GMER LOG FILE
-------------------------------------------
GMER Logfile:
Code:
GMER 1.0.15.15477 - hxxp://www.gmer.net
Rootkit scan 2010-10-24 20:55:51
Windows 5.1.2600 Service Pack 2
Running: vmrv41ue.exe; Driver: C:\DOKUME~1\Michael\LOKALE~1\Temp\kgediaob.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwCreateThread [0xF2C86C60]
SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwMapViewOfSection [0xF2C868F0]
SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwShutdownSystem [0xF2C86E90]
SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwTerminateProcess [0xF2C86E20]
---- Kernel code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF5EDF360, 0x22678D, 0xE8000020]
init C:\Programme\BullGuard Software\BullGuard\reconn.sys entry point in "init" section [0xF7DB7100]
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F75D8D80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F75D8D20] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [F75D8C80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F75D8B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F75D8B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F75D8D20] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F75D8D80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F75D8C80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F75D8C80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F75D8B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F75D8D20] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F75D8D80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F75D8B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F75D8D80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F75D8D20] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F75D8C80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F75D8D80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F75D8D20] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F75D8B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F75D8C80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F75D8B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F75D8D20] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F75D8D80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [F75D8D80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [F75D8D20] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [F75D8C80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [F75D8B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F75D8B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F75D8C80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F75D8D80] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F75D8D20] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
---- Devices - GMER 1.0.15 ----
Device \Driver\Tcpip \Device\Ip wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
Device \Driver\Tcpip \Device\Tcp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp reconn.sys
Device \Driver\Tcpip \Device\Udp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device \Driver\Tcpip \Device\RawIp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device \Driver\Tcpip \Device\IPMULTICAST wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@j!s!i!`!r!`!e!d!\30!\30!t!e!s!m!s!y! 71230
---- EOF - GMER 1.0.15 ----
--- --- ---
-------------------------------------------------------------------------
OSAM LOG FILE
-------------------------------------------------------------------------
OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 22:02:27 on 24.10.2010
OS: Windows XP Professional Service Pack 2 (Build 2600)
Default Browser: Mozilla Corporation Firefox 3.5.11
Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures
Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries
[Boot Execute]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )-----
"BootExecute" - "Microsoft Corporation" - C:\WINDOWS\system32\autochk.exe
[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
-----( HKLM\SOFTWARE\Microsoft\Windows Scripting Host\Locations )-----
"CScript" - "Microsoft Corporation" - C:\WINDOWS\System32\cscript.exe
"WScript" - "Microsoft Corporation" - C:\WINDOWS\System32\wscript.exe
[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"access.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\access.cpl
"ALSndMgr.Cpl" - "Realtek Semiconductor Corp." - C:\WINDOWS\system32\ALSndMgr.Cpl
"appwiz.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl
"bthprops.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\bthprops.cpl
"ddbaccpl.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbaccpl.cpl
"ddbacctm.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbacctm.cpl
"desk.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\desk.cpl
"firewall.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\firewall.cpl
"GtmNicApp.cpl" - ? - C:\WINDOWS\system32\GtmNicApp.cpl
"hdwwiz.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\hdwwiz.cpl
"inetcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\inetcpl.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"intl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\intl.cpl
"irprops.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\irprops.cpl
"joy.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\joy.cpl
"jpicpl32.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\jpicpl32.cpl
"main.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\main.cpl
"mmsys.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\mmsys.cpl
"ncpa.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\ncpa.cpl
"netsetup.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\netsetup.cpl
"nusrmgr.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\nusrmgr.cpl
"nvtuicpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvtuicpl.cpl
"nwc.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\nwc.cpl
"odbccp32.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\odbccp32.cpl
"powercfg.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\powercfg.cpl
"prefscpl.cpl" - "RealNetworks, Inc." - C:\WINDOWS\system32\prefscpl.cpl
"RTSndMgr.Cpl" - "Realtek Semiconductor Corp." - C:\WINDOWS\system32\RTSndMgr.Cpl
"sysdm.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\sysdm.cpl
"telephon.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\telephon.cpl
"timedate.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\timedate.cpl
"wscui.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wscui.cpl
"wuaucpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl
"xhidcpl.cpl" - ? - C:\WINDOWS\system32\xhidcpl.cpl (File found, but it contains no detailed information)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal - Free Antivirus " - ? - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl (File not found)
"Internet Connection Firewall" - "Microsoft Corporation" - C:\WINDOWS\system32\Firewall.cpl
"Nero BurnRights" - "Nero AG" - C:\Programme\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
"NetSetupWizard" - "Microsoft Corporation" - C:\WINDOWS\system32\NetSetup.cpl
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
"Speech" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Speech\sapi.cpl
"Windows Media Connect" - "Microsoft Corporation" - C:\Programme\Windows Media Connect 2\wmccpl.dll
[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"1394-ARP-Clientprotokoll" (Arp1394) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\arp1394.sys
"1394-Netzwerktreiber" (NIC1394) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nic1394.sys
"AEGIS Protocol (IEEE 802.1x) v3.5.3.0" (AegisP) - "Meetinghouse Data Communications" - C:\WINDOWS\System32\DRIVERS\AegisP.sys
"AFD" (AFD) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\afd.sys
"Apple Mobile Device Ethernet Service" (Netaapl) - "Apple Inc." - C:\WINDOWS\System32\DRIVERS\netaapl.sys
"Apple Mobile USB Driver" (USBAAPL) - "Apple, Inc." - C:\WINDOWS\System32\Drivers\usbaapl.sys
"ASCTRM" (ASCTRM) - "Windows (R) 2000 DDK provider" - C:\WINDOWS\system32\drivers\ASCTRM.sys
"ASPI32" (ASPI32) - ? - C:\WINDOWS\system32\drivers\ASPI32.sys (File not found)
"Asynchroner RAS -Medientreiber" (AsyncMac) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\asyncmac.sys
