Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   keylogger oder spyware drauf? (https://www.trojaner-board.de/92203-keylogger-spyware-drauf.html)

mimi1965 25.10.2010 23:29
keylogger oder spyware drauf?
 
Hallo,
bitte kann mir das Jemand auswerten. Moechte gerne wisssen ob ich einen keylogger oder spyware drauf habe. Ich habe norton 360 ( testversion) und avast.
Ich wohne in USA und habe einen Laptop von hier, keine Ahnung ob das wichtig ist, ich erwaehn es einfach mal....

Vielen Dank!!!!


HiJackthis Logfile:
Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:27:08 PM, on 10/25/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18527)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtMon. exe
C:\Windows\vsnpstd3.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Users\ELLYAN~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtProc .exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.Notificati onCenter.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.ex e
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\ellyangel\Pictures\HiJackThis204.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=...&m=aspire_4330
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=...&m=aspire_4330
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\s wg.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\w32x86\3\WrtMon. exe
O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CyberDefender Registry Cleaner] c:\program files\cyberdefender\registry cleaner\Startcdrc.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\ellyangel\AppData\Local\Google\Update\Go ogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Iyukuwidogodobuv] rundll32.exe "C:\Users\ellyangel\AppData\Local\witd36r.dll",Sta rtup
O4 - HKCU\..\Run: [msin_isv] rundll32 "C:\Windows\system32\attrclip.dll",DllGetVersi on
O4 - HKCU\..\Run: [Onirebocov] rundll32.exe "C:\Users\ellyangel\AppData\Local\orupulukelikuf.d ll",Startup
O4 - HKCU\..\Run: [AdobeUpdater6] "C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe"
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950D F09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - hxxp://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c9ea1663e6a5d0) (gupdate1c9ea1663e6a5d0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: RUAGSMJWWDLST - Unknown owner - C:\Users\ELLYAN~1\AppData\Local\Temp\RUAGSMJWWDLST .exe (file missing)
O23 - Service: UAKIBV - Unknown owner - C:\Users\ELLYAN~1\AppData\Local\Temp\UAKIBV.exe (file missing)
O23 - Service: ZCGN - Unknown owner - C:\Users\ELLYAN~1\AppData\Local\Temp\ZCGN.exe (file missing)
O23 - Service: ZEHHZV - Unknown owner - C:\Users\ELLYAN~1\AppData\Local\Temp\ZEHHZV.exe (file missing)
--
End of file - 13632 bytes
--- --- ---

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4954

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

10/26/2010 3:55:12 PM
mbam-log-2010-10-26 (15-55-12).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 140810
Laufzeit: 9 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iyukuwidogodobuv (Trojan.Agent.U) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\onirebocov (Trojan.Agent.U) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\ProgramData\29413322 (Rogue.Multiple) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Users\ellyangel\AppData\Roaming\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.

OTL Logfile:
Code:
OTL logfile created on: 10/26/2010 4:23:54 PM - Run 1
OTL by OldTimer - Version 3.2.17.1    Folder = C:\Users\ellyangel\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50.89 Gb Total Space | 18.42 Gb Free Space | 36.19% Space Free | Partition Type: NTFS
Drive D: | 50.89 Gb Total Space | 50.73 Gb Free Space | 99.69% Space Free | Partition Type: NTFS
 
Computer Name: ELLYANGEL-PC | User Name: ellyangel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\ellyangel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
PRC - C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe (Matt Holwood)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Users\ellyangel\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\igfxext.exe (Intel Corporation)
PRC - C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe (acer)
PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
PRC - C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe ()
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
PRC - C:\Windows\vsnpstd3.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\ellyangel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll (Symantec Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (ZEHHZV) -- C:\Users\ELLYAN~1\AppData\Local\Temp\ZEHHZV.exe File not found
SRV - (ZCGN) -- C:\Users\ELLYAN~1\AppData\Local\Temp\ZCGN.exe File not found
SRV - (UAKIBV) -- C:\Users\ELLYAN~1\AppData\Local\Temp\UAKIBV.exe File not found
SRV - (RUAGSMJWWDLST) -- C:\Users\ELLYAN~1\AppData\Local\Temp\RUAGSMJWWDLST.exe File not found
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (N360) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe (Symantec Corporation)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (NTIBackupSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (AVFSFilter) -- C:\Windows\System32\DRIVERS\avfsfilter.sys File not found
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101025.001\IDSvix86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101026.002\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101026.002\NAVENG.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101001.001\BHDrvx86.sys (Symantec Corporation)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS (Symantec Corporation)
DRV - (ccHP) -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS (Symantec Corporation)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (NTIPPKernel) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corp.)
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (DritekPortIO) -- C:\Program Files\Launch Manager\DPortIO.sys (Dritek System Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vb32&d=0808&m=aspire_4330
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {DA6ED62A-E801-47B5-8FD9-559FF80DF12A}:1.9.1
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010/10/10 15:23:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010/10/10 11:44:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/10 14:49:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/09 15:32:10 | 000,000,000 | ---D | M]
 
[2009/01/29 16:43:38 | 000,000,000 | ---D | M] -- C:\Users\ellyangel\AppData\Roaming\Mozilla\Extensions
[2010/10/09 15:32:35 | 000,000,000 | ---D | M] -- C:\Users\ellyangel\AppData\Roaming\Mozilla\Firefox\Profiles\p4rvkwxr.default\extensions
[2010/10/09 15:32:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ellyangel\AppData\Roaming\Mozilla\Firefox\Profiles\p4rvkwxr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/09 15:32:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/09 10:54:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll ()
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [CyberDefender Registry Cleaner]  File not found
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Users\Default\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [CyberDefender Registry Cleaner] c:\Program Files\CyberDefender\Registry Cleaner\startcdrc.exe (CyberDefender)
O4 - HKCU..\Run: [msin_isv] C:\Windows\System32\attrclip.DLL File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game13.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}  (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.160.208.114 66.160.208.45
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/10/26 16:18:44 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\ellyangel\Desktop\OTL.exe
[2010/10/19 15:00:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\N360_BACKUP
[2010/10/14 18:01:40 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/10/14 18:01:17 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/10/14 18:00:58 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/10/14 18:00:54 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010/10/14 18:00:53 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010/10/14 18:00:49 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/10/14 18:00:46 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/10/14 18:00:43 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/10/14 18:00:31 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/10/14 18:00:29 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/10/14 18:00:26 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/10/14 18:00:26 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/10/14 18:00:25 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/10/14 18:00:24 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/10/14 18:00:24 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/10/14 18:00:23 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/10/14 18:00:23 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/10/14 18:00:23 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/10/10 15:23:56 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symtdiv.sys
[2010/10/10 15:23:56 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symefa.sys
[2010/10/10 15:23:55 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.sys
[2010/10/10 15:23:55 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\symds.sys
[2010/10/10 15:23:55 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.sys
[2010/10/10 15:23:55 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\ironx86.sys
[2010/10/10 15:23:55 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.sys
[2010/10/10 15:23:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0403000.005
[2010/10/10 11:43:42 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010/10/10 11:43:39 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/10/10 11:43:39 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/10/10 11:42:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2010/10/10 11:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2010/10/09 16:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/10/09 15:22:41 | 000,000,000 | ---D | C] -- C:\Users\ellyangel\Documents\My Google Gadgets
[2010/10/09 10:54:03 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/10/09 10:54:03 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/10/09 10:54:03 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/10/09 10:54:03 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/10/08 23:02:16 | 000,000,000 | ---D | C] -- C:\Users\ellyangel\AppData\Local\{DA6ED62A-E801-47B5-8FD9-559FF80DF12A}
[2010/09/28 15:28:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2008/08/19 01:55:53 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2007/03/12 12:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005/11/23 13:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010/10/26 16:19:28 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\ellyangel\Desktop\OTL.exe
[2010/10/26 16:15:06 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/10/26 16:06:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2136634944-1118908816-156827738-1000UA.job
[2010/10/26 16:05:48 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/10/26 16:05:48 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/10/26 15:59:48 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010/10/26 15:59:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/26 15:59:21 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/26 15:59:21 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/26 15:59:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/26 15:49:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/26 15:38:02 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/26 15:15:01 | 001,853,694 | ---- | M] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB
[2010/10/26 12:06:05 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2136634944-1118908816-156827738-1000Core.job
[2010/10/25 18:46:23 | 000,000,482 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ellyangel.job
[2010/10/15 03:43:15 | 000,297,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/10/10 14:49:59 | 000,002,144 | ---- | M] () -- C:\Users\ellyangel\Documents\Norton 360.lnk
[2010/10/10 13:05:01 | 000,000,120 | ---- | M] () -- C:\Users\ellyangel\AppData\Local\Fzezulodip.dat
[2010/10/10 11:43:39 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/10/10 11:43:39 | 000,007,443 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/10/10 11:43:39 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/10/10 11:01:08 | 000,000,000 | ---- | M] () -- C:\Users\ellyangel\AppData\Local\Ilesaf.bin
[2010/10/09 16:24:08 | 000,507,400 | ---- | M] () -- C:\Users\ellyangel\Documents\sdasetup[1].exe
[2010/10/09 16:14:09 | 000,000,947 | ---- | M] () -- C:\Users\ellyangel\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/09 15:32:13 | 000,001,752 | ---- | M] () -- C:\Users\ellyangel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/09 15:32:13 | 000,001,728 | ---- | M] () -- C:\Users\ellyangel\Documents\Mozilla Firefox.lnk
[2010/10/08 23:12:40 | 000,000,680 | ---- | M] () -- C:\Users\ellyangel\AppData\Local\d3d9caps.dat
[2010/10/08 23:00:14 | 000,000,020 | ---- | M] () -- C:\Users\ellyangel\AppData\Roaming\ldcpfk.dat
 
