Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: TR/kazy.mekml.1...was nun?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 24.04.2011, 22:34   #1
ebnerjulian
 
TR/kazy.mekml.1...was nun? - Standard

TR/kazy.mekml.1...was nun?



Hallo

Seit heute bin ich auch Opfer des TR/kazy.mekml.1-Viruses.
Folgende Meldungen werden mir angzeigt:
-Kritischer Fehler
-Fehler der Festplatte RAM-Speicher. Nutzung ist kritisch hoch
-WTR Loader funktioniert nicht mehr. Das Programm wird aufgrund eines Problems nicht richtig ausgeführt

Mein Bildschirm ist schwarz und meine Datein sind weg.

Ich weiß dass ich irgendwas mit OTL machen muss. Und auch irgendwas mit Malewarebytes.

Ich lade gerade die beiden Programme herunter und werde später das Ergebnis hochladen.

Ich hoffe dass mir irgendjmd. helfen kann und auch wird!

Danke schon mal im Voraus.

Liebe Grüße

OTL.Txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 24.04.2011 18:13:23 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Jul\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,76 Gb Total Space | 222,00 Gb Free Space | 49,80% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 8,43 Gb Free Space | 42,19% Space Free | Partition Type: FAT32
Drive H: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: JUL-PC | User Name: Jul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jul\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Safari\Safari.exe (Apple Inc.)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Spyware Doctor\pctsTray.exe (PC Tools)
PRC - C:\Programme\Spyware Doctor\pctsSvc.exe (PC Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe ()
PRC - C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe ()
PRC - C:\Programme\HomeCinema\TV Enhance\TVEService.exe (CyberLink Corp.)
PRC - C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\HomeCinema\PlayMovie\PMVService.exe (CyberLink Corp.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH)
PRC - C:\Programme\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia)
PRC - C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\CCU\CCU_Engine.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
PRC - C:\Programme\AOL 9.0 VR\shellmon.exe (AOL, LLC.)
PRC - C:\Programme\AOL 9.0 VR\waol.exe (AOL, LLC.)
PRC - C:\Programme\Medion\MEDIONbox\Program\GCS.exe (Empolis GmbH)
PRC - c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH)
PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
PRC - C:\Programme\NewSoft\Smart Start UP\PnPDetect.exe (NewSoft Technology Corporation)
PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\aol\acs\AOLacsd.exe (AOL LLC)
PRC - C:\Programme\Common Files\aol\1283960543\ee\aolsoftware.exe (America Online, Inc.)
PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Jul\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Akamai) -- c:\Programme\Common Files\Akamai\netsession_win_a35e6b9.dll ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (sdCoreService) -- C:\Programme\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (TVECapSvc) TVEnhance Background Capture Service (TBCS) -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe ()
SRV - (TVESched) TVEnhance Task Scheduler (TTS)) -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (srvcPVR) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH)
SRV - (AlertService) Intel(R) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation)
SRV - (QualityManager) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe (Intel(R) Corporation)
SRV - (Remote UI Service) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation)
SRV - (MCLServiceATL) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation)
SRV - (DHTRACE) Intel(R) -- C:\Programme\Common Files\Intel\IntelDH\bin\DHTraceController.exe (Intel(R) Corporation)
SRV - (ISSM) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel(R) Corporation)
SRV - (NMSCore) Intel(R) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel(R) Corporation)
SRV - (M1 Server) Intel(R) Viiv(TM) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
SRV - (GnabService) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH)
SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (cmuda3) -- C:\Windows\System32\drivers\cmudax3.sys (C-Media Inc)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (IKSysFlt) -- C:\Windows\System32\drivers\iksysflt.sys (PCTools Research Pty Ltd.)
DRV - (IKSysSec) -- C:\Windows\System32\drivers\iksyssec.sys (PCTools Research Pty Ltd.)
DRV - (IKFileSec) -- C:\Windows\system32\drivers\ikfilesec.sys (PCTools Research Pty Ltd.)
DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\HomeCinema\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) -- C:\Programme\HomeCinema\PowerDVD\000.fcl (Cyberlink Corp.)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (NXP Semiconductors Germany GmbH)
DRV - (nmwcd) -- C:\Windows\System32\drivers\nmwcd.sys (Nokia)
DRV - (nmwcdcm) -- C:\Windows\System32\drivers\nmwcdcm.sys (Nokia)
DRV - (nmwcdcj) -- C:\Windows\System32\drivers\nmwcdcj.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\nmwcdc.sys (Nokia)
DRV - (TSHWMDTCP) -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys ()
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (ATWPKT2) -- C:\Windows\System32\drivers\atwpkt2.sys (America Online)
DRV - (nmsunidr) -- C:\Windows\System32\drivers\nmsunidr.sys (Gteko Ltd.)
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (ssm_mdm) -- C:\Windows\System32\drivers\ssm_mdm.sys (MCCI)
DRV - (ssm_mdfl) -- C:\Windows\System32\drivers\ssm_mdfl.sys (MCCI)
DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\Windows\System32\drivers\ssm_bus.sys (MCCI)
DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\Windows\System32\drivers\k750bus.sys (MCCI)
DRV - (PLCNDIS5) -- C:\Windows\system32\plcndis5.sys (Intellon, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2008.12.03 17:31:42 | 000,000,000 | -H-D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.05.13 17:03:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.20 20:20:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.20 20:20:04 | 000,000,000 | ---D | M]
 
[2008.12.15 19:59:26 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jul\AppData\Roaming\mozilla\Extensions
[2011.04.06 17:56:15 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions
[2011.03.14 21:06:56 | 000,000,000 | -H-D | M] (4shared.com Community Toolbar) -- C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
[2009.09.06 23:16:26 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.06 17:56:15 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.10.20 23:04:37 | 000,000,687 | -H-- | M] () -- C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\riy2si8a.default\searchplugins\icq-search.xml
[2010.05.12 17:40:48 | 000,001,042 | -H-- | M] () -- C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\riy2si8a.default\searchplugins\icqplugin.xml
[2009.10.16 19:58:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.10.16 19:58:04 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008.02.13 23:04:47 | 000,000,000 | ---D | M] (Google Settings) -- C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com
[2010.05.13 17:03:25 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2009.10.16 19:58:04 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2009.05.18 20:53:06 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008.03.15 15:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008.03.15 15:56:14 | 000,002,642 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2008.02.19 16:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2006.12.03 17:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2006.11.17 13:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1             localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\Toolbar\WebBrowser: (4shared.com Toolbar) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [CmPCIaudio]  File not found
O4 - HKLM..\Run: [HostManager] C:\Programme\Common Files\aol\1283960543\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [MbWzdFPAP-EXL600] C:\Windows\System32\FPAP-EXL600\PdtGuide.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\HomeCinema\PlayMovie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Smart Start UP] C:\Program Files\NewSoft\Smart Start UP\PnPDetect.exe (NewSoft Technology Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [TVBroadcast] C:\Programme\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia)
O4 - HKLM..\Run: [TVEService] C:\Program Files\HomeCinema\TV Enhance\TVEService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1003..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [AOL Fast Start] C:\Program Files\AOL 9.0 VR\AOL.EXE (AOL, LLC.)
O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [BullGuard]  File not found
O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [iCEyocHtffAu] C:\ProgramData\iCEyocHtffAu.exe (WinTrust)
O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [ICQ]  File not found
O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10n_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Corinna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Jul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Rosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O7 - HKU\S-1-5-21-1810138987-815365629-1342971551-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Expression\Web 2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O15 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.02.25 18:24:44 | 000,000,051 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{01f840bf-0512-11df-8f2f-00038a000015}\Shell\AutoRun\command - "" = I:\Toshiba\more4you.exe
O33 - MountPoints2\{59e6760c-208d-11df-be5f-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{59e6760c-208d-11df-be5f-00038a000015}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{aa309178-3c79-11dd-a610-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{aa309178-3c79-11dd-a610-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.24 18:08:46 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Jul\Desktop\OTL.exe
[2011.04.24 13:40:33 | 000,561,152 | -H-- | C] (WinTrust) -- C:\ProgramData\iCEyocHtffAu.exe
[2011.04.06 17:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.4
[2011.04.06 17:54:53 | 000,000,000 | -H-D | C] -- C:\Programme\ICQ7.4
[2011.03.31 22:27:10 | 000,000,000 | -H-D | C] -- C:\Users\Jul\Documents\Scan
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.24 18:16:25 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CD1B3597-4C0C-4D08-9F51-0F173C582342}.job
[2011.04.24 18:16:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{47C1E221-C7DE-40D0-96AB-3746F272C08F}.job
[2011.04.24 18:16:00 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{26483060-BB5D-4773-B9D7-3792D767E93B}.job
[2011.04.24 18:15:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5F328BB6-0C6F-4CEA-BEC1-7B12CEE774C3}.job
[2011.04.24 18:15:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{58B3859E-B0CD-454C-ADAA-8C4A9CF77A18}.job
[2011.04.24 18:14:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.24 18:09:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Jul\Desktop\OTL.exe
[2011.04.24 18:04:02 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.24 18:04:02 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.24 14:14:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.24 14:11:37 | 000,000,554 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Jul.job
[2011.04.24 14:10:13 | 000,618,272 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.24 14:10:12 | 000,651,112 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.24 14:10:12 | 000,120,908 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.24 14:10:12 | 000,107,416 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.24 14:03:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.24 14:03:51 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.24 13:40:32 | 000,561,152 | -H-- | M] (WinTrust) -- C:\ProgramData\iCEyocHtffAu.exe
[2011.04.06 17:56:19 | 000,001,613 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.4.lnk
[2011.04.03 21:13:55 | 000,013,312 | -H-- | M] () -- C:\Users\Jul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.31 22:27:09 | 000,143,382 | -H-- | M] () -- C:\Users\Jul\Documents\Scan.zip
 
