| F4llen4ngel | 30.10.2010 20:51 |
Hier die gewünschenten Logfiles:
Malwarebytes' Anti-Malware: Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4999
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
30.10.2010 21:35:45
mbam-log-2010-10-30 (21-35-45).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 361344
Laufzeit: 1 Stunde(n), 48 Minute(n), 34 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
OTL: (OTL.txt) Code:
OTL logfile created on: 30.10.2010 21:37:35 - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\***\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 33,00% Memory free
8,00 Gb Paging File | 4,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,11 Gb Total Space | 116,56 Gb Free Space | 50,22% Space Free | Partition Type: NTFS
Computer Name: MyPC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\FeedDemon\FeedDemon.exe (NewsGator Technologies, Inc.)
PRC - C:\Windows\SysWOW64\eclientn.exe (ESTOS GmbH)
PRC - C:\Program Files (x86)\Citrix\GoToMeeting\457\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMeeting\457\g2mlauncher.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMeeting\457\g2mcomm.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems)
PRC - C:\Programme\eclipse\eclipse.exe ()
PRC - C:\Program Files (x86)\TechSmith\Snagit 10\TSCHelp.exe (TechSmith Corporation)
PRC - C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe (TechSmith Corporation)
PRC - C:\Program Files (x86)\TechSmith\Snagit 10\snagiteditor.exe (TechSmith Corporation)
PRC - C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr)
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\Dell Latitude ON Flash\config\DVMExportService.exe (DeviceVM, Inc.)
PRC - C:\Program Files (x86)\Dell Latitude ON Flash\config\BTFAgent.exe (DeviceVM, Inc.)
PRC - C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpsec.exe ()
PRC - C:\Program Files (x86)\WatchGuard\Mobile VPN\NcpBudgetGui.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - c:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - C:\xampp\mysql\bin\mysqld.exe (MySQL AB)
PRC - C:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
PRC - C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe (Skype Technologies S.A.)
PRC - C:\Windows\starter4g.exe (4G Systems GmbH & Co. KG)
PRC - C:\Windows\service4g.exe (4G Systems GmbH & Co. KG)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\XSManager\WTGService.exe ()
PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpclcfg.exe (NCP engineering GmbH)
========== Modules (SafeList) ==========
MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - c:\Programme\WIDCOMM\Bluetooth Software\syswow64\BtMmHook.dll (Broadcom Corporation.)
MOD - C:\Windows\SysWOW64\imagehlp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\normaliz.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ac8529709a50c498\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ac8529709a50c498\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (Credential Vault Host Storage) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)
SRV:64bit: - (Credential Vault Host Control Service) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)
SRV:64bit: - (dcpsysmgrsvc) -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.)
SRV:64bit: - (TdmService) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)
SRV:64bit: - (buttonsvc64) -- c:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.)
SRV:64bit: - (SecureStorageService) -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NMSAccess) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (ncprwsnt) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\ncprwsnt.exe (NCP Engineering GmbH)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (DvmMDES) -- C:\Program Files (x86)\Dell Latitude ON Flash\config\DVMExportService.exe (DeviceVM, Inc.)
SRV - (NcpSec) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpsec.exe ()
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (InstallFilterService) -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe ()
SRV - (btwdins) -- c:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (MySQL) -- C:\xampp\mysql\bin\mysqld.exe (MySQL AB)
SRV - (Apache2.2) -- C:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
SRV - (XS Stick Service) -- C:\Windows\service4g.exe (4G Systems GmbH & Co. KG)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) Intel(R) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (WTGService) -- C:\Program Files (x86)\XSManager\WTGService.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (tcsd_win32.exe) -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe ()
SRV - (ncpclcfg) -- C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpclcfg.exe (NCP engineering GmbH)
========== Driver Services (SafeList) ==========
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\DRIVERS\lgx64modem.sys File not found
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\DRIVERS\lgx64diag.sys File not found
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\DRIVERS\lgx64bus.sys File not found
DRV:64bit: - (LGVMODEM) -- C:\Windows\SysNative\DRIVERS\lgvmdm64.sys File not found
DRV:64bit: - (lgbusenum) -- C:\Windows\SysNative\DRIVERS\lgbtbs64.sys File not found
DRV:64bit: - (LgBttPort) -- C:\Windows\SysNative\DRIVERS\lgbtpt64.sys File not found
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (cmnsusbser) -- C:\Windows\SysNative\drivers\cmnsusbser.sys (Mobile Connector)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (ncplelhp) -- C:\Windows\SysNative\drivers\ncplelhp.sys (NCP Engineering GmbH)
DRV:64bit: - (ncpfilt) -- C:\Windows\SysNative\drivers\ncplelhp.sys (NCP Engineering GmbH)
DRV:64bit: - (risdpcie) -- C:\Windows\SysNative\drivers\risdpe64.sys (REDC)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimspe64.sys (REDC)
DRV:64bit: - (rixdpcie) -- C:\Windows\SysNative\drivers\rixdpe64.sys (REDC)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\Accelern.sys (ST Microelectronics)
DRV:64bit: - (stdflt) -- C:\Windows\SysNative\drivers\stdfltn.sys (ST Microelectronics)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (e1kexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (cvusbdrv) -- C:\Windows\SysNative\drivers\cvusbdrv.sys (Broadcom Corporation)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (FlashUSB) -- C:\Windows\SysNative\drivers\FlashUSB_x64.sys (Danish Wireless Design A/S)
DRV:64bit: - (PBADRV) -- C:\Windows\SysNative\drivers\PBADRV.SYS (Dell Inc)
DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
DRV:64bit: - (PID_0928) Logitech QuickCam Express(PID_0928) -- C:\Windows\SysNative\drivers\LV561V64.sys (Logitech Inc.)