========== Files Created - No Company Name ==========
 
[2010/10/26 15:38:02 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/13 15:39:39 | 001,853,694 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\Cat.DB
[2010/10/10 15:23:56 | 000,007,873 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symefa.cat
[2010/10/10 15:23:56 | 000,007,787 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnetv.cat
[2010/10/10 15:23:56 | 000,007,368 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnet.cat
[2010/10/10 15:23:56 | 000,003,373 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symefa.inf
[2010/10/10 15:23:56 | 000,001,473 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnetv.inf
[2010/10/10 15:23:56 | 000,001,445 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symnet.inf
[2010/10/10 15:23:55 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.cat
[2010/10/10 15:23:55 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.cat
[2010/10/10 15:23:55 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\iron.cat
[2010/10/10 15:23:55 | 000,007,425 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symds.cat
[2010/10/10 15:23:55 | 000,007,396 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.cat
[2010/10/10 15:23:55 | 000,002,793 | R--- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\symds.inf
[2010/10/10 15:23:55 | 000,001,754 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\cchpx86.inf
[2010/10/10 15:23:55 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtspx.inf
[2010/10/10 15:23:55 | 000,001,382 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\srtsp.inf
[2010/10/10 15:23:55 | 000,000,741 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\iron.inf
[2010/10/10 15:23:08 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0403000.005\isolate.ini
[2010/10/10 11:43:39 | 000,007,443 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/10/10 11:43:39 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/10/10 11:43:24 | 000,002,144 | ---- | C] () -- C:\Users\ellyangel\Documents\Norton 360.lnk
[2010/10/09 16:24:09 | 000,507,400 | ---- | C] () -- C:\Users\ellyangel\Documents\sdasetup[1].exe
[2010/10/09 15:32:13 | 000,001,728 | ---- | C] () -- C:\Users\ellyangel\Documents\Mozilla Firefox.lnk
[2010/10/08 23:02:23 | 000,000,120 | ---- | C] () -- C:\Users\ellyangel\AppData\Local\Fzezulodip.dat
[2010/10/08 23:02:23 | 000,000,000 | ---- | C] () -- C:\Users\ellyangel\AppData\Local\Ilesaf.bin
[2010/10/08 23:00:10 | 000,000,020 | ---- | C] () -- C:\Users\ellyangel\AppData\Roaming\ldcpfk.dat
[2010/05/06 22:22:02 | 000,000,036 | ---- | C] () -- C:\Users\ellyangel\AppData\Local\housecall.guid.cache
[2009/10/07 19:30:27 | 008,673,792 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/19 11:16:39 | 000,000,112 | ---- | C] () -- C:\Users\ellyangel\AppData\Roaming\wklnhst.dat
[2008/11/30 13:51:47 | 000,000,680 | ---- | C] () -- C:\Users\ellyangel\AppData\Local\d3d9caps.dat
[2008/10/29 15:02:18 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
[2008/10/29 14:57:16 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2008/10/25 15:11:55 | 000,026,624 | ---- | C] () -- C:\Users\ellyangel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/23 23:47:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/08/29 11:00:21 | 000,006,048 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe2.log
[2008/08/19 02:02:33 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/08/19 02:02:33 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/08/19 01:53:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2008/08/19 01:43:17 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/08/19 01:37:28 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2004/02/27 17:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2001/12/26 18:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 01:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 18:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 00:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:793F316E
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:A42A9F39
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:DAFD38AE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:C46995DA
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:BB24555F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:4220A65C
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:2F141B68
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:F65733F1
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:9F683177
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:C946DB94
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:753F86A9
 
< End of report >
--- --- ---


OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 10/26/2010 4:23:54 PM - Run 1
OTL by OldTimer - Version 3.2.17.1    Folder = C:\Users\ellyangel\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50.89 Gb Total Space | 18.42 Gb Free Space | 36.19% Space Free | Partition Type: NTFS
Drive D: | 50.89 Gb Total Space | 50.73 Gb Free Space | 99.69% Space Free | Partition Type: NTFS
 
Computer Name: ELLYANGEL-PC | User Name: ellyangel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\iCall\iCall.exe" = C:\Program Files\iCall\iCall.exe:*:Enabled:iCall -- File not found
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D13A087-978A-41DD-A392-F40B50C7EB19}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{132A5CD1-E54E-4F59-AEEF-47FCD25E9F36}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5AEAEDDD-618E-4BF6-969E-33221F829D86}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{615D584C-848C-4A9D-B366-2581EAC47DD3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{81786189-9098-484F-A46A-9C3E2BCDB604}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{9BCD1C92-0D26-4F15-94D2-366A67F5AB53}" = lport=9000 | protocol=6 | dir=in | name=icall port |
"{A2E0ECA3-DA56-495C-8E8C-C89680462381}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C588581E-D1D1-4A62-8B4A-6DEBE837BB91}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{CBB83891-1694-44CC-B757-9BEECD98C4A3}" = lport=4255 | protocol=17 | dir=in | name=icall port |
"{EBF851BA-1F98-4E5C-8E4E-B19FC0037B1E}" = lport=2869 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04CC8ABB-4A22-42E0-8026-C686960E65B4}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{0E95ED54-4281-4CB0-8CF5-6D4597073AF0}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{1322F43A-C0A2-4512-A588-AB4E00B73CC3}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{177CC95A-9FBB-47C2-A22A-8F3DC878AAA1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{2BC2204A-B74A-4B43-8132-DB89B04C2CDB}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{2F02991F-C6F6-4013-A9BE-E87FF86BACED}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{4416A41C-2C98-428F-9431-8D15C475428F}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{48BADDD7-E94B-4784-80B3-7B526F5A5F1C}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{4DC1A946-C399-4028-8874-11545A3CAC36}" = protocol=6 | dir=out | app=system |
"{5586C986-98D2-48FB-A1D7-7528F198F029}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{5BE3165B-E617-4D35-B691-37E603E67A36}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{69814CA6-9F3C-462C-AC12-CB045D3747A4}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{6A59C664-39C7-4CFB-8D28-0CD1E331350F}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{6D8EDB31-338D-4915-A1DD-E0CADC44F7B4}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{72097E4D-044E-4B8D-9645-B6F6FB39147C}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{72813EC9-08EE-4F3A-A01E-0ADB1501F50F}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{8AE136F0-B16E-4D3E-BC18-9D8A7BADE25C}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{BA57F9E5-B21E-4380-9731-9F806FEF0A8C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{BD515367-AC2D-4F65-80A9-504C8B335478}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E8B455EA-1548-4C42-BA01-0CFE52C27BE5}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{ED96B05F-8294-4D8E-99AA-F9DF543BD6A2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FC6092C1-F0AF-4D6A-B4B9-0764A2014E9F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{647A7AF7-95A0-44FC-A77E-D0B52A14E15E}C:\program files\icall\icall.exe" = protocol=6 | dir=in | app=c:\program files\icall\icall.exe |
"TCP Query User{DF81E862-F830-4C73-864C-9B8CB14AB968}C:\program files\icall\icall.exe" = protocol=6 | dir=in | app=c:\program files\icall\icall.exe |
"UDP Query User{5A9787F7-FCA1-4D52-A15D-0D657E2E8613}C:\program files\icall\icall.exe" = protocol=17 | dir=in | app=c:\program files\icall\icall.exe |
"UDP Query User{921DEE47-64E4-499C-839F-1F07B8BB1C8A}C:\program files\icall\icall.exe" = protocol=17 | dir=in | app=c:\program files\icall\icall.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX300_series" = Canon MX300 series
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 20
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Betaversion)
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{58F58158-8DFE-31DA-AC1F-7E5D89A0F74F}" = Google Talk Plugin
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6DE18AB5-540B-4981-87D5-6CF7E923D983}_is1" = CyberDefender Registry Cleaner
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110080840}" = Cue Club
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360}" = Alien Shooter
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2F3DBD9-A9D2-4838-B45D-C917DAB32BC3}" = ScanSoft OmniPage SE 4
"{B6EF6DCE-078E-4952-A7FA-352A9C349EB0}" = MSN Toolbar
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast5" = avast! Free Antivirus
"BearShare MediaBar" = MediaBar 2.0
"Canon MX300 series User Registration" = Canon MX300 series User Registration
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MessengerDiscovery 2.1_is1" = MessengerDiscovery 2.1.79
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"N360" = Norton 360
"NSS" = Norton Security Scan
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle For PC" = Amazon Kindle For PC v1.0
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
 