========== Files Created - No Company Name ==========
 
[2011.04.06 17:56:19 | 000,001,613 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.4.lnk
[2011.03.31 22:27:04 | 000,143,382 | -H-- | C] () -- C:\Users\Jul\Documents\Scan.zip
[2011.02.26 13:50:39 | 000,557,056 | ---- | C] () -- C:\Windows\System32\Cmeaupci.exe
[2011.02.26 13:50:39 | 000,000,126 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2011.02.26 13:49:36 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2011.02.26 13:49:36 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2011.02.26 13:49:36 | 000,000,731 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2011.02.26 13:49:34 | 000,001,509 | ---- | C] () -- C:\Windows\cmudax3.ini
[2010.05.13 16:58:01 | 000,177,037 | ---- | C] () -- C:\Windows\hpoins44.dat.temp
[2010.05.13 16:58:01 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp
[2010.05.13 16:09:48 | 000,176,868 | ---- | C] () -- C:\Windows\hpoins44.dat
[2010.05.13 16:09:48 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2009.09.03 23:34:14 | 000,000,769 | ---- | C] () -- C:\Windows\Thps3.INI
[2009.07.18 12:29:31 | 000,002,892 | -H-- | C] () -- C:\Windows\System32\audcon.sys
[2009.05.18 20:49:17 | 000,106,496 | ---- | C] () -- C:\Windows\System32\jacob.dll
[2009.03.13 18:39:10 | 000,000,331 | ---- | C] () -- C:\Windows\doom3.ini
[2008.05.22 23:43:53 | 000,007,592 | -H-- | C] () -- C:\Users\Jul\AppData\Local\d3d9caps.dat
[2008.02.24 21:06:21 | 000,005,980 | -H-- | C] () -- C:\Users\Jul\AppData\Roaming\wklnhst.dat
[2008.02.01 18:24:33 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.02.01 18:24:33 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.01.24 20:57:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008.01.24 20:16:35 | 000,000,059 | ---- | C] () -- C:\Windows\wininit.ini
[2008.01.14 19:44:57 | 000,013,312 | -H-- | C] () -- C:\Users\Jul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.12 20:09:03 | 000,026,934 | -H-- | C] () -- C:\Users\Jul\AppData\Roaming\UserTile.png
[2008.01.12 19:55:46 | 002,729,472 | ---- | C] () -- C:\Windows\System32\fun_avcodec.dll
[2008.01.02 00:17:17 | 000,000,012 | ---- | C] () -- C:\Windows\msoffice.ini
[2008.01.01 23:16:49 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2007.12.26 19:08:28 | 000,000,091 | -H-- | C] () -- C:\Users\Jul\AppData\Local\fusioncache.dat
[2007.12.25 00:15:08 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2007.12.25 00:15:08 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2007.10.22 13:57:20 | 000,000,381 | ---- | C] () -- C:\Windows\WISO.INI
[2007.10.22 13:49:01 | 000,299,008 | ---- | C] () -- C:\Windows\System32\midas.dll
[2007.10.22 13:49:01 | 000,120,320 | ---- | C] () -- C:\Windows\System32\UnzDll.dll
[2007.10.15 18:38:03 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007.10.15 16:45:53 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007.10.15 16:45:52 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.10.09 23:26:24 | 000,009,824 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2007.10.09 17:05:23 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2007.01.30 07:03:40 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2006.12.12 18:24:42 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2006.12.11 06:06:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006.11.02 17:33:31 | 000,651,112 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,120,908 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,395,160 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,618,272 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,107,416 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 12:25:25 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscld.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.06.23 10:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
 
========== LOP Check ==========
 
[2008.11.16 16:39:03 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\BullGuard
[2010.11.20 19:04:48 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\ICQ
[2008.01.15 14:31:34 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\ICQ Toolbar
[2010.02.16 12:49:35 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\Nvu
[2008.05.16 16:51:37 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\Samsung
[2008.01.06 18:08:46 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\Template
[2010.09.08 19:34:28 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\gtk-2.0
[2010.05.13 17:18:58 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\ICQ
[2008.02.13 22:56:44 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\ICQ Toolbar
[2009.02.19 12:30:55 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\MAGIX
[2010.02.10 23:17:06 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\Nvu
[2008.01.24 20:58:04 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\Samsung
[2009.07.18 12:33:14 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\Steinberg
[2009.07.12 22:41:37 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\Template
[2009.03.05 18:15:25 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\Ulead Systems
[2008.03.16 17:17:33 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\BullGuard
[2011.03.21 16:43:12 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\gtk-2.0
[2011.04.18 10:38:13 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\ICQ
[2008.01.09 22:49:36 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\ICQ Toolbar
[2010.02.10 23:22:17 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\Nvu
[2010.09.11 14:20:15 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\Opera
[2008.01.24 20:58:18 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\Samsung
[2009.07.18 17:52:22 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\Steinberg
[2008.02.24 21:06:23 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\Template
[2009.01.19 22:02:25 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\Ulead Systems
[2011.04.04 00:24:44 | 000,000,000 | -H-D | M] -- C:\Users\Jul\AppData\Roaming\xVideoServiceThief
[2008.02.17 13:35:49 | 000,000,000 | ---D | M] -- C:\Users\Rosi\AppData\Roaming\BullGuard
[2010.09.13 23:25:00 | 000,000,000 | ---D | M] -- C:\Users\Rosi\AppData\Roaming\ICQ
[2009.01.05 20:04:01 | 000,000,000 | ---D | M] -- C:\Users\Rosi\AppData\Roaming\ICQ Toolbar
[2008.12.29 23:27:55 | 000,000,000 | ---D | M] -- C:\Users\Rosi\AppData\Roaming\Template
[2011.04.24 14:01:44 | 000,032,524 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.04.24 18:16:00 | 000,000,414 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{26483060-BB5D-4773-B9D7-3792D767E93B}.job
[2011.04.24 18:16:00 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{47C1E221-C7DE-40D0-96AB-3746F272C08F}.job
[2011.04.24 18:15:00 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{58B3859E-B0CD-454C-ADAA-8C4A9CF77A18}.job
[2011.04.24 18:15:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{5F328BB6-0C6F-4CEA-BEC1-7B12CEE774C3}.job
[2011.04.24 18:16:25 | 000,000,414 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CD1B3597-4C0C-4D08-9F51-0F173C582342}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:DFC5A2B2
 