DRV - (DVMIO) -- C:\Program Files (x86)\Dell Latitude ON Flash\config\dvmio_x64.sys (DeviceVM, Inc.)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (cmnsusbser) -- C:\Windows\SysWOW64\drivers\cmnsusbser.sys (Mobile Connector)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.1.400
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.98
FF - prefs.js..extensions.enabledItems: affilinet-toolbar@affili.net:1.0.0
FF - prefs.js..extensions.enabledItems: bartap@philikon.de:2.0
FF - prefs.js..extensions.enabledItems: beta@linkdiagnosis.com:2.1.43
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: firecookie@janodvarko.cz:1.0.2
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.0.6
FF - prefs.js..extensions.enabledItems: rankchecker@seobook.com:1.7.5
FF - prefs.js..extensions.enabledItems: statusbar@toodledo.com:1.70
FF - prefs.js..extensions.enabledItems: VMwareVMRC@vmware.com:2.5.0.122581
FF - prefs.js..extensions.enabledItems: webdavlauncher@benryan.com:1.0.4
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {317B5128-0B0B-49b2-B2DB-1E7560E16C74}:2.6.6
FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16
FF - prefs.js..extensions.enabledItems: {ABD782DD-6EA5-4008-A03D-3FF46E886D38}:3.1.8
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.30 18:59:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.27 16:29:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.10.27 16:29:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.10.27 16:29:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2010.08.01 21:50:09 | 000,000,000 | ---D | M]
[2010.10.27 12:08:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.05.10 23:44:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.05.31 18:41:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a}
[2010.10.27 12:00:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\9b0b3vyi.default\extensions
[2010.10.27 12:00:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\9b0b3vyi.default\extensions\firebug@software.joehewitt.com
[2010.10.28 20:41:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions
[2010.10.27 12:09:09 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010.10.27 12:09:09 | 000,000,000 | ---D | M] (SISTRIX Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\{08eaf605-03f5-44b1-a86d-e1ce89872ac3}
[2010.10.27 12:09:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.27 12:09:09 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2010.10.27 12:09:09 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2010.10.27 12:09:09 | 000,000,000 | ---D | M] (Fasterfox Extra) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\{ABD782DD-6EA5-4008-A03D-3FF46E886D38}
[2010.10.27 12:09:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.10.27 12:09:09 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010.10.27 12:09:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010.10.27 12:09:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\affilinet-toolbar@affili.net
[2010.10.27 12:09:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\bartap@philikon.de
[2010.10.27 12:09:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\beta@linkdiagnosis.com
[2010.10.27 12:09:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2010.10.27 12:09:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\firebug@software.joehewitt.com
[2010.10.27 12:09:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\firecookie@janodvarko.cz
[2010.10.27 12:09:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\isreaditlater@ideashower.com
[2010.10.27 12:09:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\rankchecker@seobook.com
[2010.10.27 12:09:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\statusbar@toodledo.com
[2010.10.27 12:09:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\VMwareVMRC@vmware.com
[2010.10.27 12:09:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\qccrr72r.default\extensions\webdavlauncher@benryan.com
[2010.10.28 20:41:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.06 14:33:19 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.08.01 21:51:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2010.10.12 22:24:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.10.12 22:24:52 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.10.12 22:24:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.10.12 22:24:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.10.12 22:24:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.09.14 16:00:27 | 000,001,407 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com.*
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 crl.verisign.net
O1 - Hosts: 127.0.0.1 CRL.VERISIGN.NET.*
O1 - Hosts: 127.0.0.1 ood.opsource.net
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 practivate.adobe
O1 - Hosts: 20 more lines...
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [ETapiNotify] C:\Windows\SysWOW64\eclientn.exe (ESTOS GmbH)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [OfficeScanNT Monitor] File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [USCService] C:\Programme\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [BTFAgent] C:\Program Files (x86)\Dell Latitude ON Flash\config\BTFAgent.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [BTFWelcome] C:\Program Files (x86)\Dell Latitude ON Flash\config\BTFWelcome.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [ETapiSt] C:\Program Files (x86)\ESTOS\ProCall\etapist.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [NcpBudgetGui] C:\Program Files (x86)\WatchGuard\Mobile VPN\NcpBudgetGui.exe ()
O4 - HKLM..\Run: [NcpMonitor] C:\Program Files (x86)\WatchGuard\Mobile VPN\ncpmon.exe (NCP engineering GmbH)
O4 - HKLM..\Run: [NcpPopup] C:\Program Files (x86)\WatchGuard\Mobile VPN\ncppopup.exe ()
O4 - HKLM..\Run: [starter4g] C:\Windows\starter4g.exe (4G Systems GmbH & Co. KG)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe (TechSmith Corporation)
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWow64\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xampp-control - Verknüpfung.lnk = C:\xampp\xampp-control.exe (Apache Friends)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoOnlinePrintsWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: RF - Formular ausfüllen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: RF - Formular speichern - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: RF - Menü anpassen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: RF - Formular ausfüllen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RF - Formular speichern - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: RF - Menü anpassen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.191.74.12 213.191.92.82 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = l4you.local
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Authentication Packages - (wvauth) - C:\Windows\SysNative\wvauth.dll (Wave Systems Corp.)
