Trojaner-Board - Windows Recovery Malware

Hier die OTL Logs:

Extras.TxtOTL Logfile:

Code:

OTL Extras logfile created on: 28.04.2011 17:42:09 - Run 1

OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\7\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 144,29 Gb Total Space | 64,92 Gb Free Space | 44,99% Space Free | Partition Type: NTFS

Drive D: | 144,04 Gb Total Space | 92,51 Gb Free Space | 64,23% Space Free | Partition Type: NTFS

 

Computer Name: KIMI | User Name: 7 | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.bat [@ = batfile] -- Reg Error: Key error. File not found

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UacDisableNotify" = 0

"InternetSettingsDisableNotify" = 0

"AutoUpdateDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{89B4EF01-905C-48CC-8872-7CD20EB210A7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{B09B40B8-2806-4B86-BC13-27DA58073611}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00881F97-EAEE-41C6-9362-AA52A41144A8}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | 

"{033BC8E4-C354-4D55-ADE3-F39FC15B3F74}" = protocol=6 | dir=in | app=d:\pc spiele\kane&lynch\kaneandlynch.exe | 

"{04C0D378-871B-4F17-AFDF-EB2B1D7B6ABD}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 

"{07912DAC-1A6D-40DD-9703-0AB05261B04A}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 

"{093992C2-433C-4715-AC56-2B01AE65B7C4}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 

"{0CDBB453-DBD9-44AC-B67F-DBC1BF9514D1}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 

"{0EC49438-8F0A-4040-8AAA-ED4BC61678DF}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 

"{10667D16-2BA4-49AC-BC62-45D0DCFA505C}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe | 

"{163FC50B-0E10-4A71-A899-9BE0EE9AAE58}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe | 

"{1676170B-0AB5-4149-A13D-DD55CABACF7A}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 

"{20369679-E082-4B56-9FC4-7570BD426636}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 

"{2143CB3F-8F35-4251-8B36-FD1FE952FC09}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 

"{2200A927-CF83-417B-A2C3-3CB547DAA989}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe | 

"{2C6A8D8C-2D13-4677-A1FB-E3A555C89A2D}" = protocol=6 | dir=in | app=c:\program files\rapidsolution\rs audials one\tunebite\tunebitehelper.exe | 

"{2FFFD39F-7C72-41DD-8937-ADB64058E0B6}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe | 

"{37BD2B39-8B58-4E95-B74E-FF2BA84BCDDA}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1196336032\ee\aolsoftware.exe | 

"{38CB3C76-78F5-40E6-8341-875F147C80B0}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | 

"{39443E23-F5FD-47F8-B5DA-67E9C37F124F}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 

"{39E3C019-5F90-48F7-A011-B8025F271307}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1196697833\ee\aolsoftware.exe | 

"{43508F5C-14B2-4717-B8E9-812ED9EF3C80}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 

"{460BE376-DCC1-4871-A1DE-A9A3B96194BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe | 

"{47D1AC52-BCFD-4F4A-BDD8-3996797F89C4}" = dir=in | app=c:\program files\acer arcade live\acer playmovie\pmvservice.exe | 

"{48F9ADA6-A0AE-4C0F-B6A4-06241AF57930}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vra\waol.exe | 

"{50386EB2-5E44-44B7-8845-DBF78F691BEE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | 

"{57228C1A-A6AA-4B06-9883-AB1E0AC011FC}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 

"{5A801C4C-1F29-45EC-97AD-337D691AB30B}" = protocol=6 | dir=in | app=d:\pc spiele\stalker\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 

"{5AC42AA5-6D84-4E8C-9821-34D39894D5A4}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 

"{5DC1544A-8A3C-414A-91F8-81558962B707}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | 

"{636E765D-F601-4434-95E3-EA7F449E6912}" = protocol=6 | dir=in | app=d:\pc spiele\stalker\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 

"{63E6DDD5-DF24-4277-B22E-EF744A6516A8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 

"{65D26928-DBB0-4E15-BCC6-E007F284B925}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe | 

"{69B34F51-06B3-416B-8219-A4A10B5C4805}" = protocol=17 | dir=in | app=d:\pc spiele\gears of war\binaries\wargame-g4wlive.exe | 

"{6AE190C0-5FC9-4D94-AB08-A41EFB502696}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | 

"{6B30B8D6-E6A8-48ED-891E-190E9420A830}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe | 

"{6B390095-D23A-42C8-A42D-7D58CE2F9D53}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | 

"{6B3D1B0C-2982-4EC6-A0F9-4063D77A98CC}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe | 

"{6B8A43A4-2C83-4125-89BA-13ADE7341EC2}" = protocol=17 | dir=in | app=d:\pc spiele\fear\fear.exe | 

"{6C59307C-9890-492E-8569-A4FCC4F3C202}" = protocol=17 | dir=in | app=c:\program files\aol 9.0a\waol.exe | 

"{6D39FA59-0F18-404B-BF67-6932BA53B884}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 

"{6E8E2A86-5796-4529-A666-0CEA2C4CEDB1}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 

"{716E9D8B-1810-431A-9B8E-B3661080BCA0}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | 

"{72FEEEAD-578B-46CE-8A9A-FEB86D175EFC}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | 

"{739CFEB8-9D58-4C4C-AB81-3682ACEAE42D}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 

"{753F0EA5-B71C-45BF-AD80-57EEA5472313}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 

"{7B2ADEC2-7FC6-421B-8A2C-AC9D38A5CCE6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 

"{7B86C298-BEA0-4888-AA0D-23C71CE4D5D0}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe | 

"{8042BB3C-8AC9-4A71-86DD-70E0D936FDE8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 

"{85EF2E3C-CBCE-4655-B0FC-F29C1896D550}" = protocol=17 | dir=in | app=d:\pc spiele\stalker\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe | 

"{88B4323A-EF28-45CD-A4CB-651A2552C875}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 

"{8B61664C-D979-4CF3-BBC2-203E2637756C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 

"{8FC66E8E-A274-4EC9-A4A0-04AF95BD1BB4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 

"{9A53DCAE-15B1-4150-8A4F-EE672109158A}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | 

"{9C87FDF3-5A6E-4164-B5E0-63B9A95E7004}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe | 

"{9D88428B-69BF-42C8-8D79-9B05033BBF7B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 

"{A0BB3638-15AB-4369-8E6F-4845858BF637}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe | 

"{A62DCED7-6A06-4A1F-9E22-5615A7012006}" = protocol=6 | dir=in | app=c:\program files\aol 9.0a\waol.exe | 

"{A983E2E2-1D7A-4D7A-BE58-049729767CA3}" = protocol=6 | dir=in | app=c:\program files\aol 9.0a\waol.exe | 

"{AA4C476A-15A8-4906-A87E-E030A932E2DD}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 

"{AB183F35-3D12-433A-83F6-C12C91EBE51A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe | 

"{ABD8BF7C-C9B7-4C6E-90CE-A0305605B9B1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | 

"{AC701468-614E-4C65-854D-78065A2F4622}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 

"{B0888DBC-D0E4-4748-AB73-E0082E4FBD0B}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe | 

"{B0BF9390-7BB5-465F-A2EF-6F3F68294987}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | 

"{BB4C1A59-3668-4365-8890-CAF393219A91}" = protocol=6 | dir=in | app=d:\pc spiele\gears of war\binaries\wargame-g4wlive.exe | 

"{BDD016F8-3150-4A59-A93B-212323926AEC}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe | 

"{BED37DA5-CCC7-4127-9399-7C9540180E26}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 

"{C1CAEDF8-58A8-4EB1-A26D-0AF0F53F123F}" = protocol=17 | dir=in | app=d:\pc spiele\kane&lynch\kaneandlynch.exe | 

"{C318C7B3-74B0-432F-8D18-56C555CBD326}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\server\clipinc-server.exe | 

"{C4A7F102-7ED7-4C5B-8A7A-1F882355E324}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 

"{C6256626-0912-4990-98D4-697452CAB04F}" = protocol=17 | dir=in | app=d:\pc spiele\stalker\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 

"{C702B647-3647-4722-ABFE-7002B1C5A698}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 

"{C783260A-EA35-441C-936E-8C808C8A99C6}" = protocol=17 | dir=in | app=c:\program files\rapidsolution\rs audials one\tunebite\tunebitehelper.exe | 

"{CE6C5139-02AB-420D-89DB-941D13902D42}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 

"{CF4F276E-9C8C-43FD-97A5-5307821F54FD}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe | 

"{D351B421-BB61-46E0-A4F9-9B71E717A3D1}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 

"{D39353BA-952A-4798-8D76-40B595920E04}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 