< End of report >
         
--- --- ---


Extras.Txt:OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 24.04.2011 18:13:23 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Jul\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,76 Gb Total Space | 222,00 Gb Free Space | 49,80% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 8,43 Gb Free Space | 42,19% Space Free | Partition Type: FAT32
Drive H: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: JUL-PC | User Name: Jul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1810138987-815365629-1342971551-1006]
"EnableNotificationsRef" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{061876AE-05F6-43FF-98E9-772D4AFEF612}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{092E27A7-9E96-40F8-A330-2D619E7E9E4E}" = lport=139 | protocol=6 | dir=in | app=system | 
"{09A0479D-6FEC-44EC-AE35-A11F3555DF76}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery | 
"{19138A50-3D2E-40E1-A406-014697211086}" = rport=137 | protocol=17 | dir=out | app=system | 
"{1974588B-8AFA-4FDE-9EDF-E0036AF2BECD}" = rport=138 | protocol=17 | dir=out | app=system | 
"{1D9ADB4D-F57E-42A3-A7FF-BBD61E59CB79}" = lport=137 | protocol=17 | dir=in | app=system | 
"{2BA21373-FC2F-4D6F-94DE-F9A49131E305}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{2C40B50B-B1DC-4845-B172-F4ABA97321BA}" = lport=49543 | protocol=6 | dir=in | name=akamai netsession interface | 
"{3DF07E6F-4C89-4413-9F4F-D987ED5E53B5}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{598AC904-425C-4229-887F-C9D1F21F9CD8}" = rport=139 | protocol=6 | dir=out | app=system | 
"{629C15BE-D5A9-45A9-B80E-561033AEC865}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{6738A3AC-F04B-48F5-94A8-6A8C92E302B3}" = rport=445 | protocol=6 | dir=out | app=system | 
"{769EEBF4-D87F-40D9-AB62-F6416984AC0B}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery | 
"{86B19325-CF39-4782-996A-419CA64E2B4A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{8AE16B31-3337-4455-BB29-5B533BA533D8}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{A58590DE-04CE-48BF-A054-F29D87DA79E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A7397908-F5EF-4AD1-9EC1-595B5FE23249}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{AE8B0ACE-5FC4-46CC-9FC6-47AA064392B1}" = lport=445 | protocol=6 | dir=in | app=system | 
"{C848FBE8-D1C0-4152-9289-7F094AA58346}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{E1C73454-69C3-426D-8C7F-6B023599CF51}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C9B02B-165E-4C42-AAAB-34EDA0D353C2}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1283960543\ee\aolsoftware.exe | 
"{02726EF0-DCF8-4A6B-9551-9BA58ADE13FF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{0359B82E-D1D9-4AB9-BB9A-017D8225D5A0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{04C23F63-1C82-4C9A-83AD-3F12F37539EC}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe | 
"{05AFD4A2-963D-451D-A7FE-8E9C421CCBDE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{06263D40-99C6-4502-BC8F-B98B97072FAD}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 
"{09B5590D-FA2F-4FF0-A0D7-B9C4D218F932}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1199227107\ee\aolsoftware.exe | 
"{0E4F2913-904F-407F-B3BF-E5C43AACAFAE}" = dir=in | app=c:\program files\homecinema\tv enhance\tvenhance.exe | 
"{11A0AE7E-F2EB-42C8-9D13-DC2C76618033}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe | 
"{13AD2E8B-1AD6-47CD-975D-FB6A7EF6B8B1}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe | 
"{195F93DE-BBE8-4756-A2A3-4DF4DB153BA7}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{1C1E9ECE-6E31-4F30-96B0-BE2BCD9E3A2C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 
"{1CFE2270-DC09-46D3-B661-08B949E3352D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{22B96055-B5D2-41F8-8FEC-391F79BE9213}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{2313D8FC-F1F2-43E0-93BD-600F159B5E1D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 
"{2947DE48-795B-48C9-A914-78E31D96136D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{2A16498A-4CFA-4B02-BC13-7BCD4E67AFDA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
"{2CBBB755-6909-44CD-9D83-DD18F58C6273}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 
"{3B9BDEE3-49F7-4B20-B0E1-E1499C4855AF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{4110B60D-0312-4F2B-AD09-4DA6FC65FE3C}" = protocol=17 | dir=in | app=c:\program files\aol\rc\regclient.exe | 
"{453B86B8-298D-4C14-9422-337F42884F41}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4AD3F761-D1D6-4EC8-B75A-AE79C1858339}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe | 
"{4C5B94E9-4DAD-437B-AB4F-948FF2BA67F1}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{4E77E32E-6155-4576-AD8A-508B04220544}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{50B81A09-440B-404F-9BA9-D143C697CFCC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{51355676-F387-4D39-8500-8260093964C1}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{528773B3-F9C5-42B3-B101-E0447E3CD334}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{575BA7B1-F6E7-45C4-B49F-49940156B44E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{59D17B7C-86DE-4A75-92B2-18C4D37D07D0}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{613465AA-AF70-467A-9E10-ABDD058B9C98}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{618F5129-AA2B-48F3-B864-6FFDF951CEA0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{637BD92C-FCC8-4C09-9BAD-64609DED2250}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{63BC5E33-5FE6-4B6D-B96D-52AA148FACFE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 
"{64DCE4E0-BE06-4BB5-8602-7760B09F65F3}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe | 
"{6BEC0D4C-61EF-44C4-9A57-4E569F4BA5E3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{6DE75101-630C-4066-AB31-F676ED26AF4D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{795AC540-ACCD-4341-AB37-CEF6699E82D8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 
"{7BAA2145-29CA-49A4-A4F0-26DB51BFB4F6}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 
"{7CD61BFE-B7B5-4252-840F-F7F31D78E18F}" = dir=in | app=c:\program files\homecinema\tv enhance\tveservice.exe | 
"{7CFAFB60-4CD9-4CFE-8287-35E9C8E9E1FC}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 
"{7D3CF706-04B0-4A39-84FC-3B34E4017780}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe | 
"{7E3C645A-902F-4EA5-9F09-2A70382F352F}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{7F53B737-6CD2-435F-BCB0-8E343FAB5D17}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | 
"{82FF91E8-6377-4E84-BED5-9AFD7081284F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | 
"{842AA906-A72E-429F-81CD-E2DE06FABEC5}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | 
"{85A16C38-C5D5-47AA-A368-12D9EABC9234}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 
"{872DEFB5-77A7-4416-A450-0C39E3FCC07B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 
"{894BE63D-D367-44D0-B781-7BE5DE6AC00A}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{8C3A2F39-6BD0-4F38-8D75-F4A7B37A01D4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9935C6BA-B50F-478F-9FBA-765885DACCDA}" = dir=in | app=c:\program files\homecinema\playmovie\pmvservice.exe | 
"{A020BE76-947B-440A-8880-6ACE8A684839}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{A583552E-DCC4-4E83-881F-9FF11D3FEB38}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{AA783ACC-1F2B-4F37-805B-F5727FA53639}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{B0CF87FA-C5B1-459D-BDC1-2810A3D75733}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | 
"{B0F2B2C0-29E4-4155-8686-3E7517A2543A}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vra\waol.exe | 
"{BFE36425-4FDE-480F-B5E0-1C8019E25F6A}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{C3FDF79B-983F-427F-B5DA-362F944D48C3}" = protocol=6 | dir=in | app=c:\program files\aol\rc\regclient.exe | 
"{C577DA8B-B8E5-436A-B59C-D129558EBB27}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 
"{C65DC158-8FE8-4F8B-86D5-2020A2C31875}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 
"{C7A83825-64A2-44EC-825F-17B9DCBC097C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{CA85A4BC-B064-4111-A334-A800B324C754}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 
"{CCFE1990-C505-4FE1-9DEE-338733D97B9F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{CE10E806-E8A5-44D7-8B53-CD2C6FF3AB6C}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{CFD722CC-BC7C-44E9-98C4-F7089509AEA2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{D23463CD-60A1-4A06-819B-3DD5B6E51A0E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{D383F04C-5757-4FE6-90E7-B48D22CB8919}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe | 
"{D6246DB2-9FB5-42DB-BC14-AF2F22204913}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{D68276C4-DFA9-4E0A-89C9-B521258A15BB}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | 
"{D71EDDB6-6845-4AC5-931B-D64D16E01AEC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{DA6FB018-C7AE-42F4-95C3-A91DE5AB2891}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1199227107\ee\aolsoftware.exe | 
"{DE87C0C7-64B4-44CD-B6F4-B968BC5F69B5}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{E3BA5825-7070-49D5-B3D6-EE570135145B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1283960543\ee\aolsoftware.exe | 
"{E6A1DB04-E31B-49CA-9C73-E505382FC76F}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{EA812654-BDD9-4CF6-86A6-2CC85198121D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 
"{EC31400D-1AB6-4B6D-9195-562000A1CA12}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{ED63D35F-A766-45DA-B55F-0D8055DA390A}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{EEA107A4-79EB-4B51-899B-817312E77C7F}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vra\waol.exe | 
"{EFDFAF21-5768-46D8-AC9F-988CF2E07F19}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{F3986AE9-2C21-4547-A868-16627E9D072D}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | 
"{F7B8EA57-C17F-4737-9A3A-18D8D005868C}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{FAE57EDA-E71F-4905-976F-FF8091FB39CD}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe | 
"{FB768641-55FC-4FAF-9D9C-CBFD9E74F821}" = dir=in | app=c:\program files\homecinema\playmovie\playmovie.exe | 
"{FB9C064B-A3FF-4344-849A-6553B4B24386}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{FE87A4D1-DF76-4A03-A68D-B1715D734D9E}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe | 
"TCP Query User{28625131-7EB6-4227-8203-E3765783D41C}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{3CF874B8-3D81-45AF-825F-7CBFCD5502B7}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"TCP Query User{468751E5-EB1E-42F0-9273-3C74CA527FE5}C:\program files\red storm entertainment\ravenshield\system\ravenshield.exe" = protocol=6 | dir=in | app=c:\program files\red storm entertainment\ravenshield\system\ravenshield.exe | 
"TCP Query User{72CCF147-44F6-4D99-B18D-F2EE68C43CBB}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{9112C661-546E-48AC-9B23-66D6B1215A58}C:\program files\activision\thps3\skate3.exe" = protocol=6 | dir=in | app=c:\program files\activision\thps3\skate3.exe | 
"TCP Query User{C2A19063-7BB4-4AB3-998D-D80148398DE1}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{D5B57090-AE08-4CFF-9DC4-9E4D4F41D672}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{2DBA3856-766F-4AB8-830A-DE6B6F4ECF21}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{423CED1D-2859-436A-8A61-521A90DC6D93}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{42FA59BC-00CF-4C1D-80C3-5582D793B33C}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{8FB3C6B4-0705-4657-B2EE-BD1B2C18A5FD}C:\program files\activision\thps3\skate3.exe" = protocol=17 | dir=in | app=c:\program files\activision\thps3\skate3.exe | 
"UDP Query User{A219BB55-D09D-4229-86AB-6EE7AB4BBB67}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"UDP Query User{D092B61F-A546-4CCA-A3AF-3559FBA02A93}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{FE3179CE-2D47-4277-8C1A-D3731D35E363}C:\program files\red storm entertainment\ravenshield\system\ravenshield.exe" = protocol=17 | dir=in | app=c:\program files\red storm entertainment\ravenshield\system\ravenshield.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B922902F-E9E9-4AD9-B87D-7F62FA9EA1AD}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{129FC9F8-206B-4C29-9B45-8D53B10EC6C7}" = xVideoServiceThief
"{12BE652B-2B80-4A22-A140-4FEDC7F77D54}" = Tune Tools
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{18E65799-76BD-46EF-9E53-972FE5A40736}" = Opera 10.62
"{1967D67C-6F3F-4001-9644-BAC704F7EE84}" = Samsung PC Studio
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2C9241DC-E141-4BB9-99F2-0BC54D81862F}" = Smart Start UP
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{53DF73B1-37F5-4B7F-86ED-FA7CC4041031}" = Nero 8 Essentials
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{68D2A2E2-6B64-4433-8073-0605EB306C1B}" = Gothic 3 Gold
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0045-0000-0000-0000000FF1CE}" = Microsoft Expression Web 2
"{90120000-0045-0000-0000-0000000FF1CE}_XWeb_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0045-0407-0000-0000000FF1CE}" = Microsoft Expression Web 2 MUI (German)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Play Movie
"{A7472CEE-6E85-4D43-9C71-BDFC0D471F70}" = Intel® Viiv™ Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}" = Steinberg Cubase LE 4
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF131494-F5D8-45C5-938C-D5F020CF1B0D}" = Tom Clancy's Rainbow Six 3: Raven Shield
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B3B2E45F-A0FC-47C6-B399-72D9D8482C8A}" = Visual Basic for Applications (R) Core - German
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B922902F-E9E9-4AD9-B87D-7F62FA9EA1AD}" = Corel Graphics - Windows Shell Extension
"{BBBF4CFE-9D26-4D93-A869-B2B021B3CA85}" = Intel(R) PRO Network Connections 12.2.41.0
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C04D5974-F528-4347-A494-EAF56124CC1A}" = Steinberg HALionOne Essential Set
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAF7A270-55D5-455F-B0D1-6C51EADC1C3A}" = Presto! Mr. Photo 4
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCC8E84E-AB61-4EC0-890D-8B553915B3AD}" = TVsweeper
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D8D22773-14BF-4178-A683-3DBA515C2A26}" = WISO Mein Geld 2008 Professional
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DCF22E37-A8B6-4F78-9D61-3BCB5ED38A50}" = CorelDRAW Graphics Suite X5 - DE
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E0091C29-DEE8-4B24-BF65-8C35B5940D77}" = Letstrade
"{E4C891D6-6844-41B8-86E8-633CACCC644F}" = TV Enhance
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"4shared.com Toolbar" = 4shared.com Toolbar
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Akamai" = Akamai NetSession Interface
"ALDI Foto Manager Free Sued D" = ALDI Foto Manager Free Sued
"ALDI Online Druck Service (Sued)" = ALDI Online Druck Service (Sued)
"ALDI Sued Foto Service D" = ALDI Sued Foto Service
"Aldi Süd Fotoservice_is1" = Aldi Süd Fotoservice
"AOL Deinstallation" = AOL Deinstallation
"AOL Installations-Manager" = AOL Installations-Manager
"AOL Toolbar 4.0" = 
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"C-Media PCI Audio Driver" = Trust 5.1 Soundcard 14319
"conduitEngine" = Conduit Engine
"DivX Content Uploader" = DivX Content Uploader
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"easyclean" = devolo EasyClean
"easyshare" = devolo EasyShare
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Free FLV Converter_is1" = Free FLV Converter V 6.4
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"Guitar Pro 5_is1" = Guitar Pro 5.0
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"Intel(R) Configuration Center" = Intel® Viiv™ Software
"MEDION Fotos auf CD Sued D" = MEDION Fotos auf CD Sued
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"Nvu_is1" = Nvu 1.0
"Picasa2" = Picasa 2
"PROSetDX" = Intel(R) PRO Network Connections 12.2.41.0
"RealPlayer 6.0" = RealPlayer
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shop for HP Supplies" = Shop for HP Supplies
"Spyware Doctor" = Spyware Doctor 6.0
"Syncrosoft License Control" = Syncrosoft Lizenz Kontrolle
"Tony Hawk's Pro Skater 3®" = Tony Hawk's Pro Skater 3®
"ViewpointMediaPlayer" = Viewpoint Media Player
"Vodafone WCDMA Composite Device Drive" = Vodafone WCDMA Composite Device Drive Software
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
"X10Hardware" = X10 Hardware(TM)
"Xvid_is1" = Xvid 1.1.2 final uninstall
"XWeb" = Microsoft Expression Web 2
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 23.04.2011 11:13:26 | Computer Name = Jul-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 24.04.2011 07:15:32 | Computer Name = Jul-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 24.04.2011 07:26:30 | Computer Name = Jul-PC | Source = RasClient | ID = 20227
Description = 
 
Error - 24.04.2011 07:46:48 | Computer Name = Jul-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 24.04.2011 07:50:02 | Computer Name = Jul-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iCEyocHtffAu.exe, Version 1.8.0.0, Zeitstempel
 0x21475346, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
 Ausnahmecode 0xc0000005, Fehleroffset 0xe1859e06,  Prozess-ID 0x1660, Anwendungsstartzeit
 01cc02756171acea.
 