O30 - LSA: Authentication Packages - (wvauth) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{05fe8b58-68fb-11df-82e5-70f1a15160b9}\Shell - "" = AutoRun
O33 - MountPoints2\{05fe8b58-68fb-11df-82e5-70f1a15160b9}\Shell\AutoRun\command - "" = E:\Set-up.exe -- File not found
O33 - MountPoints2\{697632fb-8284-11df-b85b-70f1a15160b9}\Shell - "" = AutoRun
O33 - MountPoints2\{697632fb-8284-11df-b85b-70f1a15160b9}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe -- File not found
O33 - MountPoints2\{7e08666c-8f1c-11df-8e31-70f1a15160b9}\Shell - "" = AutoRun
O33 - MountPoints2\{7e08666c-8f1c-11df-8e31-70f1a15160b9}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.10.30 21:36:36 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.10.27 17:28:21 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\xantrox
[2010.10.27 16:37:44 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2010.10.27 16:30:14 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.10.27 16:30:13 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.10.27 16:30:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010.10.27 16:28:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.10.27 16:26:54 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.10.27 16:26:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010.10.27 16:26:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.10.27 11:55:20 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\MozBackup-1.4.10-EN
[2010.10.26 20:43:57 | 000,106,224 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2010.10.26 20:43:02 | 000,057,288 | ---- | C] (G DATA Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2010.10.26 13:56:28 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Sell It Smart
[2010.10.25 12:11:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweetDeck
[2010.10.24 20:01:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.10.20 18:45:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DivX
[2010.10.20 18:45:17 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.10.20 18:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.10.20 18:41:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.10.20 18:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.10.17 15:42:02 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\vlc
[2010.10.17 15:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.10.17 00:58:59 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.10.17 00:58:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.10.17 00:58:57 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010.10.17 00:58:55 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010.10.17 00:58:52 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010.10.17 00:58:50 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010.10.17 00:58:50 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010.10.17 00:58:49 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010.10.17 00:58:49 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010.10.17 00:58:42 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.10.17 00:58:42 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.10.17 00:58:41 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010.10.17 00:58:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010.10.17 00:58:40 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010.10.17 00:58:40 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.10.17 00:58:40 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.10.17 00:58:40 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.10.17 00:58:40 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.10.17 00:58:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.10.17 00:58:40 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010.10.17 00:58:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.10.17 00:58:40 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.10.17 00:58:40 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.10.17 00:58:32 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.10.17 00:58:31 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.10.17 00:58:29 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.10.17 00:58:29 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.10.17 00:58:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010.10.04 15:50:35 | 001,718,704 | ---- | C] (YSL Holdings LLC.) -- C:\ProgramData\Uninst.exe
[2010.10.04 15:50:21 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Zero G Registry
[2010.10.04 15:49:57 | 000,000,000 | -H-D | C] -- C:\Users\***\InstallAnywhere
[2010.10.04 15:46:29 | 000,000,000 | ---D | C] -- C:\Users\***\Yugma
[2010.10.03 19:59:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\HeidiSQL
[2010.10.03 19:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\HeidiSQL
[2010.10.03 19:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HeidiSQL
[2010.10.03 01:12:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\SmartFTP
[2010.10.03 01:12:07 | 000,000,000 | ---D | C] -- C:\Programme\SmartFTP Client
[2010.10.03 01:11:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartFTP Client 4.0 (x64) Setup Files
[2010.09.30 21:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Market Samurai
========== Files - Modified Within 30 Days ==========
[2010.10.30 21:36:41 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.10.30 20:58:00 | 000,001,146 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-685921198-85297048-433990593-2648UA.job
[2010.10.30 18:56:52 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-685921198-85297048-433990593-2648Core.job
[2010.10.30 18:56:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.28 11:34:48 | 004,824,120 | ---- | M] () -- C:\Users\***\Documents\Aqua-Gefuehlsanstalt-shop-15.10.2010.docx
[2010.10.28 09:55:28 | 000,003,016 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010.10.27 20:13:13 | 001,550,206 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.27 20:13:13 | 000,673,508 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.10.27 20:13:13 | 000,634,048 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.27 20:13:13 | 000,137,034 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.10.27 20:13:13 | 000,112,658 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.27 16:42:26 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.27 16:42:26 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.27 11:57:59 | 062,084,170 | ---- | M] () -- C:\Users\***\Desktop\Firefox 3.6.11 (de) - 2010-10-27.pcv
[2010.10.27 06:10:29 | 3062,235,136 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.26 22:09:42 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.10.26 22:02:24 | 000,556,120 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010.10.26 21:18:54 | 000,000,032 | ---- | M] () -- C:\tmuninst.ini
[2010.10.26 21:15:48 | 000,048,584 | ---- | M] (G DATA Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2010.10.26 20:43:57 | 000,106,224 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2010.10.26 20:43:02 | 000,057,288 | ---- | M] (G DATA Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2010.10.26 09:37:22 | 000,002,450 | ---- | M] () -- C:\Users\***\Desktop\Google Chrome.lnk