"{D3F60A33-9B6A-4598-BE63-A0D44A2594A1}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vra\waol.exe | 

"{D6C1A101-9FDF-4849-A2EC-D3B2B51E8D94}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | 

"{D7261367-0EB4-4E9E-B03C-A5D7B459F59E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 

"{D84CEABD-9BD6-49DD-87B1-503474E37904}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | 

"{DF69DF74-ABBB-4F95-9B5C-997D55348E93}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\server\clipinc-server.exe | 

"{E874F2E9-0CA2-48DC-ACBC-2C3E76EFAC7D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe | 

"{E99353F8-2131-483D-9BCA-C8E33D7FC3D7}" = dir=in | app=c:\program files\acer arcade live\acer playmovie\playmovie.exe | 

"{EA0C4E70-E940-4814-83B2-AF6CE1E449DE}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe | 

"{EAAA9DE9-7DA1-4583-8119-8AFAEC1CE63D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1196697833\ee\aolsoftware.exe | 

"{ECA0D9FE-2F62-4C10-B25E-6B61704E9E16}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqscnvw.exe | 

"{EFD48411-205C-4ADD-85D4-B5D73E9AE19B}" = protocol=17 | dir=in | app=c:\program files\aol 9.0a\waol.exe | 

"{F1566BAF-C5BF-48EE-9E0A-CD71351E5E8C}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | 

"{F22A275C-3996-4B68-9DDD-C2F26D7DFE9E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1196336032\ee\aolsoftware.exe | 

"{F6F6DA57-BA61-4367-A504-BD3EC8D1351E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 

"{F95C589B-C1D3-4B77-ABE5-7D0ACE38B25C}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 

"{F9E0BBA9-9818-4CF7-9AD2-EC5AED7FEBCA}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 

"{FC2FE601-4E44-402C-9888-4C80411F0066}" = protocol=6 | dir=in | app=d:\pc spiele\fear\fear.exe | 

"{FD254CEB-12B4-48DF-8913-A99BFC0FFC8A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 

"{FDE4CF68-1D98-4DB1-A7AF-E5B105519B83}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe | 

"{FF58AE98-5FF4-4A9F-833D-377DC5180D4F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe | 

"TCP Query User{01E31ECE-0085-4B72-B20E-3C12BA46A1D3}D:\pc spiele\fear\fpupdate.exe" = protocol=6 | dir=in | app=d:\pc spiele\fear\fpupdate.exe | 

"TCP Query User{090D0BA8-B644-46E8-B74E-35784BCF3068}D:\vga\icq6.5\icq.exe" = protocol=6 | dir=in | app=d:\vga\icq6.5\icq.exe | 

"TCP Query User{0EAD0715-7848-4603-83D5-DE6CFEEBEE14}D:\pc spiele\bin32\farcry.exe" = protocol=6 | dir=in | app=d:\pc spiele\bin32\farcry.exe | 

"TCP Query User{52D450CE-4B9D-4E90-A986-86982EAED7B3}D:\pc spiele\pes 2009\pes2009.exe" = protocol=6 | dir=in | app=d:\pc spiele\pes 2009\pes2009.exe | 

"TCP Query User{65097D5C-FFF4-443F-995F-E057B360C2A3}C:\program files\steam\steamapps\inari187\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\inari187\team fortress 2\hl2.exe | 

"TCP Query User{6563F20A-CCAE-4AB5-8DD0-7237C40BB7B8}D:\pc spiele\far cry\bin32\farcry.exe" = protocol=6 | dir=in | app=d:\pc spiele\far cry\bin32\farcry.exe | 

"TCP Query User{66F4EF41-2A1D-4EE7-9D04-98E9BB36BFF3}C:\test drive\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\test drive\testdriveunlimited.exe | 

"TCP Query User{6AAA06DC-5610-4300-98F0-2E520A67F83D}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 

"TCP Query User{766864EC-B6BC-473A-8ADF-4CF4D7E6815F}F:\kituri\torent\utorrent.exe" = protocol=6 | dir=in | app=f:\kituri\torent\utorrent.exe | 

"TCP Query User{A96EACA2-B7DF-4C1E-B5ED-10E1F36A2997}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 

"TCP Query User{AF5126A3-6396-4291-B79B-383482B04A98}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 

"TCP Query User{B681F4F1-30D2-49F3-B339-31AEF74E9CB8}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 

"TCP Query User{C0149211-4F1B-48C9-A1D0-3DA71AA1933D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 

"TCP Query User{C0DEF41C-1468-4075-AF47-2F77922CDDB5}D:\pc spiele\moh pacific\mohpa.exe" = protocol=6 | dir=in | app=d:\pc spiele\moh pacific\mohpa.exe | 

"TCP Query User{D1FAAEBA-DBDA-4628-98DE-82C66E933EE1}C:\users\7\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=6 | dir=in | app=c:\users\7\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe | 

"TCP Query User{FCDA7CF5-EC7A-43AB-AD29-F4DB1D840FCF}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | 

"TCP Query User{FD31CD66-4500-4512-9940-494900798374}D:\pc spiele\splinter cell\scda-offline\system\splintercell4.exe" = protocol=6 | dir=in | app=d:\pc spiele\splinter cell\scda-offline\system\splintercell4.exe | 

"UDP Query User{0702EAAA-0508-42DA-98D5-B7C7B563D43E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 

"UDP Query User{15DD011C-A065-471D-BDDD-5D35A57EBDC2}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 

"UDP Query User{2C0B62B4-E381-46A7-A7B4-6FC42593CA0D}D:\pc spiele\far cry\bin32\farcry.exe" = protocol=17 | dir=in | app=d:\pc spiele\far cry\bin32\farcry.exe | 

"UDP Query User{2C65ABE8-612F-460C-A135-EEE620FF5ABD}D:\pc spiele\pes 2009\pes2009.exe" = protocol=17 | dir=in | app=d:\pc spiele\pes 2009\pes2009.exe | 

"UDP Query User{2FD7310F-C0E3-459D-B3C2-53CC93AF577F}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe | 

"UDP Query User{38E638F3-6B24-4E67-A874-8BAAF264C253}C:\program files\steam\steamapps\inari187\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\inari187\team fortress 2\hl2.exe | 

"UDP Query User{47064FD9-B422-4E91-97C5-BD3BB49BA6D1}D:\pc spiele\fear\fpupdate.exe" = protocol=17 | dir=in | app=d:\pc spiele\fear\fpupdate.exe | 

"UDP Query User{5F61E3A3-3B58-4970-B30D-76A9B7CDAA47}D:\pc spiele\splinter cell\scda-offline\system\splintercell4.exe" = protocol=17 | dir=in | app=d:\pc spiele\splinter cell\scda-offline\system\splintercell4.exe | 

"UDP Query User{5FC7B76C-EB10-4538-8F6D-0F6EDE746A3B}C:\users\7\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=17 | dir=in | app=c:\users\7\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe | 

"UDP Query User{674093BC-7F76-4158-9613-C3A81B9DAF03}D:\pc spiele\moh pacific\mohpa.exe" = protocol=17 | dir=in | app=d:\pc spiele\moh pacific\mohpa.exe | 

"UDP Query User{9A73F0A4-032C-43D6-8071-524596EA7742}D:\pc spiele\bin32\farcry.exe" = protocol=17 | dir=in | app=d:\pc spiele\bin32\farcry.exe | 

"UDP Query User{A1D514EA-D8D6-4791-B34E-F19DA4098975}F:\kituri\torent\utorrent.exe" = protocol=17 | dir=in | app=f:\kituri\torent\utorrent.exe | 

"UDP Query User{AC741147-98D3-4BF2-BAF9-654521B013FF}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 

"UDP Query User{BF14F94C-C984-4CCE-A5C1-AF5166303232}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 

"UDP Query User{D2C7E5D6-0501-46B1-8A68-B78B1139B176}C:\test drive\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\test drive\testdriveunlimited.exe | 

"UDP Query User{E1968F26-2526-4A32-9EE1-A127430AC318}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 

"UDP Query User{EBFCE35B-F715-468C-B136-660C6718D8EF}D:\vga\icq6.5\icq.exe" = protocol=17 | dir=in | app=d:\vga\icq6.5\icq.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{03534DA5-2F88-4B8E-A978-849B979E1B8F}" = TuxGuitar

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp

"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War

"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect

"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch

"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker

"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1967D67C-6F3F-4001-9644-BAC704F7EE84}" = Samsung PC Studio

"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1

"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer

"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 24

"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg

"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR

"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component

"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan

"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.012.00

"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6

"{345CDDCB-8241-4E76-9D3B-155F2FD6F07E}" = Sony Ericsson PC Suite

"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3E7940A4-495B-4DC5-B5C9-D2EE1DE9E5EF}" = Call of Juarez