========== Last 10 Event Log Errors ==========
 
[ Antivirus Events ]
Error - 5/22/2009 1:33:38 PM | Computer Name = ellyangel-PC | Source = avast! | ID = 33554522
Description =
 
[ Application Events ]
Error - 9/21/2010 11:58:16 PM | Computer Name = ellyangel-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 10/9/2010 12:12:39 AM | Computer Name = ellyangel-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 10/9/2010 12:52:40 AM | Computer Name = ellyangel-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 10/9/2010 2:05:35 AM | Computer Name = ellyangel-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6001.18164 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Problem Reports and Solutions control panel.  Process
 ID: 588  Start Time: 01cb676dc078d579  Termination Time: 236
 
Error - 10/9/2010 3:21:07 PM | Computer Name = ellyangel-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 10/9/2010 3:52:16 PM | Computer Name = ellyangel-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 10/9/2010 5:31:08 PM | Computer Name = ellyangel-PC | Source = Perflib | ID = 1010
Description =
 
Error - 10/9/2010 5:31:09 PM | Computer Name = ellyangel-PC | Source = Perflib | ID = 1008
Description =
 
Error - 10/10/2010 3:50:04 PM | Computer Name = ellyangel-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 10/10/2010 4:05:22 PM | Computer Name = ellyangel-PC | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 10/24/2010 7:39:57 PM | Computer Name = ellyangel-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
 
Error - 10/25/2010 11:44:38 AM | Computer Name = ellyangel-PC | Source = Service Control Manager | ID = 7011
Description =
 
Error - 10/25/2010 9:46:34 PM | Computer Name = ellyangel-PC | Source = Service Control Manager | ID = 7011
Description =
 
Error - 10/25/2010 9:47:03 PM | Computer Name = ellyangel-PC | Source = Service Control Manager | ID = 7011
Description =
 
Error - 10/26/2010 11:58:57 AM | Computer Name = ellyangel-PC | Source = Service Control Manager | ID = 7011
Description =
 
Error - 10/26/2010 12:01:04 PM | Computer Name = ellyangel-PC | Source = bowser | ID = 8003
Description =
 
Error - 10/26/2010 3:07:32 PM | Computer Name = ellyangel-PC | Source = Service Control Manager | ID = 7011
Description =
 
Error - 10/26/2010 4:56:56 PM | Computer Name = ellyangel-PC | Source = DCOM | ID = 10010
Description =
 
Error - 10/26/2010 4:59:09 PM | Computer Name = ellyangel-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =
 
Error - 10/26/2010 4:59:16 PM | Computer Name = ellyangel-PC | Source = HTTP | ID = 15016
Description =
 
 
< End of report >
--- --- ---

cosinus 27.10.2010 22:30
Zitat:
Art des Suchlaufs: Quick-Scan

Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

mimi1965 28.10.2010 02:24
Hier der VOLLSCAN......ist alles ok????


alwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4968

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

10/27/2010 6:58:27 PM
mbam-log-2010-10-27 (18-58-27).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 285241
Laufzeit: 1 Stunde(n), 46 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus 28.10.2010 18:24
Wieviele Durchgänge hast Du jetzt insgesamt mit Malwarebytes gemacht? Ich hab den Eindruck da sind noch weitere Logs vin diesem Tool.

mimi1965 28.10.2010 18:54
Insgesamt 2 Durchlaufe, einmal quick scan und ein Full scan. Soll ich nochmal durchlaufen lassen? kannst Du schon was erkennen?

cosinus 28.10.2010 19:59
Nein ist schon ok. Ich wollte nur wissen, ob Du vllt noch Logs hast, aber diese noch nicht gepostet wurden.

Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
:OTL
SRV - (ZEHHZV) -- C:\Users\ELLYAN~1\AppData\Local\Temp\ZEHHZV.exe File not found
SRV - (ZCGN) -- C:\Users\ELLYAN~1\AppData\Local\Temp\ZCGN.exe File not found
SRV - (UAKIBV) -- C:\Users\ELLYAN~1\AppData\Local\Temp\UAKIBV.exe File not found
SRV - (RUAGSMJWWDLST) -- C:\Users\ELLYAN~1\AppData\Local\Temp\RUAGSMJWWDLST.exe File not found
[2010/10/10 11:01:08 | 000,000,000 | ---- | M] () -- C:\Users\ellyangel\AppData\Local\Ilesaf.bin
[2010/10/09 16:24:08 | 000,507,400 | ---- | M] () -- C:\Users\ellyangel\Documents\sdasetup[1].exe
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:793F316E
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:A42A9F39
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:DAFD38AE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:C46995DA
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:BB24555F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:4220A65C
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:2F141B68
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:F65733F1
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:9F683177
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:C946DB94
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:753F86A9
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

mimi1965 28.10.2010 23:08
Ja, ok hab ich gemacht aber ich glaube ich habe was verissen dabei bzw falsch gemacht, hoffe ist nicht allzu schlimm. Habe das alles reinkopiert und auf fix geklickt als er fertig war blieb in dem Feld unten wo das Kopierte stand ....[emptytemp]....uebrig. Habe dann nochmal auf fix geklickt. Danach ist der Laptop runtergefahren von selber. Nach dem Neustart hatte ich zwei logfiles auf dem desktop .


[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21799
[LocalizedFileNames]
Microsoft Office - 60 Day Trial.lnk=@C:\PROGRA~1\MICROS~4\mui\oaa.dll,-103
Norton 360.lnk=@C:\PROGRA~1\NORTON~3\Branding\muis.dll,-109



[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769
IconResource=%SystemRoot%\system32\imageres.dll,-183


Was sagst Du?

Danke Elke

cosinus 29.10.2010 12:28
Das wollte ich nicht sehen. Ich wollte das Log vom OTL-Fix sehen.

mimi1965 29.10.2010 17:32
Da kam kein Log vom OTL - Fix, der Pc ist sofort runter gefahren nach dem scan. Ist es irgendwo gespeichert oder soll ich es nochmal versuchen?

cosinus 30.10.2010 20:24
Schau nach in C:\_OTL - da müsste eine Textdatei sein.

mimi1965 31.10.2010 08:34
Hab ich gefunden in C:\_OTL , aber....wenn ich oeffnen will oeffnet er ein neues Fenster als Moved Files, wenn ich das oeffnen will kommt neues Fenster mit einem File Foler und einem ONETOC2 Folder, dann wiederum neues Fenster mit 3 Files ( C_Users, C_Windows und ONETOC2 ) dann bei C_Users gehts weiter...ellyangel-App Data-Local- dann ein BIN File ( Ilesaf.bin) der sich aber nicht offnen laesst.
Bei C_Windows schickt er mich..System32-drivers-etc-hosts.

Nichts laesst sich offnen. Was soll ich jetzt machen???


Sorry, aber es ist so wichtig fuer mich zu wissen ob mein PC sauber ist.