[2010.10.26 09:33:12 | 000,014,990 | ---- | M] () -- C:\Windows\cfgall.ini
[2010.10.25 18:01:45 | 000,012,266 | ---- | M] () -- C:\Users\***\Desktop\Handyvertrag-Wettbewerberanalyse.xlsx
[2010.10.25 12:45:08 | 000,744,448 | ---- | M] () -- C:\Users\***\Desktop\talkthisway links.xls
[2010.10.25 12:11:06 | 000,000,883 | ---- | M] () -- C:\Users\Public\Desktop\TweetDeck.lnk
[2010.10.25 10:34:26 | 000,011,270 | ---- | M] () -- C:\Users\***\Desktop\Untersuchung-Keyword-mpu.xlsx
[2010.10.24 20:44:41 | 000,843,264 | ---- | M] () -- C:\Users\***\Desktop\backlinks_machit.de_2010-10-24.xls
[2010.10.24 20:01:32 | 000,001,005 | ---- | M] () -- C:\Users\***\Desktop\CCleaner.lnk
[2010.10.23 17:21:09 | 000,009,541 | ---- | M] () -- C:\Users\***\Desktop\Gutschein Import Datei.xlsx
[2010.10.22 14:21:41 | 002,997,091 | ---- | M] () -- C:\Users\***\Documents\aqua.pptx
[2010.10.21 14:26:51 | 000,052,077 | ---- | M] () -- C:\Users\***\Desktop\Industriepalast - Keyword Recherche .pdf
[2010.10.21 13:30:10 | 000,229,976 | ---- | M] () -- C:\Users\***\Documents\Industriepalast Keyword Recherche.pdf
[2010.10.21 12:59:40 | 000,016,379 | ---- | M] () -- C:\Users\***\Documents\Industriepalast-Final-Keyword-Recherche.xlsx
[2010.10.21 09:49:21 | 001,948,873 | ---- | M] () -- C:\Users\***\Desktop\Industriepalast - SEO Analyse.pdf
[2010.10.20 18:00:26 | 004,169,980 | ---- | M] () -- C:\Users\***\Desktop\5-IP-Hostel-Friedrichshain.docx
[2010.10.20 16:22:41 | 000,125,476 | ---- | M] () -- C:\Users\***\Documents\Tariftabelle+Zubuchoptionen.pdf
[2010.10.20 14:26:25 | 004,089,470 | ---- | M] () -- C:\Users\***\Documents\5-IP-Hostel-Friedrichshain.docx
[2010.10.20 13:15:29 | 000,091,147 | ---- | M] () -- C:\Users\***\Documents\Linkverteilung.docx
[2010.10.20 13:13:42 | 001,281,036 | ---- | M] () -- C:\Users\***\Documents\Kurzanalyse-Apanado-Domains.docx
[2010.10.20 12:41:11 | 003,512,313 | ---- | M] () -- C:\Users\***\Documents\Kurzanalyse-Sellitsmart-Domains.docx
[2010.10.20 12:07:31 | 000,025,729 | ---- | M] () -- C:\Users\***\Desktop\Kurze Keyword-Domain Analyse.pdf
[2010.10.20 06:58:49 | 000,019,398 | ---- | M] () -- C:\Users\***\Desktop\FLUGTICKET.pdf
[2010.10.19 13:29:10 | 000,018,105 | ---- | M] () -- C:\Users\***\Desktop\neue liste-keywordrecherche sell-it-msart.xlsx
[2010.10.19 12:33:40 | 000,055,162 | ---- | M] () -- C:\Users\***\Desktop\27109_1440745737273_1191935573_31286218_5831193_n.jpg
[2010.10.19 10:22:23 | 000,002,010 | -H-- | M] () -- C:\Users\***\Documents\Default.rdp
[2010.10.17 15:41:56 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.10.17 15:12:41 | 004,971,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.10.05 11:17:15 | 000,978,944 | ---- | M] () -- C:\Users\***\Documents\messer.msam
[2010.10.04 14:21:28 | 000,001,456 | ---- | M] () -- C:\Users\***\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2010.10.03 19:59:31 | 000,000,941 | ---- | M] () -- C:\Users\***\Desktop\HeidiSQL.lnk
[2010.10.03 01:12:11 | 000,002,659 | ---- | M] () -- C:\Users\Public\Desktop\SmartFTP Client.lnk
[2010.10.01 17:53:01 | 000,013,474 | ---- | M] () -- C:\Users\***\Documents\Image Broschüre SEO.docx
[2010.10.01 10:58:10 | 000,629,186 | ---- | M] () -- C:\Users\***\Desktop\export neu.csv
[2010.10.01 10:41:22 | 001,905,327 | ---- | M] () -- C:\Users\***\Desktop\dyn_esono_ads2people.zip
[2010.09.30 21:45:31 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Market Samurai.lnk
========== Files Created - No Company Name ==========
[2010.10.27 11:57:00 | 062,084,170 | ---- | C] () -- C:\Users\***\Desktop\Firefox 3.6.11 (de) - 2010-10-27.pcv
[2010.10.25 18:01:45 | 000,012,266 | ---- | C] () -- C:\Users\***\Desktop\Handyvertrag-Wettbewerberanalyse.xlsx
[2010.10.25 12:45:15 | 000,744,448 | ---- | C] () -- C:\Users\***\Desktop\talkthisway links.xls
[2010.10.25 10:34:26 | 000,011,270 | ---- | C] () -- C:\Users\***\Desktop\Untersuchung-Keyword-mpu.xlsx
[2010.10.24 20:44:56 | 000,843,264 | ---- | C] () -- C:\Users\***\Desktop\backlinks_machit.de_2010-10-24.xls
[2010.10.24 20:01:32 | 000,001,005 | ---- | C] () -- C:\Users\***\Desktop\CCleaner.lnk
[2010.10.22 14:21:39 | 002,997,091 | ---- | C] () -- C:\Users\***\Documents\aqua.pptx
[2010.10.22 09:24:02 | 004,824,120 | ---- | C] () -- C:\Users\***\Documents\Aqua-Gefuehlsanstalt-shop-15.10.2010.docx
[2010.10.21 14:26:51 | 000,052,077 | ---- | C] () -- C:\Users\***\Desktop\Industriepalast - Keyword Recherche .pdf
[2010.10.21 13:30:09 | 000,229,976 | ---- | C] () -- C:\Users\***\Documents\Industriepalast Keyword Recherche.pdf
[2010.10.21 12:59:39 | 000,016,379 | ---- | C] () -- C:\Users\***\Documents\Industriepalast-Final-Keyword-Recherche.xlsx
[2010.10.21 09:49:16 | 001,948,873 | ---- | C] () -- C:\Users\***\Desktop\Industriepalast - SEO Analyse.pdf
[2010.10.20 17:46:34 | 004,169,980 | ---- | C] () -- C:\Users\***\Desktop\5-IP-Hostel-Friedrichshain.docx
[2010.10.20 16:22:41 | 000,125,476 | ---- | C] () -- C:\Users\***\Documents\Tariftabelle+Zubuchoptionen.pdf
[2010.10.20 14:26:25 | 004,089,470 | ---- | C] () -- C:\Users\***\Documents\5-IP-Hostel-Friedrichshain.docx
[2010.10.20 13:15:29 | 000,091,147 | ---- | C] () -- C:\Users\***\Documents\Linkverteilung.docx
[2010.10.20 13:06:44 | 001,281,036 | ---- | C] () -- C:\Users\***\Documents\Kurzanalyse-Apanado-Domains.docx
[2010.10.20 12:41:10 | 003,512,313 | ---- | C] () -- C:\Users\***\Documents\Kurzanalyse-Sellitsmart-Domains.docx
[2010.10.20 12:07:31 | 000,025,729 | ---- | C] () -- C:\Users\***\Desktop\Kurze Keyword-Domain Analyse.pdf
[2010.10.20 06:58:19 | 000,019,398 | ---- | C] () -- C:\Users\***\Desktop\FLUGTICKET.pdf
[2010.10.19 13:01:48 | 000,018,105 | ---- | C] () -- C:\Users\***\Desktop\neue liste-keywordrecherche sell-it-msart.xlsx
[2010.10.19 12:33:40 | 000,055,162 | ---- | C] () -- C:\Users\***\Desktop\27109_1440745737273_1191935573_31286218_5831193_n.jpg
[2010.10.19 10:15:19 | 000,015,836 | ---- | C] () -- C:\Users\***\Desktop\online-mpu.de+SUCH DE G+S Verkehrspsychologen+2009-10-21.csv
[2010.10.17 15:41:56 | 000,001,064 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.10.04 15:50:35 | 000,001,378 | ---- | C] () -- C:\ProgramData\Uninst.log
[2010.10.03 19:59:31 | 000,000,941 | ---- | C] () -- C:\Users\***\Desktop\HeidiSQL.lnk
[2010.10.03 01:12:11 | 000,002,659 | ---- | C] () -- C:\Users\Public\Desktop\SmartFTP Client.lnk
[2010.10.01 19:41:19 | 000,009,541 | ---- | C] () -- C:\Users\***\Desktop\Gutschein Import Datei.xlsx
[2010.10.01 10:58:08 | 000,629,186 | ---- | C] () -- C:\Users\***\Desktop\export neu.csv
[2010.10.01 10:41:14 | 001,905,327 | ---- | C] () -- C:\Users\***\Desktop\dyn_esono_ads2people.zip
[2010.09.30 21:45:31 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Market Samurai.lnk
[2010.09.03 11:24:30 | 000,000,188 | ---- | C] () -- C:\Windows\wininit.ini
[2010.09.03 11:11:55 | 000,001,602 | ---- | C] () -- C:\Windows\lsrslt.ini