"ATWPKT2" (ATWPKT2) - "America Online" - C:\Programme\Gemeinsame Dateien\AOL\ACS\ATWPKT2.SYS
"Audiostubtreiber" (audstub) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\audstub.sys
"avgio" (avgio) - ? - C:\Programme\Avira\AntiVir Desktop\avgio.sys (File not found)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"AVM FRITZ!Box" (AVMUNET) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\avmunet.sys
"BDA MPE-Filter" (MPE) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\MPE.sys
"BDA Slip De-Framer" (SLIP) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\SLIP.sys
"BDA-IPSink" (streamip) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\StreamIP.sys
"Beep" (Beep) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Beep.sys
"BullGuard Email Monitor" (Reconn) - ? - C:\Programme\BullGuard Software\BullGuard\reconn.sys (File found, but it contains no detailed information)
"BullGuard File Monitor" (FileSpy5) - "BullGuard Ltd." - C:\Programme\BullGuard Software\BullGuard\filespy5.sys
"catchme" (catchme) - ? - C:\DOKUME~1\Michael\LOKALE~1\Temp\catchme.sys (File not found)
"CD-ROM-Laufwerktreiber" (Cdrom) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\cdrom.sys
"Cdaudio" (Cdaudio) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Cdaudio.sys
"Cdfs" (Cdfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Cdfs.sys
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"dmload" (dmload) - "Microsoft Corp., Veritas Software." - C:\WINDOWS\System32\drivers\dmload.sys
"Fastfat" (Fastfat) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fastfat.sys
"Fdc" (Fdc) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fdc.sys
"Filtertreiber für CD-Brennen" (Imapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\imapi.sys
"Filtertreiber für digitale CD-Audiowiedergabe" (redbook) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\redbook.sys
"Filtertreiber für IP-Verkehr" (IpFilterDriver) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys
"Filtertreiber für IPX-Verkehr" (NwlnkFlt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys
"Filtertreiber für Systemwiederherstellung" (sr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\sr.sys
"Fips" (Fips) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fips.sys
"Flpydisk" (Flpydisk) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Flpydisk.sys
"FltMgr" (FltMgr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\fltMgr.sys
"Fs_Rec" (Fs_Rec) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fs_Rec.sys
"GEAR ASPI Filter Driver" (GEARAspiWDM) - "GEAR Software Inc." - C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys
"Grand Tech GT680x NT" (GT680x) - " " - C:\WINDOWS\System32\DRIVERS\GT680x.SYS
"HTTP" (HTTP) - "Microsoft Corporation" - C:\WINDOWS\System32\Drivers\HTTP.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found)
"i8042-Tastatur- und PS/2-Mausanschluss-Treiber" (i8042prt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
"Intel AHCI Controller" (iaStor) - "Intel Corporation" - C:\WINDOWS\System32\DRIVERS\iaStor.sys
"Intel(R) PRO/Wireless 3945ABG Adaptertreiber für Windows XP 32 Bit" (NETw3x32) - "Intel® Corporation" - C:\WINDOWS\System32\DRIVERS\NETw3x32.sys
"Intel-Prozessortreiber" (intelppm) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\intelppm.sys
"IP/IP-Tunneltreiber" (IpInIp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipinip.sys
"IPSEC-Treiber" (IPSec) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipsec.sys
"IPv6-Windows-Firewalltreiber" (Ip6Fw) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys
"IR-Enumeratordienst" (IRENUM) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\irenum.sys
"kgediaob" (kgediaob) - ? - C:\DOKUME~1\Michael\LOKALE~1\Temp\kgediaob.sys (Hidden registry entry, rootkit activity | File not found)
"KSecDD" (KSecDD) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\KSecDD.sys
"Laufwerktreiber" (Disk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\disk.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"Maus-HID-Treiber" (mouhid) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mouhid.sys
"Mausklassentreiber" (Mouclass) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mouclass.sys
"MHN-Treiber" (MHNDRV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mhndrv.sys
"Microcode Updatetreiber" (Update) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\update.sys
"Microsoft ACPI-Treiber" (ACPI) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ACPI.sys
"Microsoft Composite Battery-Treiber" (Compbatt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\compbatt.sys
"Microsoft Embedded Controllertreiber" (ACPIEC) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ACPIEC.sys
"Microsoft HID Class-Treiber" (HidUsb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\hidusb.sys
"Microsoft Kernel GS Wavetablesynthesizer" (swmidi) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\swmidi.sys
"Microsoft Kernel-Audiosplitter" (splitter) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\splitter.sys
"Microsoft Kernel-DLS-Synthesizer" (DMusic) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\DMusic.sys
"Microsoft Kernel-DRM-Audioentschlüsselung" (drmkaud) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\drmkaud.sys
"Microsoft Kernel-Echounterdrückung" (aec) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\aec.sys
"Microsoft Kernel-Systemaudiogerät" (sysaudio) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\sysaudio.sys
"Microsoft Kernel-Waveaudiomixer" (kmixer) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\kmixer.sys
"Microsoft Proxy für Streaming Clock" (MSPCLOCK) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSPCLOCK.sys
"Microsoft Proxy für Streaming Quality Manager" (MSPQM) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSPQM.sys
"Microsoft Standard-USB-Haupttreiber" (usbccgp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbccgp.sys
"Microsoft Streaming Service Proxy" (MSKSSRV) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSKSSRV.sys
"Microsoft Streaming Tee/Sink-to-Sink-Konvertierung" (MSTEE) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSTEE.sys
"Microsoft TV-/Videoverbindung" (NdisIP) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\NdisIP.sys
"Microsoft UAA Bus Driver for High Definition Audio" (HDAudBus) - "Windows (R) Server 2003 DDK provider" - C:\WINDOWS\System32\DRIVERS\HDAudBus.sys
"Microsoft USB-Druckerklasse" (usbprint) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbprint.sys
"Microsoft Windows-Verwaltungsschnittstelle für ACPI" (WmiAcpi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wmiacpi.sys
"Microsoft-Netzteiltreiber" (CmBatt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\CmBatt.sys
"Microsoft-Systemverwaltungs-BIOS-Treiber" (mssmbios) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mssmbios.sys
"Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller" (usbehci) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbehci.sys
"Miniporttreiber für universellen Microsoft USB-Hostcontroller" (usbuhci) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbuhci.sys
"mnmdd" (mnmdd) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\mnmdd.sys
"Modem" (Modem) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Modem.sys
"MountMgr" (MountMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\MountMgr.sys
"MRXSMB" (MRxSmb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
"Msfs" (Msfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Msfs.sys
"Mup" (Mup) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Mup.sys
"NABTS/FEC VBI-Codec" (NABTSFEC) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys
"NDIS-Benutzermodus-E/A-Protokoll" (Ndisuio) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndisuio.sys
"NDIS-Systemtreiber" (NDIS) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\NDIS.sys
"NDProxy" (NDProxy) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\NDProxy.sys
"NetBios über TCP/IP" (NetBT) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\netbt.sys
"NetBIOS-Schnittstelle" (NetBIOS) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\netbios.sys