Danke

cosinus 31.10.2010 13:10
Ich brauch den Quarantäneordner von OTL. Bitte folgendes machen:

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf da nicht rummurksen!
2.) Ordner C:\_OTL in eine Datei zippen
3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html
4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten

mimi1965 01.11.2010 23:58
Ich habe es geschickt im uploadchannel...kann es aber hier nicht sehen. Bitte lass mich wissen ob Du es bekommen hast?

cosinus 02.11.2010 15:02
Die sind angekommen, aber die Dateien sind leer - 0 byte groß. Sind die bei Dir auch leer?

mimi1965 02.11.2010 17:50
Ich habs ochmal geschickt im upload channel. Size ist 371 KB (380,656 bytes). Bitte schau nochmal......und lass mich wissen .
Danke

cosinus 02.11.2010 18:06
Nein immer noch leer. Hast Du auch wirklich den Virenscanner deaktiviert?

mimi1965 02.11.2010 18:35
jetzt nochmal ohne viren scanner..hatte es tatsaeclich vergessen zu aktivieren...sorry

cosinus 02.11.2010 20:03
Irgendwas machst Du falsch. Die Datei hat hier immer 0 Bytes ist also leer. Lad es mal bei file-upload.net hoch und verlink es hier.

mimi1965 02.11.2010 21:17
File-Upload.net - sdasetup-1-.exe

Kannst Du das oeffnen, als ich den ordner per doppelklick in das browserfenster von file-upload setzen wollte, hat er mich wieder zig mal weitergelietet bevor das klappte.

mimi1965 02.11.2010 21:24
File-Upload.net - OneNote-Table-Of-Contents.onetoc2

oder das? Dateiname: OneNote-Table-Of-Contents.onetoc2

Dateigröße: 4 Kbyte

die beiden Dateien bleiben uebrig nach den weiterleitungen

mimi1965 03.11.2010 03:28
File-Upload.net - MovedFiles.zip

cosinus 03.11.2010 13:38
Du musst die Links posten!

mimi1965 04.11.2010 03:54
hxxp://www.file-upload.net/download-2943655/OneNote-Table-Of-Contents.onetoc2.html


hxxp://www.file-upload.net/download-2943656/MovedFiles.zip.html


hxxp://www.file-upload.net/download-2943657/hosts.html


so, zumindest hoffe ich die links nun richtig gepostet zu haben. Ich kann die oben beiden aber nicht oeffnen und der hosts link, sagt mir gar nix. Wenn ich auf OTL Ordner gehe und oeffnen moechte geht er halt immer auf irgendwelche Unter Ordner, bis auf den OTL zip, den ich aber wie gesagt nicht oeffnen kann. Ich hoffe Du kannst etwas damit anfangen, vielleicht kannst Du was oeffnen......???

Danke

cosinus 04.11.2010 19:02
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

mimi1965 05.11.2010 03:54
Habe alles so gemacht wie beschrieben. Bin sehr gespannt was Du sagst?


Combofix Logfile:
Code:
ComboFix 10-11-03.04 - ellyangel 11/04/2010  21:06:54.1.1 - x86
Microsoft® Windows Vista™ Home Basic  6.0.6001.1.1252.1.1033.18.1977.919 [GMT -5:00]
Running from: c:\users\ellyangel\Desktop\cofi.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((((((  Other Deletions  )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\ellyangel\AppData\Local\{DA6ED62A-E801-47B5-8FD9-559FF80DF12A}
c:\users\ellyangel\AppData\Local\{DA6ED62A-E801-47B5-8FD9-559FF80DF12A}\chrome.manifest
c:\users\ellyangel\AppData\Local\{DA6ED62A-E801-47B5-8FD9-559FF80DF12A}\chrome\content\_cfg.js
c:\users\ellyangel\AppData\Local\{DA6ED62A-E801-47B5-8FD9-559FF80DF12A}\chrome\content\overlay.xul
c:\users\ellyangel\AppData\Local\{DA6ED62A-E801-47B5-8FD9-559FF80DF12A}\install.rdf
D:\install.exe

----- BITS: Possible infected sites -----

hxxp://www.flickr.com
hxxp://farm5.static.flickr.com
hxxp://farm3.static.flickr.com
hxxp://s375.photobucket.com
hxxp://i375.photobucket.com
.
(((((((((((((((((((((((((  Files Created from 2010-10-05 to 2010-11-05  )))))))))))))))))))))))))))))))
.

2010-11-05 02:24 . 2010-11-05 02:24        --------        d-----w-        c:\users\Default\AppData\Local\temp
2010-11-05 02:01 . 2010-11-05 02:02        --------        d-----w-        C:\32788R22FWJFW
2010-11-04 20:55 . 2010-11-04 20:55        --------        d-----w-        c:\program files\CCleaner
2010-10-28 21:32 . 2010-11-02 16:13        --------        d-----w-        C:\_OTL
2010-10-19 20:00 . 2010-10-19 20:00        --------        d-----w-        c:\windows\system32\N360_BACKUP
2010-10-14 23:01 . 2010-09-10 16:35        168960        ----a-w-        c:\program files\Windows Media Player\wmplayer.exe
2010-10-14 23:01 . 2010-09-10 16:37        8147456        ----a-w-        c:\windows\system32\wmploc.DLL
2010-10-14 23:01 . 2010-09-06 16:24        125952        ----a-w-        c:\windows\system32\srvsvc.dll
2010-10-14 23:01 . 2010-09-06 14:13        303616        ----a-w-        c:\windows\system32\drivers\srv.sys
2010-10-14 23:01 . 2010-09-06 14:12        101888        ----a-w-        c:\windows\system32\drivers\srvnet.sys
2010-10-14 23:01 . 2010-09-06 16:23        17920        ----a-w-        c:\windows\system32\netevent.dll
2010-10-14 23:01 . 2010-09-06 14:12        145408        ----a-w-        c:\windows\system32\drivers\srv2.sys
2010-10-14 23:01 . 2010-08-10 15:02        274432        ----a-w-        c:\windows\system32\schannel.dll
2010-10-14 23:01 . 2010-06-28 16:15        1315840        ----a-w-        c:\windows\system32\ole32.dll
2010-10-14 23:01 . 2010-06-28 14:31        339968        ----a-w-        c:\program files\Windows NT\Accessories\wordpad.exe
2010-10-10 16:43 . 2009-05-18 21:17        26600        ----a-r-        c:\windows\system32\drivers\GEARAspiWDM.sys
2010-10-10 16:43 . 2008-04-17 20:12        107368        ----a-r-        c:\windows\system32\GEARAspi.dll
2010-10-10 16:43 . 2010-10-10 16:43        --------        d-----w-        c:\program files\Symantec
2010-10-10 16:43 . 2010-10-10 16:43        124976        ----a-w-        c:\windows\system32\drivers\SYMEVENT.SYS
2010-10-10 16:42 . 2010-10-13 20:41        --------        d-----w-        c:\windows\system32\drivers\N360
2010-10-10 16:42 . 2010-10-10 16:42        --------        d-----w-        c:\program files\Norton 360
2010-10-09 20:32 . 2010-09-14 22:59        14808        ----a-w-        c:\program files\Mozilla Firefox\plugin-container.exe
2010-10-09 20:32 . 2010-09-14 22:59        718296        ----a-w-        c:\program files\Mozilla Firefox\mozcpp19.dll
2010-10-09 15:54 . 2010-04-12 22:29        411368        ----a-w-        c:\windows\system32\deployJava1.dll
2010-10-09 15:54 . 2010-04-12 22:29        411368        ----a-w-        c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-10-08 18:06 . 2010-09-09 22:52        6084944        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{8155D70B-60DD-4805-9650-130A0B4C6BCC}\mpengine.dll

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 15:12 . 2010-07-02 04:10        38848        ----a-w-        c:\windows\avastSS.scr
2010-09-07 15:11 . 2009-01-28 00:45        167592        ----a-w-        c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2009-01-28 00:45        46672        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2009-01-28 00:45        165584        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2009-01-28 00:45        23376        ----a-w-        c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2009-01-28 00:45        50768        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2009-01-28 00:45        17744        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
2010-08-17 13:32 . 2010-09-15 16:04        126464        ----a-w-        c:\windows\system32\spoolsv.exe
2010-10-09 20:22 . 2009-10-23 16:21        119808        ----a-w-        c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2008-09-02 14:05        398776        ----a-w-        c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-30 00:52        121392        ----a-w-        c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-24 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"CyberDefender Registry Cleaner"="c:\program files\cyberdefender\registry cleaner\Startcdrc.exe" [2010-05-12 187904]
"Google Update"="c:\users\ellyangel\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-03-18 136176]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"AdobeUpdater6"="c:\program files\Common Files\Adobe\Updater6\Adobe_Updater.exe" [2009-01-08 2521464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-20 6244896]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-30 526896]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-26 28672]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-17 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-17 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-17 145944]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-22 159744]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-02 850440]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-07-24 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-07-24 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-07-18 167936]
"Acer Assist Launcher"="c:\program files\Acer\Acer Assist\launcher.exe" [2007-11-19 1261568]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2010-07-15 126976]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-10-09 30192]
"Malwarebytes Anti-Malware (reboot)"="c:\users\Default\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

c:\users\ellyangel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R2 gupdate1c9ea1663e6a5d0;Google Update Service (gupdate1c9ea1663e6a5d0);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 133104]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-26 131072]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-10-09 30192]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0403000.005\SYMDS.SYS [2010-02-04 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
S1 aswSP;aswSP; [x]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101001.001\BHDrvx86.sys [2010-10-02 692272]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101028.001\IDSvix86.sys [2010-10-19 353840]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS [2010-05-06 339504]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-07-18 61424]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-17 81504]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-06-02 24576]
S2 N360;Norton 360;c:\program files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-26 45056]
S2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-17 122368]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-10-10 102448]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-04-12 84240]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork        REG_MULTI_SZ          PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder

