.0011 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2010/10/03 16:34:20.0058 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2010/10/03 16:34:20.0121 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2010/10/03 16:34:20.0183 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/10/03 16:34:20.0230 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/10/03 16:34:20.0277 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/10/03 16:34:20.0323 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2010/10/03 16:34:20.0355 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2010/10/03 16:34:20.0417 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2010/10/03 16:34:20.0495 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
2010/10/03 16:34:20.0620 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2010/10/03 16:34:20.0682 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2010/10/03 16:34:20.0713 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/10/03 16:34:20.0760 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2010/10/03 16:34:20.0901 igfx (0627fc0c422cd6e0f23e1b0d1d9f0899) C:\Windows\system32\DRIVERS\igdkmd32.sys
2010/10/03 16:34:21.0010 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/10/03 16:34:21.0072 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
2010/10/03 16:34:21.0166 IntcAzAudAddService (219ca9a36d6de2ec04f958c907673436) C:\Windows\system32\drivers\RTKVHDA.sys
2010/10/03 16:34:21.0275 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2010/10/03 16:34:21.0322 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2010/10/03 16:34:21.0369 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/10/03 16:34:21.0447 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2010/10/03 16:34:21.0509 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2010/10/03 16:34:21.0556 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
2010/10/03 16:34:21.0618 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2010/10/03 16:34:21.0649 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2010/10/03 16:34:21.0696 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/10/03 16:34:21.0774 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/10/03 16:34:22.0024 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/10/03 16:34:22.0117 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/10/03 16:34:22.0149 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
2010/10/03 16:34:22.0258 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2010/10/03 16:34:22.0554 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/10/03 16:34:22.0617 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2010/10/03 16:34:22.0663 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2010/10/03 16:34:22.0773 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2010/10/03 16:34:22.0866 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2010/10/03 16:34:23.0007 MBAMSwissArmy (c7dd7d9739785bd3a6b8499eec1dee7e) C:\Windows\system32\drivers\mbamswissarmy.sys
2010/10/03 16:34:23.0053 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2010/10/03 16:34:23.0131 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2010/10/03 16:34:23.0287 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2010/10/03 16:34:23.0319 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2010/10/03 16:34:23.0350 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2010/10/03 16:34:23.0381 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2010/10/03 16:34:23.0412 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2010/10/03 16:34:23.0537 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2010/10/03 16:34:23.0599 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2010/10/03 16:34:23.0646 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/10/03 16:34:23.0740 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2010/10/03 16:34:23.0787 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/10/03 16:34:23.0833 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/10/03 16:34:23.0911 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/10/03 16:34:24.0005 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
2010/10/03 16:34:24.0099 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2010/10/03 16:34:24.0223 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2010/10/03 16:34:24.0255 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2010/10/03 16:34:24.0333 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2010/10/03 16:34:24.0395 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/10/03 16:34:24.0489 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2010/10/03 16:34:24.0660 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2010/10/03 16:34:24.0754 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/10/03 16:34:24.0816 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2010/10/03 16:34:24.0879 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2010/10/03 16:34:25.0003 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2010/10/03 16:34:25.0066 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2010/10/03 16:34:25.0144 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/10/03 16:34:25.0206 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/10/03 16:34:25.0237 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/10/03 16:34:25.0331 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2010/10/03 16:34:25.0456 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2010/10/03 16:34:25.0549 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2010/10/03 16:34:25.0674 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/10/03 16:34:25.0737 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2010/10/03 16:34:25.0877 NSCIRDA (6d8d2e5652fc2442c810c5d8be784148) C:\Windows\system32\DRIVERS\nscirda.sys