[2010.08.02 16:35:37 | 000,003,584 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.10 13:49:10 | 000,000,254 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2010.07.10 13:49:10 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2010.07.10 13:48:55 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.07.10 13:48:55 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.07.10 13:45:10 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2010.07.10 13:45:10 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2010.07.09 15:42:14 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010.06.28 11:28:55 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2010.06.28 11:28:55 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2010.06.03 18:39:30 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.06.03 18:39:28 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.06.03 18:39:28 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.06.03 18:39:27 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2010.06.03 18:39:25 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.05.27 15:04:32 | 000,196,608 | ---- | C] () -- C:\Windows\SysWow64\twxapi32.dll
[2010.05.26 22:04:47 | 000,001,456 | ---- | C] () -- C:\Users\***\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2010.05.19 12:25:35 | 000,000,017 | ---- | C] () -- C:\Users\***\AppData\Local\resmon.resmoncfg
[2010.05.10 16:51:33 | 001,530,008 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.05.10 11:20:28 | 000,014,990 | ---- | C] () -- C:\Windows\cfgall.ini
[2010.05.10 11:16:14 | 000,003,016 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.04.29 09:28:56 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.04.29 09:28:56 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.04.29 06:51:00 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
< End of report >
OTL: (Extras.txt) Code:
OTL Extras logfile created on: 30.10.2010 21:37:35 - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\***\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 33,00% Memory free
8,00 Gb Paging File | 4,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,11 Gb Total Space | 116,56 Gb Free Space | 50,22% Space Free | Partition Type: NTFS
Computer Name: MyPc | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0003C1E0-E0E7-49BB-A0F6-4AE6D2B09202}" = UPEK TouchChip Fingerprint Reader
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0D86482F-24B7-4DFA-A993-ACC2C9AD0031}" = Dell Control Point 64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{11107A2A-AD44-4BC8-ABB5-E88E63BCA785}" = Intel(R) Network Connections 14.8.43.0
"{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java(TM) 6 Update 17 (64-bit)
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{38C75838-BEBC-41BB-9306-2BA3D4DC4E94}" = Wave Infrastructure Installer
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{87EBE6AA-E4AA-4F3B-975C-72575C660BE7}" = Dell ControlPoint System Manager
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A4F53D2C-1FED-4CDF-9D83-4AED82CD0436}" = Gemalto
"{A6DDE7CF-70DF-41BF-A648-A7160DD52215}" = SO64MMWrapper
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
"{C285426C-2E01-482C-8B3A-458AC2155C5F}" = SmartFTP Client German (Germany) MUI
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{DB13A32E-D83A-491F-9529-224AA7A2BD38}" = Dell ControlVault Host Components Installer 64Bit
"{DDD6BE8C-9AFA-48F1-A6AE-3BD596E2EB0B}" = Trusted Drive Manager
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{E7F45C94-1D8C-4652-A290-AD73F1E35760}" = SmartFTP Client
"{EF7F706C-50C4-41D8-8600-4AF6B21F2D96}" = DCP64MMWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"9512AA21B791B05A54E27065C45BBC417AB282DF" = Windows-Treiberpaket - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
"LockHunter_is1" = LockHunter version 1.0 beta 3, 64 bit edition
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"ProInst" = Intel PROSet Wireless
"PROSetDX" = Intel(R) Network Connections 14.8.43.0
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01CCD2D2-4914-613B-0E65-574A3F1E157B}" = Market Samurai
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE 10.3
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{259BD7B2-490E-4773-A159-284912544111}" = Dell Latitude ON Configuration Utility Installer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2AD738DC-FC24-4342-A2DA-BB6DCCF6B048}" = Jing
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45A56B52-1F51-494F-B55A-9E6F6488BB32}" = Advanced Web Ranking 7.3
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}" = Snagit 10
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{71D74FCD-8DB9-4BEB-9C9D-1D19F2E02AE3}" = Microsoft Report Viewer Redistributable 2005
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISER_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92D9E57D-73A5-4329-9888-FBBC16ED8944}_is1" = UN.CO.VER. 2.0
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite MFC-465CN
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C28F2126-8655-49BA-BA5E-0131404EA7C8}" = SugarOutlook
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE 10.3
"{EFA27A6C-DF46-568B-4BB1-1DBD064F67A8}" = TweetDeck
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F116CCCA-2761-41C7-A15E-1171E6B42D8B}" = ESTOS ProCall Enterprise / TapiServer
"{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager
"{F6249ABF-F16D-4AF3-8755-4D62F799C238}" = Google AdWords Editor
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"1898-9109-0583-6295" = JIRA Client Lite 2.3.5825.81
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DebugMode Wink" = DebugMode Wink
"Dell Webcam Central" = Dell Webcam Central
"Dia" = Dia (nur entfernen)
"DivX Setup.divx.com" = DivX-Setup
"EditiX-Free-XML Editor2010 Free-2010" = EditiX-Free-XML Editor2010 Free-2010
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Fast Blog Finder 3_is1" = Fast Blog Finder 3
"FeedDemon_is1" = FeedDemon
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Convert 3GP VOB to AVI WMV MPEG MP4 Converter_is1" = Free Convert 3GP VOB to AVI WMV MPEG MP4 Converter 5.8
"Free Video Converter_is1" = Free Video Converter V 2.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"HeidiSQL_is1" = HeidiSQL 5.1
"HijackThis" = HijackThis 2.0.2
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"iReport-3.7.3.exe" = iReport 3.7.3
"JDownloader" = JDownloader
"JProfiler 5.1.4" = JProfiler 5.1.4
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"LastFM_is1" = Last.fm 1.5.4.24567
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1" = Market Samurai
"Microsoft Report Viewer Redistributable 2005" = Microsoft Report Viewer Redistributable 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox (3.6.11)" = Mozilla Firefox (3.6.11)
"Mozilla Thunderbird (3.1.2)" = Mozilla Thunderbird (3.1.2)
"NCP RWS/GA" = WatchGuard Mobile VPN
"Notepad++" = Notepad++
"SmartFTP Client 4.0 (x64) Setup Files" = SmartFTP Client Setup Files 4.0 (x64) (remove only)
"Testuff Video Player_is1" = Testuff Video Player
"TimePunch_is1" = TimePunch 1.92.2004.0
"Totalcmd" = Total Commander (Remove or Repair)
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite_Wave3" = Windows Live Essentials
"Worklog Assistant_is1" = Worklog Assistant v1.0.1389
"Xenu's Link Sleuth" = Xenu's Link Sleuth
"XSManager" = XSManager
"Yugma90" = Yugma
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AI RoboForm" = AI RoboForm
"CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich.