"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD

"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth

"{44B2E182-DD85-45FC-9F51-326B81D7C7F1}" = Fax

"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2

"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works

"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater

"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport

"{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}" = Medal of Honor Pacific Assault(tm)

"{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}" = TES Construction Set

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}" = PixiePack Codec Pack

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder

"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6D93BD2D-BA71-491A-926C-37FE1580CEE0}" = The Witcher Enhanced Edition - "Nebenwirkungen"

"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK

"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone

"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 SE DVD

"{76D6737F-CF8D-4e9c-B3FE-1C65604804E1}" = FotoUp

"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update

"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver

"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert

"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger

"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder

"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting

"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger

"{937B232D-9776-471E-92BD-D424E514EF14}" = Logitech QuickCam

"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery

"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9639A939-076D-4fdc-8F0C-F9D531E0E2A6}" = W3FotoUp

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A182077A-8D6B-4194-B48A-B4DC37C69907}" = RealSpeak Solo for UK English Emily

"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Acer PlayMovie

"{A66C4716-7E10-4A53-8101-00C3C11D6A9C}" = Kane and Lynch: Dead Men

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology

"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.6 - Deutsch

"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8

"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant

"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management

"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan

"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0

"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine

"{B29051F5-5D7D-443e-ABE9-7CBB29EAC200}" = C4380

"{B2D7C787-7BFD-47b3-AE85-60146221015D}" = C4380_Help

"{B34E4B72-37C6-4f79-A5B3-008EEFC6EA8B}" = PS_AIO_02_Software_min

"{B46AC30C-22D2-4610-B041-1DA7BB29EB57}" = HP Photosmart All-In-One Software 9.0

"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX

"{B7E5D642-E74E-40a4-B5C7-6AB6EE916814}" = PS_AIO_02_ProductContext

"{BC10649A-983B-494e-AD1F-DE0BF717D701}" = PS_AIO_02_Software

"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio

"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers

"{C82185E8-C27B-4EF4-2007-3333BC2C2B6D}" = Microsoft AutoRoute 2007

"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data

"{CAD1691A-FA24-4B95-9009-3257B8440ECC}" = Tom Clancy's Splinter Cell Double Agent

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CC13FB47-0B90-46C3-9BB7-57D2DB455D4D}" = Microsoft Xbox 360 Accessories 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2

"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management

"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite

"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry

"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007

"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm

"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock

"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack

"{E91E8912-769D-42F0-8408-0E329443BABC}" = Sitecom Wireless Network USB Adapter Turbo G WL-172

"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer

"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page

"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher

"{F40C0988-E8B1-479b-80BD-D5FADAB9697A}" = C4380_doccd

"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician

"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status

"2D96D7FEFC2FEFB9F9D638DA8C3C6ECD3BDF9531" = Windows-Treiberpaket - Atheros Communications Inc. (athrusb) Net  (03/26/2008 2.2.0.15)

"3868648A8462AE872BD70533258F5196B59F7823" = Windows-Treiberpaket - Realtek Semiconductor Corp. (RTL8187B) Net  (09/04/2007 6.1102.0904.2007)

"58A20748E54772454ED3FD879ADF67B0F2F740AD" = Windows-Treiberpaket - Ralink (netr28u) Net  (04/21/2008 2.01.06.0000)

"76ED8308D49DD425D85813FD8C2AFC6AA75D1099" = Windows-Treiberpaket - Ralink (rt70x86) Net  (10/09/2007 3.01.00.0000)

"7-Zip" = 7-Zip 4.57

"93A6F6D028ABE440673A298C1022FF011EF69A50" = Windows-Treiberpaket - Realtek Semiconductor Corp. (RTL8187) Net  (01/30/2007 6.1281.0130.2007)

"A4608AD9231CF116CF8816A4DF61FB9E497FBACA" = Windows-Treiberpaket - Ralink Technology, Corp. (netr28) Net  (05/19/2008 2.00.06.0000)

"A7FCE32D22855DCF300C7415E453EFBE8549AC46" = Windows-Treiberpaket - Ralink (netr73) Net  (02/26/2008 3.01.04.0000)

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Audacity_is1" = Audacity 1.2.6

"Avira AntiVir Desktop" = Avira AntiVir Premium

"C06E598F706862939966091EF919ACEB82037A3F" = Windows-Treiberpaket - Ralink Technology, Inc. (RT2500) Net  (06/01/2006 3.02.00.0000)

"CCleaner" = CCleaner (remove only)

"Clickster161" = Clickster

"D63EA7FA1ED78B2B5396F0C16AD513F162102F14" = Windows-Treiberpaket - Ralink Technology Corp. (rt61x86) Net  (09/28/2007 2.01.00.0000)

"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v4.60

"facemoods" = facemoods

"Free Fire Screensaver" = Free Fire Screensaver

"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.4

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2

"Google Updater" = Google Updater

"Grand Theft Auto IV Screenshot" = Grand Theft Auto IV Screenshot Screen Saver

"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar

"HP Imaging Device Functions" = HP Imaging Device Functions 9.0

"HP Photosmart Essential" = HP Photosmart Essential 2.01

"HP Smart Web Printing" = HP Smart Web Printing 4.60

"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0

"HPExtendedCapabilities" = HP Customer Participation Program 9.0

"HPOCR" = HP OCR Software 9.0

"InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War

"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker

"InstallShield_{3E7940A4-495B-4DC5-B5C9-D2EE1DE9E5EF}" = Call of Juarez

"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2

"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry

"lvdrivers_11.90" = Logitech QuickCam-Treiberpaket

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Matrix Code Emulator_is1" = Matrix Code Emulator 1.50

"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)

"Nano" = Nano 1.1.1

"NAVIGON Fresh" = NAVIGON Fresh 1.4.6

"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

"NVIDIA Drivers" = NVIDIA Drivers

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"OpenAL" = OpenAL

"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11

"RealPlayer 6.0" = RealPlayer Basic

"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set

"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software

"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software

"SeaStorm 3D Screensaver" = SeaStorm 3D Screensaver (remove only)

"SMSERIAL" = Motorola SM56 Speakerphone Modem

"softonic-de3 Toolbar" = softonic-de3 Toolbar

"Steam App 220" = Half-Life 2

"Steam App 380" = Half-Life 2: Episode One

"Steam App 400" = Portal

"Steam App 420" = Half-Life 2: Episode Two

"StreetPlugin" = Learn2 Player (Uninstall Only)

"Uninstall_is1" = Uninstall 1.0.0.1

"UnityWebPlayer" = Unity Web Player

"ViewpointMediaPlayer" = Viewpoint Media Player

"Vodafone WCDMA Composite Device Drive" = Vodafone WCDMA Composite Device Drive Software

"WinGimp-2.0_is1" = GIMP 2.6.8

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR

"Xilisoft Download YouTube Video" = Xilisoft Download YouTube Video

"Yahoo! Companion" = Yahoo! Toolbar

"Yahoo! Customizations" = Yahoo! Extras

"Yahoo! Messenger" = Yahoo! Messenger

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 27.04.2011 11:03:26 | Computer Name = KIMI | Source = LoadPerf | ID = 3012

Description = 

 

Error - 27.04.2011 11:03:26 | Computer Name = KIMI | Source = LoadPerf | ID = 3011

Description = 

 

Error - 27.04.2011 11:10:47 | Computer Name = KIMI | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung msnmsgr.exe, Version 15.4.3508.1109, Zeitstempel

 0x4cda7240, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,

 Ausnahmecode 0xc0000005, Fehleroffset 0x00310045,  Prozess-ID 0xfd0, Anwendungsstartzeit

 01cc04eb461ff6e8.

 

Error - 27.04.2011 15:22:28 | Computer Name = KIMI | Source = Avira AntiVir | ID = 4112

Description = Bei der Anforderung nach einer Resource des Betriebssystems trat ein

 Fehler auf.  Die Resource 'GAVID_SRV' wurde nicht zugewiesen.  Der Grund hierfür könnte

 zu wenig Hauptspeicher oder ein anderer Systemfehler sein.  Fehlercode: 0x5

 

Error - 27.04.2011 15:22:28 | Computer Name = KIMI | Source = Avira AntiVir | ID = 4122

Description = Die Datei GAVID_SRV konnte nicht geladen werden.  Fehlercode: 0x5

 

Error - 27.04.2011 15:23:02 | Computer Name = KIMI | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description = 

 

Error - 27.04.2011 15:23:02 | Computer Name = KIMI | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description = 

 

Error - 28.04.2011 11:02:36 | Computer Name = KIMI | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description = 

 

Error - 28.04.2011 11:02:36 | Computer Name = KIMI | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description = 

 

Error - 28.04.2011 11:04:14 | Computer Name = KIMI | Source = Application Error | ID = 1000

Description = Fehlerhafte Anwendung msnmsgr.exe, Version 15.4.3508.1109, Zeitstempel

 0x4cda7240, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,

 Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,  Prozess-ID 0xf9c, Anwendungsstartzeit

 01cc05b5428dda90.