2010/10/03 16:34:25.0924 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2010/10/03 16:34:26.0002 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2010/10/03 16:34:26.0205 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2010/10/03 16:34:26.0454 NTIPPKernel (547bfa3591c70674b0bfc99354ab78b3) C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
2010/10/03 16:34:26.0595 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/10/03 16:34:26.0673 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2010/10/03 16:34:26.0797 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2010/10/03 16:34:26.0829 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2010/10/03 16:34:26.0875 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2010/10/03 16:34:27.0047 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/10/03 16:34:27.0328 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/10/03 16:34:27.0421 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2010/10/03 16:34:27.0515 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/10/03 16:34:27.0655 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2010/10/03 16:34:27.0718 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2010/10/03 16:34:27.0765 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2010/10/03 16:34:27.0843 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/10/03 16:34:28.0014 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/10/03 16:34:28.0248 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2010/10/03 16:34:28.0295 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2010/10/03 16:34:28.0404 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2010/10/03 16:34:28.0482 PSDFilter (1dcbb35090cc4b2bd3d661e6089523c6) C:\Windows\system32\DRIVERS\psdfilter.sys
2010/10/03 16:34:28.0560 PSDNServ (e26e46d619469964ac3609620f443867) C:\Windows\system32\DRIVERS\PSDNServ.sys
2010/10/03 16:34:28.0591 psdvdisk (3e1d134af2806867d06047c4cc33cc65) C:\Windows\system32\DRIVERS\PSDVdisk.sys
2010/10/03 16:34:28.0701 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2010/10/03 16:34:28.0841 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/10/03 16:34:28.0935 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2010/10/03 16:34:29.0013 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2010/10/03 16:34:29.0044 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/10/03 16:34:29.0091 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/10/03 16:34:29.0122 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2010/10/03 16:34:29.0215 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2010/10/03 16:34:29.0387 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/10/03 16:34:29.0512 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2010/10/03 16:34:29.0590 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2010/10/03 16:34:29.0715 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2010/10/03 16:34:29.0839 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2010/10/03 16:34:29.0933 RTSTOR (30af53469b2a60f693acb24fbd90abd7) C:\Windows\system32\drivers\RTSTOR.SYS
2010/10/03 16:34:30.0011 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\Windows\system32\DRIVERS\s0016bus.sys
2010/10/03 16:34:30.0089 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\Windows\system32\DRIVERS\s0016mdfl.sys
2010/10/03 16:34:30.0183 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\Windows\system32\DRIVERS\s0016mdm.sys
2010/10/03 16:34:30.0276 s0017bus (594ff5620661d1386475406e78cb6f2f) C:\Windows\system32\DRIVERS\s0017bus.sys
2010/10/03 16:34:30.0417 s0017mdfl (7258f550419d543bc5c8e80c578a5d54) C:\Windows\system32\DRIVERS\s0017mdfl.sys
2010/10/03 16:34:30.0463 s0017mdm (1de4f6607feb17a15dbd4f1b139e6d2f) C:\Windows\system32\DRIVERS\s0017mdm.sys
2010/10/03 16:34:30.0604 s0017mgmt (9814e6bacc06d2526cd52981c7eeedf0) C:\Windows\system32\DRIVERS\s0017mgmt.sys
2010/10/03 16:34:30.0744 s0017nd5 (2c62cd58225973f26682cd4f783ddede) C:\Windows\system32\DRIVERS\s0017nd5.sys
2010/10/03 16:34:30.0900 s0017obex (f87c3422e84b2fb1b43e0a26247ad5a5) C:\Windows\system32\DRIVERS\s0017obex.sys
2010/10/03 16:34:30.0963 s0017unic (df5e7360a0afa5956bf75da683d0679f) C:\Windows\system32\DRIVERS\s0017unic.sys
2010/10/03 16:34:31.0165 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2010/10/03 16:34:31.0259 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2010/10/03 16:34:31.0353 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/10/03 16:34:31.0431 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2010/10/03 16:34:31.0587 SE2Ebus (97ec6c60112ebd40c07fe295a38ab1ea) C:\Windows\system32\DRIVERS\SE2Ebus.sys
2010/10/03 16:34:31.0680 SE2Emdfl (abfe402ba200e82568a5606719397afa) C:\Windows\system32\DRIVERS\SE2Emdfl.sys
2010/10/03 16:34:31.0711 SE2Emdm (4acfe8a2a3c1624964429e83bc7148a4) C:\Windows\system32\DRIVERS\SE2Emdm.sys