Error - 24.04.2011 07:55:49 | Computer Name = Jul-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16771, Zeitstempel
 0x4907deda, fehlerhaftes Modul SHELL32.dll, Version 6.0.6000.16774, Zeitstempel
 0x4912e93f, Ausnahmecode 0xc0000005, Fehleroffset 0x001090f8,  Prozess-ID 0xc10, 
Anwendungsstartzeit 01cc027550a76d5a.
 
Error - 24.04.2011 08:05:57 | Computer Name = Jul-PC | Source = RasClient | ID = 20227
Description = 
 
Error - 24.04.2011 08:09:41 | Computer Name = Jul-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iCEyocHtffAu.exe, Version 1.8.0.0, Zeitstempel
 0x21475346, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
 Ausnahmecode 0xc0000005, Fehleroffset 0xe1859e06,  Prozess-ID 0xf90, Anwendungsstartzeit
 01cc0277c6aa14ba.
 
Error - 24.04.2011 08:09:58 | Computer Name = Jul-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 24.04.2011 08:10:15 | Computer Name = Jul-PC | Source = RasClient | ID = 20227
Description = 
 
[ Media Center Events ]
Error - 16.04.2008 13:28:35 | Computer Name = Jul-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
 gescheitert.
 
Error - 18.04.2008 11:51:24 | Computer Name = Jul-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
 gescheitert.
 
[ System Events ]
Error - 21.04.2011 04:56:19 | Computer Name = Jul-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.6 für die Netzwerkkarte mit der Netzwerkadresse
 0015AF443F26 wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server
 hat eine DHCPNACK-Meldung gesendet).
 
Error - 21.04.2011 04:57:42 | Computer Name = Jul-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 22.04.2011 06:04:31 | Computer Name = Jul-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.5 für die Netzwerkkarte mit der Netzwerkadresse
 001D922215EA wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server
 hat eine DHCPNACK-Meldung gesendet).
 
Error - 22.04.2011 06:05:58 | Computer Name = Jul-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 23.04.2011 06:22:20 | Computer Name = Jul-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 23.04.2011 11:14:39 | Computer Name = Jul-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 24.04.2011 08:02:08 | Computer Name = Jul-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = 
 
Error - 24.04.2011 08:02:08 | Computer Name = Jul-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 24.04.2011 08:05:34 | Computer Name = Jul-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 24.04.2011 08:09:58 | Computer Name = Jul-PC | Source = Service Control Manager | ID = 7022
Description = 
 
 
< End of report >
         
--- --- ---

Alt 26.04.2011, 15:16   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/kazy.mekml.1...was nun? - Standard

TR/kazy.mekml.1...was nun?



Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________

__________________

Alt 27.04.2011, 16:37   #3
ebnerjulian
 
TR/kazy.mekml.1...was nun? - Standard

TR/kazy.mekml.1...was nun?



Danke für deine Hilfe!

Ich hab den Vollscan gemacht und 9 Objekte unter Quarantäne gestellt aber wenn ich die Logdatein aufmachen will kommt die Meldung:"Works konte das ausgewählte Projekt nicht öffnen.Eventuell ist die Datei beschädigt."

Normal sollten die Logdatein im Editor dargestellt werden oder.

Ich kann die Logs also gegenwärtig nicht posten. Kannst du mir tzd. irgendwie helfen?!
__________________

Alt 27.04.2011, 18:36   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/kazy.mekml.1...was nun? - Standard

TR/kazy.mekml.1...was nun?



Logs hier anhängen! Außerdem lassen sich die Logdateien auch über Rechtsklick, öffnen mit => Editor aufmachen!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 27.04.2011, 20:15   #5
ebnerjulian
 
TR/kazy.mekml.1...was nun? - Standard

TR/kazy.mekml.1...was nun?



Okey habs geschafft! =)


Alt 28.04.2011, 09:34   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/kazy.mekml.1...was nun? - Standard

TR/kazy.mekml.1...was nun?



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
IE - HKLM\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
[2011.03.14 21:06:56 | 000,000,000 | -H-D | M] (4shared.com Community Toolbar) -- C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
[2009.09.06 23:16:26 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.06 17:56:15 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.10.20 23:04:37 | 000,000,687 | -H-- | M] () -- C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\riy2si8a.default\searchplugins\icq-search.xml
[2010.05.12 17:40:48 | 000,001,042 | -H-- | M] () -- C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\riy2si8a.default\searchplugins\icqplugin.xml
[2009.10.16 19:58:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.10.16 19:58:04 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
O2 - BHO: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\Toolbar\WebBrowser: (4shared.com Toolbar) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - C:\Programme\4shared.com\tb4sha.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [MbWzdFPAP-EXL600] C:\Windows\System32\FPAP-EXL600
O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [BullGuard]  File not found
O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [iCEyocHtffAu] C:\ProgramData\iCEyocHtffAu.exe (WinTrust)
O4 - HKU\S-1-5-21-1810138987-815365629-1342971551-1006..\Run: [ICQ]  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.02.25 18:24:44 | 000,000,051 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{01f840bf-0512-11df-8f2f-00038a000015}\Shell\AutoRun\command - "" = I:\Toshiba\more4you.exe
O33 - MountPoints2\{59e6760c-208d-11df-be5f-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{59e6760c-208d-11df-be5f-00038a000015}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{aa309178-3c79-11dd-a610-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{aa309178-3c79-11dd-a610-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
[2011.04.24 13:40:33 | 000,561,152 | -H-- | C] (WinTrust) -- C:\ProgramData\iCEyocHtffAu.exe
[2010.05.13 16:58:01 | 000,177,037 | ---- | C] () -- C:\Windows\hpoins44.dat.temp
[2010.05.13 16:58:01 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp
[2009.07.18 12:29:31 | 000,002,892 | -H-- | C] () -- C:\Windows\System32\audcon.sys
[2009.05.18 20:49:17 | 000,106,496 | ---- | C] () -- C:\Windows\System32\jacob.dll
[2008.01.15 14:31:34 | 000,000,000 | ---D | M] -- C:\Users\Corinna\AppData\Roaming\ICQ Toolbar
[2008.02.13 22:56:44 | 000,000,000 | ---D | M] -- C:\Users\Heinz\AppData\Roaming\ICQ Toolbar
[2009.01.05 20:04:01 | 000,000,000 | ---D | M] -- C:\Users\Rosi\AppData\Roaming\ICQ Toolbar
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:DFC5A2B2
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________
--> TR/kazy.mekml.1...was nun?

Alt 28.04.2011, 10:49   #7
ebnerjulian
 
TR/kazy.mekml.1...was nun? - Standard

TR/kazy.mekml.1...was nun?



All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\ not found.
File C:\Programme\4shared.com\tb4sha.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Programme\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1810138987-815365629-1342971551-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\ not found.
File C:\Programme\4shared.com\tb4sha.dll not found.
Registry value HKEY_USERS\S-1-5-21-1810138987-815365629-1342971551-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Programme\ICQ6Toolbar\ICQToolBar.dll not found.
HKU\S-1-5-21-1810138987-815365629-1342971551-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-1810138987-815365629-1342971551-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1810138987-815365629-1342971551-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-1810138987-815365629-1342971551-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" removed from browser.search.defaulturl
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "hxxp://start.icq.com/" removed from browser.startup.homepage
Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from keyword.URL
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Folder C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\ not found.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Jul\AppData\Roaming\mozilla\Firefox\Profiles\riy2si8a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\riy2si8a.default\searchplugins\icq-search.xml moved successfully.
C:\Users\Jul\AppData\Roaming\Mozilla\Firefox\Profiles\riy2si8a.default\searchplugins\icqplugin.xml moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\zh-TW folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\zh-CN folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\tr folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\sv-SE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\sl folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\sk folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\ru folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\ro folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\pt-PT folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\pt-BR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\pl folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\pa-IN folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\nn-NO folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\nl folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\nb-NO folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\mn folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\mk folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\lt folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\ku folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\ko folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\ka folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\ja-JP-mac folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\ja folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\it folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\hu folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\he folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\gu-IN folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\ga-IE folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\fy-NL folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\fr folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\fi folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\eu folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\es-ES folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\es-AR folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\en-GB folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\el folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\de folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\da folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\cs folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\ca folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\bg folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\be folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\ar folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale\af folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\locale folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\defaults\preferences folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com\defaults folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com folder moved successfully.
C:\Programme\Mozilla Firefox\extensions folder moved successfully.
Folder C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\ not found.
File C:\Programme\4shared.com\tb4sha.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Programme\ConduitEngine\ConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\ not found.
File C:\Programme\4shared.com\tb4sha.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Programme\ConduitEngine\ConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Programme\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1810138987-815365629-1342971551-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}\ not found.
File C:\Programme\4shared.com\tb4sha.dll not found.
Registry value HKEY_USERS\S-1-5-21-1810138987-815365629-1342971551-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Programme\ConduitEngine\ConduitEngine.dll not found.
Registry value HKEY_USERS\S-1-5-21-1810138987-815365629-1342971551-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Programme\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MbWzdFPAP-EXL600 deleted successfully.
C:\Windows\System32\FPAP-EXL600\User Manual folder moved successfully.
C:\Windows\System32\FPAP-EXL600\ICONS folder moved successfully.
C:\Windows\System32\FPAP-EXL600 folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-1810138987-815365629-1342971551-1006\Software\Microsoft\Windows\CurrentVersion\Run\\BullGuard deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1810138987-815365629-1342971551-1006\Software\Microsoft\Windows\CurrentVersion\Run\\iCEyocHtffAu not found.
File C:\ProgramData\iCEyocHtffAu.exe not found.
Registry value HKEY_USERS\S-1-5-21-1810138987-815365629-1342971551-1006\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
File move failed. H:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01f840bf-0512-11df-8f2f-00038a000015}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01f840bf-0512-11df-8f2f-00038a000015}\ not found.
File I:\Toshiba\more4you.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59e6760c-208d-11df-be5f-00038a000015}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59e6760c-208d-11df-be5f-00038a000015}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59e6760c-208d-11df-be5f-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59e6760c-208d-11df-be5f-00038a000015}\ not found.
File I:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa309178-3c79-11dd-a610-00038a000015}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa309178-3c79-11dd-a610-00038a000015}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa309178-3c79-11dd-a610-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa309178-3c79-11dd-a610-00038a000015}\ not found.
File E:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\ not found.
File I:\LaunchU3.exe -a not found.
File C:\ProgramData\iCEyocHtffAu.exe not found.
C:\Windows\hpoins44.dat.temp moved successfully.
C:\Windows\hpomdl44.dat.temp moved successfully.
C:\Windows\System32\audcon.sys moved successfully.
C:\Windows\System32\jacob.dll moved successfully.
C:\Users\Corinna\AppData\Roaming\ICQ Toolbar folder moved successfully.
C:\Users\Heinz\AppData\Roaming\ICQ Toolbar folder moved successfully.
C:\Users\Rosi\AppData\Roaming\ICQ Toolbar folder moved successfully.
ADS C:\ProgramData\TEMPFC5A2B2 deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Corinna
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Heinz
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: IUSR_NMPR
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jul
->Temp folder emptied: 232106135 bytes
->Temporary Internet Files folder emptied: 1061306 bytes
->Java cache emptied: 747 bytes
->FireFox cache emptied: 41258911 bytes
->Apple Safari cache emptied: 34631680 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 602 bytes