 

[ System Events ]

Error - 07.04.2011 16:04:09 | Computer Name = KIMI | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am 07.04.2011 um 22:02:28 unerwartet heruntergefahren.

 

Error - 10.04.2011 04:20:15 | Computer Name = KIMI | Source = Service Control Manager | ID = 7022

Description = 

 

Error - 16.04.2011 14:14:47 | Computer Name = KIMI | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am 16.04.2011 um 20:13:11 unerwartet heruntergefahren.

 

Error - 20.04.2011 15:24:52 | Computer Name = KIMI | Source = Server | ID = 2505

Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht

 \Device\NetBT_Tcpip_{A276DE79-56F2-4C3D-9808-91BDD051C09A} vom Serverdienst nicht

 gebunden werden. Der Serverdienst konnte nicht gestartet werden.

 

Error - 23.04.2011 09:43:39 | Computer Name = KIMI | Source = Microsoft-Windows-ResourcePublication | ID = 1002

Description = 

 

Error - 23.04.2011 15:59:17 | Computer Name = KIMI | Source = Service Control Manager | ID = 7009

Description = 

 

Error - 25.04.2011 03:24:40 | Computer Name = KIMI | Source = Service Control Manager | ID = 7022

Description = 

 

Error - 25.04.2011 03:32:52 | Computer Name = KIMI | Source = Service Control Manager | ID = 7022

Description = 

 

Error - 25.04.2011 04:00:14 | Computer Name = KIMI | Source = Service Control Manager | ID = 7022

Description = 

 

Error - 25.04.2011 04:30:14 | Computer Name = KIMI | Source = Service Control Manager | ID = 7022

Description = 

 

 

< End of report >

--- --- ---

-----------------------------------------------------------------------------------

OTL.TxtOTL Logfile:

Code:

OTL logfile created on: 28.04.2011 17:42:08 - Run 1

OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\7\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 144,29 Gb Total Space | 64,92 Gb Free Space | 44,99% Space Free | Partition Type: NTFS

Drive D: | 144,04 Gb Total Space | 92,51 Gb Free Space | 64,23% Space Free | Partition Type: NTFS

 

Computer Name: KIMI | User Name: 7 | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Users\7\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH)

PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)

PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)

PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)

PRC - C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)

PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)

PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)

PRC - C:\Programme\Logitech\QuickCam\Quickcam.exe ()

PRC - C:\Programme\Common Files\LogiShrd\LQCVFX\COCIManager.exe ()

PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)

PRC - C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft)

PRC - C:\Programme\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation)

PRC - C:\Programme\Acer Arcade Live\Acer PlayMovie\PMVService.exe (CyberLink Corp.)

PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)

PRC - C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)

PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

PRC - C:\Acer\Empowering Technology\SysMonitor.exe ()

PRC - C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()

PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)

PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)

PRC - C:\Programme\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe (Sony Ericsson Mobile Communications AB)

PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()

PRC - C:\Programme\Common Files\Teleca Shared\Generic.exe (Teleca AB)

PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Users\7\Downloads\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (CLTNetCnService) --  File not found

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)

SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)

SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (OMSI download service) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()

SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft)

SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)

SRV - (Acer HomeMedia Connect Service) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)

SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)

SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek                                            )

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (LVUVC) Logitech QuickCam E3500(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)

DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)

DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)

DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()

DRV - (ACEDRV07) -- C:\Windows\System32\drivers\ACEDRV07.sys (Protect Software GmbH)

DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)

DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)

DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()

DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)

DRV - (gmer) -- C:\Windows\System32\drivers\gmer.sys (GMER)

DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)

DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()

DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys (Acer, Inc.)

DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology Corp.)

DRV - (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) -- C:\Windows\System32\drivers\s116unic.sys (MCCI Corporation)

DRV - (s116obex) -- C:\Windows\System32\drivers\s116obex.sys (MCCI Corporation)

DRV - (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) -- C:\Windows\System32\drivers\s116nd5.sys (MCCI Corporation)

DRV - (s116mgmt) Sony Ericsson Device 116  USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s116mgmt.sys (MCCI Corporation)

DRV - (s116mdm) -- C:\Windows\System32\drivers\s116mdm.sys (MCCI Corporation)

DRV - (s116mdfl) -- C:\Windows\System32\drivers\s116mdfl.sys (MCCI Corporation)

DRV - (s116bus) Sony Ericsson Device 116 driver (WDM) -- C:\Windows\System32\drivers\s116bus.sys (MCCI Corporation)

DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)

DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Live\Acer PlayMovie\000.fcl (Cyberlink Corp.)

DRV - (RT73) -- C:\Windows\System32\drivers\rt73.sys (Ralink Technology, Corp.)

DRV - (ssm_mdm) -- C:\Windows\System32\drivers\ssm_mdm.sys (MCCI)

DRV - (ssm_mdfl) -- C:\Windows\System32\drivers\ssm_mdfl.sys (MCCI)

DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\Windows\System32\drivers\ssm_bus.sys (MCCI)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://de.rd.yahoo.com/customize/ie/defaults/su/msgr8/*hxxp://de.search.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*hxxp://de.search.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=stonicde&s={searchTerms}&f=4

IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://de.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*hxxp://de.search.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {1CFFA392-0898-4b1c-89D1-6E98F9D8EF78} - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "foxsearch"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.sweetim.com/search.asp?src=2&q="

FF - prefs.js..browser.search.order.1: "foxsearch"

FF - prefs.js..browser.search.selectedEngine: "foxsearch"

FF - prefs.js..browser.startup.homepage: "hxxp://www.yahoo.de/"

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

FF - prefs.js..network.proxy.autoconfig_url: "file:///C:/Users/7/AppData/Local/RapidSolution/Videoraptor/WebRip/profile/rrproxy_ffox_498ebeee.pac"

FF - prefs.js..network.proxy.no_proxies_on: ""

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"

FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Wikipedia (de)"

FF - prefs.js..browser.startup.homepage: "www.yahoo.de"

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

 

FF - user.js..browser.search.selectedEngine: "foxsearch"

FF - user.js..browser.search.order.1: "foxsearch"

FF - user.js..browser.search.defaultenginename: "foxsearch"

FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

 

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.07.28 13:50:05 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.25 16:34:42 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.25 16:34:39 | 000,000,000 | ---D | M]

 

[2008.12.01 18:32:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\7\AppData\Roaming\mozilla\Extensions

[2011.04.26 17:14:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\7\AppData\Roaming\mozilla\Firefox\Profiles\j0y8h3s8.default\extensions

[2011.04.25 10:19:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\7\AppData\Roaming\mozilla\Firefox\Profiles\j0y8h3s8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011.04.25 21:38:59 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\7\AppData\Roaming\mozilla\Firefox\Profiles\j0y8h3s8.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2011.04.26 17:14:35 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\7\AppData\Roaming\mozilla\Firefox\Profiles\j0y8h3s8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011.04.25 10:19:08 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\7\AppData\Roaming\mozilla\Firefox\Profiles\j0y8h3s8.default\extensions\ffxtlbr@Facemoods.com

[2011.04.25 10:19:09 | 000,000,000 | ---D | M] (Gutscheinmieze) -- C:\Users\7\AppData\Roaming\mozilla\Firefox\Profiles\j0y8h3s8.default\extensions\gutscheinmieze@synatix-gmbh.de

[2011.04.23 19:32:20 | 000,001,056 | ---- | M] () -- C:\Users\7\AppData\Roaming\Mozilla\Firefox\Profiles\j0y8h3s8.default\searchplugins\icqplugin.xml

[2010.01.25 20:07:02 | 000,003,915 | ---- | M] () -- C:\Users\7\AppData\Roaming\Mozilla\Firefox\Profiles\j0y8h3s8.default\searchplugins\sweetim.xml

[2011.04.25 16:34:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2010.04.27 20:24:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010.08.10 10:48:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010.10.25 18:16:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011.01.10 10:09:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011.02.18 22:53:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

File not found (No name found) -- 

[2010.04.11 19:16:34 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

[2010.04.27 20:24:46 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010.08.10 10:48:06 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010.10.25 18:16:54 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011.01.10 10:09:42 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011.02.18 22:53:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll

[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll

[2010.03.19 10:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Programme\Mozilla Firefox\plugins\npmieze.dll

[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml

[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml

[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml

[2010.09.28 18:14:06 | 000,002,040 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrchstonicde.xml

[2010.11.22 20:43:34 | 000,000,143 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\foxsearch.src

[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml

[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml

[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Programme\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)

O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - No CLSID value found.