2010/10/03 16:34:31.0758 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/10/03 16:34:31.0836 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/10/03 16:34:31.0914 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/10/03 16:34:31.0945 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2010/10/03 16:34:32.0023 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2010/10/03 16:34:32.0101 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2010/10/03 16:34:32.0133 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2010/10/03 16:34:32.0164 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/10/03 16:34:32.0257 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2010/10/03 16:34:32.0569 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2010/10/03 16:34:32.0616 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2010/10/03 16:34:32.0679 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2010/10/03 16:34:32.0803 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2010/10/03 16:34:32.0897 sptd (a80cd850d69d996c832bea37e3a6aa1e) C:\Windows\system32\Drivers\sptd.sys
2010/10/03 16:34:33.0053 srv (96a5e2c642af8f591a7366429809506b) C:\Windows\system32\DRIVERS\srv.sys
2010/10/03 16:34:33.0115 srv2 (71da2d64880c97e5ffc3c81761632751) C:\Windows\system32\DRIVERS\srv2.sys
2010/10/03 16:34:33.0162 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys
2010/10/03 16:34:33.0271 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2010/10/03 16:34:33.0303 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2010/10/03 16:34:33.0349 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/10/03 16:34:33.0381 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/10/03 16:34:33.0427 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/10/03 16:34:33.0459 SynTP (32e8b307f0e9f72b66b518fd62eab91e) C:\Windows\system32\DRIVERS\SynTP.sys
2010/10/03 16:34:33.0583 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2010/10/03 16:34:33.0661 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2010/10/03 16:34:33.0724 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2010/10/03 16:34:33.0755 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2010/10/03 16:34:33.0786 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2010/10/03 16:34:33.0849 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2010/10/03 16:34:33.0895 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2010/10/03 16:34:33.0973 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/10/03 16:34:34.0020 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2010/10/03 16:34:34.0067 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2010/10/03 16:34:34.0098 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2010/10/03 16:34:34.0161 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
2010/10/03 16:34:34.0192 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2010/10/03 16:34:34.0254 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2010/10/03 16:34:34.0317 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2010/10/03 16:34:34.0348 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/10/03 16:34:34.0395 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/10/03 16:34:34.0426 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2010/10/03 16:34:34.0519 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/10/03 16:34:34.0566 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/10/03 16:34:34.0675 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2010/10/03 16:34:34.0722 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2010/10/03 16:34:34.0785 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2010/10/03 16:34:35.0299 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2010/10/03 16:34:35.0471 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/10/03 16:34:35.0721 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/10/03 16:34:35.0861 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2010/10/03 16:34:35.0923 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/10/03 16:34:35.0970 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2010/10/03 16:34:36.0064 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2010/10/03 16:34:36.0126 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2010/10/03 16:34:36.0220 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2010/10/03 16:34:36.0298 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2010/10/03 16:34:36.0360 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2010/10/03 16:34:36.0469 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2010/10/03 16:34:36.0579 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2010/10/03 16:34:36.0657 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/10/03 16:34:36.0703 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/10/03 16:34:36.0719 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/10/03 16:34:36.0766 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2010/10/03 16:34:36.0828 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2010/10/03 16:34:36.0969 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
2010/10/03 16:34:37.0109 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/10/03 16:34:37.0203 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/10/03 16:34:37.0249 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/10/03 16:34:37.0312 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/10/03 16:34:37.0374 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
2010/10/03 16:34:37.0452 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (4d840c6af3c020ed3a35efba9025cf4a) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
2010/10/03 16:34:37.0577 ================================================================================
2010/10/03 16:34:37.0577 Scan finished
2010/10/03 16:34:37.0577 ================================================================================
| Viele Grüße |