User: Public

User: Rosi
->Temp folder emptied: 244628 bytes
->Temporary Internet Files folder emptied: 16786 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 36 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2888840 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 298,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04282011_114254

Files\Folders moved on Reboot...
File move failed. H:\autorun.inf scheduled to be moved on reboot.
C:\Windows\temp\JET699A.tmp moved successfully.
File\Folder C:\Windows\temp\JETF640.tmp not found!

Registry entries deleted on Reboot...

Alt 28.04.2011, 13:33   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/kazy.mekml.1...was nun? - Standard

TR/kazy.mekml.1...was nun?



Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.04.2011, 17:31   #9
ebnerjulian
 
TR/kazy.mekml.1...was nun? - Standard

TR/kazy.mekml.1...was nun?



2011/04/28 18:23:01.0706 4824 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/28 18:23:02.0173 4824 ================================================================================
2011/04/28 18:23:02.0173 4824 SystemInfo:
2011/04/28 18:23:02.0173 4824
2011/04/28 18:23:02.0173 4824 OS Version: 6.0.6000 ServicePack: 0.0
2011/04/28 18:23:02.0173 4824 Product type: Workstation
2011/04/28 18:23:02.0173 4824 ComputerName: JUL-PC
2011/04/28 18:23:02.0174 4824 UserName: Jul
2011/04/28 18:23:02.0174 4824 Windows directory: C:\Windows
2011/04/28 18:23:02.0174 4824 System windows directory: C:\Windows
2011/04/28 18:23:02.0174 4824 Processor architecture: Intel x86
2011/04/28 18:23:02.0174 4824 Number of processors: 2
2011/04/28 18:23:02.0174 4824 Page size: 0x1000
2011/04/28 18:23:02.0174 4824 Boot type: Normal boot
2011/04/28 18:23:02.0174 4824 ================================================================================
2011/04/28 18:23:02.0755 4824 Initialize success
2011/04/28 18:23:15.0401 2568 ================================================================================
2011/04/28 18:23:15.0401 2568 Scan started
2011/04/28 18:23:15.0401 2568 Mode: Manual;
2011/04/28 18:23:15.0401 2568 ================================================================================
2011/04/28 18:23:16.0078 2568 3xHybrid (53a3664bca7bbc1c09744455bf2ea136) C:\Windows\system32\DRIVERS\3xHybrid.sys
2011/04/28 18:23:16.0219 2568 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
2011/04/28 18:23:16.0306 2568 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/04/28 18:23:16.0382 2568 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/04/28 18:23:16.0445 2568 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/04/28 18:23:16.0520 2568 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/04/28 18:23:16.0588 2568 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/04/28 18:23:16.0644 2568 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/04/28 18:23:16.0698 2568 aliide (496eda16a127ac9a38bb285bef17dbb5) C:\Windows\system32\drivers\aliide.sys
2011/04/28 18:23:16.0727 2568 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/04/28 18:23:16.0752 2568 amdide (6f65f4147c54398d7280b18cebbed215) C:\Windows\system32\drivers\amdide.sys
2011/04/28 18:23:16.0777 2568 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/04/28 18:23:16.0807 2568 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/04/28 18:23:16.0904 2568 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/04/28 18:23:16.0976 2568 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/04/28 18:23:17.0042 2568 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/28 18:23:17.0067 2568 atapi (78620bda3ec87816e5d1fa86f920bc3a) C:\Windows\system32\drivers\atapi.sys
2011/04/28 18:23:17.0156 2568 ATWPKT2 (7f11604f4b4e5ab7b70c5adc04df5826) C:\Windows\system32\drivers\ATWPKT2.SYS
2011/04/28 18:23:17.0257 2568 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/04/28 18:23:17.0313 2568 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/04/28 18:23:17.0357 2568 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/04/28 18:23:17.0452 2568 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/28 18:23:17.0490 2568 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/28 18:23:17.0556 2568 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/04/28 18:23:17.0590 2568 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/04/28 18:23:17.0645 2568 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/04/28 18:23:17.0709 2568 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/28 18:23:17.0751 2568 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/04/28 18:23:17.0800 2568 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/04/28 18:23:17.0841 2568 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/28 18:23:17.0875 2568 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/28 18:23:17.0910 2568 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/04/28 18:23:17.0975 2568 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2011/04/28 18:23:18.0053 2568 cmdide (59172a0724f2ab769f31d61b0571d75b) C:\Windows\system32\drivers\cmdide.sys
2011/04/28 18:23:18.0174 2568 cmuda3 (4d78e35420723c0d71f2e3273d35cb45) C:\Windows\system32\drivers\cmudax3.sys
2011/04/28 18:23:18.0288 2568 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/04/28 18:23:18.0334 2568 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/04/28 18:23:18.0375 2568 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/04/28 18:23:18.0416 2568 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/04/28 18:23:18.0485 2568 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/04/28 18:23:18.0591 2568 dot4 (57b2d433a08b95e4f1b53a919937f3e5) C:\Windows\system32\DRIVERS\Dot4.sys
2011/04/28 18:23:18.0639 2568 Dot4Print (d93fa484bb62fbe7e5ef335c5415d3cf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/04/28 18:23:18.0711 2568 Dot4Scan (8455e3fb3738ef33f0c6073a3efa013e) C:\Windows\system32\DRIVERS\Dot4Scan.sys
2011/04/28 18:23:18.0748 2568 dot4usb (599742c4260fb3e8edb3be148b8ce856) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/04/28 18:23:18.0789 2568 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/04/28 18:23:18.0832 2568 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/28 18:23:18.0933 2568 e1express (476d9f2f0789cde89acee2a2fb21ec5a) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/04/28 18:23:18.0999 2568 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/04/28 18:23:19.0042 2568 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2011/04/28 18:23:19.0112 2568 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/04/28 18:23:19.0173 2568 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/04/28 18:23:19.0215 2568 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/28 18:23:19.0275 2568 FETNDIS (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys
2011/04/28 18:23:19.0313 2568 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/04/28 18:23:19.0346 2568 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/04/28 18:23:19.0400 2568 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/28 18:23:19.0429 2568 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/04/28 18:23:19.0557 2568 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/28 18:23:19.0599 2568 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/28 18:23:19.0637 2568 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/28 18:23:19.0718 2568 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/04/28 18:23:19.0781 2568 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/28 18:23:19.0839 2568 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/04/28 18:23:19.0877 2568 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/04/28 18:23:19.0916 2568 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/28 18:23:19.0975 2568 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/04/28 18:23:20.0056 2568 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
2011/04/28 18:23:20.0108 2568 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/04/28 18:23:20.0181 2568 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/28 18:23:20.0258 2568 iaStor (28aae599496b4930b3f19026f2083bc4) C:\Windows\system32\DRIVERS\iaStor.sys
2011/04/28 18:23:20.0281 2568 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/04/28 18:23:20.0328 2568 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/04/28 18:23:20.0387 2568 IKFileSec (ff9f262494fc23d77a6148d49d87d2de) C:\Windows\system32\drivers\ikfilesec.sys
2011/04/28 18:23:20.0453 2568 IKSysFlt (7e359671fd9595ecb1b0a33fb4184b19) C:\Windows\system32\drivers\iksysflt.sys
2011/04/28 18:23:20.0544 2568 IKSysSec (a44cb3cf3af266665261a6e6c9cac27c) C:\Windows\system32\drivers\iksyssec.sys
2011/04/28 18:23:20.0679 2568 IntcAzAudAddService (9f5898ebd3bbe82eadf2efa595f02a72) C:\Windows\system32\drivers\RTKVHDA.sys
2011/04/28 18:23:20.0796 2568 IntelDH (7f440f8ced849fcdfa85bb3521b4f048) C:\Windows\system32\Drivers\IntelDH.sys
2011/04/28 18:23:20.0840 2568 intelide (e5ea1c17da5065032e346591ff64f3af) C:\Windows\system32\drivers\intelide.sys
2011/04/28 18:23:20.0891 2568 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/28 18:23:20.0937 2568 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/28 18:23:20.0994 2568 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/28 18:23:21.0054 2568 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/28 18:23:21.0130 2568 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/04/28 18:23:21.0189 2568 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/04/28 18:23:21.0245 2568 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/28 18:23:21.0276 2568 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/04/28 18:23:21.0315 2568 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/04/28 18:23:21.0373 2568 k750bus (fe8300320281d658a7854d5cfc02a63f) C:\Windows\system32\DRIVERS\k750bus.sys
2011/04/28 18:23:21.0454 2568 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/28 18:23:21.0613 2568 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/28 18:23:21.0690 2568 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/28 18:23:21.0770 2568 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/28 18:23:21.0841 2568 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/28 18:23:21.0865 2568 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/28 18:23:21.0901 2568 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/28 18:23:21.0936 2568 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/04/28 18:23:21.0976 2568 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/04/28 18:23:22.0018 2568 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/04/28 18:23:22.0082 2568 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/28 18:23:22.0133 2568 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/28 18:23:22.0176 2568 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/28 18:23:22.0214 2568 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/04/28 18:23:22.0253 2568 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/04/28 18:23:22.0297 2568 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/28 18:23:22.0344 2568 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/28 18:23:22.0379 2568 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
2011/04/28 18:23:22.0425 2568 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/28 18:23:22.0543 2568 mrxsmb10 (a6130566ac4178473b5dac8f8f74407d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/28 18:23:22.0596 2568 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/28 18:23:22.0646 2568 msahci (86068b8b54a5eb092f51657f00b2222a) C:\Windows\system32\drivers\msahci.sys
2011/04/28 18:23:22.0688 2568 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/04/28 18:23:22.0733 2568 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/04/28 18:23:22.0761 2568 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
2011/04/28 18:23:22.0809 2568 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/28 18:23:22.0868 2568 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/28 18:23:22.0939 2568 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/04/28 18:23:22.0965 2568 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/04/28 18:23:23.0013 2568 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/28 18:23:23.0040 2568 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/04/28 18:23:23.0061 2568 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/04/28 18:23:23.0129 2568 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/28 18:23:23.0172 2568 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2011/04/28 18:23:23.0257 2568 NdisTapi (658b0fdd57ebe34db6fa1e00141c3640) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/28 18:23:23.0286 2568 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/28 18:23:23.0340 2568 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/28 18:23:23.0364 2568 NDProxy (dbcc3f1e63ac0e00ba368c55c514b468) C:\Windows\system32\drivers\NDProxy.sys
2011/04/28 18:23:23.0400 2568 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/28 18:23:23.0463 2568 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/28 18:23:23.0519 2568 netr28u (9ba2f93e4f01ec58e722b36639e0ce5d) C:\Windows\system32\DRIVERS\netr28u.sys
2011/04/28 18:23:23.0573 2568 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/04/28 18:23:23.0623 2568 nmsunidr (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\nmsunidr.sys
2011/04/28 18:23:23.0719 2568 nmwcd (e380bbcad640304737650367ddfa2366) C:\Windows\system32\drivers\nmwcd.sys
2011/04/28 18:23:23.0773 2568 nmwcdc (3c4650af9712ae0cb405064b6278ccad) C:\Windows\system32\drivers\nmwcdc.sys
2011/04/28 18:23:23.0811 2568 nmwcdcj (9c9ff3ec04021234d6f440acbd3b70c1) C:\Windows\system32\drivers\nmwcdcj.sys
2011/04/28 18:23:23.0864 2568 nmwcdcm (9c9ff3ec04021234d6f440acbd3b70c1) C:\Windows\system32\drivers\nmwcdcm.sys
2011/04/28 18:23:23.0889 2568 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/04/28 18:23:23.0925 2568 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/28 18:23:24.0025 2568 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
2011/04/28 18:23:24.0098 2568 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/04/28 18:23:24.0146 2568 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/04/28 18:23:24.0328 2568 nvlddmkm (513098dd7a7f4eea43f9b0bbc1948c80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/28 18:23:24.0587 2568 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/04/28 18:23:24.0627 2568 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/04/28 18:23:24.0662 2568 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/04/28 18:23:24.0749 2568 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/04/28 18:23:24.0788 2568 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys
2011/04/28 18:23:24.0822 2568 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
2011/04/28 18:23:24.0850 2568 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/28 18:23:24.0873 2568 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
2011/04/28 18:23:24.0942 2568 pciide (304048c2565a803d091cca1ac945f593) C:\Windows\system32\drivers\pciide.sys
2011/04/28 18:23:25.0010 2568 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/04/28 18:23:25.0058 2568 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/04/28 18:23:25.0151 2568 PLCNDIS5 (2aba2f545b35f9c6cc2cfc4e1d539a80) C:\Windows\system32\plcndis5.sys