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)

O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)

O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)

O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Programme\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)

O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\7\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)

O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)

O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\7\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)

O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)

O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()

O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)

O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)

O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()

O4 - HKLM..\Run: [PCMMediaSharing] C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()

O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe (CyberLink Corp.)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)

O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()

O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)

O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Acer Tour Reminder]  File not found

O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)

O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Programme\Xilisoft\Download YouTube Video\upod_link.HTM ()

O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - Reg Error: Key error. File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)

O13 - gopher Prefix: missing

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll -  File not found

O24 - Desktop WallPaper: C:\Users\7\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O24 - Desktop BackupWallPaper: C:\Users\7\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.04.28 17:12:16 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll

[2011.04.28 17:03:20 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{16EB5C1E-DAC2-4587-826D-69894AC40C3E}

[2011.04.27 21:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest

[2011.04.27 16:57:38 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{501E7A4A-E1A5-4A3B-937C-C76EED02733E}

[2011.04.26 19:10:30 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{8BB93BEB-4B45-4B02-AE09-B0D37CE4EF35}

[2011.04.26 17:12:11 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{66DB1119-8650-4A22-99A9-6A74E608241A}

[2011.04.25 10:48:06 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Roaming\Malwarebytes

[2011.04.25 10:47:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011.04.25 10:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.04.25 10:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011.04.25 10:47:16 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011.04.25 10:47:16 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2011.04.25 09:19:57 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{39C73259-6ADD-456E-9B16-6594E9E662D8}

[2011.04.24 10:06:43 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{6608C630-1C30-47A7-A210-181D369EC1F6}

[2011.04.23 21:59:23 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{FFA6E56B-78E6-42FC-A910-BA317800EA60}

[2011.04.23 19:19:50 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{ED0C1408-14A3-402B-B500-63FBB58786D3}

[2011.04.23 15:44:57 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{7640FEA8-762E-4977-BFBF-155073DA73F3}

[2011.04.22 09:35:05 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{49160889-ABD3-47B5-BFF1-11D96AE74F48}

[2011.04.21 17:09:01 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{5A8DFD98-2E91-4FB6-90F5-3A3A281D1B5E}

[2011.04.20 17:24:11 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{8C39F67C-7BE6-4724-9882-8184FA661881}

[2011.04.19 17:01:21 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{A9242E20-77ED-4FAB-9B2F-B2F875559784}

[2011.04.19 17:00:42 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{55D1AF0B-03FE-4E96-85BB-9D0C5FDB8262}

[2011.04.18 14:30:50 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{B34016DD-8A7C-4FAE-9211-1AAA597F8249}

[2011.04.17 10:22:40 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{97E4E3D2-0073-4E19-89EB-FDA32DF3B62D}

[2011.04.16 09:22:39 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{C51E5897-08D9-4F5C-9635-3145D24FBBAE}

[2011.04.15 17:07:56 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{DD97A9BC-A942-4F48-8898-494E5A862591}

[2011.04.14 17:16:46 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{D82BC95B-8430-4559-A296-B5989B43BB9D}

[2011.04.13 21:30:03 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2011.04.13 21:30:03 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2011.04.13 21:29:58 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll

[2011.04.13 21:29:58 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll

[2011.04.13 21:29:54 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe

[2011.04.13 21:29:52 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2011.04.13 17:13:57 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{4F925A13-2B50-4306-B6E2-45C10D95F5AB}

[2011.04.12 17:19:17 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{6442C79A-30A0-40F8-A8D6-92883DD808A5}

[2011.04.11 21:46:57 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{147AB97D-BBF3-4083-AA91-69691C6C8667}

[2011.04.11 17:16:00 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{F7DEEE5A-811D-4403-9EE9-40480BA248F5}

[2011.04.10 10:15:48 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{F181078E-0662-44D0-B116-E511F89D028C}

[2011.04.09 08:55:43 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{EB1E6DB1-475B-45B8-8E30-0E1C11AD5AEA}

[2011.04.07 21:48:20 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll

[2011.04.07 21:48:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011.04.07 21:48:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011.04.07 21:48:19 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll

[2011.04.07 21:48:19 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2011.04.07 21:48:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe

[2011.04.07 21:48:19 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe

[2011.04.07 21:48:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll

[2011.04.07 21:48:18 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011.04.07 21:48:18 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll

[2011.04.07 21:48:18 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll

[2011.04.07 21:48:17 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2011.04.07 21:48:17 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2011.04.07 21:48:17 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2011.04.07 21:48:17 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2011.04.07 21:48:17 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011.04.07 21:48:17 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe

[2011.04.07 21:48:17 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe

[2011.04.07 21:48:17 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll

[2011.04.07 21:48:17 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2011.04.07 21:48:17 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2011.04.07 21:48:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2011.04.07 21:48:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2011.04.07 21:48:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011.04.07 21:48:16 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011.04.07 21:48:16 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2011.04.07 21:48:16 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2011.04.07 21:48:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2011.04.07 21:48:16 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2011.04.07 21:48:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll

[2011.04.07 21:48:15 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2011.04.07 21:48:15 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2011.04.07 21:48:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll

[2011.04.07 21:48:15 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll

[2011.04.07 21:48:15 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011.04.07 21:48:15 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll

[2011.04.07 21:48:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2011.04.07 21:48:15 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll

[2011.04.07 21:48:15 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2011.04.07 17:19:03 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{AE37ABB7-8E51-4EB5-B7C9-D6BF0462D71B}

[2011.04.07 17:18:27 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{1AA7FFF1-CFE5-45FE-B44A-B54784232588}

[2011.04.06 17:57:32 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{8C3D2F3B-94D1-48AF-AB94-CFA637DB736B}

[2011.04.05 17:24:11 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{E1C408E6-86CC-4F43-A999-E93C851AB0FD}

[2011.04.04 17:15:52 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{81697491-542F-4C0E-A1A1-B81BCA4FC230}

[2011.04.03 09:04:25 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{87E89821-5BFE-4AF1-A1E8-13D9EAC7D055}

[2011.04.02 12:43:51 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{7FB87039-6520-43C4-B908-ADEF4D2832BC}

[2011.04.01 16:58:42 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{F76F653E-1196-4CF6-8DC9-D58EDC6C5D4B}

[2011.03.31 17:23:33 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{E3F59802-CA46-4507-ACA9-B6AF9529669C}

[2011.03.30 17:11:01 | 000,000,000 | ---D | C] -- C:\Users\7\AppData\Local\{7284C2D3-E83E-4578-B4CA-27EA0343E498}

[2009.11.30 19:35:48 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe7119.dll

[2007.10.29 16:40:03 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe

[2007.07.26 11:29:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.04.28 17:05:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011.04.28 17:04:31 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job

[2011.04.28 17:01:58 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011.04.28 17:01:55 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011.04.28 17:01:55 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011.04.28 17:01:51 | 000,036,533 | ---- | M] () -- C:\ProgramData\nvModes.001

[2011.04.28 17:01:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.04.27 17:03:30 | 020,142,370 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2011.04.27 17:03:30 | 006,595,066 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011.04.27 17:03:30 | 006,461,834 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2011.04.27 17:03:30 | 005,836,508 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011.04.26 19:43:49 | 000,000,784 | ---- | M] () -- C:\Users\7\Desktop\OTL - Verknüpfung.lnk

[2011.04.25 16:58:41 | 000,000,554 | ---- | M] () -- C:\Users\7\Desktop\unhide - Verknüpfung.lnk

[2011.04.25 16:34:44 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011.04.25 10:47:35 | 000,000,928 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.04.25 09:29:21 | 000,000,392 | ---- | M] () -- C:\ProgramData\34594568

[2011.04.25 09:27:06 | 000,000,120 | ---- | M] () -- C:\ProgramData\~34594568

[2011.04.25 09:27:05 | 000,000,136 | ---- | M] () -- C:\ProgramData\~34594568r

[2011.04.25 09:19:29 | 000,036,533 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2011.04.24 16:57:05 | 000,008,592 | ---- | M] () -- C:\Users\7\AppData\Local\d3d9caps.dat

[2011.04.16 20:14:41 | 185,343,855 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2011.04.14 17:13:27 | 000,324,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011.04.07 21:48:31 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat

[2011.04.07 21:48:31 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat

[2011.04.07 21:48:20 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll

[2011.04.07 21:48:20 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011.04.07 21:48:19 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011.04.07 21:48:19 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll

[2011.04.07 21:48:19 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2011.04.07 21:48:19 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe

[2011.04.07 21:48:19 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe

[2011.04.07 21:48:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll

[2011.04.07 21:48:18 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011.04.07 21:48:18 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll

[2011.04.07 21:48:18 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll

[2011.04.07 21:48:17 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2011.04.07 21:48:17 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2011.04.07 21:48:17 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2011.04.07 21:48:17 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2011.04.07 21:48:17 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011.04.07 21:48:17 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe

[2011.04.07 21:48:17 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe

[2011.04.07 21:48:17 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll

[2011.04.07 21:48:17 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2011.04.07 21:48:17 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2011.04.07 21:48:17 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf

[2011.04.07 21:48:17 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2011.04.07 21:48:17 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2011.04.07 21:48:16 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011.04.07 21:48:16 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011.04.07 21:48:16 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2011.04.07 21:48:16 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2011.04.07 21:48:16 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2011.04.07 21:48:16 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2011.04.07 21:48:16 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll

[2011.04.07 21:48:15 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2011.04.07 21:48:15 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2011.04.07 21:48:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll

[2011.04.07 21:48:15 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll

[2011.04.07 21:48:15 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011.04.07 21:48:15 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll

[2011.04.07 21:48:15 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2011.04.07 21:48:15 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll

[2011.04.07 21:48:15 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.04.26 19:43:49 | 000,000,784 | ---- | C] () -- C:\Users\7\Desktop\OTL - Verknüpfung.lnk

[2011.04.25 16:58:41 | 000,000,554 | ---- | C] () -- C:\Users\7\Desktop\unhide - Verknüpfung.lnk

[2011.04.25 16:34:44 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2011.04.25 16:34:44 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011.04.25 10:47:35 | 000,000,928 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.04.25 09:27:05 | 000,000,136 | ---- | C] () -- C:\ProgramData\~34594568r

[2011.04.25 09:27:05 | 000,000,120 | ---- | C] () -- C:\ProgramData\~34594568

[2011.04.25 09:26:42 | 000,000,392 | ---- | C] () -- C:\ProgramData\34594568

[2011.04.07 21:48:17 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf

[2010.10.14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2010.07.28 13:49:41 | 000,023,657 | ---- | C] () -- C:\Windows\hpqins15.dat

[2010.07.15 15:56:34 | 000,000,280 | ---- | C] () -- C:\Windows\game.ini

[2009.12.29 21:23:32 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll

[2009.12.03 10:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2009.08.26 18:03:16 | 000,036,533 | ---- | C] () -- C:\ProgramData\nvModes.001

[2009.08.26 18:01:11 | 000,036,533 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2009.08.26 15:40:29 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009.08.26 15:40:29 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2009.07.10 20:15:11 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll

[2009.04.30 22:39:36 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[2009.01.12 19:14:17 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat

[2008.12.16 22:58:54 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys

[2008.12.16 22:50:56 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLgFT.dll

[2008.10.08 10:57:49 | 000,000,464 | ---- | C] () -- C:\Users\7\AppData\Roaming\Patch-Master.exe.ini

[2008.10.08 10:57:49 | 000,000,000 | ---- | C] () -- C:\Users\7\AppData\Roaming\Patch-Master.exe.dat

[2008.08.14 13:15:57 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2008.07.03 11:49:41 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll

[2008.07.03 11:49:41 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll

[2008.05.20 07:57:30 | 002,729,472 | ---- | C] () -- C:\Windows\System32\fun_avcodec.dll

[2008.02.27 11:30:18 | 000,000,022 | ---- | C] () -- C:\ProgramData\60a7806a-0eea-424c-a464-20f4730cd631

[2008.02.15 17:07:41 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2008.02.07 21:50:15 | 000,585,791 | ---- | C] () -- C:\Windows\gmer.dll

[2008.02.07 21:50:15 | 000,581,632 | ---- | C] () -- C:\Windows\gmer.exe

[2008.02.07 21:50:15 | 000,000,250 | ---- | C] () -- C:\Windows\gmer.ini

[2008.01.08 17:28:47 | 000,048,640 | ---- | C] () -- C:\Windows\AKDeInstall.exe

[2008.01.02 19:25:41 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys

[2008.01.02 19:25:39 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys

[2007.12.20 14:50:52 | 000,640,957 | ---- | C] () -- C:\Windows\unins000.exe

[2007.12.20 14:50:52 | 000,000,789 | ---- | C] () -- C:\Windows\unins000.dat

[2007.12.14 12:32:52 | 000,012,632 | ---- | C] () -- C:\Windows\System32\lsdelete.exe

[2007.12.14 10:37:32 | 000,008,592 | ---- | C] () -- C:\Users\7\AppData\Local\d3d9caps.dat

[2007.12.13 21:56:50 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html

[2007.12.08 20:53:41 | 000,000,216 | ---- | C] () -- C:\Windows\Ulead32.ini

[2007.12.06 14:28:21 | 000,035,840 | ---- | C] () -- C:\Users\7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2007.12.05 19:58:32 | 000,000,089 | ---- | C] () -- C:\Users\7\AppData\Local\fusioncache.dat

[2007.11.29 15:15:33 | 000,166,995 | ---- | C] () -- C:\Windows\hpoins21.dat

[2007.11.29 15:15:33 | 000,008,138 | ---- | C] () -- C:\Windows\hpomdl21.dat

[2007.11.28 13:13:38 | 000,000,819 | ---- | C] () -- C:\Windows\aolback.exe.lnk

[2007.11.28 13:11:43 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat

[2007.11.23 10:57:14 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2007.11.23 10:57:14 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2007.11.20 21:44:18 | 000,001,650 | ---- | C] () -- C:\Users\7\AppData\Roaming\wklnhst.dat

[2007.11.19 23:08:06 | 000,000,022 | ---- | C] () -- C:\Windows\msoffice.ini

[2007.10.29 16:42:18 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini

[2007.10.29 16:42:18 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini

[2007.10.29 16:40:03 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe

[2007.08.23 18:30:00 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2007.07.26 21:28:01 | 000,001,024 | R--- | C] () -- C:\Windows\System32\NTIBUN4.dll

[2007.07.26 19:31:59 | 000,000,742 | ---- | C] () -- C:\Windows\generic.ini

[2007.07.26 19:31:59 | 000,000,128 | ---- | C] () -- C:\Windows\Alaunch.ini

[2007.07.26 19:31:56 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1283.dll

[2007.07.26 11:29:30 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll

[2007.04.25 16:33:22 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll

[2007.04.25 16:32:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll

[2007.04.25 16:32:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll

[2007.04.25 16:31:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll

[2007.04.25 16:30:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll

[2007.04.25 16:30:44 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll

[2006.12.25 15:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll

[2006.11.13 05:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin

[2006.11.02 17:33:31 | 020,142,370 | ---- | C] () -- C:\Windows\System32\perfh007.dat

[2006.11.02 17:33:31 | 006,461,834 | ---- | C] () -- C:\Windows\System32\perfc007.dat

[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat

[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat

[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006.11.02 14:47:37 | 000,324,752 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006.11.02 12:33:01 | 006,595,066 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006.11.02 12:33:01 | 005,836,508 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2005.02.05 21:46:00 | 000,004,608 | ---- | C] () -- C:\Windows\fgexec.dll

[2005.01.25 16:15:42 | 000,010,240 | R--- | C] () -- C:\Windows\System32\PA207USD.DLL

[2001.12.26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll

[2001.09.03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll

[2001.07.30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll

[2001.07.23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

 
 ========== LOP Check ==========

 

[2011.04.25 10:19:07 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Bioshock

[2007.11.21 10:37:03 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\eSobi

[2009.02.09 23:18:31 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\GlarySoft

[2011.04.25 10:19:07 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\gtk-2.0

[2010.11.17 22:04:40 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Guitar Pro 6

[2011.04.25 10:19:07 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Gutscheinmieze

[2011.02.04 19:18:24 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\ICQ

[2008.08.19 13:19:53 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Leadertech

[2010.05.11 08:39:28 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Lexware

[2011.04.25 10:19:10 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\ProtectDisc

[2011.04.25 10:19:10 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Stellarium

[2007.12.05 19:56:08 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\T-Online

[2008.06.01 16:09:14 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Teleca

[2007.11.20 21:44:32 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Template

[2009.11.22 12:11:10 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Tobit

[2009.02.08 13:15:59 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Tunebite