2010-11-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-24 15:21]

2010-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 21:56]

2010-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 21:56]

2010-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2136634944-1118908816-156827738-1000Core.job
- c:\users\ellyangel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-27 15:02]

2010-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2136634944-1118908816-156827738-1000UA.job
- c:\users\ellyangel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-27 15:02]

2010-11-04 c:\windows\Tasks\Norton Security Scan for ellyangel.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-03-15 11:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.msn.de/
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game13.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\ellyangel\AppData\Roaming\Mozilla\Firefox\Profiles\p4rvkwxr.default\
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\ellyangel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\ellyangel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-CyberDefender Registry Cleaner - (no file)
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\ellyangel\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-11-04 21:26
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\4.3.0.5\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2010-11-04  21:46:11
ComboFix-quarantined-files.txt  2010-11-05 02:45

Pre-Run: 20,378,263,552 bytes free
Post-Run: 20,328,599,552 bytes free

- - End Of File - - A27445B7D121C5E82779B2C8B78916FE
--- --- ---

cosinus 05.11.2010 15:29
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur eine Sekunde.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

mimi1965 08.11.2010 22:59
OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 15:57:19 on 08.11.2010

OS: Windows Vista Home Basic Edition Service Pack 1 (Build 6001), 32-bit
Default Browser: Microsoft Corporation Internet Explorer 7.00.6000.16386

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[Common]
-----( %SystemRoot%\Tasks )-----
"Google Software Updater.job" - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-2136634944-1118908816-156827738-1000Core.job" - "Google Inc." - C:\Users\ellyangel\AppData\Local\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-2136634944-1118908816-156827738-1000UA.job" - "Google Inc." - C:\Users\ellyangel\AppData\Local\Google\Update\GoogleUpdate.exe
"Norton Security Scan for ellyangel.job" - "Symantec Corporation" - C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys
"aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys
"aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\system32\drivers\aswRdr.sys
"aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys
"avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys
"AVFSFilter" (AVFSFilter) - ? - C:\Windows\System32\DRIVERS\avfsfilter.sys  (File not found)
"BHDrvx86" (BHDrvx86) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101029.001\BHDrvx86.sys
"catchme" (catchme) - ? - C:\Users\ELLYAN~1\AppData\Local\Temp\catchme.sys  (File not found)
"Dritek General Port I/O" (DritekPortIO) - "Dritek System Inc." - C:\PROGRA~1\LAUNCH~1\DPortIO.sys
"EraserUtilRebootDrv" (EraserUtilRebootDrv) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys
"IDSVix86" (IDSVix86) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101104.004\IDSvix86.sys
"int15" (int15) - "Acer, Inc." - C:\Windows\system32\drivers\int15.sys
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"kglciuog" (kglciuog) - ? - C:\Users\ELLYAN~1\AppData\Local\Temp\kglciuog.sys  (Hidden registry entry, rootkit activity | File not found)
"NAVENG" (NAVENG) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101108.002\NAVENG.SYS
"NAVEX15" (NAVEX15) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101108.002\NAVEX15.SYS
"NTIPPKernel" (NTIPPKernel) - "Cyberlink Corp." - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
"PSDFilter" (PSDFilter) - "Egis Incorporated" - C:\Windows\System32\DRIVERS\psdfilter.sys
"PSDNServ" (PSDNServ) - "Egis Incorporated" - C:\Windows\System32\DRIVERS\PSDNServ.sys
"PSDVdisk" (psdvdisk) - "Egis Incorporated" - C:\Windows\System32\DRIVERS\PSDVdisk.sys
"Symantec Data Store" (SymDS) - "Symantec Corporation" - C:\Windows\System32\drivers\N360\0403000.005\SYMDS.SYS
"Symantec Eraser Control driver" (eeCtrl) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
"Symantec Extended File Attributes" (SymEFA) - "Symantec Corporation" - C:\Windows\System32\drivers\N360\0403000.005\SYMEFA.SYS
"Symantec Hash Provider" (ccHP) - "Symantec Corporation" - C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys
"Symantec Iron Driver" (SymIRON) - "Symantec Corporation" - C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS
"Symantec Real Time Storage Protection" (SRTSP) - "Symantec Corporation" - C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS
"Symantec Real Time Storage Protection (PEL)" (SRTSPX) - "Symantec Corporation" - C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS
"Symantec Vista Network Dispatch Driver" (SYMTDIv) - "Symantec Corporation" - C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS
"SymEvent" (SymEvent) - "Symantec Corporation" - C:\Windows\system32\Drivers\SYMEVENT.SYS
"UBHelper" (UBHelper) - "NewTech Infosystems Corporation" - C:\Windows\system32\drivers\UBHelper.sys
"Upper Class Filter Driver" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\Windows\System32\DRIVERS\NTIDrvr.sys
"{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}" ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) - "Cyberlink Corp." - C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\ashShell.dll
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} "DragDropProtect Class" - "Egis Inc." - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
{2b45bd21-71f8-4c8c-a87a-7eeb25a1a3e0} "EPM-PO Shell Extension" - ? -  (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -  (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
<binary data> "BearShare MediaBar" - "BearShare" - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
<binary data> "Norton Toolbar" - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
<binary data> "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{166B1BCA-3F9C-11CF-8075-444553540000} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\Windows\system32\Adobe\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} "Zylom Games Player" - "Zylom Games" - C:\Windows\Downloaded Program Files\zylomgamesplayer.dll / hxxp://game13.zylom.com/activex/zylomgamesplayer.cab
{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} "{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}" - "WebEx Communications, Inc" - C:\ProgramData\webex\ieatgpc.dll /
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "Blog This" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
{48E73304-E1D6-4330-914C-F5F514E3486C} "Send to OneNote" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
<binary data> "Acer eDataSecurity Management" - "Egis Incorporated." - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
<binary data> "BearShare MediaBar" - "BearShare" - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
<binary data> "MSN Toolbar" - "Microsoft Corp." - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} "Norton Toolbar" - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} "MSN Toolbar Helper" - "Microsoft Corp." - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} "ShowBarObj Class" - "Egis" - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} "Symantec Intrusion Prevention" - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} "Symantec NCO BHO" - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} "UrlHelper Class" - ? - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Sign-in Helper" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? -  (File not found | COM-object registry key not found)

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"OneNote 2007 Screen Clipper and Launcher.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"CyberDefender Registry Cleaner" - "CyberDefender" - c:\program files\cyberdefender\registry cleaner\Startcdrc.exe
"Google Update" - "Google Inc." - "C:\Users\ellyangel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"msnmsgr" - "Microsoft Corporation" - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
"swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Acer Assist Launcher" - "Acer Inc." - C:\Program Files\Acer\Acer Assist\launcher.exe
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"ArcadeDeluxeAgent" - "CyberLink Corp." - "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"avast5" - "AVAST Software" - C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
"BkupTray" - ? - "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
"CLMLServer" - "CyberLink" - "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
"eDataSecurity Loader" - "Egis Incorporated" - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
"ePower_DMC" - "Acer Inc." - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
"Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"Google Quick Search Box" - "Google Inc." - "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun
"LManager" - "Dritek System Inc." - C:\PROGRA~1\LAUNCH~1\LManager.exe
"Malwarebytes Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Users\Default\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"OpwareSE4" - "Nuance Communications, Inc." - "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
"PlayMovie" - "Acer Corp." - "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"WrtMon.exe" - ? - C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
"avast! Mail Scanner" (avast! Mail Scanner) - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
"avast! Web Scanner" (avast! Web Scanner) - "AVAST Software" - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
"CLHNService" (CLHNService) - ? - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
"eDataSecurity Service" (eDataSecurity Service) - "Egis Incorporated" - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
"Empowering Technology Service" (ETService) - ? - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
"Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate1c9ea1663e6a5d0)" (gupdate1c9ea1663e6a5d0) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"MobilityService" (MobilityService) - ? - C:\Acer\Mobility Center\MobilityService.exe
"Norton 360" (N360) - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
"NTI Backup Now 5 Agent Service" (BUNAgentSvc) - "NewTech Infosystems, Inc." - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
"NTI Backup Now 5 Backup Service" (NTIBackupSvc) - "NewTech InfoSystems, Inc." - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
"NTI Backup Now 5 Scheduler Service" (NTISchedulerSvc) - ? - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe  (File found, but it contains no detailed information)
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"PIXMA Extended Survey Program" (IJPLMSVC) - ? - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
"Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe

[Winlogon]
-----( HKCU\Control Panel\Desktop )-----
"SCRNSAVE.EXE" - ? - C:\PROGRA~1\FISHDO~1\FISHDO~1.SCR  (File not found)

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

mimi1965 08.11.2010 23:02
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Basic Edition
Windows Information: Service Pack 1 (build 6001), 32-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: Acer
System Manufacturer: Acer
System Product Name: Aspire 4330
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 165):
0x8264E000 \SystemRoot\system32\ntkrnlpa.exe
0x8261B000 \SystemRoot\system32\hal.dll
0x80408000 \SystemRoot\system32\kdcom.dll
0x80410000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80470000 \SystemRoot\system32\PSHED.dll
0x80481000 \SystemRoot\system32\BOOTVID.dll
0x80489000 \SystemRoot\system32\CLFS.SYS
0x804CA000 \SystemRoot\system32\CI.dll
0x80607000 \SystemRoot\system32\drivers\Wdf01000.sys
0x80683000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80690000 \SystemRoot\system32\drivers\acpi.sys
0x806D6000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806DF000 \SystemRoot\system32\drivers\msisadrv.sys
0x806E7000 \SystemRoot\system32\drivers\pci.sys
0x8070E000 \SystemRoot\System32\drivers\partmgr.sys
0x8071D000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80720000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8072A000 \SystemRoot\system32\drivers\volmgr.sys
0x80739000 \SystemRoot\System32\drivers\volmgrx.sys
0x80783000 \SystemRoot\System32\drivers\mountmgr.sys
0x80793000 \SystemRoot\System32\Drivers\UBHelper.sys
0x8079B000 \SystemRoot\system32\drivers\atapi.sys
0x807A3000 \SystemRoot\system32\drivers\ataport.SYS
0x807C1000 \SystemRoot\system32\drivers\msahci.sys
0x807CB000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x805AA000 \SystemRoot\system32\drivers\fltmgr.sys
0x87C05000 \SystemRoot\system32\drivers\N360\0403000.005\SYMDS.SYS
0x87C5B000 \SystemRoot\system32\drivers\fileinfo.sys
0x87C6B000 \SystemRoot\system32\DRIVERS\psdfilter.sys
0x87C74000 \SystemRoot\system32\drivers\N360\0403000.005\SYMEFA.SYS
0x87CA1000 \SystemRoot\System32\Drivers\ksecdd.sys
0x87E08000 \SystemRoot\system32\drivers\ndis.sys
0x87F13000 \SystemRoot\system32\drivers\msrpc.sys
0x87F3E000 \SystemRoot\system32\drivers\NETIO.SYS
0x8800F000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8811E000 \SystemRoot\system32\drivers\volsnap.sys
0x88157000 \SystemRoot\System32\Drivers\spldr.sys
0x8815F000 \SystemRoot\System32\Drivers\mup.sys
0x8816E000 \SystemRoot\System32\drivers\ecache.sys
0x88195000 \SystemRoot\system32\drivers\disk.sys
0x881A6000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x881C7000 \SystemRoot\system32\drivers\crcdisk.sys
0x881F2000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x88000000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x87F78000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8C405000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8CAE9000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8CB88000 \SystemRoot\System32\drivers\watchdog.sys
0x8CB95000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8CBA0000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8CBDE000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8CBED000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x87D12000 \SystemRoot\system32\DRIVERS\athr.sys
0x87F87000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x87FA9000 \SystemRoot\system32\DRIVERS\jmcr.sys
0x87FBE000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x8C400000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x87FE4000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x87DF6000 \SystemRoot\system32\DRIVERS\DKbFltr.sys
0x807D9000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8C006000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x8C033000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8C03E000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8C056000 \SystemRoot\system32\DRIVERS\NTIDrvr.sys
0x8C05E000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8C064000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8C06D000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8C09B000 \SystemRoot\system32\DRIVERS\storport.sys
0x8C0DC000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8C0E7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8C0FE000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8C109000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8C12C000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8C13B000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8C14F000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8C164000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8C174000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8C176000 \SystemRoot\system32\DRIVERS\ks.sys
0x8C1A0000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8C1AA000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8C1B7000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8C1EB000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8CC09000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x8CE15000 \SystemRoot\system32\drivers\portcls.sys
0x8CE42000 \SystemRoot\system32\drivers\drmk.sys
0x8CE67000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0x8CF8D000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8CF8F000 \SystemRoot\system32\drivers\modem.sys
0x8CF9C000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8CFA5000 \SystemRoot\System32\Drivers\Null.SYS
0x8CFAC000 \SystemRoot\System32\Drivers\Beep.SYS
0x8CFB3000 \SystemRoot\System32\drivers\vga.sys
0x8CFBF000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8CFE0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8CFE8000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8CFF0000 \SystemRoot\System32\Drivers\Msfs.SYS
0x807E4000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8CC00000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8D00C000 \SystemRoot\System32\drivers\tcpip.sys
0x8D0F5000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8D110000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8D126000 \SystemRoot\System32\Drivers\N360\0403000.005\SYMTDIV.SYS
0x8D17F000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
0x8D1A4000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x8D1AE000 \SystemRoot\system32\DRIVERS\smb.sys
0x8D80B000 \SystemRoot\system32\drivers\afd.sys
0x8D853000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x8D858000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8D88A000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8D8A0000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8D8AE000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8D8C1000 \SystemRoot\system32\drivers\N360\0403000.005\Ironx86.SYS
0x8D8E0000 \SystemRoot\system32\drivers\N360\0403000.005\SRTSPX.SYS
0x8D8EA000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8D926000 \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys
0x8D92A000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8D98F000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x8D1C2000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x8D1DF000 \SystemRoot\System32\Drivers\dfsc.sys
0x8E40A000 \SystemRoot\system32\drivers\N360\0403000.005\ccHPx86.sys
0x8E535000 \SystemRoot\System32\Drivers\aswSP.SYS
0x8E55C000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8E569000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x8E574000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x80C90000 \SystemRoot\System32\win32k.sys
0x8E57E000 \SystemRoot\System32\drivers\Dxapi.sys
0x8E588000 \SystemRoot\system32\DRIVERS\monitor.sys
0x80EB0000 \SystemRoot\System32\TSDDD.dll
0x80ED0000 \SystemRoot\System32\cdd.dll
0x8E597000 \SystemRoot\system32\drivers\luafv.sys
0x8E5B2000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x8E5E9000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xA960B000 \SystemRoot\system32\drivers\spsys.sys
0xA96BA000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0xA96CC000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xA96DC000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xA9706000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA9710000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA9723000 \SystemRoot\system32\drivers\HTTP.sys
0xA9790000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA97AD000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA97C6000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA97DB000 \SystemRoot\system32\drivers\mrxdav.sys
0x881D0000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xAC60B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xAC644000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xAC65C000 \SystemRoot\System32\DRIVERS\srv2.sys
0xAC684000 \SystemRoot\System32\DRIVERS\srv.sys
0xAC6D2000 \??\C:\Windows\system32\drivers\int15.sys
0xAC6D9000 \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
0xAC6F7000 \SystemRoot\system32\drivers\peauth.sys
0xAC7D5000 \SystemRoot\system32\DRIVERS\PSDNServ.sys
0xAC7DE000 \SystemRoot\system32\DRIVERS\PSDVdisk.sys
0xAC7F0000 \SystemRoot\System32\Drivers\secdrv.SYS
0x8E5EC000 \SystemRoot\System32\drivers\tcpipreg.sys
0x805DC000 \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
0xB5A04000 \SystemRoot\system32\DRIVERS\cdfs.sys
0xB5A1A000 \SystemRoot\System32\Drivers\N360\0403000.005\SRTSP.SYS
0xB5BD3000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0xB5BDC000 \??\C:\Users\ELLYAN~1\AppData\Local\Temp\kglciuog.sys
0x8D934000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101104.004\IDSvix86.sys
0x8E489000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101029.001\BHDrvx86.sys
0xB5A71000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101108.002\NAVEX15.SYS
0xB5BBF000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101108.002\NAVENG.SYS
0x77820000 \Windows\System32\ntdll.dll