2011/04/28 18:23:25.0247 2568 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/28 18:23:25.0277 2568 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/04/28 18:23:25.0332 2568 PSched (c35020e28a9f3537cd9eb435a932a090) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/28 18:23:25.0387 2568 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
2011/04/28 18:23:25.0510 2568 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/04/28 18:23:25.0565 2568 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/04/28 18:23:25.0612 2568 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/28 18:23:25.0713 2568 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/04/28 18:23:25.0840 2568 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/28 18:23:25.0884 2568 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/28 18:23:25.0931 2568 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/28 18:23:25.0977 2568 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/28 18:23:26.0030 2568 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/28 18:23:26.0092 2568 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/04/28 18:23:26.0138 2568 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/28 18:23:26.0197 2568 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
2011/04/28 18:23:26.0298 2568 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/28 18:23:26.0341 2568 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/04/28 18:23:26.0385 2568 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/28 18:23:26.0444 2568 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/28 18:23:26.0462 2568 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys
2011/04/28 18:23:26.0513 2568 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
2011/04/28 18:23:26.0587 2568 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/04/28 18:23:26.0649 2568 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/28 18:23:26.0692 2568 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/28 18:23:26.0750 2568 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/04/28 18:23:26.0794 2568 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/04/28 18:23:26.0853 2568 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/04/28 18:23:26.0924 2568 Smb (46baf398809a0f3b2d3300a1760e4b91) C:\Windows\system32\DRIVERS\smb.sys
2011/04/28 18:23:26.0975 2568 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/04/28 18:23:27.0022 2568 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
2011/04/28 18:23:27.0097 2568 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/28 18:23:27.0128 2568 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/28 18:23:27.0172 2568 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/04/28 18:23:27.0243 2568 ssm_bus (df5c19f053eff7f8ba25d73aea899656) C:\Windows\system32\DRIVERS\ssm_bus.sys
2011/04/28 18:23:27.0281 2568 ssm_mdfl (5347169fa449eabc4d0728ae39fab926) C:\Windows\system32\DRIVERS\ssm_mdfl.sys
2011/04/28 18:23:27.0319 2568 ssm_mdm (7aae23dd105eed15c4f45fc269fa42a9) C:\Windows\system32\DRIVERS\ssm_mdm.sys
2011/04/28 18:23:27.0351 2568 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/28 18:23:27.0382 2568 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/04/28 18:23:27.0405 2568 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/04/28 18:23:27.0431 2568 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/04/28 18:23:27.0551 2568 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
2011/04/28 18:23:27.0617 2568 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/28 18:23:27.0641 2568 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/28 18:23:27.0667 2568 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/04/28 18:23:27.0700 2568 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/04/28 18:23:27.0731 2568 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/28 18:23:27.0811 2568 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/28 18:23:27.0931 2568 TSHWMDTCP (b56368b25a51cebda77e6b20764f07f2) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
2011/04/28 18:23:27.0985 2568 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/28 18:23:28.0048 2568 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/28 18:23:28.0085 2568 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/28 18:23:28.0149 2568 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\DRIVERS\uagp35.sys
2011/04/28 18:23:28.0215 2568 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/28 18:23:28.0290 2568 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/28 18:23:28.0331 2568 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/04/28 18:23:28.0384 2568 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/04/28 18:23:28.0451 2568 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/04/28 18:23:28.0518 2568 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/28 18:23:28.0619 2568 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/04/28 18:23:28.0670 2568 usbaudio (f6bf998ae33e3fb6c7d27f0560f1173f) C:\Windows\system32\drivers\usbaudio.sys
2011/04/28 18:23:28.0732 2568 usbccgp (03b01e8dbd2da2b49157b7e51912aaf2) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/28 18:23:28.0785 2568 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/04/28 18:23:28.0846 2568 usbehci (2f83363f98484f8edaf49f9b41520d14) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/28 18:23:28.0913 2568 usbhub (14d2a4dcd92c0b3368667aed6893463d) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/28 18:23:28.0969 2568 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/04/28 18:23:29.0009 2568 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/28 18:23:29.0078 2568 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
2011/04/28 18:23:29.0126 2568 USBSTOR (7da1833f2b2500c755ab6c81c5abfc88) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/28 18:23:29.0168 2568 usbuhci (7747b902f6b7d0096f9c2bf55d3247f1) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/28 18:23:29.0233 2568 usb_rndisx (db4721908daa0383ee82ffe430aebae1) C:\Windows\system32\DRIVERS\usb8023x.sys
2011/04/28 18:23:29.0293 2568 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/28 18:23:29.0335 2568 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/04/28 18:23:29.0392 2568 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/04/28 18:23:29.0437 2568 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/04/28 18:23:29.0484 2568 viaide (7aa7ec9a08dc2c39649c413b1a26e298) C:\Windows\system32\drivers\viaide.sys
2011/04/28 18:23:29.0511 2568 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
2011/04/28 18:23:29.0551 2568 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
2011/04/28 18:23:29.0612 2568 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
2011/04/28 18:23:29.0679 2568 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/04/28 18:23:29.0728 2568 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/04/28 18:23:29.0752 2568 Wanarp (c08d40e3f2bbe617782e7f9de5f5ec20) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/28 18:23:29.0768 2568 Wanarpv6 (c08d40e3f2bbe617782e7f9de5f5ec20) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/28 18:23:29.0801 2568 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\Windows\system32\DRIVERS\wanatw4.sys
2011/04/28 18:23:29.0861 2568 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/04/28 18:23:29.0919 2568 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/28 18:23:30.0025 2568 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/04/28 18:23:30.0106 2568 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/04/28 18:23:30.0124 2568 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/28 18:23:30.0203 2568 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/28 18:23:30.0240 2568 X10Hid (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys
2011/04/28 18:23:30.0306 2568 XUIF (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys
2011/04/28 18:23:30.0397 2568 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (5867ce254625645345c833510d24f124) C:\Program Files\HomeCinema\PlayMovie\000.fcl
2011/04/28 18:23:30.0445 2568 {95808DC4-FA4A-4C74-92FE-5B863F82066B} (5867ce254625645345c833510d24f124) C:\Program Files\HomeCinema\PowerDVD\000.fcl
2011/04/28 18:23:30.0469 2568 ================================================================================
2011/04/28 18:23:30.0469 2568 Scan finished
2011/04/28 18:23:30.0469 2568 ================================================================================
2011/04/28 18:24:01.0436 2004 ================================================================================
2011/04/28 18:24:01.0436 2004 Scan started
2011/04/28 18:24:01.0436 2004 Mode: Manual;
2011/04/28 18:24:01.0436 2004 ================================================================================
2011/04/28 18:24:01.0754 2004 3xHybrid (53a3664bca7bbc1c09744455bf2ea136) C:\Windows\system32\DRIVERS\3xHybrid.sys
2011/04/28 18:24:01.0804 2004 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
2011/04/28 18:24:01.0840 2004 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/04/28 18:24:01.0866 2004 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/04/28 18:24:01.0887 2004 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/04/28 18:24:01.0904 2004 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/04/28 18:24:01.0939 2004 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/04/28 18:24:01.0970 2004 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/04/28 18:24:02.0007 2004 aliide (496eda16a127ac9a38bb285bef17dbb5) C:\Windows\system32\drivers\aliide.sys
2011/04/28 18:24:02.0028 2004 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/04/28 18:24:02.0053 2004 amdide (6f65f4147c54398d7280b18cebbed215) C:\Windows\system32\drivers\amdide.sys
2011/04/28 18:24:02.0070 2004 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/04/28 18:24:02.0084 2004 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/04/28 18:24:02.0121 2004 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/04/28 18:24:02.0152 2004 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/04/28 18:24:02.0176 2004 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/28 18:24:02.0193 2004 atapi (78620bda3ec87816e5d1fa86f920bc3a) C:\Windows\system32\drivers\atapi.sys
2011/04/28 18:24:02.0217 2004 ATWPKT2 (7f11604f4b4e5ab7b70c5adc04df5826) C:\Windows\system32\drivers\ATWPKT2.SYS
2011/04/28 18:24:02.0275 2004 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/04/28 18:24:02.0330 2004 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/04/28 18:24:02.0350 2004 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/04/28 18:24:02.0394 2004 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/28 18:24:02.0416 2004 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/28 18:24:02.0440 2004 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/04/28 18:24:02.0456 2004 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/04/28 18:24:02.0472 2004 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/04/28 18:24:02.0510 2004 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/28 18:24:02.0527 2004 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/04/28 18:24:02.0540 2004 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/04/28 18:24:02.0567 2004 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/28 18:24:02.0585 2004 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/28 18:24:02.0611 2004 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/04/28 18:24:02.0668 2004 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2011/04/28 18:24:02.0696 2004 cmdide (59172a0724f2ab769f31d61b0571d75b) C:\Windows\system32\drivers\cmdide.sys
2011/04/28 18:24:02.0776 2004 cmuda3 (4d78e35420723c0d71f2e3273d35cb45) C:\Windows\system32\drivers\cmudax3.sys
2011/04/28 18:24:02.0800 2004 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/04/28 18:24:02.0821 2004 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/04/28 18:24:02.0838 2004 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/04/28 18:24:02.0872 2004 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/04/28 18:24:02.0902 2004 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/04/28 18:24:02.0959 2004 dot4 (57b2d433a08b95e4f1b53a919937f3e5) C:\Windows\system32\DRIVERS\Dot4.sys
2011/04/28 18:24:02.0991 2004 Dot4Print (d93fa484bb62fbe7e5ef335c5415d3cf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/04/28 18:24:03.0013 2004 Dot4Scan (8455e3fb3738ef33f0c6073a3efa013e) C:\Windows\system32\DRIVERS\Dot4Scan.sys
2011/04/28 18:24:03.0041 2004 dot4usb (599742c4260fb3e8edb3be148b8ce856) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/04/28 18:24:03.0070 2004 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/04/28 18:24:03.0130 2004 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/28 18:24:03.0167 2004 e1express (476d9f2f0789cde89acee2a2fb21ec5a) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/04/28 18:24:03.0192 2004 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/04/28 18:24:03.0219 2004 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2011/04/28 18:24:03.0249 2004 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/04/28 18:24:03.0286 2004 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/04/28 18:24:03.0308 2004 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/28 18:24:03.0335 2004 FETNDIS (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys
2011/04/28 18:24:03.0349 2004 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/04/28 18:24:03.0364 2004 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/04/28 18:24:03.0385 2004 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/28 18:24:03.0399 2004 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/04/28 18:24:03.0434 2004 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/28 18:24:03.0456 2004 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/28 18:24:03.0487 2004 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/28 18:24:03.0546 2004 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/04/28 18:24:03.0608 2004 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/28 18:24:03.0632 2004 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/04/28 18:24:03.0654 2004 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/04/28 18:24:03.0676 2004 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/28 18:24:03.0697 2004 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/04/28 18:24:03.0741 2004 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
2011/04/28 18:24:03.0760 2004 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/04/28 18:24:03.0791 2004 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/28 18:24:03.0811 2004 iaStor (28aae599496b4930b3f19026f2083bc4) C:\Windows\system32\DRIVERS\iaStor.sys
2011/04/28 18:24:03.0831 2004 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/04/28 18:24:03.0872 2004 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/04/28 18:24:03.0917 2004 IKFileSec (ff9f262494fc23d77a6148d49d87d2de) C:\Windows\system32\drivers\ikfilesec.sys
2011/04/28 18:24:03.0947 2004 IKSysFlt (7e359671fd9595ecb1b0a33fb4184b19) C:\Windows\system32\drivers\iksysflt.sys
2011/04/28 18:24:03.0979 2004 IKSysSec (a44cb3cf3af266665261a6e6c9cac27c) C:\Windows\system32\drivers\iksyssec.sys