[2007.12.08 21:02:52 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Ulead Systems

[2008.12.15 16:14:20 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\uTorrent

[2008.12.01 21:38:48 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Windows-Optimierer

[2008.04.09 18:02:52 | 000,000,000 | ---D | M] -- C:\Users\7\AppData\Roaming\Xilisoft Corporation

[2011.04.27 22:12:54 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 
 

< End of report >

--- --- ---

Gruß

Hier das Kaspersky Log:

2011/04/28 22:15:33.0440 6068 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/28 22:15:34.0080 6068 ================================================================================
2011/04/28 22:15:34.0080 6068 SystemInfo:
2011/04/28 22:15:34.0080 6068
2011/04/28 22:15:34.0080 6068 OS Version: 6.0.6002 ServicePack: 2.0
2011/04/28 22:15:34.0080 6068 Product type: Workstation
2011/04/28 22:15:34.0080 6068 ComputerName: KIMI
2011/04/28 22:15:34.0080 6068 UserName: 7
2011/04/28 22:15:34.0080 6068 Windows directory: C:\Windows
2011/04/28 22:15:34.0080 6068 System windows directory: C:\Windows
2011/04/28 22:15:34.0080 6068 Processor architecture: Intel x86
2011/04/28 22:15:34.0080 6068 Number of processors: 2
2011/04/28 22:15:34.0080 6068 Page size: 0x1000
2011/04/28 22:15:34.0080 6068 Boot type: Normal boot
2011/04/28 22:15:34.0080 6068 ================================================================================
2011/04/28 22:15:35.0156 6068 Initialize success
2011/04/28 22:16:26.0106 4532 ================================================================================
2011/04/28 22:16:26.0106 4532 Scan started
2011/04/28 22:16:26.0106 4532 Mode: Manual;
2011/04/28 22:16:26.0106 4532 ================================================================================
2011/04/28 22:16:26.0761 4532 ACEDRV07 (4e5451dd0aec8504d7f8030dd2d4c416) C:\Windows\system32\drivers\ACEDRV07.sys
2011/04/28 22:16:26.0808 4532 acedrv11 (27f954120babb8a00f8745d8f5bc9b82) C:\Windows\system32\drivers\acedrv11.sys
2011/04/28 22:16:26.0948 4532 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/04/28 22:16:27.0198 4532 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/04/28 22:16:27.0323 4532 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/04/28 22:16:27.0354 4532 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/04/28 22:16:27.0432 4532 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/04/28 22:16:27.0619 4532 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/04/28 22:16:27.0681 4532 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/04/28 22:16:27.0822 4532 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/04/28 22:16:27.0884 4532 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/04/28 22:16:28.0009 4532 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/04/28 22:16:28.0181 4532 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/04/28 22:16:28.0337 4532 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/04/28 22:16:28.0477 4532 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/04/28 22:16:28.0664 4532 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/04/28 22:16:28.0727 4532 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/04/28 22:16:28.0898 4532 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/28 22:16:28.0961 4532 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/04/28 22:16:29.0070 4532 atksgt (3c4b9850a2631c2263507400d029057b) C:\Windows\system32\DRIVERS\atksgt.sys
2011/04/28 22:16:29.0179 4532 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/04/28 22:16:29.0288 4532 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/04/28 22:16:29.0335 4532 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/04/28 22:16:29.0460 4532 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/04/28 22:16:29.0553 4532 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/28 22:16:29.0663 4532 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/28 22:16:29.0694 4532 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/04/28 22:16:29.0741 4532 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/04/28 22:16:29.0865 4532 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/04/28 22:16:29.0897 4532 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/28 22:16:29.0928 4532 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/04/28 22:16:30.0037 4532 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/04/28 22:16:30.0099 4532 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/28 22:16:30.0209 4532 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/28 22:16:30.0271 4532 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/04/28 22:16:30.0318 4532 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/04/28 22:16:30.0458 4532 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/04/28 22:16:30.0489 4532 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/04/28 22:16:30.0536 4532 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/04/28 22:16:30.0583 4532 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/04/28 22:16:30.0739 4532 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/04/28 22:16:30.0801 4532 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/04/28 22:16:30.0926 4532 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
2011/04/28 22:16:31.0051 4532 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/04/28 22:16:31.0113 4532 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/04/28 22:16:31.0238 4532 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/04/28 22:16:31.0332 4532 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/28 22:16:31.0457 4532 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/04/28 22:16:31.0597 4532 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/04/28 22:16:31.0691 4532 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/04/28 22:16:31.0862 4532 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/04/28 22:16:31.0925 4532 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/04/28 22:16:32.0034 4532 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/28 22:16:32.0096 4532 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/04/28 22:16:32.0221 4532 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/04/28 22:16:32.0252 4532 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/28 22:16:32.0299 4532 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/04/28 22:16:32.0439 4532 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/28 22:16:32.0502 4532 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/28 22:16:32.0611 4532 gmer (35b24c17f8aea65cabc4a4e63e88ac45) C:\Windows\system32\DRIVERS\gmer.sys
2011/04/28 22:16:32.0689 4532 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/04/28 22:16:32.0814 4532 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/28 22:16:32.0861 4532 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/04/28 22:16:32.0970 4532 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/04/28 22:16:33.0032 4532 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/28 22:16:33.0141 4532 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/04/28 22:16:33.0219 4532 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/04/28 22:16:33.0329 4532 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/04/28 22:16:33.0391 4532 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/28 22:16:33.0500 4532 iaStor (580bfec487c55264bfe3d60c3c24eee1) C:\Windows\system32\drivers\iastor.sys
2011/04/28 22:16:33.0547 4532 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/04/28 22:16:33.0703 4532 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/04/28 22:16:33.0843 4532 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Acer\Empowering Technology\eRecovery\int15.sys
2011/04/28 22:16:34.0124 4532 IntcAzAudAddService (75334eceef6f39eec569f2f445254eda) C:\Windows\system32\drivers\RTKVHDA.sys
2011/04/28 22:16:34.0249 4532 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/04/28 22:16:34.0296 4532 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/28 22:16:34.0343 4532 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/28 22:16:34.0483 4532 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/28 22:16:34.0545 4532 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/28 22:16:34.0639 4532 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/04/28 22:16:34.0701 4532 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/04/28 22:16:34.0748 4532 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/28 22:16:34.0842 4532 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/04/28 22:16:34.0904 4532 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/04/28 22:16:34.0951 4532 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/28 22:16:35.0060 4532 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/28 22:16:35.0123 4532 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
2011/04/28 22:16:35.0169 4532 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/28 22:16:35.0325 4532 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/04/28 22:16:35.0372 4532 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/28 22:16:35.0450 4532 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/28 22:16:35.0528 4532 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/28 22:16:35.0575 4532 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/28 22:16:35.0622 4532 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/04/28 22:16:35.0731 4532 LVPr2Mon (f96cfb47903854f228baaf3e2d41a0a3) C:\Windows\system32\Drivers\LVPr2Mon.sys
2011/04/28 22:16:35.0793 4532 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\Windows\system32\DRIVERS\lvrs.sys
2011/04/28 22:16:35.0918 4532 LVUSBSta (5f987fc1aad215ec2c60cf07719b1cce) C:\Windows\system32\drivers\LVUSBSta.sys
2011/04/28 22:16:36.0121 4532 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\Windows\system32\DRIVERS\lvuvc.sys
2011/04/28 22:16:36.0386 4532 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/04/28 22:16:36.0449 4532 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/04/28 22:16:36.0573 4532 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys
2011/04/28 22:16:36.0620 4532 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/28 22:16:36.0651 4532 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/28 22:16:36.0745 4532 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/28 22:16:36.0792 4532 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/04/28 22:16:36.0854 4532 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/04/28 22:16:36.0948 4532 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/28 22:16:37.0010 4532 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/28 22:16:37.0088 4532 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/04/28 22:16:37.0197 4532 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/28 22:16:37.0260 4532 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/28 22:16:37.0307 4532 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/28 22:16:37.0416 4532 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/04/28 22:16:37.0431 4532 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/04/28 22:16:37.0525 4532 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/04/28 22:16:37.0634 4532 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/04/28 22:16:37.0697 4532 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/28 22:16:37.0790 4532 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/28 22:16:37.0837 4532 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/04/28 22:16:37.0884 4532 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/04/28 22:16:38.0009 4532 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/28 22:16:38.0055 4532 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/04/28 22:16:38.0165 4532 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/04/28 22:16:38.0258 4532 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/28 22:16:38.0383 4532 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/04/28 22:16:38.0461 4532 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/28 22:16:38.0539 4532 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/28 22:16:38.0601 4532 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/28 22:16:38.0648 4532 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/04/28 22:16:38.0773 4532 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/28 22:16:38.0851 4532 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/28 22:16:38.0976 4532 netr73 (91d44aa2a61006136da32118a179bf12) C:\Windows\system32\DRIVERS\netr73.sys