"Novatel Wireless USB Modem Driver" (NWUSBModem) - "Novatel Wireless Inc." - C:\WINDOWS\System32\DRIVERS\nwusbmdm.sys
"Novatel Wireless USB Status Port Driver" (NWUSBPort) - "Novatel Wireless Inc." - C:\WINDOWS\System32\DRIVERS\nwusbser.sys
"Npfs" (Npfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Npfs.sys
"Ntfs" (Ntfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Ntfs.sys
"Null" (Null) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Null.sys
"nv" (nv) - "NVIDIA Corporation" - C:\WINDOWS\System32\DRIVERS\nv4_mini.sys
"OHCI-konformer IEEE 1394-Hostcontroller" (ohci1394) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ohci1394.sys
"Padus ASPI Shell" (pfc) - "Padus, Inc." - C:\WINDOWS\System32\drivers\pfc.sys
"Parallelanschluss (direkt)" (Raspti) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspti.sys
"Parport" (Parport) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Parport.sys
"PartMgr" (PartMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\PartMgr.sys
"PCI-Bus-Treiber" (PCI) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pci.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PCIIde" (PCIIde) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pciide.sys
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"PhilCap service" (PhilCap) - "Philips Semiconductors GmbH" - C:\WINDOWS\System32\DRIVERS\PhilCap.sys
"PnP-ISA/EISA-Bus-Treiber" (isapnp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\isapnp.sys
"Protokoll für ATM ARP-Client" (Atmarpc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\atmarpc.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"QoS-Paketplaner" (PSched) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\psched.sys
"RAS-IP-ARP-Treiber" (Wanarp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wanarp.sys
"RAS-NDIS-TAPI-Treiber" (NdisTapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndistapi.sys
"RAS-NDIS-WAN-Treiber" (NdisWan) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndiswan.sys
"Rdbss" (Rdbss) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rdbss.sys
"RDPCDD" (RDPCDD) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
"RDPWD" (RDPWD) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\RDPWD.sys
"Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver" (RTLE8023xp) - "Realtek Semiconductor Corporation " - C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys
"Redirector für WebDav-Client" (MRxDAV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mrxdav.sys
"Remotezugriff-PPPOE-Treiber" (RasPppoe) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspppoe.sys
"Ricoh xD-Picture Card Driver" (rismxdp) - "REDC" - C:\WINDOWS\System32\DRIVERS\rixdptsk.sys
"rimmptsk" (rimmptsk) - "REDC" - C:\WINDOWS\System32\DRIVERS\rimmptsk.sys
"rimsptsk" (rimsptsk) - "REDC" - C:\WINDOWS\System32\DRIVERS\rimsptsk.sys
"sdbus" (sdbus) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\sdbus.sys
"Secdrv" (Secdrv) - ? - C:\WINDOWS\System32\DRIVERS\secdrv.sys (File found, but it contains no detailed information)
"Serial" (Serial) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Serial.sys
"Service for Realtek HD Audio (WDM)" (IntcAzAudAddService) - "Realtek Semiconductor Corp." - C:\WINDOWS\System32\drivers\RtkHDAud.sys
"SFF-Speicherklassentreiber" (sffdisk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\sffdisk.sys
"SFF-Speicherprotokolltreiber für SDBus" (sffp_sd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\sffp_sd.sys
"Sfloppy" (Sfloppy) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Sfloppy.sys
"smserial" (smserial) - "Motorola Inc." - C:\WINDOWS\System32\DRIVERS\smserial.sys
"Software-Bus-Treiber" (swenum) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\swenum.sys
"Srv" (Srv) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\srv.sys
"Standard-IDE/ESDI-Festplattencontroller" (atapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\atapi.sys
"Standardpaketklassifizierung" (Gpc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\msgpc.sys
"SyGate for NT, wg3n" (wg3n) - "Sygate Technologies, Inc." - C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys
"Synaptics TouchPad Driver" (SynTP) - "Synaptics, Inc." - C:\WINDOWS\System32\DRIVERS\SynTP.sys
"Tastatur-HID-Treiber" (kbdhid) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\kbdhid.sys
"Tastaturklassentreiber" (Kbdclass) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
"TCP/IP-Protokolltreiber" (Tcpip) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\tcpip.sys
"TDPIPE" (TDPIPE) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\TDPIPE.sys
"TDTCP" (TDTCP) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\TDTCP.sys
"Teefer for NT" (Teefer) - "Sygate Technologies, Inc." - C:\WINDOWS\System32\Drivers\Teefer.sys
"Terminal-Gerätetreiber" (TermDD) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\termdd.sys
"Treiber für automatische RAS-Verbindung" (RasAcd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasacd.sys
"Treiber für die Verwaltung logischer Datenträger" (dmio) - "Microsoft Corp., Veritas Software" - C:\WINDOWS\System32\drivers\dmio.sys
"Treiber für direkte Parallelverbindung" (Ptilink) - "Parallel Technologies, Inc." - C:\WINDOWS\System32\DRIVERS\ptilink.sys
"Treiber für IPX-Verkehrsweiterleitung" (NwlnkFwd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys
"Treiber für Microsoft WINMM-WDM-Audiokompatibilität" (wdmaud) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\wdmaud.sys
"Treiber für Terminalserver-Geräteumleitung" (rdpdr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rdpdr.sys
"Treiber für Volume-Manager" (Ftdisk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ftdisk.sys
"Untertiteldecoder" (CCDECODE) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\CCDECODE.sys
"USB-Massenspeichertreiber" (USBSTOR) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
"USB-Scannertreiber" (usbscan) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbscan.sys
"USB2-aktivierter Hub" (usbhub) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbhub.sys
"VgaSave" (VgaSave) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\vga.sys
"VolSnap" (VolSnap) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\VolSnap.sys
"WAN Miniport (ATW)" (wanatw) - "America Online, Inc." - C:\WINDOWS\System32\DRIVERS\wanatw4.sys
"WAN-Miniport (L2TP)" (Rasl2tp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
"WAN-Miniport (PPTP)" (PptpMiniport) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspptp.sys
"Wdf01000" (Wdf01000) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\Wdf01000.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)
"WLAN Transport" (s24trans) - "Intel Corporation" - C:\WINDOWS\System32\DRIVERS\s24trans.sys
"World Standard Teletext-Codec" (WSTCODEC) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS
"wpsdrvnt" (wpsdrvnt) - "Sygate Technologies, Inc." - C:\WINDOWS\system32\drivers\wpsdrvnt.sys
"X10 Hid Device" (X10Hid) - "X10 Wireless Technology, Inc." - C:\WINDOWS\System32\Drivers\x10hid.sys
"X10 USB Wireless Transceiver" (XUIF) - "X10 Wireless Technology, Inc." - C:\WINDOWS\System32\Drivers\x10ufx2.sys
"Übersetzer für IP-Netzwerkadressen" (IpNat) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipnat.sys
[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{7790769C-0471-11d2-AF11-00C04FA35D02} "Adressbuch 6" - "Microsoft Corporation" - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
>{60B49E34-C7CC-11D0-8953-00A0C90347FF} "Browser Customizations" - "Microsoft Corporation" - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS "Browseranpassungen" - "Microsoft Corporation" - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
{8b15971b-5355-4c82-8c07-7e181ea07608} "Fax" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
>{26923b43-4d38-484f-9b9e-de460746276c} "Internet Explorer" - "Microsoft Corporation" - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
{89820200-ECBD-11cf-8B85-00AA005B4383} "Internet Explorer" - "Microsoft Corporation" - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
KB910393 "KB910393" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall
{407408d4-94ed-4d86-ab69-a7f649d112ee} "Media Center" - "Microsoft Corporation" - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} "Microsoft Outlook Express 6" - "Microsoft Corporation" - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} "Microsoft Windows Media Player" - "Microsoft Corporation" - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
{6BF52A52-394A-11d3-B153-00C04F79FAA6} "Microsoft Windows Media Player" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
{44BBA842-CC51-11CF-AAFA-00AA00B6015B} "NetMeeting 3.01" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
>{881dd1c5-3dcf-431b-b061-f3f88e8be88a} "Outlook Express" - "Microsoft Corporation" - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} "Themes Setup" - "Microsoft Corporation" - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} "Versions-Update für Internet Explorer" - "Microsoft Corporation" - C:\WINDOWS\system32\ieudinit.exe
{89820200-ECBD-11cf-8B85-00AA005B4340} "Windows Desktop-Update" - "Microsoft Corporation" - regsvr32.exe /s /n /i:U shell32.dll
{5945c046-1e7d-11d1-bc44-00c04fd912be} "Windows Messenger 4.7" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
{0D2E74C4-3C34-11d2-A27E-00C04FC30871} "{0D2E74C4-3C34-11d2-A27E-00C04FC30871}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll
{24F14F01-7B1C-11d1-838f-0000F80461CF} "{24F14F01-7B1C-11d1-838f-0000F80461CF}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll
{24F14F02-7B1C-11d1-838f-0000F80461CF} "{24F14F02-7B1C-11d1-838f-0000F80461CF}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll
{66742402-F9B9-11D1-A202-0000F81FEDEE} "{66742402-F9B9-11D1-A202-0000F81FEDEE}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} "AP Class Install Handler filter" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
{8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
{8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
{8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{733AC4CB-F1A4-11d0-B951-00A0C90312E1} "WebView MIME Filter" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{3dd53d40-7b8b-11D0-b013-00aa0059ce02} "CDL: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
{12D51199-0DB5-46FE-A120-47A3D7D937CC} "DVD: Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\msvidctl.dll
{79eac9e7-baf9-11ce-8c82-00aa004ba90b} "file:, local: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
{79eac9e7-baf9-11ce-8c82-00aa004ba90b} "file:, local: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
{79eac9e3-baf9-11ce-8c82-00aa004ba90b} "ftp: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
{79eac9e4-baf9-11ce-8c82-00aa004ba90b} "gopher: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
{79eac9e2-baf9-11ce-8c82-00aa004ba90b} "http: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
{79eac9e5-baf9-11ce-8c82-00aa004ba90b} "https: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
{05300401-BCBC-11d0-85E3-00C04FD85AB4} "MHTML Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\inetcomm.dll
{3050F406-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML About Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll
{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Javascript Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll
{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Javascript Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll
{3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Mailto Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll
{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Resource Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll
{76E67A63-06E9-11D2-A840-006008059382} "Microsoft HTML Resource Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll
{9D148291-B9C8-11D0-A4CC-0000F80149F6} "Microsoft InfoTech Protocols for IE 4.0" - "Microsoft Corporation" - C:\WINDOWS\system32\itss.dll
{9D148291-B9C8-11D0-A4CC-0000F80149F6} "Microsoft InfoTech Protocols for IE 4.0" - "Microsoft Corporation" - C:\WINDOWS\system32\itss.dll
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll
{CD00020A-8B95-11D1-82DB-00C04FB1625D} "Microsoft PKM KnowledgePluggable Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL
{79eac9e6-baf9-11ce-8c82-00aa004ba90b} "mk: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
{CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} "TV: Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\msvidctl.dll
{13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} "WiaProtocol Class" - "Microsoft Corporation" - C:\WINDOWS\system32\wiascr.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler )-----
{438755C2-A8BA-11D1-B96B-00A0C90312E1} "Browseui preloader" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll
{8C7461EF-2B13-11d2-BE35-3078302C2030} "Component Categories cache daemon" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "URL Exec Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} "Automatische Diashowwiedergabe der Shell" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll
{BD472F60-27FA-11cf-B8B4-444553540000} "Compressed (zipped) Folder Right Drag Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll
{888DCA60-FC0A-11CF-8F0F-00C04FD7D062} "Compressed (zipped) Folder SendTo Target" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll
{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} "CompressedFolder" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll
{3F30C968-480A-4C6C-862D-EFC0897BB84B} "GDI+ Dateiminiaturansicht-Extrahierungsprogramm" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll
{EAB841A0-9550-11cf-8C16-00805F1408F3} "HTML-Extrahierungsprogramm" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\msohev.dll
{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} "Shell Image Data Factory" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll
{eb9b1153-3b57-4e68-959a-a3266bc3d7fe} "Shell Image Property Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll
{e84fda7c-1d6a-45f6-b725-cb260c236066} "Shell Image Verbs" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{9DBD2C50-62AD-11d0-B806-00C04FD706EC} "Zusammenfassungs-Miniaturansichthandler (DOCFILES)" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )-----
{7849596a-48ea-486e-8937-a2a3009f31a9} "PostBootReminder object" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll
{fbeb8a05-beee-4442-804e-409d6c4515e9} "ShellFolder for CD Burning" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll
{35CEC8A3-2BE6-11D2-8773-92E220524153} "SysTray" - "Microsoft Corporation" - C:\WINDOWS\system32\stobject.dll
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll
[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{EFA24E64-B078-11D0-89E4-00C04FC9E26E} "Explorer-Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Adresse" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll
<binary data> "&Links" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll
<binary data> "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Programme\DVDVideoSoftTB\tbDVD0.dll
ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found)
<binary data> "{00000000-0000-0000-0000-000000000000}" - ? - (File not found | COM-object registry key not found)
<binary data> "{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" - ? - (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{872b5b88-9db5-4310-bdd0-ac189557e5f5} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Programme\DVDVideoSoftTB\tbDVD0.dll
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} "Microsoft Url Search Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} "DivXBrowserPlugin Object" - "DivX,Inc." - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll / hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.5.0_09" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.5.0_09\bin\npjpi150_09.dll / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} "Java Plug-in 1.5.0_09" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.5.0_09\bin\npjpi150_09.dll / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.5.0_09" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.5.0_09\bin\npjpi150_09.dll / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