2011/04/28 18:24:04.0054 2004 IntcAzAudAddService (9f5898ebd3bbe82eadf2efa595f02a72) C:\Windows\system32\drivers\RTKVHDA.sys
2011/04/28 18:24:04.0088 2004 IntelDH (7f440f8ced849fcdfa85bb3521b4f048) C:\Windows\system32\Drivers\IntelDH.sys
2011/04/28 18:24:04.0134 2004 intelide (e5ea1c17da5065032e346591ff64f3af) C:\Windows\system32\drivers\intelide.sys
2011/04/28 18:24:04.0152 2004 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/28 18:24:04.0180 2004 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/28 18:24:04.0221 2004 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/28 18:24:04.0248 2004 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/28 18:24:04.0274 2004 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/04/28 18:24:04.0300 2004 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/04/28 18:24:04.0330 2004 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/28 18:24:04.0353 2004 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/04/28 18:24:04.0376 2004 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/04/28 18:24:04.0409 2004 k750bus (fe8300320281d658a7854d5cfc02a63f) C:\Windows\system32\DRIVERS\k750bus.sys
2011/04/28 18:24:04.0464 2004 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/28 18:24:04.0515 2004 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/28 18:24:04.0559 2004 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/28 18:24:04.0597 2004 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/28 18:24:04.0643 2004 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/28 18:24:04.0658 2004 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/28 18:24:04.0686 2004 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/28 18:24:04.0713 2004 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/04/28 18:24:04.0745 2004 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/04/28 18:24:04.0771 2004 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/04/28 18:24:04.0818 2004 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/28 18:24:04.0843 2004 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/28 18:24:04.0859 2004 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/28 18:24:04.0883 2004 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/04/28 18:24:04.0905 2004 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/04/28 18:24:04.0933 2004 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/28 18:24:04.0954 2004 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/28 18:24:04.0990 2004 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
2011/04/28 18:24:05.0035 2004 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/28 18:24:05.0079 2004 mrxsmb10 (a6130566ac4178473b5dac8f8f74407d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/28 18:24:05.0099 2004 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/28 18:24:05.0131 2004 msahci (86068b8b54a5eb092f51657f00b2222a) C:\Windows\system32\drivers\msahci.sys
2011/04/28 18:24:05.0157 2004 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/04/28 18:24:05.0185 2004 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/04/28 18:24:05.0205 2004 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
2011/04/28 18:24:05.0236 2004 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/28 18:24:05.0253 2004 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/28 18:24:05.0275 2004 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/04/28 18:24:05.0296 2004 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/04/28 18:24:05.0324 2004 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/28 18:24:05.0343 2004 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/04/28 18:24:05.0357 2004 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/04/28 18:24:05.0415 2004 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/28 18:24:05.0441 2004 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2011/04/28 18:24:05.0466 2004 NdisTapi (658b0fdd57ebe34db6fa1e00141c3640) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/28 18:24:05.0481 2004 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/28 18:24:05.0509 2004 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/28 18:24:05.0533 2004 NDProxy (dbcc3f1e63ac0e00ba368c55c514b468) C:\Windows\system32\drivers\NDProxy.sys
2011/04/28 18:24:05.0559 2004 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/28 18:24:05.0582 2004 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/28 18:24:05.0630 2004 netr28u (9ba2f93e4f01ec58e722b36639e0ce5d) C:\Windows\system32\DRIVERS\netr28u.sys
2011/04/28 18:24:05.0659 2004 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/04/28 18:24:05.0702 2004 nmsunidr (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\nmsunidr.sys
2011/04/28 18:24:05.0746 2004 nmwcd (e380bbcad640304737650367ddfa2366) C:\Windows\system32\drivers\nmwcd.sys
2011/04/28 18:24:05.0762 2004 nmwcdc (3c4650af9712ae0cb405064b6278ccad) C:\Windows\system32\drivers\nmwcdc.sys
2011/04/28 18:24:05.0797 2004 nmwcdcj (9c9ff3ec04021234d6f440acbd3b70c1) C:\Windows\system32\drivers\nmwcdcj.sys
2011/04/28 18:24:05.0814 2004 nmwcdcm (9c9ff3ec04021234d6f440acbd3b70c1) C:\Windows\system32\drivers\nmwcdcm.sys
2011/04/28 18:24:05.0832 2004 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/04/28 18:24:05.0854 2004 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/28 18:24:05.0911 2004 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
2011/04/28 18:24:05.0934 2004 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/04/28 18:24:05.0952 2004 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/04/28 18:24:06.0106 2004 nvlddmkm (513098dd7a7f4eea43f9b0bbc1948c80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/28 18:24:06.0174 2004 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/04/28 18:24:06.0196 2004 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/04/28 18:24:06.0223 2004 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/04/28 18:24:06.0285 2004 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/04/28 18:24:06.0324 2004 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys
2011/04/28 18:24:06.0340 2004 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
2011/04/28 18:24:06.0370 2004 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/28 18:24:06.0390 2004 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
2011/04/28 18:24:06.0411 2004 pciide (304048c2565a803d091cca1ac945f593) C:\Windows\system32\drivers\pciide.sys
2011/04/28 18:24:06.0438 2004 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/04/28 18:24:06.0477 2004 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/04/28 18:24:06.0526 2004 PLCNDIS5 (2aba2f545b35f9c6cc2cfc4e1d539a80) C:\Windows\system32\plcndis5.sys
2011/04/28 18:24:06.0582 2004 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/28 18:24:06.0612 2004 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/04/28 18:24:06.0660 2004 PSched (c35020e28a9f3537cd9eb435a932a090) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/28 18:24:06.0712 2004 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
2011/04/28 18:24:06.0763 2004 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/04/28 18:24:06.0793 2004 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/04/28 18:24:06.0823 2004 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/28 18:24:06.0874 2004 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/04/28 18:24:06.0903 2004 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/28 18:24:06.0929 2004 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/28 18:24:06.0949 2004 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/28 18:24:06.0968 2004 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/28 18:24:06.0988 2004 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/28 18:24:07.0029 2004 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/04/28 18:24:07.0044 2004 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/28 18:24:07.0084 2004 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
2011/04/28 18:24:07.0143 2004 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/28 18:24:07.0169 2004 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/04/28 18:24:07.0208 2004 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/28 18:24:07.0234 2004 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/28 18:24:07.0252 2004 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys
2011/04/28 18:24:07.0275 2004 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
2011/04/28 18:24:07.0301 2004 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/04/28 18:24:07.0319 2004 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/28 18:24:07.0337 2004 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/28 18:24:07.0351 2004 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/04/28 18:24:07.0381 2004 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/04/28 18:24:07.0406 2004 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/04/28 18:24:07.0432 2004 Smb (46baf398809a0f3b2d3300a1760e4b91) C:\Windows\system32\DRIVERS\smb.sys
2011/04/28 18:24:07.0470 2004 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/04/28 18:24:07.0525 2004 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
2011/04/28 18:24:07.0559 2004 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/28 18:24:07.0599 2004 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/28 18:24:07.0634 2004 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/04/28 18:24:07.0663 2004 ssm_bus (df5c19f053eff7f8ba25d73aea899656) C:\Windows\system32\DRIVERS\ssm_bus.sys
2011/04/28 18:24:07.0702 2004 ssm_mdfl (5347169fa449eabc4d0728ae39fab926) C:\Windows\system32\DRIVERS\ssm_mdfl.sys
2011/04/28 18:24:07.0731 2004 ssm_mdm (7aae23dd105eed15c4f45fc269fa42a9) C:\Windows\system32\DRIVERS\ssm_mdm.sys
2011/04/28 18:24:07.0763 2004 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/28 18:24:07.0794 2004 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/04/28 18:24:07.0817 2004 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/04/28 18:24:07.0835 2004 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/04/28 18:24:07.0896 2004 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
2011/04/28 18:24:07.0938 2004 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/28 18:24:07.0962 2004 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/28 18:24:07.0977 2004 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/04/28 18:24:08.0003 2004 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/04/28 18:24:08.0019 2004 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/28 18:24:08.0048 2004 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/28 18:24:08.0143 2004 TSHWMDTCP (b56368b25a51cebda77e6b20764f07f2) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
2011/04/28 18:24:08.0164 2004 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/28 18:24:08.0209 2004 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/28 18:24:08.0238 2004 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/28 18:24:08.0262 2004 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\DRIVERS\uagp35.sys
2011/04/28 18:24:08.0294 2004 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/28 18:24:08.0335 2004 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/28 18:24:08.0360 2004 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/04/28 18:24:08.0380 2004 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/04/28 18:24:08.0405 2004 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/04/28 18:24:08.0430 2004 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/28 18:24:08.0490 2004 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/04/28 18:24:08.0524 2004 usbaudio (f6bf998ae33e3fb6c7d27f0560f1173f) C:\Windows\system32\drivers\usbaudio.sys
2011/04/28 18:24:08.0553 2004 usbccgp (03b01e8dbd2da2b49157b7e51912aaf2) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/28 18:24:08.0589 2004 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/04/28 18:24:08.0617 2004 usbehci (2f83363f98484f8edaf49f9b41520d14) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/28 18:24:08.0634 2004 usbhub (14d2a4dcd92c0b3368667aed6893463d) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/28 18:24:08.0656 2004 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/04/28 18:24:08.0677 2004 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/28 18:24:08.0724 2004 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
2011/04/28 18:24:08.0751 2004 USBSTOR (7da1833f2b2500c755ab6c81c5abfc88) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/28 18:24:08.0788 2004 usbuhci (7747b902f6b7d0096f9c2bf55d3247f1) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/28 18:24:08.0837 2004 usb_rndisx (db4721908daa0383ee82ffe430aebae1) C:\Windows\system32\DRIVERS\usb8023x.sys
2011/04/28 18:24:08.0872 2004 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/28 18:24:08.0905 2004 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/04/28 18:24:08.0929 2004 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/04/28 18:24:08.0949 2004 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/04/28 18:24:08.0980 2004 viaide (7aa7ec9a08dc2c39649c413b1a26e298) C:\Windows\system32\drivers\viaide.sys
2011/04/28 18:24:08.0996 2004 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
2011/04/28 18:24:09.0017 2004 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
2011/04/28 18:24:09.0053 2004 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
2011/04/28 18:24:09.0091 2004 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/04/28 18:24:09.0132 2004 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/04/28 18:24:09.0156 2004 Wanarp (c08d40e3f2bbe617782e7f9de5f5ec20) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/28 18:24:09.0170 2004 Wanarpv6 (c08d40e3f2bbe617782e7f9de5f5ec20) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/28 18:24:09.0208 2004 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\Windows\system32\DRIVERS\wanatw4.sys
2011/04/28 18:24:09.0240 2004 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/04/28 18:24:09.0297 2004 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/28 18:24:09.0365 2004 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/04/28 18:24:09.0411 2004 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/04/28 18:24:09.0440 2004 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/28 18:24:09.0482 2004 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/28 18:24:09.0509 2004 X10Hid (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys
2011/04/28 18:24:09.0545 2004 XUIF (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys
2011/04/28 18:24:09.0702 2004 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (5867ce254625645345c833510d24f124) C:\Program Files\HomeCinema\PlayMovie\000.fcl
2011/04/28 18:24:09.0849 2004 {95808DC4-FA4A-4C74-92FE-5B863F82066B} (5867ce254625645345c833510d24f124) C:\Program Files\HomeCinema\PowerDVD\000.fcl
2011/04/28 18:24:09.0899 2004 ================================================================================
2011/04/28 18:24:09.0899 2004 Scan finished
2011/04/28 18:24:09.0899 2004 ================================================================================
2011/04/28 18:26:47.0879 5280 Deinitialize success