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.5.0.457
"JFormDesigner" = JFormDesigner 4.0.7
"JInstaller Creator" = JInstaller
"SEM Editor" = SEM Editor
"SwingX Demos" = SwingX Demos
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
TDSS-Killer: Code:
2010/10/30 21:46:15.0601 TDSS rootkit removing tool 2.4.5.1 Oct 26 2010 11:28:49
2010/10/30 21:46:15.0601 ================================================================================
2010/10/30 21:46:15.0601 SystemInfo:
2010/10/30 21:46:15.0601
2010/10/30 21:46:15.0601 OS Version: 6.1.7600 ServicePack: 0.0
2010/10/30 21:46:15.0601 Product type: Workstation
2010/10/30 21:46:15.0601 ComputerName: MyPc
2010/10/30 21:46:15.0602 UserName: ***
2010/10/30 21:46:15.0602 Windows directory: C:\Windows
2010/10/30 21:46:15.0602 System windows directory: C:\Windows
2010/10/30 21:46:15.0602 Running under WOW64
2010/10/30 21:46:15.0602 Processor architecture: Intel x64
2010/10/30 21:46:15.0602 Number of processors: 4
2010/10/30 21:46:15.0602 Page size: 0x1000
2010/10/30 21:46:15.0602 Boot type: Normal boot
2010/10/30 21:46:15.0602 ================================================================================
2010/10/30 21:46:15.0602 Utility is running under WOW64
2010/10/30 21:46:18.0624 Initialize success
2010/10/30 21:46:21.0485 ================================================================================
2010/10/30 21:46:21.0485 Scan started
2010/10/30 21:46:21.0485 Mode: Manual;
2010/10/30 21:46:21.0485 ================================================================================
2010/10/30 21:46:22.0177 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2010/10/30 21:46:22.0219 Acceler (627371b2d48f64cecc4d019114fb140d) C:\Windows\system32\DRIVERS\Accelern.sys
2010/10/30 21:46:22.0254 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2010/10/30 21:46:22.0289 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2010/10/30 21:46:22.0335 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2010/10/30 21:46:22.0390 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2010/10/30 21:46:22.0424 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2010/10/30 21:46:22.0504 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2010/10/30 21:46:22.0542 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2010/10/30 21:46:22.0589 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2010/10/30 21:46:22.0617 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2010/10/30 21:46:22.0652 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2010/10/30 21:46:22.0669 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2010/10/30 21:46:22.0712 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2010/10/30 21:46:22.0750 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2010/10/30 21:46:22.0774 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2010/10/30 21:46:22.0852 ApfiltrService (7142aa0dbcd3a4960f01799309a737ff) C:\Windows\system32\DRIVERS\Apfiltr.sys
2010/10/30 21:46:22.0875 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2010/10/30 21:46:22.0943 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2010/10/30 21:46:22.0977 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2010/10/30 21:46:23.0021 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/10/30 21:46:23.0089 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2010/10/30 21:46:23.0180 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2010/10/30 21:46:23.0287 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2010/10/30 21:46:23.0415 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2010/10/30 21:46:23.0504 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2010/10/30 21:46:23.0553 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2010/10/30 21:46:23.0600 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/10/30 21:46:23.0685 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/10/30 21:46:23.0748 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2010/10/30 21:46:23.0804 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2010/10/30 21:46:23.0851 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2010/10/30 21:46:23.0894 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2010/10/30 21:46:23.0939 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
2010/10/30 21:46:23.0966 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2010/10/30 21:46:23.0997 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
2010/10/30 21:46:24.0047 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys
2010/10/30 21:46:24.0085 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys
2010/10/30 21:46:24.0120 btwampfl (2d19c44a9d0e175bc93d23c562a0aa01) C:\Windows\system32\drivers\btwampfl.sys
2010/10/30 21:46:24.0176 btwaudio (ad4b38bf35896778236b40cf453f58aa) C:\Windows\system32\drivers\btwaudio.sys
2010/10/30 21:46:24.0214 btwavdt (c2a11549e72841ef9fc5af14c7f29233) C:\Windows\system32\drivers\btwavdt.sys
2010/10/30 21:46:24.0316 btwl2cap (06e96cf5c046f7cab4aa131df6e2b9bc) C:\Windows\system32\DRIVERS\btwl2cap.sys
2010/10/30 21:46:24.0488 btwrchid (d8270f1d59dd10743c8e62d806af85e2) C:\Windows\system32\DRIVERS\btwrchid.sys
2010/10/30 21:46:24.0569 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/10/30 21:46:24.0640 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2010/10/30 21:46:24.0691 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2010/10/30 21:46:24.0730 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2010/10/30 21:46:24.0816 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/10/30 21:46:24.0843 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2010/10/30 21:46:24.0907 cmnsusbser (2b3b8cbea1ba1bce5700607fbdb31034) C:\Windows\system32\DRIVERS\cmnsusbser.sys
2010/10/30 21:46:25.0035 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2010/10/30 21:46:25.0090 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2010/10/30 21:46:25.0120 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2010/10/30 21:46:25.0149 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2010/10/30 21:46:25.0213 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2010/10/30 21:46:25.0268 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
2010/10/30 21:46:25.0339 cvusbdrv (a84caae89b487931200b969d94018afa) C:\Windows\system32\Drivers\cvusbdrv.sys
2010/10/30 21:46:25.0407 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2010/10/30 21:46:25.0447 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2010/10/30 21:46:25.0479 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2010/10/30 21:46:25.0539 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2010/10/30 21:46:25.0598 DVMIO (cf32aff46b5f62249cb8d53a6e92d10b) C:\Program Files (x86)\Dell Latitude ON Flash\config\dvmio_x64.sys
2010/10/30 21:46:25.0666 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2010/10/30 21:46:25.0736 e1kexpress (f369e83f6cdab987ca2dd764278659a6) C:\Windows\system32\DRIVERS\e1k62x64.sys
2010/10/30 21:46:25.0838 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2010/10/30 21:46:25.0974 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2010/10/30 21:46:26.0025 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2010/10/30 21:46:26.0098 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2010/10/30 21:46:26.0133 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2010/10/30 21:46:26.0178 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2010/10/30 21:46:26.0219 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2010/10/30 21:46:26.0242 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2010/10/30 21:46:26.0296 FlashUSB (af44fcb577661690e59b6bdb8db0e28e) C:\Windows\system32\DRIVERS\FlashUSB_x64.sys