{BF3CD111-6278-11D2-9EA3-00A0C9251384} "O2C-Player Version 1.x" - "Eleco plc" - C:\WINDOWS\system32\O2CPLA~1.OCX / hxxp://www.o2c.de/download/O2CPlayer.CAB
{C7DB51B4-BCF7-4923-8874-7F1A0DC92277} "Office Update Installation Engine" - "Microsoft Corporation" - C:\WINDOWS\opuc.dll / hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10k.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{6414512B-B978-451D-A0D8-FCFDF33E833C} "WUWebControl Class" - "Microsoft Corporation" - C:\WINDOWS\system32\wuweb.dll / hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1163614636698
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC} "ClsidExtension" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.5.0_09\bin\npjpi150_09.dll
{E601996F-E400-41CA-804B-CD6373A7EEE2} "ClsidExtension" - ? - (File not found | COM-object registry key not found)
"ICQ7.1" - "ICQ, LLC." - C:\Programme\ICQ7.1\ICQ.exe
"Messenger" - "Microsoft Corporation" - C:\Programme\Messenger\msmsgs.exe
{FE54FA40-D68C-11d2-98FA-00C0F0318AFE} "Real.com" - "Microsoft Corporation" - C:\WINDOWS\system32\Shdocvw.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{872b5b88-9db5-4310-bdd0-ac189557e5f5} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Programme\DVDVideoSoftTB\tbDVD0.dll
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} "QuickStores-Toolbar" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
{872b5b88-9db5-4310-bdd0-ac189557e5f5} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Programme\DVDVideoSoftTB\tbDVD0.dll
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} "QuickStores-Toolbar" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "SSVHelper Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.5.0_09\bin\ssv.dll
[Known DLLs]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )-----
"advapi32" - "Microsoft Corporation" - C:\WINDOWS\system32\advapi32.dll
"comdlg32" - "Microsoft Corporation" - C:\WINDOWS\system32\comdlg32.dll
"gdi32" - "Microsoft Corporation" - C:\WINDOWS\system32\gdi32.dll
"imagehlp" - "Microsoft Corporation" - C:\WINDOWS\system32\imagehlp.dll
"kernel32" - "Microsoft Corporation" - C:\WINDOWS\system32\kernel32.dll
"lz32" - "Microsoft Corporation" - C:\WINDOWS\system32\lz32.dll
"ole32" - "Microsoft Corporation" - C:\WINDOWS\system32\ole32.dll
"oleaut32" - "Microsoft Corporation" - C:\WINDOWS\system32\oleaut32.dll
"olecli32" - "Microsoft Corporation" - C:\WINDOWS\system32\olecli32.dll
"olecnv32" - "Microsoft Corporation" - C:\WINDOWS\system32\olecnv32.dll
"olesvr32" - "Microsoft Corporation" - C:\WINDOWS\system32\olesvr32.dll
"olethk32" - "Microsoft Corporation" - C:\WINDOWS\system32\olethk32.dll
"rpcrt4" - "Microsoft Corporation" - C:\WINDOWS\system32\rpcrt4.dll
"shell32" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll
"url" - "Microsoft Corporation" - C:\WINDOWS\system32\url.dll
"urlmon" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll
"user32" - "Microsoft Corporation" - C:\WINDOWS\system32\user32.dll
"version" - "Microsoft Corporation" - C:\WINDOWS\system32\version.dll
"wininet" - "Microsoft Corporation" - C:\WINDOWS\system32\wininet.dll
"wldap32" - "Microsoft Corporation" - C:\WINDOWS\system32\wldap32.dll
[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Authentication packages" - "Microsoft Corporation" - C:\WINDOWS\system32\msv1_0.dll
"Notification packages" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll
"Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\kerberos.dll
"Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\msv1_0.dll
"Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\schannel.dll
"Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\wdigest.dll
-----( HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders )-----
"SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\msapsspc.dll
"SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\schannel.dll
"SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\digest.dll
"SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\msnsspc.dll
[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"AOL 9.0 Tray-Symbol.lnk" - "America Online, Inc." - C:\Programme\AOL 9.0\aoltray.exe (Shortcut exists | File exists)
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"Microsoft Office.lnk" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\OSA.EXE (Shortcut exists | File exists)
"Ulead Photo Express SE Calendar Checker.lnk" - "Ulead Systems, Inc." - C:\Programme\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe (Shortcut exists | File exists)
"Watch.lnk" - "Common Group" - C:\WINDOWS\twain_32\S6U12BX\WATCH.exe (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Michael\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"BullGuard" - "BullGuard Software" - "C:\Programme\BullGuard Software\BullGuard\BullGuard.exe"
"ctfmon.exe" - "Microsoft Corporation" - C:\WINDOWS\system32\ctfmon.exe
"ICQ" - "ICQ, LLC." - "C:\Programme\ICQ7.1\ICQ.exe" silent loginmode=4
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )-----
"Shell" - "Microsoft Corporation" - C:\WINDOWS\Explorer.exe
"Userinit" - "Microsoft Corporation" - C:\WINDOWS\system32\userinit.exe
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - "Microsoft Corporation" - C:\WINDOWS\system32\rdpclip.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"AdobeCS4ServiceManager" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"BullGuard" - "BullGuard Software" - "C:\Programme\BullGuard Software\BullGuard\bullguard.exe" -boot
"ehTray" - "Microsoft Corporation" - C:\WINDOWS\ehome\ehtray.exe
"Gtwatch" - ? - C:\WINDOWS\gtwatch.exe (File not found)
"InstantOn" - ? - "C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe /c " (File not found)
"IntelWireless" - "Intel Corporation" - "C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
"IntelZeroConfig" - "Intel Corporation" - "C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe"
"iTunesHelper" - "Apple Inc." - "C:\Programme\iTunes\iTunesHelper.exe"
"LanguageShortcut" - ? - "C:\Programme\Home Cinema\PowerDVD\Language\Language.exe"
"Microsoft Works Update Detection" - "Microsoft® Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
"NeroFilterCheck" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime
"RTHDCPL" - "Realtek Semiconductor Corp." - RTHDCPL.EXE
"SkyTel" - "Realtek Semiconductor Corp." - SkyTel.EXE
"SMSERIAL" - "Motorola Inc." - C:\WINDOWS\sm56hlpr.exe
"STAMPIT-Tray" - "Deutsche Post AG" - C:\PROGRA~1\STAMPIT\BINARY\STRAY.EXE
"TVBroadcast" - "ODSoft multimedia" - C:\Programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe
[Network Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )-----
"Microsoft Windows-Netzwerk" - "Microsoft Corporation" - C:\WINDOWS\System32\ntlanman.dll
"Microsoft-Terminaldienste" - "Microsoft Corporation" - C:\WINDOWS\System32\drprov.dll
"Web Client Network" - "Microsoft Corporation" - C:\WINDOWS\System32\davclnt.dll
[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"BJ Language Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\cnbjmon.dll
"Local Port" - "Microsoft Corporation" - C:\WINDOWS\system32\localspl.dll
"Microsoft Shared Fax Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\FXSMON.DLL
"PJL Language Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\pjlmon.dll
"Standard TCP/IP Port" - "Microsoft Corporation" - C:\WINDOWS\system32\tcpmon.dll
"USB Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\usbmon.dll
[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Ablagemappe" (ClipSrv) - "Microsoft Corporation" - C:\WINDOWS\system32\clipsrv.exe
"Anmeldedienst" (Netlogon) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe
"Anwendungsverwaltung" (AppMgmt) - "Microsoft Corporation" - C:\WINDOWS\System32\appmgmts.dll
"AOL Connectivity Service" (AOL ACS) - "America Online, Inc." - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Arbeitsstationsdienst" (lanmanworkstation) - "Microsoft Corporation" - C:\WINDOWS\System32\wkssvc.dll
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Automatische Updates" (wuauserv) - "Microsoft Corporation" - C:\WINDOWS\system32\wuauserv.dll
"Avira AntiVir Guard" (AntiVirService) - ? - "C:\Programme\Avira\AntiVir Desktop\avguard.exe" (File not found)
"Avira AntiVir Planer" (AntiVirSchedulerService) - ? - "C:\Programme\Avira\AntiVir Desktop\sched.exe" (File not found)