Alt 28.04.2011, 17:32   #10
ebnerjulian
 
TR/kazy.mekml.1...was nun? - Standard

TR/kazy.mekml.1...was nun?



Dateien sind wieder sichtbar! Danke.

Alt 28.04.2011, 19:03   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/kazy.mekml.1...was nun? - Standard

TR/kazy.mekml.1...was nun?



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu TR/kazy.mekml.1...was nun?
32 bit, alternate, aufgrund, avgntflt.sys, bildschirm, call of duty, conduit, cubase, datei, datein, druck, ergebnis, excel.exe, fast start, festplatte, funktionier, funktioniert, funktioniert nicht, gcs.exe, grand theft auto, herunter, heute, hoffe, iceyochtffau.exe, install.exe, intranet, loader, location, meldungen, microsoft office word, nutzung, nvlddmkm.sys, office 2007, oldtimer, opfer, picasa, platte, plug-in, problems, programm, programme, richtig, saver, sched.exe, schwarz, searchplugins, security scan, security update, shell32.dll, shortcut, skype.exe, start menu, start up, storm, visual studio, vodafone



Ähnliche Themen: TR/kazy.mekml.1...was nun?


  1. TR/Kazy.mekml.1 ; 'TR/FakeSysdef.A.621 ; 'TR/Kazy.22847'..
    Log-Analyse und Auswertung - 15.05.2011 (33)
  2. TR/Kazy.mekml.1 - was tun?
    Plagegeister aller Art und deren Bekämpfung - 12.05.2011 (5)
  3. TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 06.05.2011 (1)
  4. Tr/kazy.mekml.1
    Log-Analyse und Auswertung - 03.05.2011 (13)
  5. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 02.05.2011 (2)
  6. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 01.05.2011 (37)
  7. TR/Kazy.mekml.1 - OTL Fix?
    Log-Analyse und Auswertung - 01.05.2011 (17)
  8. TR/Kazy.mekml.1 ... SOS
    Plagegeister aller Art und deren Bekämpfung - 30.04.2011 (34)
  9. TR/kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 29.04.2011 (10)
  10. TR/kazy.mekml.1
    Mülltonne - 26.04.2011 (0)
  11. TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 26.04.2011 (1)
  12. Osterei: TR/Kazy.mekml.1 und TR/Kazy.20364
    Log-Analyse und Auswertung - 25.04.2011 (1)
  13. tr/kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 23.04.2011 (9)
  14. kazy.mekml.1
    Log-Analyse und Auswertung - 23.04.2011 (3)
  15. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (6)
  16. TR/kazy.mekml.1
    Log-Analyse und Auswertung - 20.04.2011 (16)
  17. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 18.04.2011 (4)

Zum Thema TR/kazy.mekml.1...was nun? - Hallo Seit heute bin ich auch Opfer des TR/kazy.mekml.1-Viruses. Folgende Meldungen werden mir angzeigt: -Kritischer Fehler -Fehler der Festplatte RAM-Speicher. Nutzung ist kritisch hoch -WTR Loader funktioniert nicht mehr. Das - TR/kazy.mekml.1...was nun?...
Archiv
Du betrachtest: TR/kazy.mekml.1...was nun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.