2010/10/30 21:46:26.0361 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/10/30 21:46:26.0432 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2010/10/30 21:46:26.0483 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2010/10/30 21:46:26.0510 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2010/10/30 21:46:26.0603 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2010/10/30 21:46:26.0659 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2010/10/30 21:46:26.0730 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/10/30 21:46:26.0796 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2010/10/30 21:46:26.0868 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/10/30 21:46:26.0920 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2010/10/30 21:46:26.0958 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2010/10/30 21:46:26.0986 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2010/10/30 21:46:27.0015 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2010/10/30 21:46:27.0068 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2010/10/30 21:46:27.0126 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2010/10/30 21:46:27.0168 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2010/10/30 21:46:27.0208 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2010/10/30 21:46:27.0231 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/10/30 21:46:27.0272 iaStor (85977cd13fc16069ce0af7943a811775) C:\Windows\system32\DRIVERS\iaStor.sys
2010/10/30 21:46:27.0332 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2010/10/30 21:46:27.0505 igfx (7467ae8f96ea983423148c62458669fa) C:\Windows\system32\DRIVERS\igdkmd64.sys
2010/10/30 21:46:27.0649 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2010/10/30 21:46:27.0691 Impcd (c48567d80ad357613cd0eeade18780ae) C:\Windows\system32\DRIVERS\Impcd.sys
2010/10/30 21:46:27.0749 IntcDAud (d248aae81c156c0d47a77cd61bc24cd4) C:\Windows\system32\DRIVERS\IntcDAud.sys
2010/10/30 21:46:27.0774 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2010/10/30 21:46:27.0799 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2010/10/30 21:46:27.0848 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/10/30 21:46:27.0886 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/10/30 21:46:27.0917 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2010/10/30 21:46:27.0962 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2010/10/30 21:46:27.0983 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2010/10/30 21:46:28.0021 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/10/30 21:46:28.0065 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/10/30 21:46:28.0089 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/10/30 21:46:28.0170 KL1 (8d7120743a0973ceab548b475c9d4289) C:\Windows\system32\DRIVERS\kl1.sys
2010/10/30 21:46:28.0229 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\Windows\system32\DRIVERS\kl2.sys
2010/10/30 21:46:28.0294 KLIF (177505577604c94c4be7b9316a90ada1) C:\Windows\system32\DRIVERS\klif.sys
2010/10/30 21:46:28.0353 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\Windows\system32\DRIVERS\klim6.sys
2010/10/30 21:46:28.0394 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
2010/10/30 21:46:28.0417 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2010/10/30 21:46:28.0468 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2010/10/30 21:46:28.0505 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2010/10/30 21:46:28.0948 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2010/10/30 21:46:29.0028 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2010/10/30 21:46:29.0063 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2010/10/30 21:46:29.0094 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/10/30 21:46:29.0150 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/10/30 21:46:29.0210 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2010/10/30 21:46:29.0281 LVUSBS64 (6562fcee704f14c05f5338b147d67a16) C:\Windows\system32\drivers\LVUSBS64.sys
2010/10/30 21:46:29.0317 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2010/10/30 21:46:29.0339 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2010/10/30 21:46:29.0376 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2010/10/30 21:46:29.0405 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2010/10/30 21:46:29.0428 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2010/10/30 21:46:29.0463 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2010/10/30 21:46:29.0488 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2010/10/30 21:46:29.0520 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2010/10/30 21:46:29.0547 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2010/10/30 21:46:29.0590 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2010/10/30 21:46:29.0636 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/10/30 21:46:29.0671 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/10/30 21:46:29.0719 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/10/30 21:46:29.0777 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
2010/10/30 21:46:29.0815 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2010/10/30 21:46:29.0858 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2010/10/30 21:46:29.0903 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2010/10/30 21:46:29.0947 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2010/10/30 21:46:29.0983 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2010/10/30 21:46:30.0011 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/10/30 21:46:30.0036 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2010/10/30 21:46:30.0068 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2010/10/30 21:46:30.0099 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/10/30 21:46:30.0124 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2010/10/30 21:46:30.0140 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2010/10/30 21:46:30.0185 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2010/10/30 21:46:30.0241 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2010/10/30 21:46:30.0307 ncpfilt (a7f5e21610b21c8ea8f4c718e9dcca59) C:\Windows\system32\DRIVERS\ncplelhp.sys
2010/10/30 21:46:30.0336 ncplelhp (a7f5e21610b21c8ea8f4c718e9dcca59) C:\Windows\system32\DRIVERS\ncplelhp.sys
2010/10/30 21:46:30.0395 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2010/10/30 21:46:30.0449 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2010/10/30 21:46:30.0493 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/10/30 21:46:30.0528 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/10/30 21:46:30.0617 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/10/30 21:46:30.0764 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2010/10/30 21:46:30.0792 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2010/10/30 21:46:30.0816 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2010/10/30 21:46:30.0979 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
2010/10/30 21:46:31.0145 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2010/10/30 21:46:31.0214 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2010/10/30 21:46:31.0245 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2010/10/30 21:46:31.0292 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2010/10/30 21:46:31.0353 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2010/10/30 21:46:31.0396 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2010/10/30 21:46:31.0440 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2010/10/30 21:46:31.0488 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2010/10/30 21:46:31.0523 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/10/30 21:46:31.0588 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2010/10/30 21:46:31.0612 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2010/10/30 21:46:31.0650 PBADRV (363b3f857abee85767e01e3044c539cd) C:\Windows\system32\DRIVERS\PBADRV.sys
2010/10/30 21:46:31.0689 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2010/10/30 21:46:31.0730 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2010/10/30 21:46:31.0783 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/10/30 21:46:31.0814 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2010/10/30 21:46:31.0845 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2010/10/30 21:46:31.0949 PID_0928 (db5c32a4130e6b36cd6ed7a5a6c7751e) C:\Windows\system32\DRIVERS\LV561V64.SYS
2010/10/30 21:46:32.0036 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2010/10/30 21:46:32.0063 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2010/10/30 21:46:32.0098 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2010/10/30 21:46:32.0141 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