"BullGuard Email Monitoring Service" (BsMailProxy) - "BullGuard Ltd." - C:\Programme\BullGuard Software\BullGuard\BsMailProxy.dll
"BullGuard File Monitoring Service" (BsFileSpy) - "BullGuard Ltd." - C:\Programme\BullGuard Software\BullGuard\BsFileSpy.dll
"BullGuard Firewall Service" (BsFirewall) - "BullGuard Ltd." - C:\Programme\BullGuard Software\BullGuard\BsFirewall.dll
"BullGuard LiveUpdate" (BGLiveSvc) - "BullGuard Software" - C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe
"BullGuard Main Service" (BGMainSvc) - "BullGuard, Ltd." - C:\Programme\BullGuard Software\BullGuard\BsMain.dll
"COM+-Ereignissystem" (EventSystem) - "Microsoft Corporation" - C:\WINDOWS\system32\es.dll
"COM+-Systemanwendung" (COMSysApp) - "Microsoft Corporation" - C:\WINDOWS\system32\dllhost.exe
"Computerbrowser" (Browser) - "Microsoft Corporation" - C:\WINDOWS\System32\browser.dll
"CryptSvc" (CryptSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\cryptsvc.dll
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Programme\CyberLink\Shared Files\RichVideo.exe
"DCOM-Server-Prozessstart" (DcomLaunch) - "Microsoft Corporation" - C:\WINDOWS\system32\rpcss.dll
"Designs" (Themes) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll
"DHCP-Client" (Dhcp) - "Microsoft Corporation" - C:\WINDOWS\System32\dhcpcsvc.dll
"Dienst für Seriennummern der tragbaren Medien" (WmdmPmSN) - "Microsoft Corporation" - C:\WINDOWS\system32\MsPMSNSv.dll
"Distributed Transaction Coordinator" (MSDTC) - "Microsoft Corporation" - C:\WINDOWS\system32\msdtc.exe
"DNS-Client" (Dnscache) - "Microsoft Corporation" - C:\WINDOWS\System32\dnsrslvr.dll
"Druckwarteschlange" (Spooler) - "Microsoft Corporation" - C:\WINDOWS\system32\spoolsv.exe
"Ereignisprotokoll" (Eventlog) - "Microsoft Corporation" - C:\WINDOWS\system32\services.exe
"Fax" (Fax) - "Microsoft Corporation" - C:\WINDOWS\system32\fxssvc.exe
"Fehlerberichterstattungsdienst" (ERSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\ersvc.dll
"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Acresso Software Inc." - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
"Gatewaydienst auf Anwendungsebene" (ALG) - "Microsoft Corporation" - C:\WINDOWS\System32\alg.exe
"Geschützter Speicher" (ProtectedStorage) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe
"GnabService" (GnabService) - "Empolis GmbH" - c:\programme\gemeinsame dateien\gnab\service\servicecontroller.exe
"HID Input Service" (HidServ) - ? - C:\WINDOWS\System32\hidserv.dll (File not found)
"Hilfe und Support" (helpsvc) - "Microsoft Corporation" - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
"HTTP-SSL" (HTTPFilter) - "Microsoft Corporation" - C:\WINDOWS\System32\w3ssl.dll
"IMAPI-CD-Brenn-COM-Dienste" (ImapiService) - "Microsoft Corporation" - C:\WINDOWS\system32\imapi.exe
"Indexdienst" (CiSvc) - "Microsoft Corporation" - C:\WINDOWS\system32\cisvc.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
"Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel Corporation" - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
"Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel Corporation" - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
"Intel(R) PROSet/Wireless Service" (S24EventMonitor) - "Intel Corporation " - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
"Intelligenter Hintergrundübertragungsdienst" (BITS) - "Microsoft Corporation" - C:\WINDOWS\system32\qmgr.dll
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe
"IPSEC-Dienste" (PolicyAgent) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe
"Kompatibilität für schnelle Benutzerumschaltung" (FastUserSwitchingCompatibility) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll
"Konfigurationsfreie drahtlose Verbindung" (WZCSVC) - "Microsoft Corporation" - C:\WINDOWS\System32\wzcsvc.dll
"Leistungsdatenprotokolle und Warnungen" (SysmonLog) - "Microsoft Corporation" - C:\WINDOWS\system32\smlogsvc.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
"Media Center Extender Service" (McrdSvc) - "Microsoft Corporation" - C:\WINDOWS\ehome\mcrdsvc.exe
"Media Center Receiver Service" (ehRecvr) - "Microsoft Corporation" - C:\WINDOWS\eHome\ehRecvr.exe
"Media Center-Planerdienst" (ehSched) - "Microsoft Corporation" - C:\WINDOWS\eHome\ehSched.exe
"Messenger Sharing USN Journal Reader-Service" (usnsvc) - "Microsoft Corporation" - C:\Programme\MSN Messenger\usnsvc.dll
"MHN" (MHN) - "Microsoft Corporation" - C:\WINDOWS\System32\mhn.dll
"MS Software Shadow Copy Provider" (SwPrv) - "Microsoft Corporation" - C:\WINDOWS\system32\dllhost.exe
"NetMeeting-Remotedesktop-Freigabe" (mnmsrvc) - "Microsoft Corporation" - C:\WINDOWS\system32\mnmsrvc.exe
"Netzwerkverbindungen" (Netman) - "Microsoft Corporation" - C:\WINDOWS\System32\netman.dll
"Netzwerkversorgungsdienst" (xmlprov) - "Microsoft Corporation" - C:\WINDOWS\System32\xmlprov.dll
"NLA (Network Location Awareness)" (Nla) - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll
"NT-LM-Sicherheitsdienst" (NtLmSsp) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe
"NVIDIA Display Driver Service" (NVSvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe
"Plug & Play" (PlugPlay) - "Microsoft Corporation" - C:\WINDOWS\system32\services.exe
"QoS-RSVP" (RSVP) - "Microsoft Corporation" - C:\WINDOWS\system32\rsvp.exe
"RAS-Verbindungsverwaltung" (RasMan) - "Microsoft Corporation" - C:\WINDOWS\System32\rasmans.dll
"Remote-Registrierung" (RemoteRegistry) - "Microsoft Corporation" - C:\WINDOWS\system32\regsvc.dll
"Remoteprozeduraufruf (RPC)" (RpcSs) - "Microsoft Corporation" - C:\WINDOWS\System32\rpcss.dll
"RPC-Locator" (RpcLocator) - "Microsoft Corporation" - C:\WINDOWS\system32\locator.exe
"Sceneo PVR Service" (srvcPVR) - "Buhl Data Service GmbH" - C:\Programme\Sceneo\Bonavista\Services\PVR\PVRService.exe
"Secondary Logon" (seclogon) - "Microsoft Corporation" - C:\WINDOWS\System32\seclogon.dll
"Server" (lanmanserver) - "Microsoft Corporation" - C:\WINDOWS\System32\srvsvc.dll
"Shellhardwareerkennung" (ShellHWDetection) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll
"Sicherheitscenter" (wscsvc) - "Microsoft Corporation" - C:\WINDOWS\system32\wscsvc.dll
"Sicherheitskontenverwaltung" (SamSs) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe
"Sitzungs-Manager für Remotedesktophilfe" (RDSessMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\sessmgr.exe
"Smartcard" (SCardSvr) - "Microsoft Corporation" - C:\WINDOWS\System32\SCardSvr.exe
"SSDP Discovery Service" (SSDPSRV) - "Microsoft Corporation" - C:\WINDOWS\System32\ssdpsrv.dll
"Systemereignisbenachrichtigung" (SENS) - "Microsoft Corporation" - C:\WINDOWS\system32\sens.dll
"Systemwiederherstellungsdienst" (srservice) - "Microsoft Corporation" - C:\WINDOWS\system32\srsvc.dll
"Taskplaner" (Schedule) - "Microsoft Corporation" - C:\WINDOWS\system32\schedsvc.dll
"TCP/IP-NetBIOS-Hilfsprogramm" (LmHosts) - "Microsoft Corporation" - C:\WINDOWS\System32\lmhsvc.dll
"Telefonie" (TapiSrv) - "Microsoft Corporation" - C:\WINDOWS\System32\tapisrv.dll
"Telnet" (TlntSvr) - "Microsoft Corporation" - C:\WINDOWS\system32\tlntsvr.exe
"Terminaldienste" (TermService) - "Microsoft Corporation" - C:\WINDOWS\System32\termsrv.dll
"Treibererweiterungen für Windows-Verwaltungsinstrumentation" (Wmi) - "Microsoft Corporation" - C:\WINDOWS\System32\advapi32.dll
"Universeller Plug & Play-Gerätehost" (upnphost) - "Microsoft Corporation" - C:\WINDOWS\System32\upnphost.dll
"Unterbrechungsfreie Stromversorgung" (UPS) - "Microsoft Corporation" - C:\WINDOWS\System32\ups.exe
"Verwaltung für automatische RAS-Verbindung" (RasAuto) - "Microsoft Corporation" - C:\WINDOWS\System32\rasauto.dll
"Verwaltung logischer Datenträger" (dmserver) - "Microsoft Corp." - C:\WINDOWS\System32\dmserver.dll
"Verwaltungsdienst für die Verwaltung logischer Datenträger" (dmadmin) - "Microsoft Corp., Veritas Software" - C:\WINDOWS\System32\dmadmin.exe
"Volumeschattenkopie" (VSS) - "Microsoft Corporation" - C:\WINDOWS\System32\vssvc.exe
"Webclient" (WebClient) - "Microsoft Corporation" - C:\WINDOWS\System32\webclnt.dll
"Wechselmedien" (NtmsSvc) - "Microsoft Corporation" - C:\WINDOWS\system32\ntmssvc.dll