Processes (total 90):
0 System Idle Process
4 System
468 C:\Windows\System32\smss.exe
544 csrss.exe
588 C:\Windows\System32\wininit.exe
596 csrss.exe
624 C:\Windows\System32\winlogon.exe
676 C:\Windows\System32\services.exe
688 C:\Windows\System32\lsass.exe
696 C:\Windows\System32\lsm.exe
852 C:\Windows\System32\svchost.exe
932 C:\Windows\System32\svchost.exe
1100 C:\Windows\System32\svchost.exe
1124 C:\Windows\System32\svchost.exe
1136 C:\Windows\System32\svchost.exe
1204 C:\Windows\System32\audiodg.exe
1232 C:\Windows\System32\SLsvc.exe
1268 C:\Windows\System32\svchost.exe
1408 C:\Windows\System32\svchost.exe
1520 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1956 C:\Windows\System32\spoolsv.exe
1980 C:\Windows\System32\svchost.exe
2004 C:\Windows\System32\taskeng.exe
252 C:\Windows\System32\dwm.exe
332 C:\Windows\explorer.exe
1488 C:\Windows\RtHDVCpl.exe
1548 C:\Windows\System32\taskeng.exe
1608 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
1736 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
1556 C:\Windows\System32\hkcmd.exe
1988 C:\Windows\System32\igfxpers.exe
320 C:\Program Files\Apoint2K\Apoint.exe
1024 C:\Windows\System32\igfxsrvc.exe
1544 C:\Windows\System32\agrsmsvc.exe
1320 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
1000 C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
2064 C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
2132 C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
2220 C:\Program Files\Canon\IJPLM\ijplmsvc.exe
2268 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
2304 C:\ACER\Mobility Center\MobilityService.exe
2336 C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe
2380 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
2448 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
2500 C:\Windows\System32\svchost.exe
2548 C:\Program Files\Cyberlink\Shared files\RichVideo.exe
2580 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2700 C:\Windows\System32\svchost.exe
2756 C:\Windows\System32\svchost.exe
2796 C:\Windows\System32\SearchIndexer.exe
3344 WmiPrvSE.exe
3648 C:\Program Files\Launch Manager\LManager.exe
3656 C:\Program Files\Apoint2K\ApMsgFwd.exe
3664 C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
3676 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
3692 C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
3700 C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
3732 C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
3748 C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
3756 C:\Windows\vsnpstd3.exe
3784 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3792 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
3804 C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
3812 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
3832 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3868 C:\Program Files\Windows Media Player\wmpnscfg.exe
3908 C:\Users\ELLYAN~1\AppData\Local\Temp\RtkBtMnt.exe
2376 C:\Program Files\Apoint2K\ApntEx.exe
2492 C:\Windows\System32\igfxext.exe
2692 C:\Windows\System32\igfxsrvc.exe
2992 dllhost.exe
1652 C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe
3144 C:\Program Files\Windows Media Player\wmpnetwk.exe
1620 C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
4668 C:\Windows\System32\mobsync.exe
4724 C:\Windows\System32\wbem\unsecapp.exe
5436 C:\Windows\System32\wuauclt.exe
5252 C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
4528 C:\Windows\System32\ctfmon.exe
5180 C:\Program Files\Internet Explorer\ieuser.exe
5420 C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe
5108 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
4844 C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
4984 C:\Program Files\Windows Live\Contacts\wlcomm.exe
4644 C:\Windows\System32\taskeng.exe
4988 C:\Program Files\Internet Explorer\iexplore.exe
6024 C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
12 C:\Windows\System32\SearchProtocolHost.exe
5016 C:\Windows\System32\SearchFilterHost.exe
4816 C:\Users\ellyangel\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`80500000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000000f`39800000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS542512K9SA00, Rev: BB2OC31P

Size Device Name MBR Status
--------------------------------------------
111 GB \\.\PhysicalDrive0 Acer MBR code detected
SHA1: 12ADB8D1AD8327A4A2FA5865BC87234485F25003


Done!

mimi1965 08.11.2010 23:19
GMER 1.0.15.15507 - hxxp://www.gmer.net
Rootkit scan 2010-11-07 17:07:15
Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS542512K9SA00 BB2OC31P
Running: jyl1xb4y.exe; Driver: C:\Users\ELLYAN~1\AppData\Local\Temp\kglciuog.sys


---- System - GMER 1.0.15 ----

SSDT 86CD20A8 ZwAlertResumeThread
SSDT 86CD2168 ZwAlertThread
SSDT 86CD2938 ZwAllocateVirtualMemory
SSDT 86A6D4E0 ZwAlpcConnectPort
SSDT 86C07978 ZwAssignProcessToJobObject
SSDT 86C07E40 ZwCreateMutant
SSDT 86C07698 ZwCreateSymbolicLinkObject
SSDT 86CD1148 ZwCreateThread
SSDT 86C07A38 ZwDebugActiveProcess
SSDT 86CD2AC8 ZwDuplicateObject
SSDT 86CD2798 ZwFreeVirtualMemory
SSDT 86C07F10 ZwImpersonateAnonymousToken
SSDT 86C07FD0 ZwImpersonateThread
SSDT 868B6318 ZwLoadDriver
SSDT 86CD26B8 ZwMapViewOfSection
SSDT 86C07D80 ZwOpenEvent
SSDT 86CD2008 ZwOpenProcess
SSDT 86CD2A08 ZwOpenProcessToken
SSDT 86C07C00 ZwOpenSection
SSDT 86CD2B98 ZwOpenThread
SSDT 86C07888 ZwProtectVirtualMemory
SSDT 86CD2228 ZwResumeThread
SSDT 86CD2468 ZwSetContextThread
SSDT 86CD2528 ZwSetInformationProcess
SSDT 86C07AF8 ZwSetSystemInformation
SSDT 86C07CC0 ZwSuspendProcess
SSDT 86CD22E8 ZwSuspendThread
SSDT 86CD1228 ZwTerminateProcess
SSDT 86CD23A8 ZwTerminateThread
SSDT 86CD25F8 ZwUnmapViewOfSection
SSDT 86CD2868 ZwWriteVirtualMemory
SSDT 86C07788 ZwCreateThreadEx

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8E54ABAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x8E54A9D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetTimerEx + 350 82706A14 8 Bytes [A8, 20, CD, 86, 68, 21, CD, ...]
.text ntkrnlpa.exe!KeSetTimerEx + 364 82706A28 4 Bytes [38, 29, CD, 86] {CMP [ECX], CH; INT 0x86}
.text ntkrnlpa.exe!KeSetTimerEx + 370 82706A34 4 Bytes [E0, D4, A6, 86]
.text ntkrnlpa.exe!KeSetTimerEx + 3C4 82706A88 4 Bytes [78, 79, C0, 86]
.text ntkrnlpa.exe!KeSetTimerEx + 428 82706AEC 4 Bytes [40, 7E, C0, 86]
.text ...
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 8282DA2A 5 Bytes JMP 8E5465D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 82896442 5 Bytes JMP 8E547FFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection 82897259 7 Bytes JMP 8E54A9D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 828E2368 7 Bytes JMP 8E54ABB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl entry point in "" section [0x805FB41C]
.clc C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl unknown last code section [0x805FC000, 0x1000, 0xE0000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1520] kernel32.dll!SetUnhandledExceptionFilter 76476E2D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [748A88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [748E98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [748AB9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7489FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [748A7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7489EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [748DB17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [748ABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [748A074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [748A06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [748971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7492D848] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [748C7379] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7489E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7489697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [748969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [748A2465] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [100027E0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001D90] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10002B30] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\Explorer.EXE[332] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [100011D0] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc. PSD DragDrop Protection/Egis Inc.)
IAT C:\Windows\system32\services.exe[676] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00060002
IAT C:\Windows\system32\services.exe[676] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 00060000