2010/10/30 21:46:32.0196 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2010/10/30 21:46:32.0239 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2010/10/30 21:46:32.0270 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2010/10/30 21:46:32.0289 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2010/10/30 21:46:32.0328 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2010/10/30 21:46:32.0359 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/10/30 21:46:32.0391 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/10/30 21:46:32.0421 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2010/10/30 21:46:32.0452 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2010/10/30 21:46:32.0484 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2010/10/30 21:46:32.0505 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/10/30 21:46:32.0545 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2010/10/30 21:46:32.0581 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2010/10/30 21:46:32.0604 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2010/10/30 21:46:32.0632 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2010/10/30 21:46:32.0665 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2010/10/30 21:46:32.0732 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
2010/10/30 21:46:32.0780 rimspci (3dca561aaf776aa2e356fb5b142aa5f8) C:\Windows\system32\DRIVERS\rimspe64.sys
2010/10/30 21:46:32.0808 risdpcie (380e98db92b37a5792c962ec15bfb44c) C:\Windows\system32\DRIVERS\risdpe64.sys
2010/10/30 21:46:32.0837 rixdpcie (a4579105a3c5b6290701ead0c153e07a) C:\Windows\system32\DRIVERS\rixdpe64.sys
2010/10/30 21:46:32.0872 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2010/10/30 21:46:32.0914 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2010/10/30 21:46:32.0952 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2010/10/30 21:46:33.0011 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2010/10/30 21:46:33.0070 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2010/10/30 21:46:33.0138 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2010/10/30 21:46:33.0170 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2010/10/30 21:46:33.0199 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2010/10/30 21:46:33.0243 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/10/30 21:46:33.0286 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/10/30 21:46:33.0343 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/10/30 21:46:33.0373 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/10/30 21:46:33.0415 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/10/30 21:46:33.0442 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2010/10/30 21:46:33.0485 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2010/10/30 21:46:33.0540 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2010/10/30 21:46:33.0629 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2010/10/30 21:46:33.0629 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2010/10/30 21:46:33.0640 sptd - detected Locked file (1)
2010/10/30 21:46:33.0699 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2010/10/30 21:46:33.0741 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2010/10/30 21:46:33.0775 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2010/10/30 21:46:33.0869 StarOpen (e57b778208c783d8debab320c16a1b82) C:\Windows\system32\drivers\StarOpen.sys
2010/10/30 21:46:33.0917 stdflt (c568fdb21ce77a44fd166f28f104ac46) C:\Windows\system32\DRIVERS\stdfltn.sys
2010/10/30 21:46:33.0957 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2010/10/30 21:46:34.0010 STHDA (04906a6b1dd17d38795e28af4f4392f9) C:\Windows\system32\DRIVERS\stwrt64.sys
2010/10/30 21:46:34.0084 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
2010/10/30 21:46:34.0134 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2010/10/30 21:46:34.0168 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2010/10/30 21:46:34.0197 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2010/10/30 21:46:34.0313 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2010/10/30 21:46:34.0445 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2010/10/30 21:46:34.0494 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2010/10/30 21:46:34.0535 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2010/10/30 21:46:34.0559 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2010/10/30 21:46:34.0579 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2010/10/30 21:46:34.0601 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2010/10/30 21:46:34.0679 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/10/30 21:46:34.0708 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2010/10/30 21:46:34.0740 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2010/10/30 21:46:34.0781 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
2010/10/30 21:46:34.0847 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2010/10/30 21:46:34.0878 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2010/10/30 21:46:34.0899 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2010/10/30 21:46:34.0963 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys
2010/10/30 21:46:35.0024 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/10/30 21:46:35.0068 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2010/10/30 21:46:35.0155 usbehci (cb490987a7f6928a04bb838e3bd8a936) C:\Windows\system32\DRIVERS\usbehci.sys
2010/10/30 21:46:35.0206 usbhub (18124ef0a881a00ee222d02a3ee30270) C:\Windows\system32\DRIVERS\usbhub.sys
2010/10/30 21:46:35.0262 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2010/10/30 21:46:35.0287 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2010/10/30 21:46:35.0312 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/10/30 21:46:35.0337 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/10/30 21:46:35.0407 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
2010/10/30 21:46:35.0473 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2010/10/30 21:46:35.0514 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/10/30 21:46:35.0554 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2010/10/30 21:46:35.0586 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2010/10/30 21:46:35.0617 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2010/10/30 21:46:35.0661 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2010/10/30 21:46:35.0685 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2010/10/30 21:46:35.0713 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2010/10/30 21:46:35.0742 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2010/10/30 21:46:35.0783 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2010/10/30 21:46:35.0819 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2010/10/30 21:46:35.0847 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2010/10/30 21:46:35.0869 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2010/10/30 21:46:35.0911 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2010/10/30 21:46:35.0934 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2010/10/30 21:46:35.0972 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2010/10/30 21:46:35.0992 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2010/10/30 21:46:36.0045 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2010/10/30 21:46:36.0095 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2010/10/30 21:46:36.0173 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2010/10/30 21:46:36.0200 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2010/10/30 21:46:36.0268 WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUSB.sys
2010/10/30 21:46:36.0294 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/10/30 21:46:36.0348 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2010/10/30 21:46:36.0432 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
2010/10/30 21:46:36.0461 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/10/30 21:46:36.0539 \HardDisk0\MBR - detected Rootkit.Win32.TDSS.tdl4 (0)
2010/10/30 21:46:36.0543 ================================================================================
2010/10/30 21:46:36.0543 Scan finished
2010/10/30 21:46:36.0544 ================================================================================
2010/10/30 21:46:36.0554 Detected object count: 2
2010/10/30 21:46:58.0342 Locked file(sptd) - User select action: Skip
2010/10/30 21:46:58.0350 \HardDisk0\MBR - will be cured after reboot
2010/10/30 21:46:58.0350 Rootkit.Win32.TDSS.tdl4(\HardDisk0\MBR) - User select action: Cure
|