"Windows Audio" (AudioSrv) - "Microsoft Corporation" - C:\WINDOWS\System32\audiosrv.dll
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Installer" (MSIServer) - "Microsoft Corporation" - C:\WINDOWS\system32\msiexec.exe
"Windows Media Connect-Dienst" (WMConnectCDS) - "Microsoft Corporation" - C:\Programme\Windows Media Connect 2\wmccds.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
"Windows User Mode Driver Framework" (UMWdf) - "Microsoft Corporation" - C:\WINDOWS\system32\wdfmgr.exe
"Windows-Bilderfassung (WIA)" (stisvc) - "Microsoft Corporation" - C:\WINDOWS\system32\wiaservc.dll
"Windows-Firewall/Gemeinsame Nutzung der Internetverbindung" (SharedAccess) - "Microsoft Corporation" - C:\WINDOWS\System32\ipnathlp.dll
"Windows-Verwaltungsinstrumentation" (winmgmt) - "Microsoft Corporation" - C:\WINDOWS\system32\wbem\WMIsvc.dll
"Windows-Zeitgeber" (W32Time) - "Microsoft Corporation" - C:\WINDOWS\system32\w32time.dll
"WMI-Leistungsadapter" (WmiApSrv) - "Microsoft Corporation" - C:\WINDOWS\system32\wbem\wmiapsrv.exe
"X10 Device Network Service" (x10nets) - "X10" - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
"Überwachung verteilter Verknüpfungen (Client)" (TrkWks) - "Microsoft Corporation" - C:\WINDOWS\system32\trkwks.dll
[Winlogon]
-----( HKCU\Control Panel\Desktop )-----
"SCRNSAVE.EXE" - ? - C:\WINDOWS\system32\WINDOW~1.SCR (File found, but it contains no detailed information)
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )-----
"UIHost" - "Microsoft Corporation" - C:\WINDOWS\system32\logonui.exe
"VmApplet" - "Microsoft Corporation" - C:\WINDOWS\system32\sysdm.cpl
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63} "Drahtlos" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll
{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A} "EFS recovery" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll
{25537BA6-77A8-11D2-9B6C-0000F8080861} "Folder Redirection" - "Microsoft Corporation" - C:\WINDOWS\system32\fdeploy.dll
{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} "Internet Explorer Branding" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} "Internet Explorer Machine Accelerators" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll
{7B849a69-220F-451E-B3FE-2CB811AF94AE} "Internet Explorer User Accelerators" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll
{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} "Internet Explorer Zonemapping" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll
{e437bc1c-aa7d-11d2-a382-00c04f991e27} "IP-Sicherheit" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll
{C631DF4C-088F-4156-B058-4375F0853CD8} "Microsoft Offline Files" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll
{3610eda5-77ef-11d2-8dc5-00c04fa31a66} "Microsoft-Datenträgerkontingent" - "Microsoft Corporation" - C:\WINDOWS\system32\dskquota.dll
{426031c0-0b47-4852-b0ca-ac3d37bfcb39} "QoS-Paketplaner" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll
{827D319E-6EAC-11D2-A4EA-00C04F79F83A} "Security" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll
{42B5FAAE-6536-11d2-AE5A-0000F87571E3} "Skripts" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - "Microsoft Corporation" - C:\WINDOWS\system32\appmgmts.dll
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"crypt32chain" - "Microsoft Corporation" - C:\WINDOWS\system32\crypt32.dll
"cryptnet" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptnet.dll
"cscdll" - "Microsoft Corporation" - C:\WINDOWS\system32\cscdll.dll
"ScCertProp" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll
"Schedule" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll
"sclgntfy" - "Microsoft Corporation" - C:\WINDOWS\system32\sclgntfy.dll
"SensLogn" - "Microsoft Corporation" - C:\WINDOWS\system32\WlNotify.dll
"termsrv" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll
"wlballoon" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll
[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"NLA-Namespace" - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll
"NTDS" - "Microsoft Corporation" - C:\WINDOWS\System32\winrnr.dll
"TCP/IP" - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{027050F1-EB69-465E-8798-B374E0A8E402}] DATAGRAM 3" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{027050F1-EB69-465E-8798-B374E0A8E402}] SEQPACKET 3" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AED25AD-5430-4DF5-9D67-AFF8022EC634}] DATAGRAM 8" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{1AED25AD-5430-4DF5-9D67-AFF8022EC634}] SEQPACKET 8" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{249BBDDA-0CE6-44EB-8D5B-A38FC23B7464}] DATAGRAM 2" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{249BBDDA-0CE6-44EB-8D5B-A38FC23B7464}] SEQPACKET 2" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{24DF07A1-FA2E-453B-978B-6734E5D189A6}] DATAGRAM 4" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{24DF07A1-FA2E-453B-978B-6734E5D189A6}] SEQPACKET 4" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{791D8E08-3721-48B2-9895-334866CAE0AB}] DATAGRAM 0" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{791D8E08-3721-48B2-9895-334866CAE0AB}] SEQPACKET 0" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{85FB4951-0954-40E2-92C6-5877D680DB01}] DATAGRAM 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{85FB4951-0954-40E2-92C6-5877D680DB01}] SEQPACKET 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{875F837D-4785-4D43-9D46-D9312AC8C7B6}] DATAGRAM 5" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{875F837D-4785-4D43-9D46-D9312AC8C7B6}] SEQPACKET 5" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{93FE5ED5-D4B3-433A-83ED-EF82CD432BCA}] DATAGRAM 6" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{93FE5ED5-D4B3-433A-83ED-EF82CD432BCA}] SEQPACKET 6" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{EE913F80-3F8E-495E-AD3B-CCEE8FE80F14}] DATAGRAM 7" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD NetBIOS [\Device\NetBT_Tcpip_{EE913F80-3F8E-495E-AD3B-CCEE8FE80F14}] SEQPACKET 7" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD Tcpip [RAW/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD Tcpip [TCP/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"MSAFD Tcpip [UDP/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll
"RSVP TCP Service Provider" - "Microsoft Corporation" - C:\WINDOWS\system32\rsvpsp.dll
"RSVP UDP Service Provider" - "Microsoft Corporation" - C:\WINDOWS\system32\rsvpsp.dll
===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
--------------------------------------------------------------------------
MBRCECK
--------------------------------------------------------------------------
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 2 (build 2600)
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 140):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806FE000 \WINDOWS\system32\hal.dll
0xF7D64000 \WINDOWS\system32\KDCOM.DLL
0xF7C74000 \WINDOWS\system32\BOOTVID.dll
0xF7814000 ACPI.sys
0xF7D66000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7803000 pci.sys
0xF7864000 isapnp.sys
0xF7874000 ohci1394.sys
0xF7884000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF7C78000 compbatt.sys
0xF7C7C000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7E2C000 pciide.sys
0xF7AE4000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7894000 MountMgr.sys
0xF77E4000 ftdisk.sys
0xF7D68000 dmload.sys
0xF77BE000 dmio.sys
0xF7AEC000 PartMgr.sys
0xF7C80000 ACPIEC.sys
0xF7E2D000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF78A4000 VolSnap.sys
0xF77A6000 atapi.sys
0xF76EF000 iaStor.sys
0xF78B4000 disk.sys
0xF78C4000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF76CF000 fltMgr.sys
0xF76BD000 sr.sys
0xF7AF4000 PxHelp20.sys
0xF76A6000 KSecDD.sys
0xF7619000 Ntfs.sys
0xF75EC000 NDIS.sys
0xF75D0000 Teefer.sys
0xF75B5000 Mup.sys
0xF78F4000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF6E9A000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF7520000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0xF5EDF000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xF5ECB000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF5EA6000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF5E91000 \SystemRoot\system32\DRIVERS\Rtenicxp.sys