2011/04/28 22:16:39.0054 4532 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/04/28 22:16:39.0179 4532 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/04/28 22:16:39.0241 4532 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/28 22:16:39.0350 4532 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/04/28 22:16:39.0459 4532 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/04/28 22:16:39.0506 4532 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/04/28 22:16:39.0615 4532 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/04/28 22:16:39.0927 4532 nvlddmkm (01544d3e8b6c8c490f57317ad5e4e9ff) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/28 22:16:40.0271 4532 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/04/28 22:16:40.0317 4532 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/04/28 22:16:40.0427 4532 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/04/28 22:16:40.0536 4532 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/04/28 22:16:40.0676 4532 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/04/28 22:16:40.0723 4532 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/04/28 22:16:40.0754 4532 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/28 22:16:40.0863 4532 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/04/28 22:16:40.0926 4532 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/04/28 22:16:41.0051 4532 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/04/28 22:16:41.0129 4532 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/04/28 22:16:41.0347 4532 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/28 22:16:41.0409 4532 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/04/28 22:16:41.0565 4532 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/28 22:16:41.0612 4532 PSDFilter (e801d5cc24e1cf18fa87d24d7074b876) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/04/28 22:16:41.0643 4532 PSDNServ (24b5e3429f7f0e779fc2e6e36a0a5f73) C:\Windows\system32\drivers\PSDNServ.sys
2011/04/28 22:16:41.0753 4532 psdvdisk (01cbfd08c0e8a6106bb26fcda297154e) C:\Windows\system32\drivers\psdvdisk.sys
2011/04/28 22:16:41.0799 4532 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
2011/04/28 22:16:41.0862 4532 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/04/28 22:16:41.0987 4532 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/04/28 22:16:42.0049 4532 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/28 22:16:42.0080 4532 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/28 22:16:42.0205 4532 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/28 22:16:42.0267 4532 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/28 22:16:42.0330 4532 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/28 22:16:42.0423 4532 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/28 22:16:42.0470 4532 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/28 22:16:42.0595 4532 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/04/28 22:16:42.0642 4532 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/28 22:16:42.0782 4532 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/04/28 22:16:42.0876 4532 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
2011/04/28 22:16:42.0985 4532 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/28 22:16:43.0032 4532 RT73 (6ea04a4370609e5e1eaeee898a2ab6ac) C:\Windows\system32\DRIVERS\rt73.sys
2011/04/28 22:16:43.0094 4532 RTL8169 (13e97cf38286b8a1d7605d3175db28ee) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/04/28 22:16:43.0203 4532 s116bus (815445f4676cc96bc9aeec303c727e19) C:\Windows\system32\DRIVERS\s116bus.sys
2011/04/28 22:16:43.0235 4532 s116mdfl (333d1e0743e6de1779c3c418ac601c3a) C:\Windows\system32\DRIVERS\s116mdfl.sys
2011/04/28 22:16:43.0281 4532 s116mdm (50d6e5b021e9ec7553ab8a3553cc1b6b) C:\Windows\system32\DRIVERS\s116mdm.sys
2011/04/28 22:16:43.0391 4532 s116mgmt (1589aa53e43f8d193a7d4d580d3ffa95) C:\Windows\system32\DRIVERS\s116mgmt.sys
2011/04/28 22:16:43.0437 4532 s116nd5 (306f85733671fe507470f0273025e768) C:\Windows\system32\DRIVERS\s116nd5.sys
2011/04/28 22:16:43.0484 4532 s116obex (ec32601f04a5a5de89315d0f55e73d66) C:\Windows\system32\DRIVERS\s116obex.sys
2011/04/28 22:16:43.0515 4532 s116unic (32e3ecb4b2b5887426eaf241a8149cde) C:\Windows\system32\DRIVERS\s116unic.sys
2011/04/28 22:16:43.0640 4532 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/04/28 22:16:43.0703 4532 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/28 22:16:43.0827 4532 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
2011/04/28 22:16:43.0874 4532 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/28 22:16:43.0937 4532 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/04/28 22:16:44.0030 4532 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/04/28 22:16:44.0108 4532 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/04/28 22:16:44.0139 4532 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/28 22:16:44.0233 4532 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/28 22:16:44.0249 4532 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/04/28 22:16:44.0295 4532 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/04/28 22:16:44.0342 4532 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/04/28 22:16:44.0373 4532 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/04/28 22:16:44.0529 4532 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/04/28 22:16:44.0607 4532 smserial (859e3adc59d1c89a66aa6492c14d379e) C:\Windows\system32\DRIVERS\smserial.sys
2011/04/28 22:16:44.0748 4532 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/04/28 22:16:44.0810 4532 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/04/28 22:16:44.0919 4532 srv2 (a5940ca32ed206f90be9fabdf6e92de4) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/28 22:16:44.0951 4532 srvnet (37aa1d560d5fa486c4b11c2f276ada61) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/28 22:16:44.0997 4532 ssmdrv (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/04/28 22:16:45.0060 4532 ssm_bus (df5c19f053eff7f8ba25d73aea899656) C:\Windows\system32\DRIVERS\ssm_bus.sys
2011/04/28 22:16:45.0153 4532 ssm_mdfl (5347169fa449eabc4d0728ae39fab926) C:\Windows\system32\DRIVERS\ssm_mdfl.sys
2011/04/28 22:16:45.0216 4532 ssm_mdm (7aae23dd105eed15c4f45fc269fa42a9) C:\Windows\system32\DRIVERS\ssm_mdm.sys
2011/04/28 22:16:45.0341 4532 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/28 22:16:45.0403 4532 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/04/28 22:16:45.0481 4532 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/04/28 22:16:45.0512 4532 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/04/28 22:16:45.0575 4532 tbhsd (0a396237c3c4164de12d7c26450bd69c) C:\Windows\system32\drivers\tbhsd.sys
2011/04/28 22:16:45.0684 4532 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/04/28 22:16:45.0762 4532 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/28 22:16:45.0840 4532 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/28 22:16:45.0887 4532 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/04/28 22:16:45.0980 4532 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/04/28 22:16:46.0089 4532 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/28 22:16:46.0152 4532 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/28 22:16:46.0261 4532 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/28 22:16:46.0355 4532 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/28 22:16:46.0417 4532 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/28 22:16:46.0464 4532 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/04/28 22:16:46.0542 4532 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/28 22:16:46.0620 4532 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/28 22:16:46.0682 4532 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/04/28 22:16:46.0745 4532 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/04/28 22:16:46.0791 4532 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/04/28 22:16:46.0854 4532 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/28 22:16:46.0947 4532 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2011/04/28 22:16:47.0057 4532 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/28 22:16:47.0119 4532 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/04/28 22:16:47.0213 4532 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/28 22:16:47.0259 4532 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/28 22:16:47.0306 4532 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/04/28 22:16:47.0369 4532 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/28 22:16:47.0462 4532 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/04/28 22:16:47.0556 4532 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/28 22:16:47.0649 4532 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/28 22:16:47.0727 4532 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/28 22:16:47.0790 4532 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/04/28 22:16:47.0868 4532 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/04/28 22:16:47.0930 4532 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/04/28 22:16:47.0961 4532 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/04/28 22:16:48.0024 4532 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/04/28 22:16:48.0133 4532 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/04/28 22:16:48.0211 4532 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/04/28 22:16:48.0273 4532 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/04/28 22:16:48.0383 4532 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/04/28 22:16:48.0445 4532 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/28 22:16:48.0476 4532 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/28 22:16:48.0585 4532 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\Windows\system32\DRIVERS\wanatw4.sys
2011/04/28 22:16:48.0648 4532 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/04/28 22:16:48.0726 4532 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/28 22:16:48.0944 4532 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/04/28 22:16:49.0038 4532 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/04/28 22:16:49.0100 4532 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/28 22:16:49.0241 4532 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/28 22:16:49.0287 4532 xusb21 (ee9144207ee0211eb5656ba6808ac4a0) C:\Windows\system32\DRIVERS\xusb21.sys
2011/04/28 22:16:49.0381 4532 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (8098180b3f6c430a4e60333bc036f936) C:\Program Files\Acer Arcade Live\Acer PlayMovie\000.fcl
2011/04/28 22:16:49.0568 4532 ================================================================================
2011/04/28 22:16:49.0568 4532 Scan finished
2011/04/28 22:16:49.0568 4532 ================================================================================

Gruß