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 2
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 35
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\Properties@DHPRebalanceOptOut 1
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7
Reg HKLM\SYSTEM\controlset002\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\controlset002\control\Class\{6D807884-7D21-11CF-801C-08002BE10318}\Properties@DeviceType 31
Reg HKLM\SYSTEM\controlset002\control\Class\{6D807884-7D21-11CF-801C-08002BE10318}\Properties@DeviceCharacteristics 257
Reg HKLM\SYSTEM\controlset002\control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}\Properties@DeviceType 48
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x01 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x03 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eMuxedCaptureTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x01 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#eSlavedHpSpeakerTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Data 0x00 0x00 0x08 0xBF ...
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x01 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtLineInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000@Data 0x00 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Data 0x00 0x00 0x2D 0x41 ...
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020001
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020001\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020001\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020001\00000000@Data 0x00 0x00 0xA0 0x41
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x01 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#

mimi1965 08.11.2010 23:20
HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020002
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020002\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020002\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtMicInTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020002\00000000@Data 0x00 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Data 0x00 0x00 0x00 0xBF ...
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x01 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#RtStereoMixTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000@Data 0x00 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020000\00000000@Data 0x00 0x20 0x31 0xC2 ...
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020005
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020005\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020005\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{7fb7b48f-531d-44a2-bcb3-5ad5a134b3dc}\00020005\00000000@Data 0x00 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Type 0x03 0x10 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{840b8171-b0ad-410f-8581-cccc0382cfef}\00000000\00000000@Data 0x02 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{85401fd4-6de4-4b9d-9869-2d6753a82f3c}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{85401fd4-6de4-4b9d-9869-2d6753a82f3c}\00020003
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{85401fd4-6de4-4b9d-9869-2d6753a82f3c}\00020003\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{85401fd4-6de4-4b9d-9869-2d6753a82f3c}\00020003\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{85401fd4-6de4-4b9d-9869-2d6753a82f3c}\00020003\00000000@Data 0x00 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{d1885396-39d8-4777-bcff-5e3241483416}\00000000\00000000@Data 0x02 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020001\00000000@Data 0x01 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020004
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020004\00000000
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020004\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_10EC&DEV_0268&SUBSYS_10250140&REV_1001#4&2EB1AFBC&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#SingleLineOutTopo\Properties\{df45aeea-b74a-4b6b-afad-2366b6aa012e}\00020004\00000000@Data 0x00 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x62 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x62 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x41 0x00 0x63 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x61 0x00 0x63 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\ACPI0003\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x00 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x41 0x00 0x43 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x61 0x00 0x63 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\FixedButton\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x00 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{5724c81d-d5af-4c1f-a103-a06e28f204c6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{5724c81d-d5af-4c1f-a103-a06e28f204c6}\00000001
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x63 0x00 0x70 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x49 0x00 0x6E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x63 0x00 0x70 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x49 0x00 0x6E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000007
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000007\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000007\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000007\00000000@Data 0x2E 0x00 0x4E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x61 0x00 0x63 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\GenuineIntel_-_x86_Family_6_Model_15\_0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x04 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x49 0x00 0x6E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x4D 0x00 0x45 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\INT0800\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x50 0x00 0x72 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x49 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0000\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x53 0x00 0x79 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x49 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0100\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x48 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x4D 0x00 0x45 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0103\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data

mimi1965 08.11.2010 23:21
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x44 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x49 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0200\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6F 0x00 0x65 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000004\00000000@Data 0x6B 0x00 0x65 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x1E 0x85 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x32 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x4C 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6F 0x00 0x65 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4C 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000007
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000007\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000007\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000007\00000000@Data 0x2E 0x00 0x4E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x41 0x00 0x63 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000010
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000010\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000010\00000000@Type 0x12 0x20 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000010\00000000@Data 0x6B 0x00 0x65 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{f0e20f09-d97a-49a9-8046-bb6e22e6bb2e}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0303\4&5a64999&0\Properties\{f0e20f09-d97a-49a9-8046-bb6e22e6bb2e}\00000001
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x50 0x00 0x43 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x50 0x00 0x43 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x49 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x00 0x20 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\00000001
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\00000007
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\0000000A
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\0000000B
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\0000000C
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\0000000D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\0000000F
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\00000010
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\00000011
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0A08\2&daba3ff&2\Properties\{d817fc28-793e-4b9e-9970-469d8be63073}\00000012
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x53 0x00 0x79 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x49 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0B00\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x4D 0x00 0x6F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x49 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C02\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x4E 0x00 0x75 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000C\00000000@Data 0x4D 0x00 0x42 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000D\00000000@Data 0x49 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C04\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x2A 0x00 0x70 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C09\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x01 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x62 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x62 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x43 0x00 0x6D 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000@Data 0x61 0x00 0x63 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000009\00000000@Data 0x4D 0x00 0x69 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Type 0x07 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0A\1\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0000000E\00000000@Data 0x00 0x00 0xFF 0x0D
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\00000003\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Type 0x10 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000002\00000000@Data 0x00 0x80 0x8C 0xA3 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000003\00000000@Data 0x36 0x00 0x2E 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000004\00000000@Data 0x41 0x00 0x43 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000005\00000000@Data 0x6D 0x00 0x61 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Type 0x12 0x00 0x00 0x00
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000006\00000000@Data 0x4E 0x00 0x4F 0x00 ...
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008
Reg HKLM\SYSTEM\controlset002\Enum\ACPI\PNP0C0C\4&5a64999&0\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\00000008\00000000
Reg HKLM

mimi1965 08.11.2010 23:28
Ich hab OSAM und MBR geposted. Dieses GMER war kompliziert, hat ewig gedauert, musste stoppen zwischendurch und was raus kam hab ich zum teil geposted aber es ist soviel und ich weiss nicht wie ich es besser hier rein krieg. Sorry, bin net gut mit Pc Sachen. Wenn Du alles haben willst, poste ich den rest , wollte Dich aber erst fragen.

Danke

cosinus 09.11.2010 01:44
So große Logs in eine Datei zippen und hier anhängen!! GMER Log rechtsklicken => senden an => ZIP komprimierter Ordner!

mimi1965 09.11.2010 04:55
hxxp://www.file-upload.net/download-2957777/GMER.zip.html


GMER log hatte ich in notepad gespeichert. Ich habe VISTA und kann diese Zwischenablage nicht finden wo es normal drin sein sollte. Habe das notepad gezipt aber es liess sich nicht hier einfuegen. Habe es jetzt in file- upload geladen und Dir den link geschickt. Hoffe Du kannst es oeffnen. Musst heute diese rar runter laden fuer eins der logs die ich erstellen sollte, irgendwie ist die zip datei in rar jetzt.

Oh, man , schlimm wenn man keine Ahnung hat, das macht es so kompliziert. Aber OSAM und MBR hab ich ja schon geposted.

Danke, Danke!!!!

cosinus 10.11.2010 07:13
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

mimi1965 11.11.2010 05:07
Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 5093

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

11/10/2010 10:04:49 PM
mbam-log-2010-11-10 (22-04-49).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 291879
Laufzeit: 1 Stunde(n), 59 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

mimi1965 11.11.2010 18:20
SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 11/11/2010 at 11:09 AM

Application Version : 4.45.1000

Core Rules Database Version : 5844
Trace Rules Database Version: 3656

Scan type : Complete Scan
Total Scan Time : 12:28:40

Memory items scanned : 864
Memory threats detected : 0
Registry items scanned : 9097
Registry threats detected : 0
File items scanned : 150757
File threats detected : 20

Adware.Tracking Cookie
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@stats.townnews[1].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@stats.townnews[3].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@ww251.smartadserver[2].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@adecn[1].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@doubleclick[1].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@atdmt.combing[2].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@atdmt[1].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@imrworldwide[2].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@msnportal.112.2o7[1].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@tradedoubler[2].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@media6degrees[2].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@advertising[2].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@fastclick[1].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@invitemedia[2].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@smartadserver[1].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@bs.serving-sys[1].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@serving-sys[1].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@ru4[2].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@questionmarket[2].txt
C:\Users\ellyangel\AppData\Roaming\Microsoft\Windows\Cookies\ellyangel@ad.yieldmanager[1].txt

mimi1965 11.11.2010 18:22
Hallo Arne,
ist alles ok ?

cosinus 11.11.2010 22:51
Sieht ok aus, da wurden nur Cookies gefunden.
Noch Probleme oder weitere Funde in der Zwischenzeit?

mimi1965 11.11.2010 23:02
Nein, keine Funde oder Probleme soweit. Dann moechte ich mich ganz, ganz herzlich bei Dir bedanken ! Du weisst gar nicht wie sehr Du mir geholfen hast. Hatte meine Zweifel aus bestimmten Grund aber es ist alles ok soweit.

Super Forum und super professionelle Hilfe. DANKE!

Gruss Elke

cosinus 11.11.2010 23:19
Dann wären wir durch! :abklatsch:

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update



PDF-Reader aktualisieren
Dein Adobe Reader ist nicht aktuell, was ein großes Sicherheitsrisiko darstellt. Du solltest daher besser die alte Version über Systemsteuerung => Software deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst.

Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink => http://filepony.de/?q=Flash+Player


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:03 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131