0xF5CEF000 \SystemRoot\system32\DRIVERS\NETw3x32.sys
0xF7BD4000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF5CCC000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7BDC000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF5CBB000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xF7BE4000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0xF6E8A000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0xF5C6F000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0xF7D20000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF79D4000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF7BEC000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF5C3F000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xF7D98000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF7BF4000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF79E4000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7D24000 \SystemRoot\system32\drivers\pfc.sys
0xF79F4000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7A04000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF5C1C000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7BFC000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF7D9A000 \SystemRoot\System32\Drivers\x10hid.sys
0xF7A14000 \SystemRoot\System32\Drivers\HIDCLASS.SYS
0xF7C04000 \SystemRoot\System32\Drivers\HIDPARSE.SYS
0xF7E76000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7A24000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7D2C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF5C05000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7A34000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF7A84000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF7C0C000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF5BF4000 \SystemRoot\system32\DRIVERS\psched.sys
0xF7A44000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7C14000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7C1C000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF7C24000 \SystemRoot\system32\DRIVERS\wanatw4.sys
0xF5BC3000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF7A54000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7D9C000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF5B67000 \SystemRoot\system32\DRIVERS\update.sys
0xF7D48000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF6285000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xF7AA4000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF3269000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xF3247000 \SystemRoot\system32\drivers\portcls.sys
0xF7944000 \SystemRoot\system32\drivers\drmk.sys
0xF30CD000 \SystemRoot\system32\DRIVERS\smserial.sys
0xF7C64000 \SystemRoot\System32\Drivers\Modem.SYS
0xF7A94000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7D7C000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF08CF000 \SystemRoot\System32\Drivers\Null.SYS
0xF7D7E000 \SystemRoot\System32\Drivers\Beep.SYS
0xED5D5000 \SystemRoot\System32\drivers\vga.sys
0xF063A000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7DC0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF2CA5000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF2C9D000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB4A85000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB257A000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB2522000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF7BBC000 \SystemRoot\System32\Drivers\x10ufx2.sys
0xF0972000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF2C85000 \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys
0xB24D9000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB24B1000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF0962000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xB248F000 \SystemRoot\System32\drivers\afd.sys
0xF0952000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB2464000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB23F5000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF0942000 \SystemRoot\System32\Drivers\Fips.SYS
0xB23D2000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xB2F31000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB231B000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0xBF800000 \SystemRoot\System32\win32k.sys
0xB29B6000 \SystemRoot\System32\drivers\Dxapi.sys
0xF2948000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xB298F000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xB0009000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xEB702000 \SystemRoot\system32\DRIVERS\AegisP.sys
0xB299E000 \SystemRoot\system32\DRIVERS\s24trans.sys
0xF3ABF000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xF199C000 \SystemRoot\SYSTEM32\Drivers\wg3n.sys
0xAF73C000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF0630000 \SystemRoot\System32\Drivers\ASCTRM.SYS
0xAF65B000 \SystemRoot\System32\Drivers\HTTP.sys
0xAF5B4000 \SystemRoot\system32\DRIVERS\srv.sys
0xAE787000 \SystemRoot\system32\drivers\wdmaud.sys
0xAE8BC000 \SystemRoot\system32\drivers\sysaudio.sys
0xF7DB6000 \??\C:\Programme\BullGuard Software\BullGuard\reconn.sys
0xB6FD5000 \??\C:\Programme\BullGuard Software\BullGuard\filespy5.sys
0xAF2B0000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xAF1E0000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xA81F8000 \??\C:\DOKUME~1\Michael\LOKALE~1\Temp\kgediaob.sys
0xAF771000 \SystemRoot\system32\DRIVERS\avmunet.sys
0xA6913000 \SystemRoot\system32\drivers\kmixer.sys
0x7C910000 \WINDOWS\system32\ntdll.dll
Processes (total 53):
0 System Idle Process
4 System
1040 C:\WINDOWS\system32\smss.exe
1124 csrss.exe
1152 C:\WINDOWS\system32\winlogon.exe
1196 C:\WINDOWS\system32\services.exe
1208 C:\WINDOWS\system32\lsass.exe
1400 C:\WINDOWS\system32\svchost.exe
1448 svchost.exe
1592 C:\WINDOWS\system32\svchost.exe
1640 C:\Programme\Intel\Wireless\Bin\EvtEng.exe
1752 C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
1864 svchost.exe
2004 svchost.exe
556 C:\WINDOWS\system32\spoolsv.exe
628 svchost.exe
664 C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe
676 C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
716 C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe
744 C:\WINDOWS\system32\svchost.exe
788 C:\WINDOWS\ehome\ehrecvr.exe
804 C:\WINDOWS\ehome\ehSched.exe
828 C:\Programme\Gemeinsame Dateien\Gnab\Service\ServiceController.exe
1004 C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
1052 C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
1244 C:\WINDOWS\system32\nvsvc32.exe
1508 C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
1632 C:\Programme\CyberLink\Shared Files\RichVideo.exe
1848 C:\Programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe
228 svchost.exe
300 C:\WINDOWS\system32\svchost.exe
712 C:\PROGRA~1\COMMON~1\X10\Common\X10nets.exe
580 mcrdsvc.exe
2956 C:\WINDOWS\system32\dllhost.exe
3224 alg.exe
3104 C:\Programme\iPod\bin\iPodService.exe
1200 C:\WINDOWS\explorer.exe
3644 C:\WINDOWS\ehome\ehtray.exe
852 C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe
3632 C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe
4052 C:\Programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe
1724 C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
3956 C:\Programme\iTunes\iTunesHelper.exe
2772 C:\PROGRA~1\STAMPIT\Binary\STRAY.EXE
4032 C:\WINDOWS\ehome\ehmsas.exe
1560 C:\WINDOWS\system32\ctfmon.exe
3100 C:\Programme\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
2660 C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
3488 C:\WINDOWS\system32\wuauclt.exe
3092 C:\Programme\Internet Explorer\iexplore.exe
2540 C:\Programme\Internet Explorer\iexplore.exe
3148 C:\Programme\Internet Explorer\iexplore.exe
184 C:\Dokumente und Einstellungen\Michael\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000021`5b6f9200 (FAT32)
PhysicalDrive0 Model Number: HitachiHTS545016B9A300, Rev: PBBOC64G
Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: ABEDD6AEC53D00E889C94F298CDB4674EB303E31
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
--------------------------------------------------------------------------
jezt?
